Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snapchat Search Warrants Emphasize Data Vulnerability

Posted by Unknown on from the perils-of-centralization dept.

Nerval's Lobster writes "This year's revelations about NSA surveillance have upended the idea that our data—any of it—is truly secure from prying eyes. That uncertainty has sparked the rise of several businesses with a simple proposition: you can send whatever you want via their online service (text, images, video), and that data will vaporize within seconds of the recipient opening it up. One of the most popular of those services is Snapchat, which allows users to take "Snaps" (i.e., videos or photos) that self-destruct a few seconds after the recipient opens them; that data also disappears from the company's servers. But is 'disappearing' data truly secure from prying eyes? Earlier this week, Snapchat admitted to a loophole in its schema that leaves Snaps open to viewing by law enforcement — provided the latter shows up at the company's front door with a warrant. Until a recipient opens a Snap, it's stored in the company's datacenter. In theory, law enforcement could request that Snapchat send it an unopened Snap. 'If we receive a search warrant from law enforcement for the contents of Snaps and those Snaps are still on our servers,' read an Oct. 14 posting on Snapchat's corporate blog, 'a federal law called the Electronic Communications Privacy Act (ECPA) obliges us to produce the Snaps to the requesting law enforcement agency.' Law-enforcement entities have hit Snapchat with 'about a dozen' search warrants for unopened Snaps since May 2013. 'Law enforcement requests sometimes require us to preserve Snaps for a time, like when law enforcement is determining whether to issue a search warrant for Snaps,' the blog continued. That surveillance could also go beyond unopened Snaps: Snapchat 'Stories,' or a cluster of Snaps, live on the company's servers for up to 24 hours and can be viewed multiple times, which broadens the window for law enforcement to poke its way in."

105 comments

  1. SNAP CHAT !! by Anonymous Coward · · Score: 0

    Is a trap !!

    1. Re:SNAP CHAT !! by sumdumass · · Score: 1

      It could be worse. If a man in the middle intercepts the communications, they have it indefinately. One of the first things they teach in forensics is that younever work from the original so a copy will likely always be around once they have a copy of it.

    2. Re:SNAP CHAT !! by Austrian+Anarchy · · Score: 1

      It could be worse. If a man in the middle intercepts the communications, they have it indefinately. One of the first things they teach in forensics is that younever work from the original so a copy will likely always be around once they have a copy of it.

      I suspect that it IS worse. No doubt it is being intercepted without a warrant anyway, and if the parties that be get caught they just say "oops" and nothing happens to them.

      --
      Time Bomber the Book coming soon.
  2. RetroShare by Anonymous Coward · · Score: 0

    RetroShare baby.

    1. Re:RetroShare by lister+king+of+smeg · · Score: 3, Informative

      RetroShare baby.

      I like retroshare. I have installed in my computers. the problem is; get everyone to use it call me when you have that one figured out.
      All the people I have talked to trying to get them to use it fall into one a of a couple of camps.

      1. they think that all encryption is somehow back-doored by the NSA/CIA/FBI/DOD/$InsertThreeLetterAgency anyway so it is a exercise in futility.
      2. they think they are too boring or have nothing to hide
      3. they think your tinfoil hat wearing paranoid.

      The media constantly actively attacks Snowden and Assange for being horrible "narcissistic treasonous traitor" and smear Manning for being Gay. Or plain Ignore the leaks.
      The politicians don't care or support spying.
      The spys lie to congress and nothing happens and worse get put in charge of their own oversight.
      The courts are conspiring with the spys. see fisa courts
      The corperations compete to see who can bend over the farthest, those that don't get destroyed see lavabit.
      And finally the people are either to apathetic ignorant or paranoid to do anything.

      whats a cryptogeek to do?

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
    2. Re:RetroShare by Anonymous Coward · · Score: 0

      And finally the people are either to apathetic ignorant or paranoid to do anything.

      Josh Billings said it best in his poem "The Kicker".

      I hate to be a kicker,
      I always long for peace,
      But the wheel that does the squeaking,
      Is the one that gets the grease.

    3. Re:RetroShare by chihowa · · Score: 1

      whats a cryptogeek to do?

      Steganography. Hide your message in various misuses of you're/your, to/too, and capitalization!

      It has the side effect of enraging the classically schooled cryptoanalysts. Win-win.

      --
      If you want a vision of the future, imagine a youtube comments section scrolling - forever.
    4. Re:RetroShare by lister+king+of+smeg · · Score: 1

      whats a cryptogeek to do?

      Steganography. Hide your message in various misuses of you're/your, to/too, and capitalization!

      It has the side effect of enraging the classically schooled cryptoanalysts. Win-win.

      My point was how do you get people to be proactive and use encryption not the type to use.
      If Bob won't read Alice’s message because reading an encrypted message requires two more clicks, then Alice is forced to either be a social pariah or let the government spooks eavesdrop.
      It does not matter what for of cryptography is used be it PGP retro-share or stenography also long a the receiving party is lazy and apathetic.

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  3. Just use RSA by Anonymous Coward · · Score: 1

    Have each client generate a public/private key pair, store the private locally, the public on the server, and encrypt each message using the recipient's public key. Stored snaps on the server could only be decrypted with the private key, which the server doesn't have.

    1. Re:Just use RSA by stewsters · · Score: 4, Insightful

      Which sucks if you want to access it from your phone, your computer, and a computer at the library. I think that syncing the keys securely is somewhat challenging for your average user. Your browser would also need to be able decrypt with the key, and doing that from javascript in a secure way is challenging.

