Faced With The Security State, Groklaw Opts Out

Politics & Current Events

For ten years Pamela Jones has run Groklaw, a site collecting, discussing, and explaining legal developments of interest to the open-source software community. Her efforts have, justifiably, won many awards.

She's done now.

Running a blog long-term can be exhausting, irritating, and sometimes discouraging. Creative efforts have arcs, with a beginning and an end. If Jones were closing up shop because she's had enough and has accomplished what she set out to do, I would be sorry to see her go, but it would be the kind of sorry you feel when you finish a good book.

That's not why she's stopping.

Pamela Jones is ending Groklaw because she can't trust her government. She's ending it because, in the post-9/11 era, there's no viable and reliable way to assure that our email won't be read by the state — because she can't confidently communicate privately with her readers and tipsters and subjects and friends and family.

I hope that makes it clear why I can't continue. There is now no shield from forced exposure. Nothing in that parenthetical thought list is terrorism-related, but no one can feel protected enough from forced exposure any more to say anything the least bit like that to anyone in an email, particularly from the US out or to the US in, but really anywhere. You don't expect a stranger to read your private communications to a friend. And once you know they can, what is there to say? Constricted and distracted. That's it exactly. That's how I feel.

So. There we are. The foundation of Groklaw is over. I can't do Groklaw without your input. I was never exaggerating about that when we won awards. It really was a collaborative effort, and there is now no private way, evidently, to collaborate.

In making this choice, Jones echoes the words of Lavar Levison, who shut down his encrypted email service Lavabit. Levison said he was doing so rather than "become complicit in crimes against the American people":

“I’m taking a break from email,” said Levison. “If you knew what I know about email, you might not use it either.”

Lavabit was joined by encryption provider Silent Circle:

“We’ve been thinking about this for some time, whether it was a good idea at all. Yesterday, another secure email provider, Lavabit, shut down their system lest they ‘be complicit in crimes against the American people.’ We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail.”

The extent of NSA surveillance is unknown, but what little we see is deeply unsettling. What our government says about it can't be believed; the government uses deliberately misleading language or outright lies about the scope of surveillance.

So I don't blame Pamela Jones or question her decision. It's not the only way. I don't think it's my way, yet — though I am having some very concerned conversations about whether it's safe, or even ethical, to have confidential attorney-client communications by email.

I hope that Pamela's decision will arouse the interest, or attention, or outrage, of a few more people, who will in turn talk and write and advocate to get more people involved. Groklaw was a great resource; citizens will care that it's gone. (The government and its minions won't.)

Pamela's choice will likely be met with the usual arguments: the government doesn't care about your emails. If you have nothing to hide you have nothing to worry about. This is about protecting us from terrorist attacks, not about snooping into Americans' communications. Don't you remember 9/11?

I tire of responding to those. Let me offer one response that applies to all of them: I don't trust my government, I don't trust the people who work for my government, and I believe that the evidence suggests that it's irrational to offer such trust.

Let me close by repeating my four points from yesterday that guide my evaluation of such matters, this time without links:

1. The government lies to you about the extent of its surveillance of you.

2. The government says it needs secrecy, but lies about its secrets and the grounds for keeping them secret.

3. The government says it needs expanded powers to fight terrorism, but lies: in fact it uses expanded "anti-terrorism" powers to advance a variety of domestic agendas.

4. Terrorism is whatever the government says it is.

Last 5 posts by Ken White

173 Comments

166 Comments

  1. C. S. P. Schofield  •  Aug 20, 2013 @8:01 am

    "If you have nothing to hide you have nothing to worry about"

    I have never felt anything but contempt for that argument. The obvious problem with it is that when the State respects no boudoirs to its power and authority, whether you have something to hide is not up to you. The State can and will decide that something you had every reason to believe was lawful, suddenly isn't anymore.

    "If you have nothing to hide you have nothing to worry about" can only applies when the State is a benevolent, all wise power. The State never is.

  2. Illy  •  Aug 20, 2013 @8:02 am

    I'm not convinced that PJ didn't recieve one of those NSA letters herself.

    If she did, then I would expect that this was exactly the intent of the letter.

    Which means we should all be worried that things are about to get much, much worse.

  3. C. S. P. Schofield  •  Aug 20, 2013 @8:03 am

    OK, how the HECK did this ^&*((^% magic elf box get "boudoirs" out of "Boundaries"?!?!?!?

