US Government Seizes Email of WikiLeaks Volunteer

bs0d3 writes "The U.S. Department of Justice has forced Gmail and Sonic.net to hand over the personal information of Jacob Appelbaum, a WikiLeaks volunteer. Sonic says they fought to keep the DoJ out of Appelbaum's records, which was very expensive but 'the right thing to do.' Google said, 'we comply with the law,' although 'Both Google and Sonic pressed for the right to inform Mr. Appelbaum of the secret court orders, according to people familiar with the investigation.' The collected information and the nature of the investigation remain classified. Applebaum's Gmail correspondence seized by the DoJ dates back to November 1, 2009, which is believed to be the month that WikiLeaks contributor and Army Private Bradley Manning allegedly began communication with Julian Assange. Last year, federal prosecutors used a similar subpoena to obtain information pertaining to Applebaum's Twitter account."

The three basics of sensitive e-mails

1. Encryption

2. Encryption

3. Encryption

Re:The three basics of sensitive e-mails

Stop aiding the terrorists!

Re:The three basics of sensitive e-mails

[networkBoy]

1. No Free E-mail
2. No Free E-mail
3. No Free e_mail

However, applause to Sonic.net (and to a lesser extent google) for fighting the DoJ (and at least fighting to inform the user).
-nB

Re:The three basics of sensitive e-mails

US government using terror tactics. Who is the terrorist?

Re:The three basics of sensitive e-mails

From: AC
To: AC
Subject: Calendar Email Reminder
Message:
1:00 Appointment for sarcasm detector repair

Re:The three basics of sensitive e-mails

[Hatta]

Even non-sensitive emails may have some value to a government on a witch hunt. It only takes six lines written by the hand of the most honest man...

Re:The three basics of sensitive e-mails

[superdave80]

I use Sonic.net as my ISP, and this is one of the reasons. They actually give a shit about their customers. I could probably get AT&T DSL for less, but I'm going to continue to support this company.

Re:The three basics of sensitive e-mails

[ackthpt]

Even non-sensitive emails may have some value to a government on a witch hunt. It only takes six lines written by the hand of the most honest man...

You're missing a few lines, please elaborate! :o)

Re:The three basics of sensitive e-mails

[__Paul__]

...furthermore: don't leave your email on the server, use an ISP in a country that isn't hung up on trifling matters such as these and preferably an ISP that isn't organised enough to keep a copy of every email that goes in or out; use a VM, they're unlikely to archive the entire TCP stream going in and out of it.

Re:The three basics of sensitive e-mails

[Ossifer]

If you can get Sonic's Fusion product, AT&T can't compete with that.

Disclaimer: I am a very happy Sonic Fusion customer.

Re:The three basics of sensitive e-mails

[superdave80]

Too far out on the edge of town to get it (yet) :-(

Re:The three basics of sensitive e-mails

Encrypting the content of the email does not mask your IP address from the connection logs.

Re:The three basics of sensitive e-mails

If you are unaware of the quote, Cardinal Richelieu states in the late 19th century:

"If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him."

Re:The three basics of sensitive e-mails

It took you longer to type that post than it would take the NSA to break any encryption this guy could have applied...they've been able to decrypt things like this in real time for over a decade now.

Using encryption to hide information from the US government is pointless if the information is important enough that the government will allocate the necessary resources to break it.

Re:The three basics of sensitive e-mails

[Intrepid+imaginaut]

Sure, that will stop the government: http://xkcd.com/538/

This is a problem that can only be fixed by fixing the government, no technological solution exists.

Re:The three basics of sensitive e-mails

[Dogun]

Rubber hose cryptography is not unbeatable, but you need to build around that expectation.

Re:The three basics of sensitive e-mails

[Serious+Callers+Only]

1. No Free E-mail

The government can seize a server from your home, your ISP or anywhere else they wish. This has nothing to do with email being free or not, but where the server is based, and whether your government has power (or influence) over the local law enforcement at that location.

Re:The three basics of sensitive e-mails

[SJ2000]

no technological solution exists.

That's simply not true. An implementation of the idea

Re:The three basics of sensitive e-mails

[Eunuchswear]

1. No Free E-mail

The government can seize a server from your home, your ISP or anywhere else they wish. This has nothing to do with email being free or not, but where the server is based, and whether your government has power (or influence) over the local law enforcement at that location.

But not without you knowing about it:

'Both Google and Sonic pressed for the right to inform Mr. Appelbaum of the secret court orders, according to people familiar with the investigation.'

Anyway, all the stuff on my home server is encrypted.

Re:The three basics of sensitive e-mails

[Eunuchswear]

It took you longer to type that post than it would take the NSA to break any encryption this guy could have applied...they've been able to decrypt things like this in real time for over a decade now.

Using encryption to hide information from the US government is pointless if the information is important enough that the government will allocate the necessary resources to break it.

Paranoid bullshit.

Re:The three basics of sensitive e-mails

[JosKarith]

That just gives them another thing to beat out of you - remember it is an offence not to hand over the encryption key if asked even if you don't know it.
If you encrypted a document with an encryption key that was randomly generated and then wiped from all records it is still an offence to not hand over the key when asked for it - even though there is no way you could know it. This is the reality of the laws that are being passed nowadays in the wake of 9/11 security theater.

Re:The three basics of sensitive e-mails

[LoyalOpposition]

You're missing a few lines, please elaborate! :o)

I'm probably being trolled, but...

~Loyal

“Give me six lines written by the most honorable of men, and I will find an excuse in them to hang him”
Cardinal Richelieu

Re:The three basics of sensitive e-mails

[LoyalOpposition]

Darn! I just figured it out.

~Loyal

Re:The three basics of sensitive e-mails

[cavreader]

"Paranoid bullshit" No it is not. While there might be algorithms and methods that are near to impossible of being compromised the average user does not have access to it. I think it's time for people to realize that the military, NSA,CIA, and even the FBI IT departments are staffed by some of the most talented IT specialist in the world with access to some of the most advanced technology on the planet.

Re:The three basics of sensitive e-mails

The most secure e-mails are the ones never written
the least poisoness apple is the one never bitten.

If your doing what's right, and still in a fight
don't be alarmed if your smitten.

Re:The three basics of sensitive e-mails

[Anonymus]

Yes, but math and physics work the same for everybody. Unless the encryption used is flawed in some way (possible), or the government is using secret quantum server farms that are several orders of magnitude of current technology (unlikely), you're extremely wrong.

Even if they actually ARE using hundreds of parallelized quantum computers of which knowledge of the technology does not publicly exist, you're still wrong, because it would not be "realtime" since it would still take minutes or hours to decrypt something that was correctly encrypted.

Re:The three basics of sensitive e-mails

[Meumeu]

If you are unaware of the quote, Cardinal Richelieu states in the late 19th century:

"If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him."

uhh... what?

Re:The three basics of sensitive e-mails

[cusco]

We were told that it would take x-hundreds of years to break 128-bit encryption. Now it's done routinely on commodity hardware. They just cracked the DESFire smart card, which was held to be impossible for a long time. Keep in mind that the NSA is traditionally about five years ahead of the commercial market in computer hardware and have essentially bottomless funds to hire the most talented people on the planet (or ruin their lives if they don't want to be hired).

Re:The three basics of sensitive e-mails

[koan]

In the USA you can plead the 5th, then you do not have to give them your keys, however ask any lawyer and they will tell you what a can of worms that is.

Re:The three basics of sensitive e-mails

[koan]

1 time pad same character length as data.