    2. Re:Just use RSA by Anonymous Coward · · Score: 0

      Which sucks if you want to access it from your phone, your computer, and a computer at the library. I think that syncing the keys securely is somewhat challenging for your average user. Your browser would also need to be able decrypt with the key, and doing that from javascript in a secure way is challenging.

      If you don't have end to end encryption with trusted key transfer, then there is no point in even trying. You do have to give up some convenience for security. Nothing is preventing you from sending out messages from a random computer (as in anonymous calling from payphone), just why would you put your private key on a library computer? And cellphones are already vulnerable to NSA, so storing it there is a bad call anyways.

      If you really wanted to, one way would be to store the private key in encrypted storage with a memorised passphrase, on secondary devices, such as your cell or a usb stick if you wanted to check messages while away from your computer.

      This just shows: You have to give up the Cloud ideas for real privacy. Everything in the cloud can be known by the NSA.

    3. Re:Just use RSA by weilawei · · Score: 1

      You have to give up the Cloud ideas for real privacy.

      This is not true.
      This is not true.
      This is not true.

      It will, however, require a rethinking of the way we handle data and computation and the hardware which performs those tasks. Luckily, it's not too difficult to build a CPU which performs fully homomorphic operations. The math isn't even beyond high-school level (it's about on par with RSA). The primary issue right now is speed.

    4. Re: Just use RSA by AvitarX · · Score: 1

      For snapchat at least it's only phone accesaable I believe, so it's a good strategy for that app.

      --
      Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
    5. Re:Just use RSA by Anonymous Coward · · Score: 0

      The primary issue right now is speed.

      And how! Homomorphic encryption will be a purely academic exercise for the foreseeable future.
      If you are going to reduce a powerful servers performance down to that of an old calculator, what is the point of putting it in the cloud? Where is the cost savings?
      You may as well just buy the calculator and host it yourself. Use the money you saved to buy a padlock for extra security.

    6. Re:Just use RSA by TheRaven64 · · Score: 1

      Luckily, it's not too difficult to build a CPU which performs fully homomorphic operations. The math isn't even beyond high-school level (it's about on par with RSA). The primary issue right now is speed.

      The primary issue with homomorphic encryption is speed, in the same way that the primary issue with running Quake 4 on EDSAC is speed. No one has come up with a general-purpose homomorphic encryption scheme that doesn't also come with a slowdown that is so many orders of magnitude that you would get faster results doing the work on your mobile phone than in Amazon's cloud with homomorphic encryption. There are some special-purpose schemes for simple database queries, but each primitive operation you need (at least) doubles the total dataset size (and insertion / deletion times).

      --
      I am TheRaven on Soylent News
    7. Re: Just use RSA by Anonymous Coward · · Score: 0

      It is not. All communication is over HTTP, something which is trivial to reimplement. A couple of hours and you should be able to receive snaps on a non-phone device, and at that time, you can choose to not tell the Snapchat server that you've opened it (Yes, really!).

    8. Re:Just use RSA by spire3661 · · Score: 1

      The DOJ is arguing that such designs should be inherently illegal.

      --
      Good-bye
    9. Re: Just use RSA by Anonymous Coward · · Score: 0

      OK, that makes sense, but it's also a further argument for locally stored encryption keys.

      It's not an application that is supposed to be accessed from multiple devices, so the issue with key syncing is not there, there is no reason not to use a public/private key in the application when it comes to ease of use (with I suppose the caveat that when changing phones there could be some lost snaps as keys change).

    10. Re:Just use RSA by Jane+Q.+Public · · Score: 1

      "Have each client generate a public/private key pair, store the private locally, the public on the server, and encrypt each message using the recipient's public key. Stored snaps on the server could only be decrypted with the private key, which the server doesn't have."

      I think this sidesteps a troubling point brought up in Snapchat's statement. Since when is anybody obligated to "preserve" anything while government decides to issue a warrant? I don't think any such authority exists.

      Either there is a warrant, or there is not. If there is no warrant, I'll do whatever the hell I please with the stuff I have. I am not aware of any authority on the part of the courts to force me to change my daily actions "in anticipation" of a warrant.

    11. Re:Just use RSA by bmk67 · · Score: 1

      The DOJ can go pound sand, as far as I'm concerned.

    12. Re:Just use RSA by lgw · · Score: 1

      Well, a judge can order you to preserve electronic communication almost on a whim - but really, if there's a judge involved here I'd be shocked. Importantly, you have to deal with that for civil matters, where there will never be a warrant, but you're still on the hook.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    13. Re:Just use RSA by Anonymous Coward · · Score: 0

      The judge immediately issues "keep this for 2 days" court order.

      The judge goes and ponders if he wants to make you give "this" to the cops.

      The judge after 2 days might decide not to give it to the cops; to which you dutifully delete it (or not depending on what you intended to do).
      OR
      The judge after 2 days decides to give it to the cops.

      To get the "court order" the cops need pretty much zero evidence that they should *get* it; but some evidence that it will be deleted if the judge does nothing.

      The court basically gives them a warrant for "WAIT ONE DAMN MINUTE" with zero evidence. after that minute; you can do whatever you want (unless they give you another WAIT ONE MORE DAMN MINUTE court order).

      Just to be clear, being told to keep it is not the same as being told to give it to the police. The latter requires the police to convince the judge. The former just needs the judge to be asked.

    14. Re:Just use RSA by Jane+Q.+Public · · Score: 1

      Well, a judge can order you to preserve electronic communication almost on a whim - but really, if there's a judge involved here I'd be shocked.

      That's true, but I got the impression (wrong or not) that it was not a court order, but simply a "request" by government to preserve records "in anticipation" of a warrant. In a case like that, I'd be tempted to just burn the records even if they did not incriminate anybody. Of course, if it were a genuine court order, I might be obligated to comply, but I'd contest its validity both at the time, and later in court if necessary. As I say, the authority here seems questionable at best.

