[cryptography] Reply to Zooko (in Markdown)

ianG iang at iang.org
Sat Aug 24 14:18:33 EDT 2013


Hey Z,



On 23/08/13 18:21 PM, Zooko Wilcox-OHearn wrote:
> Dear Jon:
>
> Thank you for your kind words and your detailed response.
>
> I am going to focus only on the issue that I think is most relevant
> and urgent for your customers and mine.
>
> That urgent issue is: what's the difference between the now-canceled
> Silent Mail product and the products that you are still offering, such
> as Silent Text?


I think this issue is important, and it is good to get all the opinions 
out in the air.  And I especially like that we can debate the merits of 
an engineering decision with a venture like Secret Circle, and for once 
not have to deal with the normal corporate mouthpieces out of which 
stream very fine and pretty streams of bubbles.

That said...

...
> This changes the equation, because it means not only can the U.S.
> federal espionage authorities say "Backdoor all of your customers or
> close your business.", they can also say "Backdoor all of your
> customers or go to jail.". As the owner and CEO of a
> privacy-protecting service (https://LeastAuthority.com) and a U.S.
> citizen, and as the father of three precious boys who do not want to
> be separated from me for any length of time, this concerns me greatly.


I'm not convinced that the US feds can at this stage order the 
backdooring of software, carte blanche.  Is there any evidence of that?

(I suspect that all their powers in this area are from pressure and 
horse trading.  E.g., the export of cryptomunitions needs a licence...)

...
> Why do you think that this scenario is plausible? I don't think it is
> plausible. Instead, I think the conversation would go like this:
>
> Silent Circle: "… and then wait for all of our customers to
> automatically upgrade to the new version!"
>
> Attacker: "Okay. Do that."

So at this stage, SC can ask for the order from the court that 
particularises that request.

The point being here that the court can easily order the handover of 
documents that are kept.  It cannot however easily order the business to 
go and get the documents it doesn't have.  The court does not typically 
interfere in the business of business;  rather this is all about an 
intermediate step of facilitating the 'discovery' of evidence that might 
be available, for some investigation.  Ordering the discovery of 
evidence that didn't hitherto exist, for a crime that isn't as yet to be 
discovered raises ... difficulties.

...
> The stated reason was that the
> US federal government could compel Silent Circle to backdoor the
> Silent Mail service. That same reason applies today to the Silent Text
> service and the other services that Silent Circle is still operating.


I would be surprised if there was a single stated reason.  It makes no 
sense for any provider of any business to suddenly roll over and say eek 
when the feds turn up and go boo.

Perhaps this is in part because, as far as I can see, the decision makes 
perfect sense.  The decision is really about the engineering differences 
between email and chat.  I would do the same.

In short, email is practically rather difficult to secure.  Because, 
with a nod to the other thread, amongst many reasons:  it is a 
standards-based monster, it has no limits to who and where, lots and 
lots of metadata is spilt out, and finally we need *all* the clients to 
be fixed to win so network economics are against us.

Whereas chat is securable.  Chat typically is a closed system, one 
client, or at least one protocol provider, and the metadata can be 
limited.  The difference is significant.

You can see this in the large with something like OTR which is trying to 
secure all other chat systems.  As we get broader and more inclusive, 
the security provided starts to look more limited in its utility.

I am assuming that Silent Circle are doing a private chat system. 
That's easy to secure (I mean, easy in the hand-waving sense in a crypto 
group).  But email ain't that closed system, and any promise that SC 
makes looks increasingly as tho it isn't worth making, and I commend 
them for trying, and then realising they are not going to be able to 
keep it in any meaningful way.


> Currently, the US federal espionage agencies can compel Silent Circle
> to secretly provide access to all of Silent Circle's customers'
> private communications.


I do not believe that to be the case.  As yet.  I think they can compel 
the communications that SC might have, but not their customers' private 
comms.


> That's too bad. But it is fixable! But to fix
> it starts with admitting what the problem is.


That said, I think that you are right that the distribution of 
untampered copies is a serious issue, and one that will eventually be 
something SC will wrestle with.




iang


More information about the cryptography mailing list