So long as uninformed speculation is running loose...
Lavabit's comment that "If you knew what I know about e-mail, you might not use it either." points in a email specific direction as opposed to simple sniffing of traffic.
Perhaps he is referring to the Stored Communications Act ( http://en.wikipedia.org/wiki/Stored_Communications_Act ). I haven't seen it referenced in coverage of this but the gist is under the right circumstances email that is older than six months and stored on a server that you don't own can be accessed without a warrant. Lavabit's encryption process as described would interfere with that. Not being able to comply AND being unwilling to take steps to comply in the future is the sort of thing that feds don't like.
This wasn't a big deal when it was passed in 1986 and small mail quotas were the norm but now with IMAP, multiple devices, and archiving it becomes a pretty big issue as you are talking about someone's electronic life instead of abandoned mailboxes.
AFAIK the issue of Fourth Amendment issues and SCA hasn't made it to the Supreme Court yet so interpretations vary depending on circuit.
Levison did make a comment once that he couldn't give the government what he didn't have, referring to deleted emails. I didn't address that in the article but it is another dimension to this. Being that this is all about something he didn't already have, chances are that archived messages was one of those things.
Nevertheless, the means to decrypt those messages still is the critical difference here.
The concept of a gag order is orthogonal to specific laws. But I believe it was the Patriot Act that gave the Executive the power to make NSLs with a similar effect.
This gets asked a lot currently. The sentiment seems to be that email is doomed from a security viewpoint. You'll be leaking metadata no matter what. Even if your email provider was somehow secure, you have no way of knowing if the person (and their provider) you are communicating with is secure. If it's not (which is very likely) then all your efforts to secure your end are almost for nothing.
So yeah, my suggestion currently is to acknowledge the level of secrecy (or rather lack of) available with your email setup and use it accordingly.
Modern post companies use OCR and other digital processing to handle all mail, including postcards. At least is would be easier to mask who is sending the postcard, for example by omitting the sender details and throwing it into a mailbox far(ish) away from your home. Not a perfect system, as one could probably locate your home via triangulation if you were to use a number of different post boxes in the area of your home.
There are no providers who can provide full protection from a court order. The only solution is to encrypt on the client side using PGP or S/MIME and make everyone you communicate with do the same. But that means you can only login to your email from computers where your private certificate is installed. It also means no more webmail and no more search capabilities.
This raises the barrier enough so that the NSA/FBI can't just request access to your mail. Instead now they would have to either physically access the mail server, or use extremely offensive techniques (backdoor your computer, take control of your mail server via a software vulnerability, etc).
If only running your own mail server, spam detection etc was a trivial exercise. I did this for many years running sendmail on OpenBSD, but it is so much nicer having Gmail now.
Lavabit's closure highlights the fact that third-party email providers cannot be trusted to keep your email private.
Even running your own mailserver (on a computer in your home, for example) won't save you from dragnet NSA surveillance or targeted attacks, but at least you'll know if the government sends you a National Security Letter or obtains a FISA court order for your email.
> Even running your own mailserver (on a computer in your home, for example) won't save you from dragnet NSA surveillance or targeted attacks, but at least you'll know if the government sends you a National Security Letter or obtains a FISA court order for your email.
At which point you could disconnect your mail store from the server, stick it somewhere safe, and claim that you don't store mail, you just read it then delete it. They'd have to get a warrant to search your home, they'd probably decide it isn't worth it.
If you run your own MTA/IMAP server and lock down the OS and BIOS sufficiently -- including encrypting the hard drive -- you can be fairly confident that your at rest emails, including metadata, will not be accessed without your knowledge. But there's not much at all you can do to prevent mail sent to or from your machine from being intercepted. Configuring your MTA to only converse over TLS will help, but ultimately you have no good reason to trust the other mail server.
You can encrypt all your message bodies using either PGP or S/MAIL, but that requires the people you are conversing with the have key pairs, and doesn't protect metadata.
Many people seem to forget that there are still countries where US laws are not in effect.
Even more interesting is the fact that even Lavabit's founder seemed to have overlooked this fact, and instead of relocating his servers and all the user data to Iceland, Norway or New Zealand, he chose to shut it down for good.
Because if he got a NSL requesting a backdoor on his servers, then it doesn't matter where the servers are located. What matters where he personally and his company are located. And you can ask Snowden how fun it is to be persona non grata.
One clue is a statement Levison made is that it's not just what they asked him to do, it's also what he knows that would change our perspective of email:
“If you knew what I know about e-mail, you might not use it either.”
"In reality all it would take is a few lines of code code to log the user’s original password which allows you to decrypt the private key which in turn allows you to receive and send mail as that user as well as access any stored messages."
Is this any different to writing a few lines of code to sniff the PreMasterSecret or even just a plain ol' MitM attack?
What if the founder of Lavabit took the documents that the US government sent him and gagged him with and put them somewhere where they could be stolen or illegally accessed? For example, what if he put them on a computer with a public facing ip address, or even left them on his desk in his office? If he could have plausible deniability couldn't they get stolen and leaked without him really getting in trouble?
This may seem like a stretch, but when you consider the government is using secret interpretations of laws how is it any different than what they are doing?
>This may seem like a stretch, but when you consider the government is using secret interpretations of laws how is it any different than what they are doing?
The difference is that they have the guns, the tanks, and the full weight of the Department of Justice behind them.
As long as we don't have a statement from either the government or Lavabit, we can only speculate. The most reasonable thing is then of course to assume the worst - complete surveillance of all customers. The rest is pretty much details.