  4. Clark  •  Aug 20, 2013 @8:14 am

    I've been saying for twenty years that the police state is being built, brick by brick and chain by chain around us.

    I would love to be proved wrong, but what I'm seeing over the past five or so is that the building process has accelerated.

    The government is corrupt, illegitimate, immoral, and illegal to the very core.

    It should be burnt to the ground and salt should be plowed into the ashes.

  5. David  •  Aug 20, 2013 @8:18 am

    "The needs of the many are outweighed by the need to catch the few or the one. Forget." #StarDate1984

  6. En Passant  •  Aug 20, 2013 @8:19 am

    C. S. P. Schofield wrote Aug 20, 2013 @8:03 am:

    OK, how the HECK did this ^&*((^% magic elf box get "boudoirs" out of "Boundaries"?!?!?!?

    Probably an old pre-PRISM magic elf box release. The new normal is that boudoirs are not out of boundaries.

  7. Illy  •  Aug 20, 2013 @8:29 am

    @Clark: It's probably been going on much longer than that. 1984 was 30 years ago, and I would bet on 6000.

    But yeah, the tools have certainly gotten worse, faster, recently.

  8. tim  •  Aug 20, 2013 @8:31 am

    I'll add one more.

    5. E-mail was never private

    Due to the very nature of e-mail – its cleartext over the internet. I don't get people why somehow one think it was ever private to begin with. Any spot along the path can be monitored. Whether it be from the telephone company, ISP, or e-mail hosting service. This has been debated and talked about ad nauseum since the very first e-mail was sent oh so long ago. So while I agree that one can't trust our government (and I don't) – I also have a hard time sympathizing with those that somehow think that e-mail was somehow this sacred thing. Its just plain naive.

    If you want your communications to be secured – there are many encryption options available and work.

  9. Dan T.  •  Aug 20, 2013 @8:34 am

    The criticisms of the government surveillance state are valid, but shutting down a blog over it seems like cutting off one's nose to spite one's face.

  10. David Gerard  •  Aug 20, 2013 @8:37 am

    Dan T. – if you read the article, you'll see it was personal disgust, not a protest.

  11. Neil  •  Aug 20, 2013 @8:38 am

    If it may be unethical to have attorney client communications via. email then what is the ethical consideration behind requiring my email address to submit this comment? Snowden's revelations are very dangerous to the government, as they strike at its core need – legitimacy. Illy points out that a tyrannical government would prefer that society have no other basis for organization than itself. I think it is a mistake to let go of the relationships and organizations that exist outside of the state. The challenge is to grow and strengthen these, and build the tools that support that.

  12. David  •  Aug 20, 2013 @8:39 am

    Some see the steps required for strong crypto too burdensome. And some send postcards rather than bother with all that envelope stamp seal business.

  13. Laurence Wilkinson  •  Aug 20, 2013 @8:44 am

    It could just be be PJ's little way of telling us that Groklaw has been the victim of a decision by a secret court.

  14. Nicholas Weaver  •  Aug 20, 2013 @8:49 am

    though I am having some very concerned conversations about whether it's safe, or even ethical, to have confidential attorney-client communications by email.

    What I would suggest is the following:

    For all client communication, especially criminal clients, you set up a Mac Mini server or small Linux box as a mailserver, on your premises.

    This server should support IMAP-SSL ONLY for reading mail, SMTP-over-SSL for sending mail, and should REFUSE to send mail (autobounce) to anything outside your domain. (So it can't be used to send mail that ends up turning into insecure mail, which means it only gets used to communicate with your law firm.)

    When a client retains you, you create them a mail account, and all subsequent email communications are done through just that account. For an extra $200, you can hand them a preconfigured, locked down Android tablet…

    This is critical:

    All access is encrypted:, Any wiretap gets no content. And its configured to basically prevent screwups, since it can't be used to send mail outside the domain. The only real metadata escaped is that your client is reading his communication with his lawyer, and roughly how much is going back & forth. So the metadata leakage is quite tolerable even if wiretapped.

    Its on your premises: Rule #1 of cloud computing OPSEC: Don't use cloud computing. Any system which needs protection from governmental attacks must be in-house.

    Yet it still works with normal workflow: Everyone just has one additional email account in their mail reader, even if using their own computers.