      I am not obligated to preserve personal or business papers on government "request". Period.

      As you say, it's different in a civil matter, that again that doesn't apply to this particular case.

    15. Re:Just use RSA by Jane+Q.+Public · · Score: 1

      "The judge immediately issues "keep this for 2 days" court order."

      The problem with this whole scenario is this first step. On what authority does this order to "keep this material" arise? It isn't a warrant. It isn't a subpoena.

      See, the error here is that a WARRANT is something used to SEARCH, in order to find illegal material. A warrant means there is probable cause -- but not yet strong evidence -- that something illegal is there. Before a warrant issues, there is no reason to believe there is anything illegal, and therefore no authority for a judge to order you to keep it.

      Even court orders have to have SOME rationale behind them. A judge does not have authority to just order what papers you can keep or dispose of, without reason. A warrant is an attempt to find that reason. Before that, there isn't any.

      "The court basically gives them a warrant for "WAIT ONE DAMN MINUTE" with zero evidence. after that minute; you can do whatever you want (unless they give you another WAIT ONE MORE DAMN MINUTE court order)."

      That is highly illegal. The court has no legal authority to do that. If a judge does it, and you are convicted with that evidence, then you have grounds to appeal, and that judge will end up looking very bad, indeed. Maybe even removed.

  4. So basically... by DiEx-15 · · Score: 2

    Snapchat hasn't been telling the truth to it's user base and stores private data longer than they claim to it's user base? That they do this so in case LE comes in with a warrant, they will have the info on tap for them?

    Is this a surprise to anybody anymore?

    1. Re:So basically... by gnasher719 · · Score: 5, Insightful

      Snapchat hasn't been telling the truth to it's user base and stores private data longer than they claim to it's user base? That they do this so in case LE comes in with a warrant, they will have the info on tap for them?

      No, they have been telling the truth. They store a picture until the recipient opens it. They have to, how else could they send the picture to the recipient? And the purpose is to be able to send the picture to the recipient when needed, not to preemptively gather information for the police.

      And a search warrant is a search warrant. Same as fifty years ago. The police gets search warrants to look for evidence against people suspected of crimes. Are you saying that Snapchat should think about whether information it has could be evidence against a criminal and hide it if it is? I'd say absolutely not. They should protect users' data against illegal access, but giving the information to police with a search warrant is absolutely legal.

    2. Re:So basically... by gandhi_2 · · Score: 4, Informative

      So basically the COURTS sign the warrants because of LEGISLATION that allows them to have this authority, and you should take issue with the Legistatures and Judicial bodies who exercise authority to tell companies what to do.

      It is all well and good that a company says they will do what they can, but all this authority comes from the laws and lawyers, not the server admins, not even the cops.

      --
      THL phish sticks
    3. Re:So basically... by SecurityTheatre · · Score: 1

      I have relatively limited issues with properly obtained search warrants, provided they adhere to a level of requiring material proof of reasonable suspicion (physical evidence is mandatory here).

      Even if I might disagree with the sometimes extreme tenacity of the government prosecutors to obtain a guilty plea at all cost, I don't totally believe that law enforcement and things like proper warrants, are inherently evil.

      That said, a search of an otherwise secure service should be able to search the service.

      It should not allow the creation of special mandates that require the company to drastically alter its service and/or lie to users in order to build some dragnet style collection of private information on the off-chance that some of it falls under jurisdiction. That's over the line.

      To be short...

      Proper warrant (with evidence) = reasonable
      Dragnet style snooping on everyone = unreasonable

      Simple.

    4. Re:So basically... by sl4shd0rk · · Score: 1

      not to preemptively gather information for the police.

      That's an assumption. If the NSA comes knocking on their door with legal papers like they did with Lavabit, you may never know about it.

      --
      Join the Slashcott! Feb 10 thru Feb 17!
    5. Re:So basically... by QuasiSteve · · Score: 1

      They store a picture until the recipient opens it. They have to, how else could they send the picture to the recipient?

      By sending the picture (or video) encrypted with a unique key, and only sending the key when the recipient opens it.

      They would still have to keep the decryption key, of course, but that won't do law enforcement, hackers, etc. any good without the data.

      They are generally honest with their users, though - they do point out that any 'snaps' you send could be screenshot, that their 'screenshot!' indicator does not work in all cases, and that there's plenty of other ways (analog loophole, basically) people could save that picture/video of your risqué selfie and so you really should consider that before you send them.

      Now if only they could stop the app from messing up its UI or crashing the base camera module on Android, I'm sure more people would care about SnapChat to begin with.

    6. Re:So basically... by Hatta · · Score: 1

      You can't do one without the other. If you give legitimate users the means to avoid illegal access, you give criminals the means to avoid legal access.

      --
      Give me Classic Slashdot or give me death!
    7. Re:So basically... by gnasher719 · · Score: 1

      By sending the picture (or video) encrypted with a unique key, and only sending the key when the recipient opens it.

      Everything is perfectly fine if they send the picture encrypted, and keep both hackers and insiders away from all stored pictures. There is no reasonable requirement to keep law enforcement from executing search warrants.

    8. Re:So basically... by gl4ss · · Score: 1

      well snapchat just now in his said that if they get served with such a thing then they save the data.

      actually snapchat seems like it's the most honest cloud company about this. if they haven't been served and you use the one time read portion of it then it's gone after loading. but even that practice cannot go over (secret) court papers which tell them to save certain snapchat users messages.