Re:The three basics of sensitive e-mails

[cavreader]

You are still underestimating the governments computing resources. The NSA is capable of collecting millions of Internet intercepts per hour which creates databases the size of the Library of Congress database every three hours. Needless to say, the NSA has tremendous storage and processing capacity. One of the original programs that became public during the fight over AT&T and the other major TeleCom vendors providing warrant less access to their backbone was when the chief NSA engineer who created the key algorithms enabling this type of data capture and processing filed a complaint and ultimately resigned because he felt the NSA lied to him. He was told his work would not be used to monitor US domestic data traffic and he even built in a mechanism to prevent this but the NSA had another engineer remove this restriction without his knowledge.

Re:The three basics of sensitive e-mails

[mgiuca]

I'm probably being trolled, but...

Not sure if the GP was trolling, but I was genuinely confused about what that meant. Thanks for giving the context.

Re:The three basics of sensitive e-mails

[mjwx]

Sure, that will stop the government: http://xkcd.com/538/

This is a problem that can only be fixed by fixing the government, no technological solution exists.

Way ahead of you,

No government wrench costs as little as $5.

Re:The three basics of sensitive e-mails

[Eunuchswear]

Keep in mind that the NSA is traditionally about five years ahead of the commercial market in computer hardware

Insane. Where do you think they buy their hardware?

Re:The three basics of sensitive e-mails

[Eunuchswear]

"Paranoid bullshit" No it is not. While there might be algorithms and methods that are near to impossible of being compromised the average user does not have access to it

The average user does not have access to RSA?

. I think it's time for people to realize that the military, NSA,CIA, and even the FBI IT departments are staffed by some of the most talented IT specialist in the world

No "IT specialist" will crack modern encryption methods. You're talking hard mathematics here

with access to some of the most advanced technology on the planet.

They have quantum computers?

Or just bigger versions of what everyone else has?

'cos you're seriously underestimating the cost of brute-forcing any decent cipher.

Re:The three basics of sensitive e-mails

[Eunuchswear]

Yes, very good. They can intercept your e-mail (except they didn't in this case - that's why they needed to ask Google for a copy).

Now try reading it.

Re:The three basics of sensitive e-mails

[cusco]

They have it custom-made. It's a deal with the devil for the chip makers, though. Any research done on new technologies becomes classified and they can never use it for non-classified products, and if I understand correctly they're not even allowed to follow that line of research. I sometimes wonder what fundamental new discoveries in physics and chemistry lie permanently locked up in the bowels of the alphabet soup of military/intel agencies.

Re:The three basics of sensitive e-mails

[Eunuchswear]

More paranoia.

The military VHSIC program was a bust - commercial chips eventually out-performed the stuff all the money had been poured into.

The closest we've ever seen to a real case of this paranoid fear was the GCHQ independent development of public key crypto. And they couldn't figure out what use that would be.

Re:The three basics of sensitive e-mails

[cavreader]

The average user does not have access to either the algorithms, mathematical skills, or the other resources required to analyze and crack today's advanced encryption methodologies in a realistic time frame. And I wasn't talking about people having access to a RSA token to log-in. The RSA security breach a few months ago was only possible because someone was able to steal the necessary information. Without that information the chances of them breaking compromising the encryption would be low. I used the term "IT Specialist" to include those who are not only mathematicians but also those who can actually implement the mathematicians work. Maybe next time I will use terminology that can be understood by those with a room temperature IQ.

Re:The three basics of sensitive e-mails

[Eunuchswear]

Room temperature? Are you describing yourself?

You said:

While there might be algorithms and methods that are near to impossible of being compromised the average user does not have access to it.

I said:

The average user does not have access to RSA?

I, of course, meant the RSA algorithm, as used by PGP, S/MIME and so on, not the crappy products of a company that uses the same name.

Do you thing the "average used" is unable to access Thunderbird?

You attempt to change the subject:

The average user does not have access to either the algorithms, mathematical skills, or the other resources required to analyze and crack today's advanced encryption methodologies in a realistic time frame.

Which is true. In fact I contend that as far as we know not even the NSA can do that.

Anyway, hope your IQ warms up soon.

Re:The three basics of sensitive e-mails

[Drugmath]

So many whooshes below you it's sad. +1 Hilarious to you

Re:The three basics of sensitive e-mails

[Coren22]

In the UK you have to hand over your encryption key. In the US it is not encoded in law that you have to, though I am sure they would find a way to get it from you.

The problem is the law

[einhverfr]

As I understand it, the 4th Amendment is generally extended to cover contents of communications, meaning a warrant is supposed to be required for such contents. However, as I understand it, the current laws make a difference between recent communications and less recent ones, meaning that old emails can be obtained at a lower burden (and via a subpoena) while newer emails may require a warrant.

Note that all that is required for a subpeona is for the DoJ to say they think there is content in the emails which probably relates to an on-going criminal investigation..... So historical data is up for grabs just because someone thinks it might be relevant.......

Note that these apply only to communications hosted on third parties. It seems to me prudent to actually download all your communictions and stop relying on either IMAP or webmail interfaces, so that the contents can no longer be subject to subpeona.

Re:The problem is the law

[networkBoy]

You are making the assumption that even if you don't use webmail or IMAP that there will not be old copies of your mail floating around. As we all know google does everything fast, except deleting data.
If you really want to be secure I would suggest using your own mailserver, but this is not realistic for 99+% of the population.
Heck, I don't even own my mailserver (though it is private, on a virtual host on another ISPs machine).
-nB

Re:The problem is the law

[KaoticEvil]

As I understand it, the 4th Amendment is generally extended to cover contents of communications, meaning a warrant is supposed to be required for such contents.

The problem is that the Patriot Act (thanks again, Dubya.) allows the DoJ and FBI or any other law enforcement agency to pretty much do whatever they want if they claim you are a "terrorist" or "aiding terrorist actions"..

Re:The problem is the law

and when the search features of windows itself start calling home on you what then? since vista and 7 the search is as tightly integrated as the failed google desktop search...
if you are going to do something the government wants to stop i suggest you not rely on computers, at all.

Re:The problem is the law

[Hatta]

As I understand it, the 4th Amendment is generally extended to cover contents of communications, meaning a warrant is supposed to be required for such contents.

There's no "supposed to be" about it. Warrants are required for legal access to personal communications.

However, as I understand it, the current unconstitutional laws make a difference between recent communications and less recent ones

FTFY.

Re:The problem is the law

Really the best solution is to obey the law and then you have nothing to fear, citizen 4356465446.

Re:The problem is the law

[superdave80]

...thanks again, Dubya...

http://en.wikipedia.org/wiki/USA_PATRIOT_Act#Details

The Act was passed in the House by 357 to 66 (of 435) and in the Senate by 98 to 1 and was supported by members of both the Republican and Democratic parties.

Both parties started this, and both parties have continued to support this act. (You'll notice that the Dems didn't repeal this when they had full control of the House, Senate, and Presidency). The sooner you stop thinking there is an 'us' and 'them' when it comes to the two parties, the better off you will be.

Re:The problem is the law

[einhverfr]

If you delete your emails, at least, then I would think that there might be stronger 4th Amendment grounds to challenge government possession of said emails via a subpoena. IANAL though.

Re:The problem is the law

[einhverfr]

The PATRIOT act doesn't supercede the bill of rights.

Besides the problem here is not the USAPATRIOT act, but rather the Stored Communications Act.

Re:The problem is the law

[Grishnakh]

The problem is that the Patriot Act (thanks again, Dubya.)

You mean "thanks again, Dubya and Obama". Obama signed an extension earlier this year.

Re:The problem is the law

[KaoticEvil]

It's not so much an "us and them" when it comes to the parties, it seems more and more that it's an "us and them" between the government and the people.

Re:The problem is the law

[ColdWetDog]

The sooner you stop thinking there is an 'us' and 'them' when it comes to the two parties, the better off you will be.

Nah. He's screwed either way. Give him his little delusion, won't hurt.

Re:The problem is the law

[KaoticEvil]

And to all who note that the Dems didn't repeal it and the Obama signed the extension.. This I know, however, it was Dubya that *started* it.. That was my point..