    And it can't be abused by clients: Since its only usable for internal rather than external email, your crooks can't use it to mail other, unrepresented crooks. Additionally, include rules that REQUIRE all mail at least CC one of the lawyers, so it can't be abused even for "both crooks are clients" purposes without consent of a Saul Goodman like criminal attorney.

    The privilege log is easy: Since its only for attorney/client and internal attorney/attorney, attorney/consultant communication, this makes that problem easier.

  15. Clark  •  Aug 20, 2013 @8:54 am

    @tim:

    Due to the very nature of e-mail – its cleartext over the internet. I don't get people why somehow one think it was ever private to begin with.

    Why?

    Because they put their faith in a piece of paper:

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    The government told us that they obeyed this piece of paper.

    Now we know that they lied.

  16. Arlight  •  Aug 20, 2013 @8:58 am

    Barring Mr. Weaver's solution above, what would be the acceptable way to have private conversations then? The government watches our Emails, we've known for years that they can listen in on phone calls and we know they're at least tracking what gets sent through the Post Office (though they've nor admitted reading your mail yet). So aside from making them come into the office every time, how do you have a secure, privileged conversation any more?

  17. Dick Taylor  •  Aug 20, 2013 @9:00 am

    David,

    What PJ is saying is that faced with the choice of living under surveillance or opting out, she's opting out.

    It's not about strong crypto, just like her emotional reaction to being burglarized wasn't about strong locks. Sure, you can secure almost anything, but at what cost? And are you really secure? And can you be welcoming even to strangers while still keeping your locks in good order? Or do you become a shadow of who you want to be, afraid to trust anyone because untrustworthy people are forever watching you?

    I find myself in frighteningly good emotional harmony with Clark.

  18. Craig  •  Aug 20, 2013 @9:00 am

    @Nicholas Weaver: That sounds like it will work until you get a National Security Letter. Or until the NSA manages to crack the encryption you're using. We don't really know how their abilities compare to the public (academic, corporate, etc.) cryptography community. It is not safe to assume that they can't crack something just because nobody else knows how to crack it. It is known that in the past they had capabilities that were ten to twenty years ahead of anyone else's. They knew, for example, about differential cryptanalysis by 1975, although the technique was not published openly until someone else independently discovered it in 1990.

  19. Clark  •  Aug 20, 2013 @9:08 am

    They knew, for example, about differential cryptanalysis by 1975, although the technique was not published openly until someone else independently discovered it in 1990.

    Indeed; the S-boxes in IBM's proposal for the Digital Encryption Standard were rewritten by the NSA, and only later did it become clear why: they knew of an attack that IBM's cryptography designers did not.

    Note also that the public key cryptography was discovered first by government cryptographers:

    http://en.wikipedia.org/wiki/Public-key_cryptography#History

    In 1997, it was publicly disclosed that asymmetric key algorithms were secretly developed by James H. Ellis, Clifford Cocks, and Malcolm Williamson at the Government Communications Headquarters (GCHQ) in the UK in 1973.

  20. mud man  •  Aug 20, 2013 @9:08 am

    @tim

    And the whole point about communication is about letting other people in on stuff, right?? If you have something private to say, keep it to yourself.

    "She shouldn't have been dressed like that!!"

  21. Craig  •  Aug 20, 2013 @9:15 am

    @Clark: "Indeed; the S-boxes in IBM's proposal for the Digital Encryption Standard were rewritten by the NSA, and only later did it become clear why: they knew of an attack that IBM's cryptography designers did not."

    Yes, although it is worth noting that in that case NSA's involvement appears to have been benign: rather than creating a secret backdoor in DES, they discovered a weakness and corrected it.

  22. Nicholas Weaver  •  Aug 20, 2013 @9:19 am

    I'd not worry quite so much about the NSA being able to magically break public key without it being known about: if it happens, Suite B would be deprecated in pretty short order, since Suite B is rated for Top Secret communication.

    The real worry is compromise of the server'

  23. En Passant  •  Aug 20, 2013 @9:21 am

    tim wrote Aug 20, 2013 @8:31 am:

    So while I agree that one can't trust our government (and I don't) – I also have a hard time sympathizing with those that somehow think that e-mail was somehow this sacred thing. Its just plain naive.

    I've always known that email is readily intercepted in transit, far more readily than a postcard. So, that's not the basis of any "sacred" quality.

    My conversation with someone on the street is readily intercepted too.

    Government intercepting email is little different than government actively monitoring every conversation on the street without a warrant.

