[cryptography] Reply to Zooko (in Markdown)
zooko at leastauthority.com
Fri Aug 23 11:21:47 EDT 2013
Thank you for your kind words and your detailed response.
I am going to focus only on the issue that I think is most relevant
and urgent for your customers and mine.
That urgent issue is: what's the difference between the now-canceled
Silent Mail product and the products that you are still offering, such
as Silent Text?
I don't understand why the Lavabit shutdown and the related domestic
surveillance disclosures imply that Silent Mail was unsafe in any way
that wouldn't also mean Silent Text is unsafe.
Before I go on, I'd like to point out a critical fact that some
readers might not be aware of: Ladar Levison, the owner of Lavabit,
now claims that he is being threatened with jail time *for having shut
down the service*:
This changes the equation, because it means not only can the U.S.
federal espionage authorities say "Backdoor all of your customers or
close your business.", they can also say "Backdoor all of your
customers or go to jail.". As the owner and CEO of a
privacy-protecting service (https://LeastAuthority.com) and a U.S.
citizen, and as the father of three precious boys who do not want to
be separated from me for any length of time, this concerns me greatly.
Now, maybe the U.S. espionage authorities wouldn't make that threat
again. Maybe Ladar Levison's resistance will teach them that it was a
mistake. I don't know, but we have to take into account this
possibility for now. Your decision to shutter the Silent Mail product
was made because of such possibilities.
But your decision to *keep* the Silent Text service (and the others)
still operating while shutting down the Silent Mail service would make
sense only in the following scenario:
Attacker: "We're here to compel you to give us access to the
confidential communications of all of your customers."
Silent Circle: "But, to do that we would have to change our client —
for example, change its random number generator to produce output that
we can predict — and then upload a software update to the Apple and
Google app stores, and then wait for all of our customers to
automatically upgrade to the new version!"
Attacker: "Oh, well in that case nevermind."
Why do you think that this scenario is plausible? I don't think it is
plausible. Instead, I think the conversation would go like this:
Silent Circle: "… and then wait for all of our customers to
automatically upgrade to the new version!"
Attacker: "Okay. Do that."
Now, there is a big, complex, and interesting question about how to
enable others to *verify* the security of software. It is not
impossible, as you suggested. Good progress on enabling independent
verification of security is being made, by Whisper Systems
(https://whispersystems.org/), my own company LeastAuthority.com, the
Tor Project (https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise),
Gitian (https://gitian.org/), Debian
(https://wiki.debian.org/ReproducibleBuilds), and Bitcoin
But before we get into the nuts and bolts of how to facilitate
verification of end-to-end security, I want to hammer on the first
issue: before going forth to try to improve an issue, we should first
admit to our current customers and to the public that the issue
exists. We shouldn't mislead our customers into thinking that they are
safe from something that they are not. Silent Circle's closure of
Silent Mail for the stated reason is inconsistent with its continued
operation of the Silent Text service. The stated reason was that the
US federal government could compel Silent Circle to backdoor the
Silent Mail service. That same reason applies today to the Silent Text
service and the other services that Silent Circle is still operating.
To be clear, I'm not asking you to shut down your other services. I
think that would be a loss for everyone. And I'm not asking you to
magically fix all of the problems by tomorrow. I know, in part from
your detailed letter, that you are currently working on improving some
parts of your process, and I think that there are other techniques
that you could use (including licensing your source code as Free and
Open Source software) that would help. But I understand the challenges
of running a business, actively serving customers, and performing
sophisticated engineering all at once. I know that improvement takes
time. What I'm asking you to do is to *be clear* with your customers
and with the public about the current limitations.
Currently, the US federal espionage agencies can compel Silent Circle
to secretly provide access to all of Silent Circle's customers'
private communications. That's too bad. But it is fixable! But to fix
it starts with admitting what the problem is.
Founder, CEO, and Customer Service Rep
More information about the cryptography