[cryptography] Reply to Zooko (in Markdown)
iang at iang.org
Sat Aug 24 14:18:33 EDT 2013
On 23/08/13 18:21 PM, Zooko Wilcox-OHearn wrote:
> Dear Jon:
> Thank you for your kind words and your detailed response.
> I am going to focus only on the issue that I think is most relevant
> and urgent for your customers and mine.
> That urgent issue is: what's the difference between the now-canceled
> Silent Mail product and the products that you are still offering, such
> as Silent Text?
I think this issue is important, and it is good to get all the opinions
out in the air. And I especially like that we can debate the merits of
an engineering decision with a venture like Secret Circle, and for once
not have to deal with the normal corporate mouthpieces out of which
stream very fine and pretty streams of bubbles.
> This changes the equation, because it means not only can the U.S.
> federal espionage authorities say "Backdoor all of your customers or
> close your business.", they can also say "Backdoor all of your
> customers or go to jail.". As the owner and CEO of a
> privacy-protecting service (https://LeastAuthority.com) and a U.S.
> citizen, and as the father of three precious boys who do not want to
> be separated from me for any length of time, this concerns me greatly.
I'm not convinced that the US feds can at this stage order the
backdooring of software, carte blanche. Is there any evidence of that?
(I suspect that all their powers in this area are from pressure and
horse trading. E.g., the export of cryptomunitions needs a licence...)
> Why do you think that this scenario is plausible? I don't think it is
> plausible. Instead, I think the conversation would go like this:
> Silent Circle: "… and then wait for all of our customers to
> automatically upgrade to the new version!"
> Attacker: "Okay. Do that."
So at this stage, SC can ask for the order from the court that
particularises that request.
The point being here that the court can easily order the handover of
documents that are kept. It cannot however easily order the business to
go and get the documents it doesn't have. The court does not typically
interfere in the business of business; rather this is all about an
intermediate step of facilitating the 'discovery' of evidence that might
be available, for some investigation. Ordering the discovery of
evidence that didn't hitherto exist, for a crime that isn't as yet to be
discovered raises ... difficulties.
> The stated reason was that the
> US federal government could compel Silent Circle to backdoor the
> Silent Mail service. That same reason applies today to the Silent Text
> service and the other services that Silent Circle is still operating.
I would be surprised if there was a single stated reason. It makes no
sense for any provider of any business to suddenly roll over and say eek
when the feds turn up and go boo.
Perhaps this is in part because, as far as I can see, the decision makes
perfect sense. The decision is really about the engineering differences
between email and chat. I would do the same.
In short, email is practically rather difficult to secure. Because,
with a nod to the other thread, amongst many reasons: it is a
standards-based monster, it has no limits to who and where, lots and
lots of metadata is spilt out, and finally we need *all* the clients to
be fixed to win so network economics are against us.
Whereas chat is securable. Chat typically is a closed system, one
client, or at least one protocol provider, and the metadata can be
limited. The difference is significant.
You can see this in the large with something like OTR which is trying to
secure all other chat systems. As we get broader and more inclusive,
the security provided starts to look more limited in its utility.
I am assuming that Silent Circle are doing a private chat system.
That's easy to secure (I mean, easy in the hand-waving sense in a crypto
group). But email ain't that closed system, and any promise that SC
makes looks increasingly as tho it isn't worth making, and I commend
them for trying, and then realising they are not going to be able to
keep it in any meaningful way.
> Currently, the US federal espionage agencies can compel Silent Circle
> to secretly provide access to all of Silent Circle's customers'
> private communications.
I do not believe that to be the case. As yet. I think they can compel
the communications that SC might have, but not their customers' private
> That's too bad. But it is fixable! But to fix
> it starts with admitting what the problem is.
That said, I think that you are right that the distribution of
untampered copies is a serious issue, and one that will eventually be
something SC will wrestle with.
More information about the cryptography