    If government chooses to put spies everywhere to monitor every citizen's most trivial conversation, then government can hang any citizen it wants, just because government wants to hang them. Cardinal Richelieu stated the obvious over 350 years ago.

    What has previously been sacred was the understanding by citizens that the governments of the USA would not do that. There is no longer a shred of basis for that belief.

    So there is no longer any basis for a sacred trust between any citizen and the government. That leaves only each citizen's rational fear that he will be the next one hanged.

  24. a_random_guy  •  Aug 20, 2013 @9:21 am

    "cleartext over the internet. I don't get people why somehow one think [email] was ever private to begin with". Your postal mail is also in cleartext, and it is no more difficult to extract and replace a letter in a sealed envelope than it is to intercept internet packets. Nonetheless, we generally assume that our postal mail is private. The recent NSA revelations are the equivalent of discovering that the government has routinely been opening everyone's mail.

  25. Jim Tyre  •  Aug 20, 2013 @9:29 am

    Though only marginally related to this thread, a paper published yesterday on SSRN may be of great interest to some. All the authors are rock stars (in a good way), the paper is fascinating.

    http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2312107

    Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet

    Steven M. Bellovin
    Columbia University – Department of Computer Science

    Matt Blaze
    University of Pennsylvania – School of Engineering & Applied Science

    Sandy Clark
    University of Pennsylvania – School of Engineering & Applied Science

    Susan Landau
    Harvard University; Sun Microsystems, Inc.

    August 18, 2013

    Privacy Legal Scholars Conference, June 2013

    Abstract:
    For years, legal wiretapping was straightforward: the officer doing the intercept connected a tape recorder or the like to a single pair of wires. By the 1990s, though, the changing structure of telecommunications – there was no longer just "Ma Bell" to talk to – and new technologies such as ISDN and cellular telephony made executing a wiretap more complicated for law enforcement. Simple technologies would no longer suffice. In response, Congress passed the Communications Assistance for Law Enforcement Act (CALEA), which mandated a standardized lawful intercept interface on all local phone switches. Technology has continued to progress, and in the face of new forms of communication – Skype, voice chat during multi-player online games, many forms of instant messaging, etc.- law enforcement is again experiencing problems. The FBI has called this "Going Dark": their loss of access to suspects' communication. According to news reports, they want changes to the wiretap laws to require a CALEA–like interface in Internet software.

    CALEA, though, has its own issues: it is complex software specifically intended to create a security hole – eavesdropping capability – in the already–complex environment of a phone switch. It has unfortunately made wiretapping easier for everyone, not just law enforcement. Congress failed to heed experts' warnings of the danger posed by this mandated vulnerability, but time has proven the experts right. The so–called "Athens Affair", where someone used the built–in lawful intercept mechanism to listen to the cell phone calls of high Greek officials, including the Prime Minister, is but one example. In an earlier work, we showed why extending CALEA to the Internet would create very serious problems, including the security problems it has visited on the phone system.

    In this paper, we explore the viability and implications of an alternative method for addressing law enforcement's need to access communications: legalized hacking of target devices through existing vulnerabilities in end–user software and platforms. The FBI already uses this approach on a small scale; we expect that its use will increase, especially as centralized wiretapping capabilities become less viable.

    Relying on vulnerabilities and hacking poses a large set of legal and policy questions, some practical and some normative. Among these are:

    . Will it create disincentives to patching?

    . Will there be a negative effect on innovation? (Lessons from the so–called "Crypto Wars" of the 1990s, and, in particular, the debate over export controls on cryptography, are instructive here.)

    . Will law enforcement's participation in vulnerabilities purchasing skew the market?

    . Do local and even state law enforcement agencies have the technical sophistication to develop and use exploits? If not, how should this be handled? A larger FBI role?

    . Should law enforcement even be participating in a market where many of the sellers and other buyers are themselves criminals?

    . What happens if these tools are captured and re-purposed by miscreants?

    . Should we sanction otherwise–illegal network activity to aid law enforcement?

    . Is the probability of success from such an approach too low for it to be useful?

    As we will show, though, these issues are indeed challenging. We regard them, on balance, as preferable to adding more complexity and insecurity to online systems.