Re:The problem is the law

[martin-boundary]

Do you have the option of not abiding by unconstitutional laws with impunity?

Re:The problem is the law

Google is currently facing antitrust pressure and will obey all US laws.

Re:The problem is the law

[anagama]

Quit worrying about pesky things like amendments in the Bill of Rights. That so 1787.

Re:The problem is the law

only if you have more firepower than the person(s) breaking the law

Re:The problem is the law

[Stormthirst]

It doesn't help when they don't want to appear weak on terrorism. This kind of thing happens in England too. It's stupid, and just shows how many idiots there are. Of course all this will be resolved when I become the benevolent dictator

Re:The problem is the law

[afabbro]

...and voted for the original.

Re:The problem is the law

[einhverfr]

Define "impunity."

Re:The problem is the law

[mordur]

Or just host your email with 1984hosting.com

Re:The problem is the law

[sjames]

Since the 4th Amendment doesn't have an unless they're old clause, I find that differing treatment to be highly suspect.

If there could even be some logical reason to treat old communication differently, it would have to be relevance. Of course if the police want to see it, it clearly isn't old enough to have lost relevance yet.

Re:The problem is the law

[RzUpAnmsCwrds]

2011 US House reauthorization of the PATRIOT Act (HR 514):

Republicans:
Yea - 210
Nay - 26
No vote - 5

Democrats:
Yea - 67
Nay - 122
No vote - 4

In 2011, 35% of Democrats voted to reauthorize the PATRIOT ACT and 87% of Republicans do. The sooner you stop thinking that there are no differences between the parties, the sooner you can realize that your vote actually does make a difference.

I know that it's popular to trumpet the 'there is no difference' line on Slashdot. But instead of doing that, why not do some actual research into the positions and voting records of your candidates? Maybe then you will figure out that there *are* real differences and that the reality of a complex representative political system means that you are going to disagree with your representatives on a good number of issues.

Re:The problem is the law

As I understand it, the 4th Amendment is generally extended to cover contents of communications, meaning a warrant is supposed to be required for such contents. However, as I understand it, the current laws make a difference between recent communications and less recent ones, meaning that old emails can be obtained at a lower burden (and via a subpoena) while newer emails may require a warrant.

[[citation needed]]

How has nobody called you on this yet?

Re:The problem is the law

[monkyyy]

because a government official w/ a fancy badge, can ignore the warrant part, just needs to be a very fancy badge, enough to bury the name of the officer and who gave the order

Re:The problem is the law

[einhverfr]

I agree the jurisprudence is a problem here. But the issue comes from challenges in the 1970's to the Banking Secrecy Act where the court ruled that financial records in a bank were not protected by the 4th Amendment. In theory there isn't a close reason to see messages on a web server as being protected by the 4th Amendment if we accept that logic because they are stored in the commercial sphere, just like banking records, what cold medicine you buy, etc. Of course this is exactly why William O Douglass dissented....

For this reason the argument is that if is on a server outside your control, it is protected by statute at most and not by the 4th Amendment. The 4th Amendment then only protects what is on *your* computers and what is in transit. I believe this is wrong, but it is the law today :-(

Re:The problem is the law

[gknoy]

No. Disobeying unconstitutional or unjust laws is an act of civil disobedience: you do the crime, you then either accept the punishment or fight it in the courts. As the anonymous sibling said, "only if you have more firepower" - but I'd instead say it's more about if you have lawyers and money.

Re:The problem is the law

[Eunuchswear]

Really the best solution is to obey the law and then you have nothing to fear, citizen 4356465446.

What is this, Brazil(*)? You're confising citizen 4356465446 and citizen 774728.

(* The film, not the place. Not meant to cast aspersions on repressive abilities of Brazillian police).

Re:The problem is the law

[KaoticEvil]

And I thought *I* was jaded and cynical.. Wow...

Re:The problem is the law

[Rob+the+Bold]

2011 US House reauthorization of the PATRIOT Act (HR 514):

Republicans: ... No vote - 5

Democrats: ... No vote - 4

What excuse other than being dead or in a coma could 9 reps have for not voting on something that important?

Re:The problem is the law

Note that these apply only to communications hosted on third parties. It seems to me prudent to actually download all your communictions and stop relying on either IMAP or webmail interfaces, so that the contents can no longer be subject to subpeona.

Google and Yahoo don't really delete mail. When you delete mail on these services there is still a copy around so the suits with guns can still get a copy. You do have a good idea but you need to be using a mail service that when you the user deletes their mail it is really gone.

Re:The problem is the law

[FussionMan]

Obama didn't just sign it, he robo-signed it.

Re:The problem is the law

In matters of national security you are screwed, they need no warrents and the president already exists for them to simply ask.

Think Espionage.

Re:The problem is the law

[unencode200x]

Not only do they not delete it, they are *required* by law to keep it for a certain length of time. See my post about DEFCON 18: Your ISP and the Government: Best Friends Forever 1/3.

Re:The problem is the law

[superdave80]

The sooner you stop thinking that there are no differences between the parties,...

How large are the blinders that you are wearing that allowed you to overlook the fact that a Democrat president signed the extension? Or that 80% of Democrat senators voted for it? Or that the Democrats didn't bother to throw this piece of shit law out when they had full control for two years?

...why not do some actual research into the positions and voting records of your candidates?

Oh, sweet irony...

...the sooner you can realize that your vote actually does make a difference.

I already do realize that, which is why neither of these two parties get my vote.

Re:The problem is the law

[Coren22]

You mean Dubya signed it after it went through the House and Senate? Do you honestly think Dubya wrote the PATRIOT Act? It seems that some people think him a mad genius while simultaneously calling him a moron...

Rule 1:

[arthurpaliden]

Run your own mail server.

Re:Rule 1:

[Bucky24]

It would still be the same situation, they'd just come after you (probably break down your door even) to take it. A larger provider has the resources to fight a court battle.

Re:Rule 1:

cat a bit of /dev/random over the drive beforehand and they can bust the door down all they want. Cant do that gmail!

Re:Rule 1:

[Glendale2x]

Colocate a server that's using whole disk encryption? Although they would probably just compel you to give up the key, although I seem to recall the EFF was arguing that should be covered under the 5th amendment.

Re:Rule 1:

Better yet:

If you're going to do stuff like this... Keep your mail server's mail database in RAM with swap turned off. Have it auto-purge emails older than X days, and periodically reboot it. You could even run the entire thing in a chroot jail on a RAM disk.

I've never done this, so I don't know exactly how it would be done, but I've seen plenty of in-RAM databases used in production environments to speed up data access, and RAM disks are old hat.

Re:Rule 1:

[ackthpt]

Run your own mail server.

Download it all to your own client and choose a good client.

Re:Rule 1:

[einhverfr]

They'd still need a warrant, which means a lot more than telling a judge they think there is probable evidence that is somehow relevant to a case in order to get a subpoena.

Re:Rule 1:

[Bucky24]

I imagine it would be a lot harder to get to a colocated server, because first they'd have to get past the colocation facility to get the actual server, then they'd have to get the encryption key from you. But as you say, they'd probably just "compel" you to give up the key....

You COULD always plead the 5th to avoid giving them the key but in this day and age I imagine they'd probably throw you in jail or something worse.

Re:Rule 1:

cat a bit of /dev/random over the drive beforehand and they can bust the door down all they want. Cant do that gmail!

Yeah! And while we're off in fantasyland where every tiny email server admin with sensitive emails to hide is a secret badass who can either psychically sense when the authorities are coming to his door and start a professional-grade, data forensics-proof erasing procedure in time OR can overpower, break away from, and delay a squad of SWAT troops long enough to do any unrecoverable damage to the data, maybe we can also dream up a moat full of sharks around the server! Sharks and dragons! And and and shark-dragons! Yeah! And we'll have a million bazillion guns operated by magic elves who never get tired and kill everything you tell them to! And then you'll call on your billion orbital lasers and kill everything to smithereens! Just like in the movies!

