CryptoSeal Shuts Down Consumer VPN Service To Avoid Fighting NSA 361
sl4shd0rk writes "CryptoSeal Privacy, a VPN provider, has closed down its consumer VPN service. The company says it has zeroed its crypto keys, adding, 'Essentially, the service was created and operated under a certain understanding of current U.S. law, and that understanding may not currently be valid. As we are a US company and comply fully with U.S. law, but wish to protect the privacy of our users, it is impossible for us to continue offering the CryptoSeal Privacy consumer VPN product.' The announcement ends with a warning: 'For anyone operating a VPN, mail, or other communications provider in the U.S., we believe it would be prudent to evaluate whether a pen register order could be used to compel you to divulge SSL keys protecting message contents, and if so, to take appropriate action.' Sounds like another victim of FISA-endorsed NSA activity."
This NSA crap is much too much, and ungentlemanly (Score:5, Interesting)
Re: (Score:2, Funny)
>NOT beat his keys out of him
Are you telling me TV has lied to me ALL this time?
This... this changes everything. My entire life needs to be re-evaluated.
Comment removed (Score:5, Funny)
Re:This NSA crap is much too much, and ungentleman (Score:4, Insightful)
http://xkcd.com/538/ [xkcd.com]
Only works if you actually know the password.
Don't remember the password, use a token like a USB flash key. If they take the laptop without the key then it's useless, if you smash the key then it's also useless.
No, this won't stop them from torturing you anyway, but on the other hand, they might pick up the wrong person who didn't actually own the laptop and torture them instead. This is the great thing about torture: it's only useful to confirm what you already know, not to extract anything new; there's no way to tell if someone is lying because you haven't broken them yet or lying because they don't know anything but really want the pain to stop.
Re:This NSA crap is much too much, and ungentleman (Score:5, Insightful)
The end result seems to be in line with general terrorism. Cause enough fear and confusion in your enemy until they change or give up.
Re:This NSA crap is much too much, and ungentleman (Score:5, Insightful)
Old spies were Sean Connery. New spies are Daniel Craig.
Re:This NSA crap is much too much, and ungentleman (Score:5, Insightful)
"This is just cheating, pure and simple."
It is illegal, pure and simple.
Since several crypto companies have in fact closed down, affecting thousands (at least) of people, we can come to some basic conclusions.
First, we have proof that the NSA spying has had the effect of chilling otherwise legal, free speech.
Second: we now have thousands of people who have provable legal standing to sue the government over it.
Re:This NSA crap is much too much, and ungentleman (Score:5, Interesting)
First Lavabit.
Then Groklaw.
Now CryptoSeal.
Who's next?
Re:This NSA crap is much too much, and ungentleman (Score:5, Insightful)
Re: (Score:3)
Read PJ's final post. She shut down as a direct result of the Lavabit situation.
She relied heavily on email for communication with sources, and because she couldn't guarantee the security of her communications with them, shut down.
Slashdot story: http://yro.slashdot.org/story/13/08/20/0750237/ [slashdot.org].
PJ's final Groklaw post: http://www.groklaw.net/article.php?story=20130818120421175 [groklaw.net].
Re: (Score:3)
Government is inherently incompetent and lazy. Why do work when you can force people at gunpoint to make your job easy?
Especially when you can throw people in jail for the "crime" of revealing that they MADE YOU do this.
Re:This NSA crap is much too much, and ungentleman (Score:5, Insightful)
To me it is more patriotic than killing people in some other country.
If more people around the world did that sort of thing there would be much less need to kill people of other countries.
That said I'm not a big fan of patriotism. Seems to cause more harm than good.
Time to start (Score:5, Interesting)
Sounds like it's high time time to start a VPN provider in SeaLand (or what do we have left that's not firmly in jurisdiction of governments with grubby hands and long noses)?
Re:Time to start (Score:4, Informative)
Sounds like it's high time time to start a VPN provider in SeaLand (or what do we have left that's not firmly in jurisdiction of governments with grubby hands and long noses)?
Perhaps your solution lies on a "pirate" data boat on the high seas?