      --
      world was created 5 seconds before this post as it is.
    9. Re:So basically... by X0563511 · · Score: 1

      No, they have been telling the truth. They store a picture until the recipient opens it. They have to, how else could they send the picture to the recipient?

      Gee, maybe they could encrypt it and just fucking send it?

      Oh, right. Even something "simple" like PGP is beyond users at large. Shameful.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    10. Re:So basically... by Artraze · · Score: 1

      All well and good except for this:
      "Law enforcement requests sometimes require us to preserve Snaps for a time, like when law enforcement is determining whether to issue a search warrant for Snaps"

      Which pretty clearly indicates that they will log snaps for the purposes of sharing with the authorities provided the authorities have a warrant when they come to collect the data. I'd say that quite exactly is "preemptively gather[ing] information for the police", though I suppose that depends on how you're defining preemptive (i.e. before the request vs before the court order).

      Now, maybe these days that's what passes for good. Often times things are logged and preserved by default, and even handed over without a warrant. However, to make an analogy, this would be like allowing a agent of the police to record your phone or copy your mail with the data being held in escrow until the warrant is signed. I expect that this comes about from the idea that the information is being copied and deleted rather than transferred as something like a letter would be. That probably opens them to valid-enough charge of destruction of evidence if they don't comply with a simple request to retain the data pending a warrant. I'd be curious if that would stick (and very concerned if it did) but regardless it's certainly a nice bit of coercion.

    11. Re:So basically... by QuasiSteve · · Score: 1

      Everything is perfectly fine if they send the picture encrypted, and keep both hackers and insiders away from all stored pictures

      The problem with that is that both the encrypted data and the key would reside with them. To clarify, let's say a hacker gets access to an e-mail-and-password list, but it's all weak MD5 hashes - running that across a rainbow table and further dictionary attacking will easily yield the passwords.

      So what any good site would do is add a salt. Unless it's a salt that everybody in the world seems to use, that means the list has become largely useless.
      Unless, of course, the hacker in question also gets access to the module that does the encryption and finds the salt right there. Now all they have to do is drop that salt into the equation on their end.

      Of course that's often a rather more difficult step, perhaps requiring multiple attack vectors to achieve, but it remains possible.

      By moving the data completely out of their control, however, any attack is fruitless for existing data.

      There is no reasonable requirement to keep law enforcement from executing search warrants

      Well nobody is keeping law enforcement from executing the warrant - they'd just get a "sorry, but we don't have that data" as a reply.

      If you're saying that this in itself is unreasonable, then I'd have to ask what would be reasonable?
      An ISP deleting logs after 4 weeks could be construed as unreasonable if statistics were to show that law enforcement has greater success finding perps who use an ISP that keeps logs for 6 weeks due to the data required being more than 4 weeks old. But then it's equally reasonable to argue that 8 weeks would be even better. Why not a year, or indefinitely?

      I, for one, wouldn't be able to tell off hand where things stray from reasonable into unreasonable territory when it comes to privacy vs crime-fighting - let alone with hackers and organizations demanding (and getting) access for reasons other than crime-fighting complicating things.

    12. Re:So basically... by steelfood · · Score: 1

      They have to, how else could they send the picture to the recipient?

      Push. It doesn't always work. If a device is powered off, then push fails. But for security purposes where the data is being stored on the server, push is superior to pull. P2P is probably ideal. Cut out the middleman. Send directly via an encrypted channel.

      It doesn't really matter though. If the courts mandate Snapchat give up their encryption keys (like LavaBit), the only thing that could possibly stand between the data and a LE agent would be client-side encryption.

      --
      "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
    13. Re:So basically... by simonreid · · Score: 1

      Although I agree with you in the case of snap chat, normal people just don't think things through like that. I for one didn't know its not pushed to your phone until you read it.

      The other thing is its not just police search warrants you have to look out for.

      In many states a lawyer involved in a lawsuit (for example a divorce or child custody hearing) can issue their own subpoena for electronic records *without* law enforcement or the courts reviewing it. In this case its not evidence of a crime... but your ex wife might subpoena snap chat for all images sent to you and suddenly that secret picture your new girlfriend sent isn't so secret, and is being used in court against you. Its not illegal, but its not something you want to share.

    14. Re:So basically... by suutar · · Score: 2

      sounds more like "If LE gets here with a warrant before we delete it, we have to give it to them. If they give us proper legal notice that they're working on getting a warrant, we have to keep it around until they get one. In absence of any notice from LE, it goes poof once the recipient has gotten it."

    15. Re:So basically... by Anonymous Coward · · Score: 0

      Gee, maybe they could encrypt it and just fucking send it? Oh, right. Even something "simple" like PGP is beyond users at large. Shameful.

      That doesn't have the bogus feature of deleting the picture after it is viewed. I say bogus, because we all know that feature, like all DRM, has workarounds.

    16. Re:So basically... by JeffAtl · · Score: 1

      Everything is perfectly fine if they send the picture encrypted, and keep both hackers and insiders away from all stored pictures

      The problem with that is that both the encrypted data and the key would reside with them.

      They could encrypt the photo, send the key to the recipient and then delete the key from the server. The recepient's SnapChat client would have the encryption key so all of the functionality would remain in place.

    17. Re:So basically... by Anonymous Coward · · Score: 0

      You don't understand how password salting works.

      "Unless it's a salt that everybody in the world seems to use"

      The salt, is unique for every user (in a properly implemented salted password system).
      It is like a password the server generates whenever you change your password.

      Knowing the salt generation method; should not reduce the "security" of your salted passwords. because you still need to somehow use the real password in conjunction with the salt for every user.

      If you used the "same salt as everybody else" then you would create a rainbow table of every password with that salt.