Or, in the real world, your door would prove an insufficient delay and teh sp00kz would pull your bony/blubbery arms away from the keyboard before you could even get a terminal open thanks to a combination of all the energy drinks you chug and the sudden unexpected jolt of adrenaline from the whole situation making your fingers so jittery that you can't even find the home row without excessive concentration. Then the power cables get ripped out of your UPS directly, stopping your auto-shred scripts from running on the first power outage, they haul your ass into a grey concrete box, they pull out the pipe wrench, and soon you're crying out every password you've ever used in your life, right down to each porn site you've ever visited, in a desperate attempt to get them to stop.

Oh, and before you ask, no, they have both better AND more guns than you do, and you'd magically transform from a human being to a leaky sack of flesh and bones before all your l33t firing range training could even get through the body armor of the first guy who barged into your room.

Re:Rule 1:

[arthurpaliden]

Your server your retention rules.

Re:Rule 1:

[Stormthirst]

Better yet encrypt the drives and then plead the 5th when they ask for the boot password.

Re:Rule 1:

[Stormthirst]

In England they've already got that covered with the RIPA - which IIRC requires you to give up passwords, and denies you any whistle blowing.

Re:Rule 1:

[blueg3]

It's a lot harder to get a warrant to break down your door and take your computers than it is to subpoena records from Google.

Re:Rule 1:

[monkyyy]

u missed the point, google has a whole lot of junk it would have to deal with if it started saying "u need a warrant" to every request, much of which is probably illegal to threaten them w/ but no one really threatened, it was just unspoken

while u can delete ur stuff when u want, demand a warrant, call the judge "if" u "dont" believe it, sue for abuse, give a sob story to the media, etc.

Re:Rule 1:

[Eunuchswear]

It would still be the same situation, they'd just come after you (probably break down your door even) to take it..

Wrong. The DOJ wanted to read his mail without him knowing. Google argued that he should be told, which was nice of them, but if it was his own server in his own house the problem wouldn't come up.

Re:Rule 1:

[Dan541]

Truecrypt already has that covered with hidden volumes.

Re:Rule 1:

[dyingtolive]

Yeah, this about covers it.

Re:Rule 1:

[Jafafa+Hots]

AHA! You are hereby charged with destroying evidence! You MUST be guilty if you're shredding everything that comes in right away.

Re:Rule 1:

[arthurpaliden]

Have to delete the stuff officer my mail server/client system is an old PC with only a 10 MB disk, see here it is

Re:Rule 1:

[FussionMan]

Just like what you would expect from the Soviets of old -- it looks like they really did win in the end.

Re:Rule 1:

[GameboyRMH]

Yeah it's not much more complicated than a traditional chroot. You'd keep an "initial" copy of the server chroot with no personal data in it on disk to be copied to the ramdisk, and then to run the server you'd copy the "initial" data to the ramdisk and start the chroot from there. If the RAM gets cleared then you're back to the initial state.

Re:Rule 1:

[GameboyRMH]

The problem with colocation or a VPS is that they can get the keys from the box's RAM. If the VPS can't be traced back to you and serves most or all of its services through an .onion site, then you're in the ballpark of fed-proof security...

Re:Rule 1:

[Bucky24]

Hmm that's a good point...
"Sir we'd like to read your mail. And you can't tell yourself that we're reading it."

Re:Rule 1:

That is why when they ask you to provide the password/key your response is "I do not recall what it is." They can't prove that you didn't actually forget what it is and therefor can not charge your with impairing an investigation. It's worked for politicians and company execs in senate hearings and court cases, so it should also work for the citizens.

Re:Rule 1:

Run your own mail server.

Download it all to your own client and choose a good client.

You can also have an e-mail account in a server located out of nazi countries..
Another tip: never use the same account to keep in touch with family and friends, and ALSO to activist matters.
Another one: ask your activist partners to encrypt their e-mail to you, and cooperate with them encrypting your e-mail to them.
One more: use pseudonyms and access your mail server using the Tor network: this way not even the mail server admin is able to know who you are. Not even Google.
One last: terminate your Google account: it is finally found that Google, just like Amazon, Visa and Mastercard, is subject of pressure. It's also finally found that, just like Amazon, Visa and Mastercard, Google doesn't fight for their users.
If you do all of these, you wouldn't need to run your own mail server. But if you still prefer to do, encrypt your hard disk, and try to ERASE old e-mails that are not needed anymore. Keeping records of your activities makes you a potential wistleblower helping CIA's activities, instead of what you really want. For encrypting your HD, I suggest that you host your family and friends information e-mail accounts in a truecrypt partition, and the activists mail client information in a hidden partition.

An investigation != Conviction

[Synerg1y]

It's unfortunate that the DOJ can now seize emails whenever they feel like it without providing a reason, but I'd imagine there was a lot more pressure with this one than there is typically since this is a federal investigation. What next though? Jacob Appelbaum gets to disappear w a black bag? What exactly does the DOJ do nowadays?

And then there's statements like this...

"that raising the standard for obtaining information under ECPA may substantially slow criminal and national security investigations."

And that's a federal DA speaking, like I get he convicts pedos and murders and stuff, but have you ever heard of justice and ethics dude? Your DA score card isn't worth 1/1000 of a human life.

And here's what makes me shake my head...

Doing anything controversial on the internet... rule 101, don't tie personal information to your accounts. The technology available nowadays makes it mostly possible.

Re:An investigation != Conviction

[catmistake]

And that's a federal DA speaking, like I get he convicts pedos and murders and stuff, but have you ever heard of justice and ethics dude? Your DA score card isn't worth 1/1000 of a human life.

The way I see it, prosecutors forget the reason why they are immune from prosecution. Our Founding Fathers intentionally stacked the deck against the government to reduce the possibility of the innocent being convicted. But they gave prosecutors this ultimate power, this reminder, their immunity, which is intended so that they can afford to be just without external influence like politics, bribery, extortion, or prosecution. Most prosecutors at all levels seem to regard their immunity as though they were a Chicago Untouchable... above the law. They might get caught doing stuff wrong, using improper tactics or what have you, but they never ever are held accountable for it, so there's nothing stopping them from continuing certain practices because more often than not, they get away with it, whatever it is, and win their cases.

Re:An investigation != Conviction

[Eunuchswear]

And that's a federal DA speaking, like I get he convicts pedos and murders and stuff, but have you ever heard of justice and ethics dude? Your DA score card isn't worth 1/1000 of a human life.

Murder is not a federal crime.

He prosecutes people for wire fraud and things like that.

(People watch too much TV).

Re:An investigation != Conviction

[Eunuchswear]

Murder is not a federal crime.

Well, duh, I was wrong. There is a Federal murder law. Basicly applies to murders outside of any state, like a ship at sea, or in an embassy. (Or in DC? I'm not sure).

However, murder is generally a job for the states DA, not the feds.

Re:An investigation != Conviction

[unencode200x]

It's not just the DOJ your local and state authorities can get (w/o a warrant or you knowing) your email envelope and cell phone data (location and call records) with a simple phone call or by logging into a website. See DEFCON 18: Your ISP and the Government: Best Friends Forever 1/3.

Re:An investigation != Conviction

[DriedClexler]

What next though? Jacob Appelbaum gets to disappear w a black bag?

Geez, dude, getting a little hyperbolic there? It's not like the federal government is writing up secret hit lists on American citizens or anything.

Oh, wait...

curious..

[wierd_w]

Isn't one of the requirements for legal action the notification of what specific charges one has filed against him, for the purposes of a speedy and competent defence?