Re:Time to start (Score:4, Funny)
Will you let the Seamen manage your VPN? Be careful of backdoors!
Re:Time to start (Score:5, Insightful)
This, though maybe not in SeaLand.
The first country that offers verifiably secure email and VPN services to the world will enjoy an economic boom and the love of billions. And if it's a country like Iceland, it could go a long way toward making them wealthy. And if the US decides to invade Iceland, then at least the gloves can come off and the world can declare the United States a rogue state. But I don't see that happening, because at some point, if the rest of the world really starts to turn sour on the US, you'll start to see things change over here. But as long as we have to cover of the EU and Asia as our allies, the US spymasters can pretend that all is well. But with every week there's a new revelation about a president of a free country having their email hacked by the NSA, maybe we're closer to a worldwide shunning than we think.
I'd gladly pay for secure email that I knew was beyond the reach of the upskirting creeps in the NSA. And I would love to be able to pay a place like Iceland, Finland, etc for that privilege.
No one who values freedom, economic, social or just the freedom to not be watched, should be quiet about this. Me, I've become a one-issue voter thanks to the revelations about what the NSA is up to. Any legislator who voted against reining in those bastards is now on my list to support any opponent who will vote to put a stop to ubiquitous surveillance in the US.
Re: (Score:3)
I'd gladly pay for secure email that I knew was beyond the reach of the upskirting creeps in the NSA.
Would you?
How much would you pay? It seems the going price is around $10/Month.
http://gizmodo.com/why-kolab-might-be-the-best-secure-email-service-still-1171618005 [gizmodo.com]
Re:Time to start (Score:5, Insightful)
What the hell? Why would I trust ANY country, or for that matter ANY third party with my encryption codes? I generate them myself, keep them to myself and never disclose them to the government or to any business.
Re: (Score:2)
Re:Time to start (Score:5, Insightful)
If you're going to move yourself and your contacts to a system incompatible with plain old email, why not just start using GPG (or even S/MIME)? Why choose a "solution" where you have no choice but to trust a third party (who you've never even met, in a foreign country, with opaque practices and facilities)?
With GPG, nobody but you and your contact can decrypt the messages. If you add in a third party, they can now decrypt the messages too. You're adding points of failure this way, not making fewer of them! Why on earth would you even trust the provider? Why would you choose a system where you have to?
Re: (Score:3)
Re: (Score:2, Insightful)
The first country that offers verifiably secure email and VPN services to the world will enjoy an economic boom and the love of hundreds, maybe thousands.
FTFY, because billions of people just don't really care that much to do anything about it.
Re: Time to start (Score:2, Interesting)
Looks like Brazil is growing a pair.
Sorry... (Score:4, Insightful)
You are not going to have much advanced IT business left over there soon if this goes on.
Re:Sorry... (Score:5, Interesting)
I think we are witnessing the (not very) slow disintegration of the principals and reality of the American Internet. Whether the internet itself will survive this is another matter.
Re:Sorry... (Score:5, Interesting)
We all knew this would happen. As soon as the government saw that the Internet was an opportunity and / or threat, they would work to get it under their control. Actually took them a bit longer than I expected, although the NSA-style snooping has likely gone on longer than we realize.
Nothing to see here, move along.
Re:Sorry... (Score:5, Insightful)
Nothing to see here, move along.
Plenty to see here. Mainly, that businesses now have yet another reason to offshore.
Re:Sorry... (Score:5, Insightful)
As an outsider, I really don't freakin' understand how Americans are willing to ignore the most outrageous problems to defend their chosen party. Republican, Democrat, it doesn't make any sense. You can have someone who is a Democrat defending a baby slaughtering program(merely an example) for the sole reason that it isn't what the Republicans support. You guys are sooooooo weird! It's like your identity as a person revolves around which party you voted for.
If one started the program and the other continues it - they're both at fault and both just as wrong.
Re: (Score:3)
It's the new form of family honour. For some reason people can see it in east Asian cultures and blame it for things like the problems at Fukushima, but when Americans show loyalty to their chosen party even when they are a bunch of crooks and do things that are indefensible they somehow don't make the connection.
