[cryptography] Risks -- Server-side SSL key for 410k end-users subpoened by the Feds...

ianG iang at iang.org
Sun Oct 6 02:08:47 EDT 2013


The former operator of a secure email service once used by NSA leaker 
Edward Snowden has been fined $10,000 for failing to give federal agents 
access to his customers' accounts, newly released court documents show.

In August, Ladar Levinson shut down Lavabit, his security-minded email 
business, rather than comply with government demands that he claimed 
would have made him "complicit in crimes against the American people."

At the time, a gag order prevented him from discussing the details of 
his situation. But court documents unsealed on Wednesday reveal that the 
FBI wanted Levinson to hand over encryption keys that would have given 
federal agents "real time" access to not just Snowden's account, but the 
accounts of all 40,000 of Lavabit's customers.


... But they wanted more, he said: the passwords, encryption keys and 
computer code that would essentially allow the government untrammeled 
access to the protected messages of all his customers. That, he said, 
was too much.

“You don’t need to bug an entire city to bug one guy’s phone calls,” Mr. 
Levison, 32, said in a recent interview. “In my case, they wanted to 
break open the entire box just to get to one connection.”

More information about the cryptography mailing list