Since when does the government have the authority to conduct secret searches, siezures, and investigations of private citizens without disclosure of an offical charge?

Re:curious..

[networkBoy]

I think the thinking goes that you are not required to be notified that you are a person of interest. If they do not charge or detain you, I don't think you are legally entitled to be notified (*should* be notified, yes, required? I don't think so). IANAL, if there is AL here I would appreciate it if they could confirm this.

Re:curious..

[flaming+error]

Since when does the government have the authority to...

Since the moment they decided to assume that authority, and nobody stopped them.

Re:curious..

[sangreal66]

Since 1986 (It is all explained in the article). Further, he hasn't had any charges filed against him.

Re:curious..

[wierd_w]

This particular law is codified into the foundational fabric of the document which gives any power whatsoever to said government. Said document explicitly states that any and all powers and authorities not explicitly granted to it by that document or by legal bodies produced through the procscribed proecess therein, are reserved to the individual states and citizens respectively.

The government has therefor already denied itself such authority, and granted authority to the states and private citizens to enforce that restriction.

And you, mr kristopeit, are an ignorant fool. I doubt anyone else on \. would assert anything to the contrary on that statement. As such, you needn't reply.

Re:curious..

[Glendale2x]

Three words: National Security Letter

Re:curious..

[wierd_w]

Is this not in direct contravention of the 4th amendment?

Was not the spirit of the 4th amendment to prevent abuses of government against private citizens?

Are there not constitutional provisions preventing legal and judicial reprisals against witness testimonies?

From what rational and legal, as defined by the terms granted by the constitution, does the federal government assert authority to demand such information and papers without first lodging a formal charge, and issuance of a proper subpoena via a lawful warrant? (No, "interstate commerce" does not apply in this circumstance, since nothing was bought or sold, but was instead reported legally under the terms of the second amendment.)

As far as I can tell, the goverment is employing a dodgy legal corpus that was produced using a nonsanctioned method, as proscribed by the rules and practices outlined by the constitution, and is therefor not worth the paper it is printed on...

Can you validate that determination?

Re:curious..

[jonwil]

Since the US government used a terrorist attack to pass all kinds of new laws (most of which would not have helped stop 9/11)

Re:curious..

[wierd_w]

1) I am not interested in, nor did I solicit your opinion, weak minded, repititious, and disturbed troll.

2) this sentence does not make sense. My mother has only one face, and while old and wrinkled, is certainly not that of a fool, as she holds 3 degrees in hard sciences. This clearly illustrates my prior assertion about your competency to conduct a civilized and informed discussion, so no further evidence on your behalf is needed, thank you.

3) yes, the constitution can and has been amended in the past. However, that particular part of the constitution has yet to be amended via the proscribed 2/3 majority vote required to do so, and I have never seen a footnote beneath the 2nd and 4th amendments limiting or abolishing them as seen beneath the prohibition amendments. What exactly were you trying to say here? That you are an ignorant ass? Yes, I agree.

4) no, the power and authority to recreate the government comes into play only when said government engages in willfully tyrranical and oppressive behaviors. Such as in this instance.

5) says the man making unfounded and unsupported assertions that are without merit.

6) I shall cower behind nothing, and shall enjoy the freedoms of my anonymity whilst laughing at your pathetically predictable trolling.

Re:curious..

In the future, if the username starts with MichaelKristopeit, don't bother responding.

Re:curious..

[wierd_w]

*gigglesnort*

Re:curious..

[uvajed_ekil]

Is this not in direct contravention of the 4th amendment?

The 4th Amendment doesn't always apply anymore, especially in high-profile cases (this relates to Wikileaks, i.e. front page news), or much at all in California, where the courts and Governor agree that your phone (think about what a smartphone does) can be searched without a warrant. If this doesn't scare you, it should. This exemplifies a recent and major swing in the balance of power, in favor of those in office or who already have the power. Most of us will still be okay most of the time, but if we piss someone off or want to unseat the powers that be, well...

If the trend of the accelerating erosion of our civil rights continues, bad times are ahead for the common man, and a new age of corruption and blackmail will be upon us. I for one welcome our new Soviet-esque overlords!!!

Re:curious..

[sed+quid+in+infernos]

Where does the 4th amendment state that a formal charge is required before demanding information or papers? Warrants issue upon probably cause. That's a very low burden. Moreover, there's no requirement that only suspected criminals can have their papers and effects searched. If there is probable cause to believe a search will result in evidence of a crime, then a warrant can be issued, whether or not the person who owns the items being searched is thought to have committed the crime. Basically, if police have probable cause to believe you hid the stolen car in my garage, police can search my garage even if they know I had nothing to do with stealing the car.

Re:curious..

[sjames]

It certainly is a violation of the 4th. It's why the courts are joining the police in the steady loss of respect amongst the people.

Re:curious..

[monkyyy]

+5 dealing w/ trolls correctly

Re:curious..

[Eunuchswear]

cower in my shadow behind your chosen non-standard based pseudonym, feeb.

Could you give me a pointer to the standard or RFC doc for pseudonyms, I seem to have lost my copy.

Re:curious..

[Type44Q]

Since when does the government have the authority to conduct secret searches, siezures, and investigations of private citizens without disclosure of an offical charge?

Since our very own Reichstag fire...

Re:curious..

[guruevi]

Since Bush in 2001. (PATRIOT Act). Extended by Obush in 2011.

The terrorists won.

Damn you George Bush!!!!

[Vinegar+Joe]

I will be soooo glad when that fascist George Bush is out of the White House! Shit like this will not happen when Obama is finally inaugurated! Change is coming!

Re:Damn you George Bush!!!!

We know this isn't a matter of Republican/Democrat. This post brings nothing useful to the conversation. Piss off.

Re:Damn you George Bush!!!!

[Vinegar+Joe]

Last night in bed your mama told me you voted for Obama too.

Re:Damn you George Bush!!!!

That's Ok, your papa told me the same thing about you when I was doing him.

Re:Damn you George Bush!!!!

[Grishnakh]

Actually, it does bring something useful to the conversation, because most anti-Bush people do believe this is somehow all Bush's fault, and that Obama is blameless, and Vinegar Joe is doing his part to help bring the Obama supporters to reality.

Obama supporter, 2005: "the TSA's actions are violations of privacy."
Bush supporter, 2005: "we need to put aside concerns of privacy so we can be safe from terrorists."
Obama supporter, 2011: "we need to put aside concerns of privacy so we can be safe from terrorists."

Re:Damn you George Bush!!!!

[threat_or_menace]

I think it is well worth reminding people what Obama promised and what Obama delivered, on surveillance and on whistleblowing.

The poster you're pulling the long face over did not mention parties, he mentioned two personalities. The latter personality is
doing everything he can to demonstrate the importance of contintuity over all else in US politics.

Your choice to muddy the waters by bringing up political parties brings NUTTTC. PO.

Re:Damn you George Bush!!!!

The only difference is that now it is done "Chicago Style" rather than Cowboy

Re:Damn you George Bush!!!!

[einhverfr]

Umm.... the law in question was signed by none other than Ronald Reagan. It's the Stored Communications Act, signed in 1986.....

Re:Damn you George Bush!!!!

[Lead+Butthead]

you mean like... deep dish?

Re:Damn you George Bush!!!!

[anagama]

Man, the Demoplican party must have a huge cache of mod points because anything that points out the truth about Obama gets modded down.

Glen Greenwald had a great piece yesterday on how people who once vehemently attacked Bush for secret legal memos (*) and civil liberties violations, are doing the same things they decried with secret memos and worse civil liberties violations now that they are part of Obama's presidency. Civil liberties would have been safer with a Republocrat in office because then the Demoplicans could have gone on pretending to care about liberty.
http://politics.salon.com/2011/10/09/the_awlaki_memo_and_marty_lederman/singleton/

(*) the law is designed to open source, readable by all so that it can be followed. Just how the fuck do you follow secret laws?