Re:Sorry... (Score:5, Insightful)
most americans seem to be patriotic beyond reason. this might be caused by being taught from early on that they are morally, military and in any other way superior to any other country. later they keep those views and will defend _anything_ being done. it might be by weird reasoning, "they do it too" or other methods.
it might help in some cases, but looks like long term it leads to an inability to criticise real problems and a decline.
Re: (Score:3)
It wouldn't be NSA style if you realized it was going on....
Re: (Score:2)
Re:Sorry... (Score:5, Informative)
It's a secret warrant issued by a secret court, binding the recipient to secrecy under pain of imprisonment, and with no way to contest the warrant. And since it's the NSA, you can't even see evidence used against you because it's obviously in regards to national security...even if it isn't.
Re: (Score:3, Informative)
"It's a secret warrant issued by a secret court, binding the recipient to secrecy under pain of imprisonment, and with no way to contest the warrant. And since it's the NSA, you can't even see evidence used against you because it's obviously in regards to national security...even if it isn't." - Doc Daneeka
Re:Sorry... (Score:5, Insightful)
It's a secret warrant issued by a secret court, binding the recipient to secrecy under pain of imprisonment, and with no way to contest the warrant. And since it's the NSA, you can't even see evidence used against you because it's obviously in regards to national security...even if it isn't.
Next thing to come will be the Secret Police . . .
Re: (Score:2)
SubjectsInCommentsAreStupid (Score:4, Insightful)
Isn't this how politics work in the US, the country that legalized bribery?
Re: (Score:2, Troll)
I hope that when american corporations start seeing their customers scared away by this 1984 crap they'll turn their lobbying powers to reverse the trend. Isn't this how politics work in the US, the country that legalized bribery?
Would someone please hurry up and start scaring them away?!!
Because I'm not seeing any rush to forbid Facebook or Google or restrict use of American Cloud providers.
In fact they are growing faster than their off-shore competition.
Oh, yes, we've seen the boastful threats of EU legislation, but the EU can't even agree that Tuesday follows Monday,
let alone do any thing to inflict a penalty on anyone using American services.
And in spite of the indignant bashing of all things American (and there is no doubt a gr
Re: (Score:2)
Re: (Score:2)
Think how this could have all not made the press and the NSA could be optically "above such things".
RE "Most people don't care about the NSA reading their data." so your rights dont protect as much until your a member of the press or a political leader asking questions
Re: (Score:2)
You mean Boeing.
Boeing Called A Target Of French Spy Effort [nwsource.com]
Airbus' Presentation on Boeing 787 - Bad CI Ethics? [ning.com]
Re:SubjectsInCommentsAreStupid (Score:5, Insightful)
Some European companies really don't care. But some do. That's why there was always a healthy mistrust in competetive European companies concerning their crucial data out of house, and why cloud computing has a slower uptake here than in the US. (Their unimportant data, they could care less about, even if it's personal data and against the EU privacy laws. That's life.)
Re:SubjectsInCommentsAreStupid (Score:5, Informative)
It's even cited with references on Wikipedia: http://en.wikipedia.org/wiki/ECHELON#Examples_of_industrial_espionage [wikipedia.org]
Re:SubjectsInCommentsAreStupid (Score:5, Insightful)
So you are going to believe the former director of a spy agency?
Re: (Score:3)
Airbus and the automakers are at least as advan
Re: (Score:2)
I don't see any denial about bribes in your post.
Re: (Score:2)
bribing abroad isn't legal for europeans anymore.
anyways, leveling the playing field is quite simple - you need because we have better certain craftsmen and engineers.
why do you think swedish weapons are bought by the pentagon? because they bribed the generals?
Re: (Score:2)
Re: (Score:2)
For European companies, the NSA reading their data equals their competitors reading their data. This has been known here since at least the early 90s, when Echolon data was used for commercial advantage of US companies.
That isn't really true.
Why We Spy on Our Allies [cryptome.org] - By R. James Woolsey, former Director of CIA
Really? You're going to take that yay-America propaganda as trustworthy?
Re:SubjectsInCommentsAreStupid (Score:5, Insightful)
I can't speak of the bribery, I haven't done the leg-work to find out, but as for the rest...
