Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ed Felten: Why Email Services Should Be Court-Order Resistant

Posted by Soulskill on from the it's-not-a-bug-it's-a-feature dept.

Jah-Wren Ryel sends this excerpt from Ed Felten at Freedom to Tinker: "Commentators on the Lavabit case, including the judge himself, have criticized Lavabit for designing its system in a way that resisted court-ordered access to user data. They ask: If court orders are legitimate, why should we allow engineers to design services that protect users against court-ordered access? The answer is simple but subtle: There are good reasons to protect against insider attacks, and a court order is an insider attack. To see why, consider two companies, which we’ll call Lavabit and Guavabit. At Lavabit, an employee, on receiving a court order, copies user data and gives it to an outside party—in this case, the government. Meanwhile, over at Guavabit, an employee, on receiving a bribe or extortion threat from a drug cartel, copies user data and gives it to an outside party—in this case, the drug cartel. From a purely technological standpoint, these two scenarios are exactly the same: an employee copies user data and gives it to an outside party. Only two things are different: the employee’s motivation, and the destination of the data after it leaves the company."

16 of 183 comments (clear)

  1. Are they completely blind? by Anonymous Coward · · Score: 5, Insightful

    So a court case that was created as a knee-jerk response to Snowden is arguing that organizations shouldn't take steps to prevent leaks like Snowden .....

    1. Re:Are they completely blind? by MrKaos · · Score: 4, Insightful

      Or, put another way, the court cannot perceive how it is the same as an extortion ring.

      No, the court hasn't perceived it from the perspective of a citizen issue where the motivations are to commit a criminal act, such as fraud against citizens. They are currently blind to unlawful uses of what they consider to be legitimate access rights. The court has to be educated as to why this is a bad thing (tm).

      --
      My ism, it's full of beliefs.
    2. Re:Are they completely blind? by Anonymous Coward · · Score: 3, Insightful

      The courts need to be educated that if encryption is properly done it's like asking them to hand over the moon, You can order them to do it but that doesn't mean it's possible.
      Since encryption is legeal some things are beyond the court's grasp. That is the lesson that must be taught.

    3. Re:Are they completely blind? by Anonymous Coward · · Score: 5, Insightful

      That's self-consistent and consistent with the way lawyers and judges view the world. In their view, the rules of society aren't defined by the way the world is, but by the way the legislative wants them to be. In their view, upholding the rules is not the job of engineers. It's the job of the police, and justice is the job of lawyers and judges. Lawyers and judges have no problem with telling you that you're wrong to say that 3+2 equals 5 if the law says that it's wrong. By making a system which is resistant to court orders, you're making it impossible for them to uphold the law, and even if you do so to prevent a violation of the law (an illegal leaking of information), that's still wrong, because upholding the law is their job, not yours.

  2. Good model by gweihir · · Score: 4, Insightful

    This model describes the problem pretty well. Of course it can be extended: What if the judge or (given an over-broad wiretap order) the police is in league with the attacker, freely or by coercion? That is not unheard of either.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:Good model by Jane+Q.+Public · · Score: 4, Insightful

      Besides: the court has another, arguably "more American" avenue: it can order the defendant to turn over the information. (If, that is, it doesn't violate his 5th Amendment rights.)

      I never did buy this concept that just because you have a business deal with someone, the court could order THEM to turn over personal papers related to you. Seems to me, the same standard of getting a warrant should apply. Otherwise, the whole purpose of warrants is being subverted.

      Let the courts criticize. There's not a damned thing they can do. They have no legal authority to order people to make their websites police-friendly.

    2. Re:Good model by bruce_the_loon · · Score: 2, Insightful

      Um, a warrant is a court order. The investigators explain to the judges what they suspect, why they suspect it and what and where they need to look to get more evidence. The judge then issues the warrant. Legality of the source of the evidence used to obtain the warrant can be challenged in the future case and will affect the chain of admissibility.

      Warrants don't just apply to the defendant directly, and are issued on a one-sided basis to prevent destruction of evidence by the defendant.

      --
      Trying to become famous by taking photos. Visit my homepage please.
    3. Re:Good model by Anonymous Coward · · Score: 5, Insightful

      But, as the story yesterday showed, only the company the warrant is issued against can challenge it, not the person they want to collect information about.

      So they may well violate your 5th amendmend rights, but the only ones who can do anything about it, is a company whose primary purpose is to minimize cost and maximize shareholder value. Not to protect your rights.

      So, adding 2 and 2 together, you don't have any rights.

    4. Re:Good model by Anonymous Coward · · Score: 3, Insightful

      The Feds have justified warrentless wiretapping on the basis that an -mail is like a post card, that everyone can read. The courts have ruled that an e-mail stored on a server unencrypted in like a postcard, and thus is not entitled to consitutional privicay protections. A system set up to avoid leaving an unencrypted copy on the mail server requires no further justification than preserverving constitutional rights to privacy that exist in oridnary snail mail.