      You know you theoretically don't even need to "hide" the salt? Even using the username as the salt is more secure than what you imply. If you use the username, in order to crack the "password" out of the leaked hashes; you would need to calculate the hash of the username+password string (however they were stuck together).

      Take the time to crack a password as N (on average you get it right in the middle - prolly not right)
      Time to crack Y peoples password without Salting: 2N (because every attempt you make can be applied to everyone else.)

      Salt that password, time to crack a single password is N (no change)
      Time to crack Y peoples password with Salting: Y times N (slightly bigger!)

      If someone dumps a user/password list, no amount of salting in the world is going to protect a single user that looks interesting. But it will stop a systematic hacking of everyones password.

    18. Re:So basically... by Anonymous Coward · · Score: 0

      the question is: does the post have to open letters, when the police wants to read them?

    19. Re:So basically... by QuasiSteve · · Score: 1

      That would be functionally the same thing as I (and others) mentioned further up - except that we proposed sending the encrypted image/video and deleting that from the server.

      Both have their pros/cons for the server/user, but sending the image/video seems the better option - less storage space required on the server, user gets the picture/video to pop up sooner (downloaded in the background, only have to wait for the key download and the decryption (fast even on budget smartphones)), and without the data on the servers there isn't even a brute force decryption possibility.

  5. Email sensitive data, why don't you? by Anonymous Coward · · Score: 0

    And then expect security and privacy of that information, because you used a GIMMICK APP FOR YOUR SECURITY!

  6. Court Order by MyLongNickName · · Score: 1

    How does one protect oneself from a court order? I guarantee that if Snapchat gets an order to log information that they will do so. The best you can hope for is that another party couldn't get information that predates the order, but if you never know if and when an order is in place, you can never be sure who has seen your data.

    --
    See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
    1. Re:Court Order by Overzeetop · · Score: 4, Informative

      1) don't put yourself in a situation where someone wants a court order for something you have
      2) ignoring 1, don't send incriminating evidence electronically
      3) Ever
      4) If you're stupid enough to ignore 1-3, pass one time, strong passwords in person, then encrypt your files locally and send them by any means you aren't supposed to be using based on 1-3, above. Then destroy your copy of the password and the entire computer you used to create, encrypt, or send the message.

      Though, really, sticking with 1 and 2 is your best bet.

      --
      Is it just my observation, or are there way too many stupid people in the world?
    2. Re:Court Order by Anonymous Coward · · Score: 1

      Right because surveillance has never been done against innocent people or against someone for political reasons either. No, you only get surveillance on you by doing something bad.

    3. Re:Court Order by disposable60 · · Score: 4, Insightful

      Unfortunately, dragnets are wide and indiscriminate, and worse, definitions of wrongdoing are local and plastic.

      --
      You're looking for quotes? See my journal.
    4. Re:Court Order by Anonymous Coward · · Score: 0

      1) don't put yourself in a situation where someone wants a court order for something you have

      Like, say, exercising your right to a free press?

      Gov't Obtains Wide AP Phone Records in Probe

    5. Re:Court Order by Anonymous Coward · · Score: 1

      You assume that you have to do anything illegal for someone to want to spy on you. There are plenty of legal things that the powers that be doesn't like.

    6. Re:Court Order by PRMan · · Score: 2

      He didn't say that. He said don't do something they won't like.

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
    7. Re:Court Order by silas_moeckel · · Score: 1

      Host your data is a hostile country. You think Iran cares about a US court order?

      --
      No sir I dont like it.
    8. Re:Court Order by gnasher719 · · Score: 1

      Right because surveillance has never been done against innocent people or against someone for political reasons either. No, you only get surveillance on you by doing something bad.

      I think this company is in the USA, so you are saying the police can get search warrants signed for political reasons?

    9. Re:Court Order by Anonymous Coward · · Score: 0

      Yes. The FBI and NSA have both been used to spy on people for political purposes.

    10. Re:Court Order by Desler · · Score: 1

      Which could be anything or nothing.

    11. Re:Court Order by Anonymous Coward · · Score: 0

      Are you LGBT? Are you a Christian pastor? Do you live in the middle east? Should snapchat ignore warrants from other countries? Sometimes sticking with 1 is not so easy.

    12. Re:Court Order by PPH · · Score: 1

      How does one protect oneself from a court order?

      From TFA: "leaves Snaps open to viewing by law enforcement -- provided the latter shows up at the company's front door with a warrant."

      There is no front door. Please deposit an electronic copy of all warrants and national security letters in our /pub subdirectory.

      Where the world can see it. So, you aren't protected against a search. But at least the gov't can't hide it from your customers.

      --
      Have gnu, will travel.
    13. Re:Court Order by SeaFox · · Score: 1

      He didn't say that. He said don't do something they won't like.

      "They" could be any individual in a position of power abusing his authority for personal reasons, sort of like those NSA agents spying on their crushes. It's impossible for someone to avoid that because their actions are not based on the laws and protocols they are supposed to be following.

    14. Re:Court Order by Overzeetop · · Score: 1

      Indeed they are, which is why you probably shouldn't be discussing items of a sensitive nature - something you absolutely don't want anyone to know about - using regular digital communication. The idea that you should never put in writing what you wouldn't say out loud is as valid today as it was 300 years ago. If you quit believing the fallacy that electronic communication is perfectly private, you can go forward properly.

      The OP asked how to avoid having items be the subject of subpoena. The answer is "what the fuck are you doing sending things you reasonably expect could be salient to a court case?" If you're doing something surrounding a court case, or you're doing something you know is illegal (even if you don't think it should be) - don't email/facebook/snapchat about it. Do it in person. It's worth noting that even a sealed letter is subject to subpoena, so - quit putting that shit in writing.