Re:Damn you George Bush!!!!

[anagama]

Here's a conceptually similar cartoon:

http://americanextremists.thecomicseries.com/comics/123

Re:Damn you George Bush!!!!

>> I will be soooo glad when that fascist George Bush is out of the White House! Shit like this will not happen when Obama is finally inaugurated! Change is coming!

When a promise of change doesn't occur then things like Occupy Wall Street happen.

Re:Damn you George Bush!!!!

[Grishnakh]

Wow, that whole comic series really hit the nail on the head with Obama and his followers. Thanks for the link!

Re:Damn you George Bush!!!!

[couchslug]

"We know this isn't a matter of Republican/Democrat."

Some do, and others need it hammered home that the HNIC is as much a piece of shit as the Shrub he replaced.

"

Re:Damn you George Bush!!!!

I guess this isn't part of the change you can believe in...or is it more of "but, but, it's my predecessor's fault!"

Re:Damn you George Bush!!!!

Demoplican

I believe you meant Republicrat. Emphasis on the "rat" part.

Volunteer?

[lucm]

> WikiLeaks volunteer

Does this imply that some people involved with Wikileaks were paid? (Besides lawyers and besides the Australian rapist in chief, although he apparently managed to screw his book deal after he found out that the book was not going to be "one of the unifying documents of our generation" after all).

Re:Volunteer?

> WikiLeaks volunteer

Does this imply that some people involved with Wikileaks were paid? (Besides lawyers and besides the Australian rapist in chief, although he apparently managed to screw his book deal after he found out that the book was not going to be "one of the unifying documents of our generation" after all).

I don't know whether they're paid or not, but what reasoning makes it ok to pay lawyers but not other people? Would paying $1 to have the servers up and running, updated, etc not be worth the expense? What if it were $1000? If the job requires a significant amount of time and/or skill it can be difficult to find someone willing to do it for free, so in practice you have to either give up or pay them for their time. Is this such a bad thing, people getting together, donating a small amount of money, and then using some of that money to pay someone to make sure the mission is accomplished?
It would be great if we could all work for the joy of it, but that isn't yet a viable option.

Good!

Break the law, you get what you get.

Encrypt everything

[Junior+J.+Junior+III]

This is why if you're going to be doing stuff that you want to keep private, you encrypt it. If he was conducting wikileaks business over gmail using unencrypted email, that's very sad for Mr. Applebaum.

Re:Encrypt everything

[gknoy]

Encryption does very little when they wanted to know info in the (unencrypted) headers: who he was talking to, and where/when.

Re:Encrypt everything

If you note, the government didn't ask for the contents, they asked for the correspondent email addreses.

Encryption won't help you when they go after the other nodes.

Re:Encrypt everything

[uvajed_ekil]

Encryption is great, but it is not the ultimate answer to preserving our rights. Yeah, it works to maintain privacy and security, until they compel you to hand over the keys and potentially incriminate yourself or be presumed guilty. The 1st and 4th amendments are being eroded severely, and the 5th is beginning to be assailed. The next inconvenience to eliminate will be the 6th amendment, which is itself integral to the 8th amendment. I'm no Libertarian, nor a Ron Paul wacko, but I am VERY suspicious of some of what our leaders and courts have been doing lately, especially in the name of national security. Do not turn a blind eye or become too comfortable with government decisions, as it is our duty to keep them in check and protect our own rights. Governement is people, and people are fallible.

Re:Encrypt everything

[elucido]

This is why if you're going to be doing stuff that you want to keep private, you encrypt it. If he was conducting wikileaks business over gmail using unencrypted email, that's very sad for Mr. Applebaum.

Encryption doesn't stop governments.

Re:Encrypt everything

[snero3]

And when you're sitting in Jail for 30 days as a suspect terrorist I am sure you will be more than willing to give them your keys and passwords to all your encrypted information just to be free again. Encryption only prevents people from listening in, it is not very effective when you have been arrested or the law compels you to give over your password.

Re:Encrypt everything

"Encryption does very little when they wanted to know info in the (unencrypted) headers: who he was talking to, and where/when."

Yes, when we now that he was talking to asecdfrgt411547@mailinator.com at 10 past 5 we can lay our head at rest.

Re:Encrypt everything

[L4t3r4lu5]

No, this is why you boot a LiveCD OS with MAC cloning capability, use public WiFi connections, and then only use web of trust networks to communicate with others.

The trick is to avoid being caught in the first place; Encryption is a liability once you are.

Re:Encrypt everything

[viralburn]

Difficult to watch youpr0n when using a public WiFi.

Re:Encrypt everything

[Rich0]

Yup, seems like we need mixmaster and encrypted chained remailer routes back.... :)

well...

[Charliemopps]

At least they didn't just have a drone fire a hellfire missile into his apartment.

Re:well...

I think the current position is that it's only legal to blow up Americans while they're on vacation.

Re:well...

[NewtonsLaw]

At least they didn't just have a drone fire a hellfire missile into his apartment.

No, Lulzsec are doing that, now that they have control of the drone craft by way of their carefully crafted virus ;-)

Re:well...

[Arancaytar]

That might be one reason why they're so reluctant to let him back in the country whenever he returns from a conference.

@ioerror Every single time I re-enter the US, I am denied information about why I have been selected, detained, and so forth. It's clearly not random

Re:well...

[anagama]

No, you can't know that. The legal memo justifying ignoring the constitution is secret, meaning you are not allowed to know what string of circumstances will mean the president can decide to just kill you.

Secret subpoenas

Just pretend not to understand secret law...if that fails... "well excuuuuuuuuuuse me!"

And yet people use webmail

[Josh+Triplett]

Why would *anyone* involved in something as sensitive as WikiLeaks trust a webmail provider of any kind, or any third-party email storage? Run your own mail server, download your mails immediately, and store all emails locally on an encrypted drive. That won't protect new emails in transit (that's what GPG is for), but it'll protect existing emails. I can understand people using webmail when they don't really care. But in this case, it seems ridiculous.

Re:And yet people use webmail

[blueg3]

Well, for one, Appelbaum travels a lot. Sometimes to the US. His laptop has been confiscated by CBP before, if I remember correctly. So your solution amounts to dramatically increasing both the likelihood that you lose all your e-mail and the likelihood that you have a ton of encrypted data that annoys border security. Which might be "the right thing" but is hardly convenient if you're a traveling volunteer.

GPG won't do a damn thing to protect what the government asked for, which is e-mail headers.

Re:And yet people use webmail

[TapeCutter]

Why would *anyone* involved in something as sensitive as WikiLeaks trust a webmail provider of any kind, or any third-party email storage?

Good question, but what makes you think he used it for WL stuff?

Re:And yet people use webmail

[Josh+Triplett]

Keep encrypted backups elsewhere that you can restore to a new laptop. And yes, GPG doesn't help you with email headers; if you want to mask the source and destination, you need something better than email, and we don't have anything like that sufficiently widespread.

Re:And yet people use webmail

[Dan541]

Especially a mail service located within the United States.

Re:And yet people use webmail

[jafac]

I think it's time to assume that we have not heard the full story from the mainstream news source.
If they were interested in telling us the full and correct story in the first place. . . then we probably never would have been a need for WikiLeaks to exist. Am I right?

Email to use

for privacy use Hushmail.com

Ditto

I'm frankly amazed that PGP / GnuPG hasn't caught on by now. I mean, it's almost 2012 for pete's sake - why are we still sending emails in the clear? Maybe events like this will make people rethink the importance of privacy in communication...

Re:Ditto

[gooman]

Obviously, encryption only means you have something to hide.
Add to that, you're posting as AC, what exactly are you hiding?
We have verified your IP address, please stay put.
Our agents will be with you shortly.