The general tone of the whole piece is that of someone who thinks the American way is superior and infallible and no other way can have merit, which makes me instantly suspicious of his bias. That he sits there and declares there is nothing worth stealing is a bit unlikely, unless you believe in US-superiority in all things.
I question his judgement because he talks about Europe as if it's one entity. He talks about Europe like it has a single communist government, when its member states have a large range of political leanings.
I suppose if your job is constantly looking outward at the threatening foreign lands then you're going to get a bit... tainted.
Re:who is getting scared off? (Score:3)
Not that many customers are going to be scared off. ...
Businesses care about competitors reading their data, not the NSA.
So customers aren't being scared off, but this business and other vpn providers are still shuttering their shops?
I really don't understand why any of these companies are shutting their doors. They should just release a new statement, allow current members to get a refund on their remaining subscription if they want to leave, and acknowledge what has always been in their contract - they will comply with law enforcement demands and warrents as do all companies in the US that want to stay in business.
This real
Re: (Score:2)
There are a lot of businesses facing major losses because their rivals can say, "We are NSA free" and get a contract over their US counterparts.
Literally true. Here in Brazil at leas one major business ISP is constantly advertising something like this: "In these times of espionage come to ${ISP_NAME} and be protected from international spies! Here your e-mail can be this and that and blah-blah-blah!" (The features listed have nothing to do with actually protecting the data, but clueless business people won't notice.)
I have no idea what the numbers are, but at the very least Google's Brazilian branch must be feeling the heat.
Playing devil's advocate... (Score:2)
I wonder what the public reaction would be if some pro-democracy dissident who is operating covertly in their own hostile country is murdered and the country gives a press release saying that they couldn't have found their criminal if it wasn't for the help of the NSA compromising internet security...
Does that put the NSA/FISA on the side of dictatorships and other anti-freedom nations?
Re: (Score:2)
http://www.zerohedge.com/contributed/2013-10-17/apologist-assassination-americans-be-named-new-homeland-security-chief [zerohedge.com]
Guess your may find out that the terms "pro-democracy", "dissident" and "internet security" means legally speaking soon
Re: (Score:2)
I wonder what the public reaction would be if some pro-democracy dissident who is operating covertly in their own hostile country is murdered and the country gives a press release saying that they couldn't have found their criminal if it wasn't for the help of the NSA compromising internet security...
It depends. Is American Idol on that night?
Re: (Score:2)
well usa has already done bombing of dissidents on behalf of foreign nations. that's what the the drone strikes are, technically. the host nation doesn't want to send in cops so they can ask for them to be hellfired from the sky.
(not pro democracy dissidents but dissidents none the less)
Re: (Score:2)
imaginary circumstances
What imaginary circumstances? That some guy in Hong Kong might log into the NSA, download all of their back door documentation, and start using that information for their own gain?
DoS? (Score:5, Interesting)
What is to stop the NSA doing a form of DoS attack on these types of services by demanding keys, and giving the services little option but to shut down?
The effect of this is to remove secure competitors from the market and force users onto pre-compromised services.
Re:DoS? (Score:5, Insightful)
The effect of this is to remove secure competitors from the market and force users onto overseas services.
Fixed that for you.
Re: (Score:2)
That will work until the US Congress passes a law similar to FATCA [wikipedia.org] which compels foreign businesses to turn over financial records involving US persons. So far, few if any foreign countries have attempted to defend their sovereignty to protect Americans. I doubt much will change when it comes to data.
It matters very little anyway. Because the 'big money' is in corporate accounts and corporate data. You and I, as individuals, can't wave a magic legal wand and move ourselves offshore. Corporations can. And t
Re:DoS? (Score:4, Interesting)
That will work until the US Congress passes a law similar to FATCA [wikipedia.org] which compels foreign businesses to turn over financial records involving US persons. So far, few if any foreign countries have attempted to defend their sovereignty to protect Americans. I doubt much will change when it comes to data.
It matters very little anyway. Because the 'big money' is in corporate accounts and corporate data. You and I, as individuals, can't wave a magic legal wand and move ourselves offshore. Corporations can. And that's who the people running offshore banks or data services cater to.