      --
      Is it just my observation, or are there way too many stupid people in the world?
    15. Re:Court Order by Overzeetop · · Score: 1

      Yes, they have. It's also illegal, and if they get caught the evidence must be excluded from the court. Usually those cases are more about intimidation for political purposes, not day-to-day stuff. It happens in exceedingly rare cases. Here's an analogy: Do you have you had a child which had it's spinal cord formed outside of the vertibrae? It's rare like that. IT scares the living shit out of paranoid people, but 99.99999% of us will never run into it.

      --
      Is it just my observation, or are there way too many stupid people in the world?
  7. Useless product by rhazz · · Score: 1

    Earlier this week, Snapchat admitted to a loophole in its schema that leaves Snaps open to viewing by law enforcement

    In other words, these companies are selling snake oil. Their systems provide no extra benefit other than quick deletion of messages. Nothing prevents the NSA from showing up with a FISA order to store and forward all messages from an individual. They are still just as vulnerable to NSA spying as any who came before.

    1. Re:Useless product by Anonymous Coward · · Score: 0

      1) Open a business that guarantees privacy from all governments.
      2) Allow governments to view data for a fee and sign legal waiver agreeing that you cannot disclose this loophole.
      3) Profit!

    2. Re:Useless product by mlts · · Score: 1

      Barring multiple companies that messages pass through in multiple countries (likely countries that don't like each other so multi-national warrants won't go through), the only place one can really be assured of security would be the endpoints. One has to assume that every point a message goes through, be it a router or a mailbox, the message is saved off permanently.

      Self-destructing messages are a joke. I've read some ways of trying to implement it through having a number of places that store a piece of the message's encryption key, but even that can be compromised by an attacker making a lot of bogus key storage sites, enough to possibly decrypt the messages.

      If endpoints are not secure, one is fscked anyway, so might as well focus on a web of trust system so data never is stored in plaintext once it leaves the endpoint.

  8. why is this so hard? by Terry95 · · Score: 1

    I honestly don't get it. Couldn't a proper service generate key pairs on the user's device and then just charge (or not if you prefer) for KB transmitted. The recipient has the private key to decrypt it. Or not. If you show up with a search warrant (or a gun) I give you the encrypted data and wish you a happy summer decyrpting it. Problem solved - as much as it will ever be solved in an open network where messages are not transported by human couriers. Yes given time and resources anything can be broken - for certain. But fishing expeditions or general ill will become prohibitively expensive. ALL resources are finite.

    1. Re:why is this so hard? by pla · · Score: 1

      Couldn't a proper service generate key pairs on the user's device and then just charge (or not if you prefer) for KB transmitted.

      Yes. The problem? Most people suck at working with encryption - They either can't handle it at all, or they do something phenomenally stupid that exposes their private keys to the whole world.

      Realistically, if not for the underlying need (for most people) that any encryption works completely transparently, we would have no need of specialty encrypted cloud storage in the first place - Just use TrueCrypt to work with your collection of encrypted files, and sync them back to your Google Drive or Dropbox or what-have-you when done. Bam, done. The fact that something as simple as that stumps most people pretty much proves my assertion

  9. So what key words will alert security agencies? by kawabago · · Score: 1

    If I could get all the security agencies to read my Blogs posts, I'd probably have a big enough audience to make a living!

    1. Re:So what key words will alert security agencies? by Anonymous Coward · · Score: 1

      So what key words will alert security agencies?

      @ seems to be all you need.

  10. Wickr seems good by grub · · Score: 1


    Wickr claims a zero knowledge policy, encryption/decryption is done on the devices.

    --
    Trolling is a art,
  11. There is still nothing stopping... by Endloser · · Score: 1

    the MITM attacks being performed.
    http://en.wikipedia.org/wiki/Room_641A

    Until you own all the copper and connected devices you aren't secure.
    Even then, you better trust everyone performing mainenance on said resources.

  12. Message security has to be end to end. by Animats · · Score: 4, Insightful

    From now on, all point-to-point message security has to be end to end. At no point in the middle can a message be plain text. The era of trusting service providers is over.

    We really need is a good way for people to publish their public key, in a place where tampering with it will be detected. Somebody needs to solve that problem.

    1. Re:Message security has to be end to end. by weilawei · · Score: 1

      There's a better way. For a recent summary of the state of the art, see http://www.aui.ma/africacrypt2012/images/africacrypt2012/fully%20homomorphic%20encryption.pdf.

    2. Re:Message security has to be end to end. by swillden · · Score: 1

      That's a potential solution to a different problem.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    3. Re:Message security has to be end to end. by mlts · · Score: 2

      We have this technology... keyservers that replicate among each other. Someone's key that is deleted from one will remain on the others, and eventually gets propagated back. Keyservers are designed to copy and add data, never delete/remove items. So, a key that gets on there will remain there forever.

      Of course, if every keyserver gets compromised at the same time, that is an attack, but if one is left that still has the key on it, it will propagate the next replication session.

    4. Re:Message security has to be end to end. by Anonymous Coward · · Score: 0

      How will the servers know which key is the correct one to propagate? What happens if the attacker drops an "updated" key onto the server they compromise, will it "update"/overwrite the legitimate key?
      Genuinely curious here as I've never heard of keyservers before.

    5. Re:Message security has to be end to end. by mlts · · Score: 1

      Each key has an ID. If someone plops a key with the same key ID, the server will keep and propagate both. This is actually an attack one can do. To deter it, that is why keys are signed, so that a key belonging to prz@acm.com with a page of signatures from old school USENET people is likely to be the right one, while a prz@acm.com with 1-2 bogus signatures and the same key ID (but a different fingerprint) isn't likely to be Phil's key.