Contributor to the tor project

[stox]

Jacob is a contributor to the tor project, I am sure he is extremely aware of the privacy issues of using an email provider.

Re:Contributor to the tor project

[Glendale2x]

Jacob is a contributor to the tor project, I am sure he is extremely aware of the privacy issues of using an email provider.

You'd think so, but then why would he be anywhere near gmail?

Re:Contributor to the tor project

Didn't Wikileaks get its start by sniffing Tor exit nodes for sensitive information?

Re:Contributor to the tor project

[Arancaytar]

If he used that address for anything security or privacy relevant, it's surely encrypted.

This isn't scary for the threat to Jacob Applebaum's secrets so much as for the precedent and principle. We can't all afford, effort-wise, to be as security-conscious as tor developers are. Yet if our email records can be forced from us without charges filed, then we need to be in order to keep our privacy.

Re:Contributor to the tor project

[anagama]

Registration address? I have a yahoo email address I only check when I'm forced to register to buy something from a site. It usually has 10000 or so unread emails in it at any point in time.

Re:Contributor to the tor project

Just because the government thinks there's something in his gmail doesn't mean there is. Maybe he had a more secure account which contained the juicy stuff.

Re:Contributor to the tor project

[TapeCutter]

Jacob is a contributor to the tor project, I am sure he is extremely aware of the privacy issues of using an email provider.

You'd think so, but then why would he be anywhere near gmail?

Why does anyone else use gmail? The issue is not what he may/may not have said in the email, the issue is why has the US replaced "probable cause" with a star chamber?

Re:Contributor to the tor project

"You'd think so, but then why would he be anywhere near gmail?"

He needs to get his 'wants to friend you' messages somewhere where the dimwits can contact.

Re:Contributor to the tor project

Because Jacob knows that he has committed no crime!

Open source clouds?

[MindPhlux]

Forgive me for being a bit undereducated on this front, but what exactly are examples of developers building open source 'cloud infrastructure'? Are there projects feasible to implement on a home server? I'd love to have a web accessible 'private cloud' to phase out my old VPN...

Re:Open source clouds?

cloud = server. same thing.

If you are running a vpn to upload data to a server at home, you are already running a "private cloud".

also, wrong thread.

Dare the authorities to squash you?

If you stick your tongue out at the authorities it should come as no surprise when they come down on you like a ton of bricks.. no sympathy.. stupid move
 

Technical solutions don't matter! cDc and TOR!

[EnergyScholar]

I see a lot of talk about technical solutions, not using free email, et cetera. If you think things through, you will see that none of that matters at all. Firstly, it's a safe bet that someone in the US Government not hampered by even the pretense of following the law already had all Jacob's official correspondence, encrypted or not. As I've posted multiple times already (see my previous posts), AUSCANNZUKUS has had access to a production quantum computer system capable of cracking PKI for many years, running as a virtual quantum machine on a winner-take-all style recurrent topological quantum neural network based on a physical system composed of non-abelian anyons (e.g. solitons) in a two-dimensional electron gas (e.g. in a HEMT, now present in most computers). For insight into this little-known factoid, digest this published research. Presumably, someone tipped off DOJ that there was something in Jacob's correspondence worth looking at. For those of you not yet willing to believe that PKI was cracked long ago, it's also rather trivial to inject a key logger onto most anyone's system, which is just as good as cracking PKI and ALSO defeats synchronous shared-secret cryptography. Personally, I'm disinclined to believe in such things, but I saw indirect evidence of it and figured out (after years of monomaniacal research) exactly what it must be and how it must work. Email me for details, or wait for the book.

Second, to the silly posters who wish to teach Jacob security fundamentals, you should be aware that he MAINTAINS THE TOR PROJECT, and is a member of the cDc. He certainly knows more than you or I about security fundamentals, and I've been a CISSP for years, wrote banking software, and was a security lead for Symantec. Do you really think that the MAINTAINER OF THE TOR PROJECT does not know how to become anonymous online? Hacktivismo is a spin-off of the cDc, and Wikileaks is a Hacktivismo project. That detail still has not been in the media, as far as I can tell, but it is obvious to anyone who looks into the topic, and is certainly known to three-letter agencies. Just google for "disruptive compliance" and their mission statement floats right to the top (this is a Google hack, from the people who wrote Goolag). Consider Wikileaks, and then answer this question posed by that document in 2003 (the year the Wikileaks project began), "But what disruptively compliant, hacktivist applications shall we write?"

Third, in case this hasn't been pointed out before, Wikileaks did not break any laws. If they had, you can bet the US DOJ would have ALREADY charged someone with something, rather than trumping up a sex offense at just the right time. FYI, the Swedish attorney who charged Julian Assange with a sex offense is the SAME Swedish attorney who represented the CIA for the Extraordinary Rendition trials, which makes him a CIA asset by definition. What Jacob Applebaum did was travel to Iceland and meet with other Wikileaks people for a few weeks. It's safe to say there was online correspondence, too. It's also safe to say, unless someone was downright stupid, that any truly sensitive communication was done anonymously. The ENTIRE POINT of Wikileaks was to set up the document submission policy to keep submitters anonymous, to make it IMPOSSIBLE to pressure the Wikileaks journalists into revealing sources (as governments have done to so many journalists recently). You can't tell what you don't know! If a source (e.g. Private Manning) is foolish enough to REVEAL THEMSELF then they are going to get in trouble. Even then, one can make a VERY STRONG argument that the documents he leaked (assuming he did it) reveal WAR CRIMES, in which case he was morally AND LEGALLY required to leak them, given that the usual chain of command was CLEARLY n

Re:Technical solutions don't matter! cDc and TOR!

[afabbro]

I see a lot of talk about technical solutions, not using free email, et cetera. If you think things through, you will see that none of that matters at all. Firstly, it's a safe bet that someone in the US Government not hampered by even the pretense of following the law already had all Jacob's official correspondence, encrypted or not. As I've posted multiple times already (see my previous posts), AUSCANNZUKUS has had access to a production quantum computer system capable of cracking PKI for many years, running as a virtual quantum machine on a winner-take-all style recurrent topological quantum neural network based on a physical system composed of non-abelian anyons (e.g. solitons) in a two-dimensional electron gas

Told you not to use the cheap alloys in your tin hat, but did you listen? No.

Re:Technical solutions don't matter! cDc and TOR!

[metaforest]

Somehow, I don't think EnergyScholar wants to be as isolated as you appear to be by your tinfoil hat.

Considering the bigger picture issues that loom...Is it any surprise that civil rights have been suspended?

What we see now is a process of slowly boiling the frog of public resistance to what amounts to an eventual, inevitable, and violent rape of public trust.

Re:Technical solutions don't matter! cDc and TOR!

[EnergyScholar]

Frankly, I'm impressed with how well the secret has been kept, to the point where slashdoters still think it's tinfoil hat stuff. The system went online circa 1996. The Chinese and the Russians have the same capacity. It's only a matter of time before the technical details are made public. The situation is similar to The Ultra Secret, which remained classified top secret from 1940 to 1975, but was well known to many people by the 1960s. As late as 1973 discussions about how 'The UK broke secret German military codes during WW2 with early computers' were considered tinfoil hat.

I can't be the only one

[future+assassin]

to think, why would anyone doing anything anti gov or illegal use a free email server or even keep the emails on the server. Cant be that hard to download all your emails from a hosted server and store them on an encrypted usb drive. Would it have been that hard to pay $20 per year for a shared hosting/vps not on US soil?

Re:I can't be the only one

[Arancaytar]

Did you think Google deletes email you download?

Re:I can't be the only one

It's probably not email that he's concerned about the government accessing. If it were me, I'd have a gmail account as a red herring and conduct only personal business through that account. My other account would never be referenced, and would be run via anonymization. Encryption would be required.