What FATCA is achieving is that many non-US financial institutions are turning away customers who are US citizens; they won't have their money, don't want their custom. And many of these US citizens are giving up their US citizenship because of this. There are millions of US citizens around the world who are experiencing this financial blacklisting because of FATCA, especially in the EU.
Re: (Score:3)
And even if you go with Brand-X VPN service that is all over the world, what's to say that because they might have servers in the USA their key isn't already compromised? Or that someone at Brand-X wasn't paid off by the NSA for the key? Or that they obtained the key directly from the key right when it was signed?
Let's go all out on this. I'm really curious to see what others think of these conspiracy theories. Because lately they could just as easily be believed because of some of the stuff that has co
Re:DoS? (Score:5, Interesting)
The effect of this is to remove secure competitors from the market and force users onto pre-compromised services.
I know this is going to sound mighty odd, but hear me out...
I kind of wish the NSA sold things like consumer routers, for which they wrote all the firmware, user interface, etc.
The NSA employs Really Ridiculously Smart People, so then I could count on my router being really, really secure against everyone and everything... except the NSA.
Which would be an OK trade-off for me, and I think would be an OK trade-off for a lot of people...
Re: (Score:2)
The NSA employs Really Ridiculously Smart People, so then I could count on my router being really, really secure against everyone and everything... except the NSA.
Which would be an OK trade-off for me, and I think would be an OK trade-off for a lot of people...
oh, totes. if the nsa gave you a router with a 100% backdoor for them, then you would be golden against all other threats. except... obv the nsa can be infiltrated cf snowden. and others could engineer your router backdoor. and if the nsa has a router backdoor they could potentially get access to your computer and all your bizness, not to mention the computers and bizness of everybody you communicate with.
So, perhaps you would rethink your hypothetical statement?
Re: (Score:2)
oh, totes. if the nsa gave you a router with a 100% backdoor for them, then you would be golden against all other threats. except... obv the nsa can be infiltrated cf snowden. and others could engineer your router backdoor. and if the nsa has a router backdoor they could potentially get access to your computer and all your bizness, not to mention the computers and bizness of everybody you communicate with.
I would trust the NSA's security guys to get security better than any for-profit company with strong economic incentive to cut corners.
And I realize I'd be handing the NSA the keys to get inside my network -- that's the trade-off I think many people would find worthwhile -- giving the NSA access in exchange for them writing the most secure firmware they possibly could.
Re: (Score:2)
What exactly makes you think the NSA would have any incentive to do a better job than the existing producers? My guess would be the NSA's products would be *worse*. They don't need you to trust them. They don't need to turn a profit. Things are easier for them if you shit is not secured. And they don't give a damn if anyone else reads your traffic. Exactly what incentive would they have to make things secure?
Re: (Score:3, Insightful)
Re: (Score:2)
What is to stop the NSA doing a form of DoS attack on these types of services by demanding keys, and giving the services little option but to shut down?
Nothing, seemingly. The NSA seem to act completely in secret, US citizens aren't privy to their actions or any court rulings except those disclosed months or years after the ruling. It's like playing a game where no-one but one player knows the rules, you are certain to lose.
The choice seems to be either compromise your service, or shut down your business. I really feel for anyone who is having to give up their livlihood on account of their actions.
One thing is certain. This is the antithesis of democracy.
Re: (Score:2)
One thing is certain. This is the antithesis of democracy.
Bullshit.
It may be illiberal; it may be unconstitutional; but it is very, very democratic.
A large majority of human beings have always been (and presumably always will be) perfectly happy to trade something as abstract as "privacy" or "liberty" for the comforting illusion of protection from the bogeyman de jour.
Re: (Score:2)
It SHOULD force you onto servers where you alone hold the key to your data, which is the only way to do business in the first place.
Re: (Score:2)
Paying someone a trivial amount of money to take care of the details and just hand off a usable service is a useful service to many.
Sad (Score:5, Insightful)
We've got technology businesses shutting down their services because they are now afraid of (i.e.: terrorized by) their own government?
