Dear people of liberationtech: I've read this list for a long time, and I've posted to it occasionally. I'm writing today to tell you about our press release from LeastAuthority.com.
Here's the press release in HTML form: https://leastauthority.com/press_release_2013_07_30 Here is the text of it, and following the text I'll explain why we are marketing our service in these terms. This is in response to this criticism from the liberationtech twitter account: “No such thing | http://LeastAuthority.com Announces a Purportedly "Spy-Proof" Storage Service https://LeastAuthority.com” (https://twitter.com/Liberationtech/status/362913144772890624). ------- begin text of press release LeastAuthority.com Announces A Spy-Proof Storage Service LeastAuthority.com today announced Simple Secure Storage Service (S4), a backup service that encrypts your files to protect them from the prying eyes of spies and criminals. “People deserve privacy and security in the digital data that make up our daily lives.” said the company's founder and CEO, Zooko Wilcox-O'Hearn. “As an individual or a business, you shouldn't have to give up control over your data in order to get the benefits of cloud storage.” === Verifiable end-to-end security The Simple Secure Storage Service offers verifiable end-to-end security. It offers “end-to-end security” because all of the customer's data is encrypted locally — on the customer's own personal computer — before it is uploaded to the cloud. During its stay in the cloud, it cannot be decrypted by LeastAuthority.com, nor by anyone else, without the decryption key which is held only by the customer. S4 offers “verifiable end-to-end security” because all of the source code that makes up the Simple Secure Storage Service is published for everyone to see. Not only is the source code publicly visible, but it also comes with Free (Libre) and Open Source rights granted to the public allowing anyone to inspect the source code, experiment on it, alter it, and even to distribute their own version of it and to sell commercial services. Wilcox-O'Hearn says “If you rely on closed-source, proprietary software, then you're just taking the vendor's word for it that it actually provides the end-to-end security that they claim. As the PRISM scandal shows, that claim is sometimes a lie.” The web site of LeastAuthority.com proudly states “We can never see your data, and you can always see our code.”. === Trusted by experts The Simple Secure Storage Service is built on a technology named “Least-Authority File System (LAFS)”. LAFS has been studied and used by computer scientists, hackers, Free and Open Source software developers, activists, the U.S. Defense Advanced Research Projects Agency, and the U.S. National Security Agency. The design has been published in a peer-reviewed scientific workshop: Wilcox-O'Hearn, Zooko, and Brian Warner. “Tahoe: the least-authority filesystem.” Proceedings of the 4th ACM international workshop on Storage security and survivability. ACM, 2008. http://eprint.iacr.org/2012/524.pdf It has been cited in more than 50 scientific research papers, and has received plaudits from the U.S. Comprehensive National Cybersecurity Initiative, which stated: “Systems like Least-Authority File System are making these methods immediately usable for securely and availably storing files at rest; we propose that the methods be further reviewed, written up, and strongly evangelized as best practices in both government and industry.” Dr. Richard Stallman, President of the Free Software Foundation (https://fsf.org/) said “Free/Libre software is software that the users control. If you use only free/libre software, you control your local computing — but using the Internet raises other issues of freedom and privacy, which many network services don't respect. The Simple Secure Storage Service is an example of a network service that does respect your freedom and privacy.” Jacob Appelbaum, Tor project developer (https://www.torproject.org/) and WikiLeaks volunteer (http://wikileaks.org/), said “LAFS's design acknowledges the importance of verifiable end-to-end security through cryptography, Free/Libre release of software and transparent peer-reviewed system design.” The LAFS software is already packaged in several widely-used operating systems such as Debian GNU/Linux and Ubuntu. https://LeastAuthority.com ------- end text of press release Now, the liberationtech twitter account objected to the term “Spy-Proof”. I have to admit that we hesitated to use that term when writing the press release, because we really don't want to oversell. Some members of our team urged me to replace “Spy-Proof” with “Spy-Resistant” in that press release. I finally decided to go ahead with “Spy-Proof”, and I'll tell you why. The big issue we are facing today is the *automation* and *generalization* of surveillance and control. These systems, while numerous and heterogeneous, are now known to the public under the rubric of "PRISM". Traditional targeted, labor-intensive espionage or policing are not the problem. This is something that it is hard for the average person to understand, because they don't understand computer programming (also called “automation”) and machine-learning, but I expect the participants on this list are steeped in it: automated surveillance and control, on everyone, all the time, performed by a machine, is a completely different beast from the kind of espionage and police work that existed when we were growing up. We are in a dangerous phase of the evolution of civilization. A generation ago, the surveillance and investigatory powers of the large centralized powers (e.g. nation-states) required expensive manual effort to exert, and a typical person could correctly assume that they were not being personally spied upon in any meaningful sense. Today, this has reversed; it would require expensive manual effort to *exclude* any individual citizen from ubiquitous data collection and automated processing. Tomorrow, this situation will become even more dangerous, when the powers begin to automate the *exertion of control* in addition to automating the data collection and processing. Today the collection and processing of data is performed automatically, but as far as I know, *acting* on that information, for example sending humans to physically investigate or arrest, or bombs to kill, is under human control. Tomorrow, the automated systems will act on the world as well as sensing it, for example by censoring communications or preventing actions which the automation has categorized as suspicious. A foretaste of this future is visible today in the form of the automated fraud-prevention exerted by the credit card companies. I refer not to automated fraud-*detection*, in which computers collect and process information and then humans decide how to act on it, but the automated fraud-*prevention* in which a computer chooses whether each credit card purchase will be approved, delayed, or rejected, based on its fraud-detection algorithms. Now imagine if the national firewall that you live under, or the centralized social networking site that you rely on, made the automated decision to suspend your privileges of communicating with certain others, because, in the estimation of that machine-learning algorithm, your communications were likely to involve banned material, or to be contributing to an illegal activity, or to be politically unacceptable. Tomorrow, that kind of automated exertion of control by computers over individuals will be extended to the individual's communications, travel, and purchases, at least for many populations. Now, what is our company selling? Spy-proof online storage. As we indicated in the press release, we have worked long and hard to avoid the pitfalls that could undermine the safety of our users. We have studied cryptography and computer security for many years, and we believe that the Least-Authority File System free-and-open-source project and our S4 commercial service is best-of-class. Of course, there is no certainty in this life, and we are continuing to seek ways to improve the safety of LAFS and S4, in particular we are seeking another round of external security review. But, to the best of our knowledge—including studying the implications of Snowden's revelations—using LAFS or S4 does in fact make it impossible for today's automated surveillance systems to collect and process your data. We do *not* claim that this software protects you from targeted attacks, such as police investigations, "spy vs. spy" targeted espionage, targeted heists by criminals, or if you live in a war zone and are targeted by your enemies. But we do claim that this software protects you from the *automated* surveillance that is being applied to everyone indiscriminately. That's we say that it is “Spy-proof storage”, because it protects you from the kind of spying that is happening to all of us today. I warmly welcome any feedback from this group about our approach. Especially I welcome accurate, specific criticisms which can help inform our users about ways in which the product does *not* protect them. Regards, Zooko Wilcox-O'Hearn Founder, CEO, and Customer Support Rep https://LeastAuthority.com -- Liberationtech list is public and archives are available via Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