  3. Life, Liberty, or Property? by 10101001+10101001 · · Score: 4, Insightful

    Commentators on the Lavabit case, including the judge himself, have criticized Lavabit for designing its system in a way that resisted court-ordered access to user data.

    What next? Complaining about hidden compartment in desks?

    They ask: If court orders are legitimate, why should we allow engineers to design services that protect users against court-ordered access?

    Oh, I don't know...because of "life, liberty, and the pursuit of happiness"? I don't know about you, Mr. Judge, but I personally don't want a court, court-ordered or not, snooping on my life--such inherently is a big way to disrupt my happiness. But, even if we forgo the DoI and move to the CotUS, it's "life, liberty, and property". Well, whether you view it as the user's property or Lavabit's property, they sure as fuck can do what they want with it. What part of any of that should be to make the court's job easier? Why would they seek to bend over backwards for any court?

    Of course, the big one is liberty. The biggest liberty of all is exploring the possibilities of math and the universe. And that heavily flows into attempts to make functionally unbreakable encryption resistant to even the US government. And is also flows from the point of just being a general asshole, which God Bless the United States of America, is very much recognized as a Creator given right. Clearly the judge is exercising it when he shows contempt for other people daring to live their lives in ways he doesn't like.

    Honestly, though, I do not try to be too much of an asshole. And I do recognize that there does need to be a means for courts and court-orders to function. The problem the judge seems to realize--and honestly why the NSA keeps getting the go ahead--is that criminals are most inclined to use those sorts of tools to hide their activities. The good response should be the obvious: most criminals don't go through the bother because they don't think they'll be caught and the rest are almost always found before the court-order (after all, you have to have evidence to get that far) or the court-order is a very inappropriate fishing expedition. All a court-order is there for is to solidify a case, not to make one. And so the very notion that there's something wrong with efforts to make their case inherently harder to prove is, well, fine by me. It almost always just means the prosecutor and the police have to work a bit harder to prove their case, if they care enough to go through the effort. The real limit of justice then is not the strength of encryption or the willingness of first or third parties to comply with handing over incrimination evidence. It has almost everything to do with running a decent investigation in the first place.

    PS - *sigh* The NSA part was probably unnecessary, but it reeks of the same stupidity and with the same sorts of results. Trying to find a needle in a haystack is easier because at least then you know you're looking for a needle. And if, by analogy, you know you're looking for a specific terrorist plot in a general time frame with certain people, you're already 90% of your way towards having a prosecutable case and a pathway to find accomplices.

    --
    Eurohacker European paranoia, gun rights, and h
  4. You mean only one thing is different. by mosb1000 · · Score: 4, Insightful

    Only two things are different: the employee’s motivation, and the destination of the data after it leaves the company.

    Actually, the employee's motivation is likely the same as well. And the destination seems to getting more similar every day.

  5. Bottomline... by duke_cheetah2003 · · Score: 2, Insightful

    If you don't want someone else to see it, stop putting it on the internet.

    Internet was NEVER EVER a means of private communication.. we've tried to make it that way for what, 20 years now? It's not going to happen. Keep your personal tidbits off the net if you don't want others finding them.

    Try using the tried and true encryption method. A piece of paper inside an envelope, with a stamp and an address. It's slower, but it's a lot more private than you'll EVER GET on the internet, now or in the future.

    1. Re:Bottomline... by oodaloop · · Score: 3, Insightful

      Try using the tried and true encryption method. A piece of paper inside an envelope, with a stamp and an address.

      That has got to be one of the dumbest comments I've ever heard on the internet. Wow. Just, wow.

      --
      Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
  6. The real subtle reason. by ttucker · · Score: 5, Insightful

    They ask: If court orders are legitimate, why should we allow engineers to design services that protect users against court-ordered access?

    The real answer question is, in what fucking world is it appropriate for courts to say what a private company programs?!? If the encryption is not illegal (it shouldn't be either way, but encryption is still legal in the US) the judiciary has no business saying whether it should be used or not.

  7. If court orders are legitimate by Charliemopps · · Score: 3, Insightful

    "If court orders are legitimate..." -- see there Mr Judge, you've answered your own question.

  8. Lavabit/Guavabit by PPH · · Score: 3, Insightful

    How many government employees combing through Lavabit's customer data are delivering it to the drug cartels?

    Court orders help because it forces crooked government employees to go before a third party to explain themselves.

    The primary problem most people have with the NSA data dragnet is that there is no system of checks to prevent such access. Once the data has been scooped up, nothing can stop an insider from misusing it. Look at Snowden. Only his motives differed from those of crooked employees.

    --
    Have gnu, will travel.