Did the terrorists actually win this war on terror?
Re: (Score:2)
Won this war, and started this war.
Re:Sad (Score:5, Insightful)
The terrorists won as soon as we had to take off our shoes and throw away our nail files in order to get on an airplane, starting around 12 years ago.
It's been an easy slide down the slippery slope since then.
Re:Sad (Score:5, Insightful)
It doesn't matter if I still fly or not.
One used to be able to board an airplane without a pat down, porno-scan, or a strip-search. One cannot do that now, because we've been terrorized into requiring these procedures.
That's a win.
Re:Sad (Score:5, Insightful)
The terrorists won as soon as we had to take off our shoes and throw away our nail files in order to get on an airplane, starting around 12 years ago.
Did that prevent you from getting on the plane? If not, then no.
Your measure for loss-of-freedom is pretty high. I mean, let's say we got to a state where there is mandatory papers checks for every citizen on their daily commute. Does that stop them from going to work... probably not. Is it a loss, obviously yes.
Re: (Score:2)
If the big loss here is that people have to get to the airport an hour earlier and walk through a metal detector, as they have had to do during many periods in the past, that isn't much of a loss. It is also unrelated to the terrorist's goals.
The Future of Terrorism: What al-Qaida Really Wants [spiegel.de]
Re:Sad (Score:5, Insightful)
its FEAR. that's what is at the heart of terrorism.
and you are put in a state of fear and kept there by the TSA. if you make a joke, they can fuck with you, in a bad way. that's fear. if you have a name collision with someone who is on a no-fly, you are also put thru a world of hurt. that's fear.
you don't dare question the air flight attendants. that's fear.
you follow orders and don't fight back. that's fear.
its all terrorism and its state sponsored. US states, that is.
there is no benefit to offset it (Score:4)
Re: (Score:2)
Yes, for sure, in the USA they did. It was a full-fledged, all-around victory, without any substantial opposition. That the terrorist's victory also helped companies like Halliburton to enormous profits was not inconvenient, either. Haven't you left your mother's basement in the last 13 years?
Re:Sad (Score:5, Insightful)
"Did the terrorists actually win this war on terror?"
Yes, but there were multiple winners.
AQ inflicted trivial numbers of casualties compared to conventional wars, did that with minimal assets and personnel, and triggered/excused the US elites doing what they'd been working at anyway. The team damaged the US + world.
The terrorists won by getting their adversary to make toxic structural changes, and the elites won by obtaining the excuse to make those changes! The American public and other Star Trek Red Shirts of the world lost. AQ and the Elites can both claim victory BUT also claim the battle is not over. Obvious to see where this will go...
Re:Sad (Score:5, Insightful)
It looks like they didn't shut down because of "terror" but because they didn't want to comply with court orders and didn't have the money to fight a losing battle.
It doesn't matter what Congress or the courts say; if the law violates the US Constitution, it is illegal and invalid. Which makes the agents enforcing it part of an organized criminal enterprise. An organized criminal enterprise which has just caused numerous US businesses to close their doors by using tactics intended to produce a state of fear in those businesses. Sounds like the freakin' definition of terrorism to me.
Re: (Score:2, Insightful)
So if the courts, the executive branch, and the legislature all agree with an interpretation of the Constitution that is different than what you think it is, how do you think that is going to get resolved in your favor? And beyond that, what is it about your ideas on the Constitution that should override the views of the three branches of government, not to mention that of legal scholars in the law schools that are likely to agree? Is something tyranny just because you say so even if almost everyone else
Re: (Score:2)
Oh of course I don't expect a freakin' revolution because some crypto company had to shut down. Nobody cares. Nobody will ever care. I was merely pointing out that -- despite Nixon's opinion to the contrary -- just because the government does it does not automatically make it legal.
anyone anywhere (Score:5, Insightful)
For anyone operating a VPN mail or other communications in any country you should consider that your government can compel you to produce information.
This intellectual exercise has been done a long time ago by those who looked a little deeper than you. It's why there were crazy ideas such as offshore data havens.
In the end, you can't really do anything about it. The government your company is under (at the very least, maybe other entities too) can compel you. So now it's just a matter of which government you're least worried about.