    6. Re:Message security has to be end to end. by Anonymous Coward · · Score: 0

      The Key-ID is part of the fingerprint, and you cannot fake it. You can try to brute-force it, as its much shorter than the whole fingerprint, but this is not a feasible attack in most cases.

  13. The wrong approach? by Rigel47 · · Score: 5, Insightful

    How about instead of trying to duck and weave around the NSA we do it right and demand they dismantle their illegitimate spying apparatus? Remember the part about where the government is supposed to answer to the people?

    1. Re:The wrong approach? by rastoboy29 · · Score: 1

      While we definitely must do this, it is a basic rule of security not to trust any part of a system.  We should have gotten serious about that a long time ago.

      --
      expandfairuse.org
    2. Re:The wrong approach? by gnasher719 · · Score: 1

      How about instead of trying to duck and weave around the NSA we do it right and demand they dismantle their illegitimate spying apparatus? Remember the part about where the government is supposed to answer to the people?

      This discussion isn't about NSA. It is about a company providing information when they are required to do so by a legal search warrant and when they have the information, and about the company telling the customers what they are doing.

      You can come up with all kinds of things that the company could be doing theoretically without telling anyone, but that is obviously pure speculation. And the exact same speculations can be made about any company that ever comes into contact with any customer data.

  14. cloud is dead unless something changes. by nimbius · · Score: 2

    SaaS and PaaS are utterly useless for private citizens and will continue to be so long as their providers are willing to fellate even the most casual government agencies upon request for your personal data. To think this company has a solution that wipes data off their servers and off the client once the data is viewed, yet gladly withholds it until $agency can get its shit together and convince a judge to rubberstamp a warrant, is pretty damning as a business model.

    in the face of Everything as a Service, the constitution ends when you pick up your device. fifth amendment? thats certainly gone. first and second? only so far as theyre employed to ensure the rope is long enough to hang you. dont use one of these services? expect to be 'detained' randomly at an airport, train station, or bus terminal. And if you have the outright audacity to use any data encryption to protect yourself, expect your inquisitors to react much the same as they did to people like Moxie Marlinspike.

    --
    Good people go to bed earlier.
  15. Newspeak by dcollins117 · · Score: 5, Interesting

    a federal law called the Electronic Communications Privacy Act (ECPA) obliges us to produce the Snaps to the requesting law enforcement agency.

    Is it a rule now that every law has to be named to imply it does the exact opposite of what it actually does?

    1. Re:Newspeak by jader3rd · · Score: 1

      Is it a rule now that every law has to be named to imply it does the exact opposite of what it actually does?

      The laws would never pass if they didn't.

    2. Re:Newspeak by Anonymous Coward · · Score: 1

      a federal law called the Electronic Communications Privacy Act (ECPA) obliges us to produce the Snaps to the requesting law enforcement agency.

      Is it a rule now that every law has to be named to imply it does the exact opposite of what it actually does?

      There is, in fact; it is called the Federal Legislation Transparency Act.

    3. Re:Newspeak by idontgno · · Score: 1

      The process of naming laws has pretty much destroyed irony.

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
    4. Re:Newspeak by steelfood · · Score: 1

      No, it is just 1984 happening right before your eyes.

      --
      "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
    5. Re:Newspeak by Anonymous Coward · · Score: 0

      >Is it a rule now that every law has to be named to imply it does the exact opposite of what it actually does?

      Using your theory, what does that say about the "Affordable Care Act" which the Slashdot crowd seems to be in love with?

    6. Re:Newspeak by Anonymous Coward · · Score: 0

      Seriously. Off topic I know, but the Obamacare quote for me and my wife for just the catastrophic plan was $600/month. Right now we pay half that for an almost-Bronze plan though private insurance.

      To get an Obamacare plan with similar coinsurance and deductibles will cost us $800/month, so the "affordable care act" is raising our premium by $500/month.

      I've already notified two employees of mine that they will be losing their jobs as of December 15th (both part time students, so I am sure they will survive).

    7. Re:Newspeak by SleazyRidr · · Score: 1

      I'll just drag this off-topic-train right off the rails.

      Did I miss the part of the ACA that outlawed private insurance? Why can't you continue with your same insurance provider? If they've chosen to increase their rates, then that's just a private company making a business decision.

      Also, $500 makes you drop 2 employees? If they're only costing you $250/month each then they're probably better off without your "employment".

      --
      Is 1563649 a prime number?
  16. It's a big planet by SteveFoerster · · Score: 3, Interesting

    What I don't understand is why anyone runs any service with any sort of privacy angle from the U.S. There are freer countries with good Internet access. Pick one, and put all those U.S. subpoenas on the bottom of the birdcage, where they belong.

    --
    Space game using normal deck of cards: http://BattleCards.org
    1. Re:It's a big planet by fustakrakich · · Score: 1

      And how are you going to trust them? I sure as hell wouldn't. For the right price they'll cough up anything. Hell, they'll even make up shit if the cops want you that badly. Prosecutors have quite the history in that department. The best way to deliver a message after all these thousands of years is still through the classifieds or letters to the editor of a national or global daily periodical. Because even through Craigslist they can still track who reads the ad.

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:It's a big planet by cold+fjord · · Score: 1

      Outside the US the NSA pretty much has a free hand, not the mention the local law enforcement and intelligence agencies. Take your pick.

      Or were you thinking of some countries that have both good internet and no law enforcement and intelligence agencies? Any names come to mind?

      The internet makes for a very small planet. It is much more efficient to send a packet by internet than by plane.