Until we get someone to risk going open with this we won't ever know. You can't fight a secret law in secret very well. But only people served with a secret demand has standing to challenge it. The barriers are too high as long as the Government can keep the secret. Once it's out of the bag you have more options in court. But you also risk everything they can do to you in secret.
Kickstarter idea: $xxx,xxx for the network operator who sniffs network traffic that discloses the basis for the Secret TSA ID law. Goose, gander, etc. I'd happily kick in 1%.
A device or piece of software designed to sniff the mail server to mail server connections would also be an option for broad based surveillance. Only a handful of mail providers (like Google) have the option to encrypt traffic server to server. Most mail servers transmit messages in the clear to each other and only encrypt the server to client side.
> Only a handful of mail providers (like Google) have the option to encrypt traffic server to server.
SSL/TLS is available for everyone.
> Most mail servers transmit messages in the clear to each other and only encrypt the server to client side.
I hear this again and again, but I can't really find any data that confirms this claim one way or another. Anyone on HN running their own mailserver wanting to comment on how large portion of connections get encrypted?
The entire email transation between a sender and a recipient usually looks like this:
Sending Client [--A---> Sender SMTP Server [--B---> Recipient SMTP Server [--C--> Recipient IMAP/POP server <---D----] Recipient Client
Connections A and D are easily possible to encrypt, provided your provider provides SSL/TLS on their SMTP and IMAP/POP servers. Most usually do. Connection C is usually local to a single machine, or for large email providers will go over an intranet of some kind.
What is at issue is connection B, which goes over the public internet. That is almost always in clear text, as most of this infrastructure was designed 30 years ago and hasn't evolved much since then. If you are sending email within a single provider (e.g. sender@gmail.com to recipient@gmail.com), such delivery can be trivially encrypted.
I don't suppose anyone has any stats (or even educated guesses) about how many mail servers you'd not be able to connect/send to if you enforced TLS connections from your outgoing SMTP server (as in, refused to send data to servers that didn't respond appropriately to a STARTTLS command)?
Having run a mail server that used to have a self-signed cert and that now doesn't offer starttls at all, I can tell you I experienced zero failed deliveries (well, nobody has ever complained, and I still get all the mail I expect to get). Maybe incoming mail will use starttls if available, but if it's not (mitm, fake mx record, etc.) the remote server isn't going to stop. It just delivers in plaintext.
I mean, it's trival to see this is true. Open up your mail server's configuration file. Where's the line that specifies trusted root CAs for relaying to remote servers? Oh, there isn't one? So how does it verify the chain of trust?
(I realize I didn't quite address your question. Solid answer: at least one. But I'm fairly confident the number of server configured as you suggest is extremely close to zero.)
I completely assume that Google will turn over your entire email history to the US government whenever they ask, and without telling you, then or later.
This article gives no new information, it is stupid.
Now i will speculate:
As long as he does not know his customers passwords he can't retroactively view the customers mails, once the mails have been encrypted and the plain-text thrown away the stuff is unreachable.
So the US gov probably wanted him to save his customers passwords when they logged in.
Right and the important point being that this isn't just about sniffing his network, it is the most invasive surveillance possible that would make his whole business a lie. The point of the article was to go through the logic to show that this would have been the only possibility for what they requested him to do.
This article seems to speculate on things that are not necessarily true. It's possible that the government simply told him that he had to be able to supply information arbitrarily on demand without an explicit warrant. This does not mean that they required him to install their own software on his machines.
Of course, one certainly still argue that this a line that the Government should not cross - I'd wholeheartedly agree with that. However, statements such as “We’ve had a couple of dozen court orders served to us over the past 10 years, but they’ve never crossed the line,” do not imply that the government required him to install software or otherwise compromise his security in a way that he was not already able to do.
That's actually the whole point, in the past he complied with warrants because there wasn't much he could supply in the first place. Yes there is a lot of reading between the lines here, but there was a clear line they crossed. In other words, he would no longer be able to just turn over a bunch of encrypted emails, this was a full compromise of the security he had in place.
If you look at the quotes he made, he strongly hints that this affects all his users, that they want to collect data for later review, and that they would have the ability to decrypt any emails they wanted. Yes, there is a lot of speculation going on here, but it is based on facts--what they technically would be able to do based on how Lavabit worked.
Edit: this wasn't just some casual speculation, I did quite a bit of research on this and carefully reviewed every statement he has given to the press. I carefully analyzed their infrastructure and encryption techniques. I'm fairly confident with my conclusions.
1. Force Lavabit to provide their private SSL keys and route all their traffic through a government machine that performed a man-in-the-middle style data collection;
2. Change their software to subvert Lavabit’s own security measures and log emails after SSL decryption but before encrypting with the users’ public keys; or
3. Require Lavabit to install malicious code to infect their own customers with government-supplied malware.
It sounds like he already has the ability to comply with demands for information. I don't see where this new stipulation by them requires any meaningful change to his existing infrastructure.
Again, that's the whole point. He wasn't able to provide them with what they wanted, and doing so meant that he either had to allow them to intercept messages (or passwords) on Lavabit's application servers, which is the only place they could be intercepted. Doing so would require either impersonating their servers through a MitM or code changes on their server.
I do acknowledge in the article that this could simple be an overhyped reaction to placing a black box on his network, but the statements Levison made seem to indicate otherwise. And hey I could be wrong about this whole thing, it still is largely speculation based on circumstantial evidence.
1) he was told he had to use the same monitoring process all the other providers were using
2) as a state secret, he couldn't reveal he was doing it ever to his users
3) if he complied he would totally undermine the nature of his service
Anything else is superfluous.