Re: (Score:2)
For anyone operating a VPN mail or other communications in any country you should consider that your government can compel you to produce information.
True. Is anyone here old enough to remember anon.penet.fi?
Re: (Score:2)
In the end, you can't really do anything about it. The government your company is under (at the very least, maybe other entities too) can compel you. So now it's just a matter of which government you're least worried about.
In the end the problem is bigger than that. The government of the countries you do business in can tell you to do certain things too, as many Europeans are fond of pointing out to Americans.
NSA is tipping their hand (Score:3)
A different objective? (Score:3, Interesting)
Maybe the US Government's objective here is not collect data from these types of services like LavaBit, SilentCircle or whoever else has shuttered in fears (or actual) of being tapped by the NSA.
It's starting to feel like to me the objective isn't the data, the objective is the services. This is denial of service. Denial of crypto services by the US Govt.
I just can't really see why they would put the pressure on so blatantly. It's like they're sending a clear message to all of us, no more crypto services, we're going to find you and tap you so you're are ineffective, or shut down.
Re:A different objective? (Score:5, Insightful)
As a side to this.. at least it tells us something...
they can't break the crypto.
Donate Here to Protect SSL Keys (Score:5, Informative)
Donate to Lavabit legal fund [rally.org]
The legal briefs filed so far [wired.com] look like they are about to hand the government its own ass in respect to seizing SSL keys.
Re: (Score:2)
look like they are about to hand the government its own ass in respect to seizing SSL keys.
Never gonna happen. And neither you nor anyone else will ever know why. Cause, you know, national security all.
FISA endorsed NSA Activity? Wrong, it's not. (Score:2)
Okay, this whole synopsis is off base here. While CryptoSeal is shutting down it's over the ramifications of the Lavabit case...
With immediate effect as of this notice, CryptoSeal Privacy, our consumer VPN service, is terminated. All cryptographic keys used in the operation of the service have been zerofilled, and while no logs were produced (by design) during operation of the service, all records created incidental to the operation of the service have been deleted to the best of our ability.
Essentially, the service was created and operated under a certain understanding of current US law, and that understanding may not currently be valid. As we are a US company and comply fully with US law, but wish to protect the privacy of our users, it is impossible for us to continue offering the CryptoSeal Privacy consumer VPN product.
Specifically, the Lavabit case, with filings released by Kevin Poulsen of Wired.com (https://www.documentcloud.org/documents/801182-redacted-pleadings-exhibits-1-23.html) reveals a Government theory that if a pen register order is made on a provider, and the provider's systems do not readily facilitate full monitoring of pen register information and delivery to the Government in realtime, the Government can compel production of cryptographic keys via a warrant to support a government-provided pen trap device. Our system does not support recording any of the information commonly requested in a pen register order, and it would be technically infeasible for us to add this in a prompt manner. The consequence, being forced to turn over cryptographic keys to our entire system on the strength of a pen register order, is unreasonable in our opinion, and likely unconstitutional, but until this matter is settled, we are unable to proceed with our service.
We encourage anyone interested in this issue to support Ladar Levison and Lavabit in their ongoing legal battle. Donations can be made at https://rally.org/lavabit [rally.org] We believe Lavabit is an excellent test case for this issue.
We are actively investigating alternative technical ways to provide a consumer privacy VPN service in the future, in compliance with the law (even the Government's current interpretation of pen register orders and compelled key disclosure) without compromising user privacy, but do not have an estimated release date at this time.
To our affected users: we are sincerely sorry for any inconvenience. For any users with positive account balances at the time of this action, we will provide 1 year subscriptions to a non-US VPN service of mutual selection, as well as a refund of your service balance, and free service for 1 year if/when we relaunch a consumer privacy VPN service. Thank you for your support, and we hope this will ease the inconvenience of our service terminating.
For anyone operating a VPN, mail, or other communications provider in the US, we believe it would be prudent to evaluate whether a pen register order could be used to compel you to divulge SSL keys protecting message contents, and if so, to take appropriate action.