      --
      much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
    3. Re:It's a big planet by SteveFoerster · · Score: 1

      Everyone has law enforcement, not everyone has no knock raids that go wrong so often it's a meme. And the NSA clearly has a free hand in the U.S. as well, so that's not much of an argument. I would consider setting up a service in Hong Kong, most Scandinavian countries, Canada, and a few countries in Latin America and the Caribbean before I would consider the U.S., the particulars of the situation would narrow it down.

      --
      Space game using normal deck of cards: http://BattleCards.org
    4. Re:It's a big planet by cold+fjord · · Score: 1

      Actually no, the NSA doesn't have a free hand in the US. That is what so many of the stories have been about - have they been properly abiding by the limits? But you're thinking about Hong Kong? That is too funny, really. You'll pass on the possibility of US surveillance for a practical guarantee of Chinese government surveillance? As to Scandinavia, both Sweden and Finland have internet surveillance operations, not to mention Germany, France, UK, and plenty more in Europe. Canada does too. In fact they were just involved in a controversy about spying on Brazil. The Latin America police states? Go for it. I'm sure Venezuela would in no way spy on internet use by foreigners. So it looks like you're heading to the non-Cuban influenced parts of the Caribbean for the steady, reliable, "outside the bounds of law" and "beyond the reach of intelligence agency" internet server hosting or access. So, exactly what sort of low profile privacy intensive service are you planning? Nothing illegal or of interest to Interpol I'm sure. I suppose you could try Brazil or parts of Eastern Europe. Both are havens for cyber crime, but both also have intelligence agencies and corruption. Choices, choices.

      --
      much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
    5. Re:It's a big planet by SteveFoerster · · Score: 1

      If you really think the NSA has any meaningful domestic restraint, hey, that's your call. But that you imply that every country in Latin America is a police state is pretty much a conversation ender for me.

      --
      Space game using normal deck of cards: http://BattleCards.org
    6. Re:It's a big planet by cold+fjord · · Score: 0

      A number of Latin American nations are police states, and since you apparently seek to be outside the reach of the NSA one has to assume you would go to hostile regimes such as Venezuela. Conversation ender? Ah, I see. One may denigrate the United States, but no part of Latin America. I get you. No loss to me. And if you post something silly in the future I will still feel free to respond to it as appropriate. Adios.

      --
      much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
  17. a solution by wbr1 · · Score: 1

    Have the servers only monitor client online status,store the pictures to send on the senders device until the server repots the recipient can receive.

    --
    Silence is a state of mime.
  18. Actually quite good by AdamWill · · Score: 1

    When I first read this several days ago (nice job, /.) I was actually surprised they were that good. I'd always expected when push came to shove it would turn out they were keeping copies of all the images 'for security' or something. I'm kind of amazed the NSA can only get at ones that haven't been read yet...

  19. You think that's bad by WillAffleckUW · · Score: 1

    All your Microsoft email and Yahoo email is scanned for keywords and the result sets are sent to Bing, identifying you.

    Privacy - oh come on, you're Serfs, stop pretending you are Citizens.

    --
    -- Tigger warning: This post may contain tiggers! --
  20. snsapchat by Anonymous Coward · · Score: 0

    oops, typo.

  21. "Privacy Act" by Anonymous Coward · · Score: 0

    It is odd how a "Privacy Act" ends up enabling the disclosure of private information. You see the same thing in the health care. I have no doubt that if one dug deeply enough there would be a common source for the ECPA provision noted in this article and the clause in every health care providers "privacy" policy that says they will divulge your private medical information for "national security purposes" -- and that statement is completely separate from where they mention a warranted, law-enforcement-related disclosure. Nothing in the policy states who gets to make the determination of what situation compels release of your data for this nebulous purpose. Think about how useful your DNA fingerprint would be along with the photograph the provider took of you when they installed their new electronic health record system.

    Read further at http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html

    In particular where it says "... authorization (i.e., a warrant) is not required to use or disclose protected health information for ... conducting intelligence and national security activities ..."

  22. Sorry, what moron trusts claims in first place? by Anonymous Coward · · Score: 0

    Obvious scam is obvious.
    -company claims NOT to hold copies of your photos- even an average American would not be so stupid as to EVER believe this lie.
    -company claims that your photo "self-destructs"? Yes, because we certainly DON'T live in the age of ubiquitous digital cameras that can capture ANY Human viewable image for all time.

    Here's a word for you sheeple- HONEYPOT. The most stupid criminal is the self-identfying one. Sooner or later, the obvious truth is reported about services like Snapchat, even though the truth was obvious BEFORE the reporting placed it in black and white. When a corporation PROMISES to protect your privacy, it exists purely to sell access.

    The real question is why end-point encryption- trivial for any computer- is so rare on the Internet. If you are talking with a friend online, by voice, video or text, why is it vanishingly unlikely that you are your friend are encrypting and decrypting your data stream? Why did ALL instant messaging services require every message go through their servers in plain-text? The answer is not a happy one.

  23. The truth comes out by SampleFish · · Score: 1

    This proves it to me. The NSA is really only concerned with collecting all the titties. They have the nude scanners at the airport to catch anyone who travels. Systematically they have infiltrated every possible way people use to share nude photos. Snapchat is a goldmine. All their dreams come true. Tits with every warrant. Now, with their unrivaled collection of nudie pictures they will rule the world with a strong masturbation hand.

  24. That is by Anonymous Coward · · Score: 0

    what public key cryptography is for.

  25. Once it is out the door, it isn't your data anymor by Anonymous Coward · · Score: 0

    The bottom line is this. Once your data is no longer on a device that you control, it is not your data anymore and you no longer have control over it.