That way, the feds give themselves away by subpoenaing my personal unencrypted account and learn nothing of value while the server I used to run quietly goes dark and my hard disks mysteriously die. The disks get thrown in the trash and wind up in the landfill. Plausible deniability all around.

There's Law for YOU and Law for THEM

[rueger]

How cute, arguing about whether or not the government is behaving properly.

Accept the facts: the rules that apply to you do not apply to the government, especially the secret bits of it. Not because you can't find a statute to support your argument, but because they DON'T CARE and will ignore the rules when it suits them.

And they have bigger, badder guns than you do, and are able to send you off to foreign prisons if they figure it will shut you up.

In movies the Good Guys can win. This is real life though.

Re:There's Law for YOU and Law for THEM

Dude, they have all the flamethrowers.

Surprising

[Arancaytar]

Considering the United States is already pretty much strip-searching him whenever he goes near a border, you'd think they already know far more about him than they wanted.

Apparently there's a sort of "Do Not Fly Without TSA Harassment" list.

Big Effin Deal

When the POTUS can literally designate you a terrorist and assassinate you at will, then you can pretty much forget any other rights you "think" you have. Americans have been compliant in handing over every right over the last decade. It's sad how low we've....hey... look! A terrorist...someone protect me! *sob*

Message to Jacob Applebum and his sister

[uvajed_ekil]

Jake, sorry to hear about you getting into trouble with the big dogs, and hopefully you get out of it. And if you talk to your sister Bonita Applebum, tell her she's gotta put me on.

Bonita, Bonita, Bonita.

Crypto isn't the point

[xrayspx]

The point isn't "Jake's mail should be encrypted". Jake, being a pretty well known crypto advocate and analyst, knows this. The point is that the government has seized his records and communication, with no apparent cause. Likewise, he was one of three Wikileaks affiliated Twitter users who had all access records handed to the government, and DMs as well I believe. He's been detained at nearly every re-entry into the US for the last couple of years.

The point isn't "sucker should use crypto" or "well obey the law then", it's simple harassment of a citizen for acting, not illegally, but in ways the govt. and large private interests don't like. Had he broken a law, they've had their chance to pick him up at any number of border crossings rather than just sit him in a room and stare at him for two hours while planes are missed, etc. This is just the price of being a staunch activist for privacy and strong ubiquitous crypto today.

Re:Crypto isn't the point

But why would the Democratic Obama administration do this to an innocent man?

Re:Crypto isn't the point

[xrayspx]

What makes anyone think the Obama administration is any less authoritarian than any previous administration? Did I use the word Democrat or Obama once? Nope. Until we set aside "right" and "left" and start acting for what is "right" rather than "wrong", we all lose.

Encryption = torture.

[elucido]

And torture = broken encryption.

So no, encryption wont protect sensitive emails.

Re:Encryption = torture.

[Eunuchswear]

You may of missed the point that the DOJ didn't want the guy to know they were reading his mail.

I think he might have guessed if they were pulling his fingernails out and screaming "what is your email password!"

Re:Encryption = torture.

[elucido]

You may of missed the point that the DOJ didn't want the guy to know they were reading his mail.

I think he might have guessed if they were pulling his fingernails out and screaming "what is your email password!"

I didn't say the torture had to be physical. Interrogation can be done covertly.

Sure he would suspect that people are interrogating him but he wouldn't have to know it's the DOJ. He could be made to think it's anybody or just random people. The fact is, it wouldn't matter to the government how they break the encryption as long as it gets broken.

It would only matter to the government if they wanted to use it in a legal case. The DOJ is law oriented, the NSA and CIA are not going to care about the law.

Dont hate just asking

[styffler]

But why is someone who is involved with breaking into the private emails of government employees, a hero, but when the government returns the favor, they are a matre? Pretty hypocritcal. I'm all for open government. But every intimate detail isnt needed, nor in the best interest of the public. So I hardly feel bad for someone who enables intrusion when they get the exact same treatment back. In order to set a precedent, shouldnt the efforts of such people to be setting a good example? Fight to open unnessarily classified documents and post them via the Freedom of Information Act, instead of stealing and making yourself a criminal. Use the system. Maters are so 1000 years ago.

"Volunteer" ...

is the key word.

The USA government of Barak Hussien Obama II must employee its illegeal rendition and tourture tactics not on Employees of USA or intrnational companies and corporations, i.e. Sony, ha ha, but on "Volunteers"!

So under the DoJ's Holder's interpretation of "Law" and person "Volunteer" does not have claiment to USA Constitutional Law, USA Statutes, States Constitutional Laws, Stales Statues, Local Laws and Statutes and heavens forebid the ... Rights of Prisoners of War by the Geneva Convention.

Well.

Will we see the lifeless body of the "Volunteer" splayed on Obama's White House door step with Obama joyfully standing above and eating the "Volunteer's" heart, with great sexual enjoyment, he ejaculates in his $60K Armanine slacks and with relish, I ask.

What a great cad this Obama thing.

==

"Rubber hose cryptography"??

[RockDoctor]

"Rubber hose cryptography"?? Surely you mean "Rubber hose cryptanalysis".

There is a difference. How do you intend to encrypt something with your rubber hose? (No, seriously! I can think of one scheme, thought it's hardly secure.)

Re:"Rubber hose cryptography"??

[Captain+Hook]

http://www.dinstuhl.org/?p=48

Re:"Rubber hose cryptography"??

[Anonymus]

What scheme are you thinking of? The only rubber hose encryption method I can think of is still 100% foolproof, at least until they can read a dead person's thoughts.

Re:"Rubber hose cryptography"??

[RockDoctor]

That was the sort of scheme I was thinking of, but substitute a rubber hose (of one circumference) for the walking stick. However, put the hose under a certain tension and it's diameter will change allowing for an alternative "reading frame" for the message on your tape.

Of course, it's trivial to break such schemes.

Re:"Rubber hose cryptography"??

[RockDoctor]

The only rubber hose encryption method I can think of is still 100% foolproof, at least until they can read a dead person's thoughts.

That sort of scheme doesn't depend at all on the "rubber hose" part of the technique. All "write-only" storage systems have this property.

Unless, of course, you have some technique in which you can use your rubber hose to extract information from the dead in a way that "Alice", "Bob", or "Madge-in-the-middle" can't do (I forget who takes which rÃle in crypto-speak).

MISLEADING TITLE

[Vernes]

http://www.readwriteweb.com/archives/google_hands_wikileaks_volunteers_gmail_data_to_us.php

Your ISP and the Government: BFF

[unencode200x]

If you haven't seen it, the DEFCON 18 talk about this it is WELL worth it. They specifically talk about Google and how easy it is for local and state officials (forget the NSA and feds for a momenet) to get email envelope information and cell phone records w/o a warrant:

DEFCON 18: Your ISP and the Government: Best Friends Forever 1/3

One of the most chilling things in my book is they show that when a crime happens, one of the first things some local police do is get (w/o a warrant...) the records of whose cell phones were near the crime.

huh

[koan]

So if it was December 2013 when the feds came a knocking would Google still have the information? I know it's less than 2 years at this point, but now I'm wondering just how long data are held, not how long data is "required" to be held, but how long it is actually held, not like Google is short of storage.

First rule of legal issues

[koan]

When you see people debating law using terms "IIRC" or "As far as I know" then you can safely ignore them.
I see a lot of that here.
Go read your rights here: https://www.eff.org/wp/know-your-rights

Encryption keys: Plead the 5th, if it applies you don't have to turn keys over, so if he had encrypted his email....

Don't use public mail, control your data, ESPECIALLY if you work somewhere like "wikileaks" (FFS that this has to be pointed out is really kinda dumb)

But the best protection of all, the absolute best fool proof protection... don't get involved and stay off the internet.