What you have is a Federal Judge, the regular unleaded variety not the leaded FISA guys ordering that since Lavabit can't give the government what they're asking for, give us your SSL keys so we can go ahead and dig however we want with whatever traffic we choose to monitor or have already stored. It's an interesting legal theory and there's probably no precedent that the judge i
No Matter, I have Nothing to Hide (Score:2)
Right, now just wait until as a cost saving measure the NSA starts using 'advanced' software analysis programs to not only tag but also to vet all your emails and chats instead of people and then you end up automatically being put on a watch list.
Now try to get off of it.
That is the problem.
Re: (Score:2)
I agree with the essence of what I think you are saying. Right now is an excellent time for companies in private e-mail, encryption provision, or any related area who are not seeing good returns on some part of their business to close it down (potentially without refunds, if paid), say 'Oh, I shut down because NSA', and ride a wave of good publicity.
I'm not saying that was the case for Lavabit, or for Silent Circle Mail. Both of them are special cases, because not only did they hold the private keys but the
Re: (Score:2)
From the article at ArsTechnica:
VPN services let consumers gain extra privacy and security while using the Internet. A user establishes an encrypted connection with a VPN service, routing all Internet traffic to the VPN before sending it on to the rest of the Internet.
and
"Our system does not support recording any of the information commonly requested in a pen register order, and it would be technically infeasible for us to add this in a prompt manner," CryptoSeal continued. "The consequence, being forced to turn over cryptographic keys to our entire system on the strength of a pen register order, is unreasonable in our opinion and likely unconstitutional. But until this matter is settled, we are unable to proceed with our service."
So basically, they provide a VPN-to-Internet service, but do not record the data required for a pen register order. Based on the EFF information on pen registers [eff.org], that would constitute connection data (i.e. incoming and outgoing connections - IP addressed, ports, etc, but not content of the connections).
Without putting too fine a point on it, I'm dubious about CryptoSeal's claim that they can't do this. How would they enforce their terms of service? They may not, by defaul
Re: (Score:2)
And any of them who are socially conservative or who believe corporations have rights are not actually libertarian, much like Christians for War are not actually Christians.
Re: (Score:2)
Tea Party-ers describe themselves as "libertarian".
That Sarah Palin sure makes one sexy librarian though
Re: (Score:2)
That's existed for over a decade, but nobody wants to use it:
http://en.wikipedia.org/wiki/Freenet [wikipedia.org]
Too late. (Score:4, Insightful)
#1 prison population in the world; and with a moderate population density too!
#1 military, #1 spy system (by size) and both are actively used.
Secret tapping of citizens phones,etc with a massive cover up (seriously, does anybody believe them after all that they did when they say "it's only meta data?") Almost more surveillance than a classic police state (it's just missing your neighbors turning against you.)
Uncivilized prison system (many but not all; but the society is taught to believe and accept the known conditions. The system keeps the public from knowing about the horrible things... such as 12 year olds in adult prison with their rapist's name carved into their skin, for example.)
Self exempted from most international laws. Pre-emptive wars, bribing, blackmailing corrupting foreign governments...(wikileaks put that stuff on paper) Killing or arresting or persecuting anybody on earth without respect for laws / jurisdictions (doesn't matter what you do, if you go to a safe nation the idea was you were safe when sovereignty was respected... not that it was all that highly regarded; but it's just openly dismissed today.)
Police in most schools; more coming. Children arrested and processed as criminals for being children --in school; handcuffs on 8 year olds. Teens executed as adults. Adults executed... just like in China and Iran do. Teens tweeting being prosecuted for bullying outside of school...
People generally afraid to express a wide range of "controversial" opinions not on the unofficial acceptability list. Obama a Muslim? that is ok. Telling on the bankers? nothing, if you harm them, jail time (but perhaps a big IRS reward...for afterwards...)
Every police state has two systems-- one to go soft on the elite and one for everybody else. We have that situation too.
Right to Peaceable Assemble? Result? Beat downs, false incrimination and nobody really cares; you'd think nobody ever reads past "free press" and that the other one "bear arms"... whatever, pass me a beer.
Free speech and free press? Allowed but rendered nearly ineffectual which is why those are allowed.