[cryptography] Risks -- Server-side SSL key for 410k end-users subpoened by the Feds...
iang at iang.org
Sun Oct 6 02:08:47 EDT 2013
The former operator of a secure email service once used by NSA leaker
Edward Snowden has been fined $10,000 for failing to give federal agents
access to his customers' accounts, newly released court documents show.
In August, Ladar Levinson shut down Lavabit, his security-minded email
business, rather than comply with government demands that he claimed
would have made him "complicit in crimes against the American people."
At the time, a gag order prevented him from discussing the details of
his situation. But court documents unsealed on Wednesday reveal that the
FBI wanted Levinson to hand over encryption keys that would have given
federal agents "real time" access to not just Snowden's account, but the
accounts of all 40,000 of Lavabit's customers.
... But they wanted more, he said: the passwords, encryption keys and
computer code that would essentially allow the government untrammeled
access to the protected messages of all his customers. That, he said,
was too much.
“You don’t need to bug an entire city to bug one guy’s phone calls,” Mr.
Levison, 32, said in a recent interview. “In my case, they wanted to
break open the entire box just to get to one connection.”
More information about the cryptography