    Number of Pages in PDF File: 70

    Keywords: wiretap, CALEA, surveillance, hacking, vulnerabilities, cyber-security, law enforcement

    working papers series

    Download This Paper
    Date posted: August 19, 2013

  26. Hoare  •  Aug 20, 2013 @9:30 am

    "be complicit in crimes against the American people."

    is the line in the letter from the gov to the encrypted email hosts, also

    because Snowden used lavabit

  27. Nicholas Weaver  •  Aug 20, 2013 @9:32 am

    Erk, sorry.

    The real worry is compromise of the sever's key and/or acquisition of the server itself.

    The former is mitigated a lot by preferring ECDHE and then DHE (the EC Diffie-Helmann ephemeral and Diffie-Helmann ephemeral, which provide forward secrecy against key compromise) with AES-256 and AES-128 for the symmetric key encryption, which means that compromise of the server's key doesn't allow reconstruction of previous session keys. (Order of preference should be the ephemeral DH with AES, then others with AES. Give up forward secrecy before you give up AES)

    The latter is mitigated largely by having things on-premises: a warrant or even an NSL requires physical access to the box itself. (Hacking it remotely will be hard: the only services are authenticated, and should probably be certificate based to boot, which leaves a rather low attack surface).

    The latter can be further mitigated by using full disk encryption, with a UPS in the computer, and requiring a password to be input on bootup in order to decrypt the disk. Tie the burglar alarm to cutting the power to the box, and opening the box, and moving the box…

    And if a lawyer receives an NSL for a server which is only used for attorney-client and attorney-attorney communication, its "Close shop, move to the cabin in the mountains, and load your AR": You can't be a lawyer anymore at that point.

  28. Katie  •  Aug 20, 2013 @9:35 am

    Tim — of course, it possible. People can also easily tap your phone (I knew quite a few phreaks back in the day), open your front door, look at your physical mail… the thing is… that's illegal! So, yes, you know people can walk in your front door if you leave it unlocked. But the government is saying that they should be allowed to AND you have to leave your front door unlocked for them AND they will list everything you have in there and everything you've done and watch you all day and use every last bit of it against you or everyone you know whenever they want.

  29. Nicholas Weaver  •  Aug 20, 2013 @9:36 am

    Oh, my bet on the Lavabit shutdown:

    Lavabit has responded to specific subpoenas and warrants in the past. This was something general. Lavabit also supposedly encrypted data at rest, in a way which the client needed to decrypt the data.

    Which leaves one of two possibilities:

    1) Backdoor the client software.

    2) Reveal the SSL keys used for email reception. Cleartext email can be wiretapped, but Gmail at least supports encrypted-on-the-wire server to server delivery. Revealing the keys to the feds would enable the feds to fully wiretap ALL mail coming into Lavabit.

  30. Clark  •  Aug 20, 2013 @9:40 am

    @Craig:

    Yes, although it is worth noting that in that case NSA's involvement appears to have been benign: rather than creating a secret backdoor in DES, they discovered a weakness and corrected it.

    Indeed; we're on the same page.

  31. Clark  •  Aug 20, 2013 @9:41 am

    @En Passant

    there is no longer any basis for a sacred trust between any citizen and the government. That leaves only each citizen's rational fear that he will be the next one hanged.

    Forget "sacred" trust; there is no longer any basis for either regular trust or even for a statistical belief that the government has bigger fish to fry. We've all seen the government go after regular citizens because a crusading prosecutor wants to make a name for himself or because a police department wants to seize a nice truck, big screen TV, or hotel.

  32. perlhaqr  •  Aug 20, 2013 @9:42 am

    Maybe I should do another run of t-shirts.

    "Faith in government defies both history and reason"

  33. Roscoe  •  Aug 20, 2013 @9:49 am

    Here is spokesman for the UK government's "justification" for David Miranda's detention:

    "The government and the police have a duty to protect the public and our national security," a Home Office (interior ministry) spokesman said in a statement.

    "If the police believe that an individual is in possession of highly sensitive stolen information that would help terrorism, then they should act and the law provides them with a framework to do that.

    "Those who oppose this sort of action need to think about what they are condoning."

    Submitted without comment. Link here:

    http://www.reuters.com/article/2013/08/20/us-usa-security-britain-idUSBRE97J0CN20130820?feedType=RSS&feedName=topNews&utm_source=dlvr.it&utm_medium=twitter&dlvrit=992637

  34. Martijn  •  Aug 20, 2013 @9:51 am

    Illy: it's called a National Security Letter, but they are actually issued by the FBI, as the NSA is – at least officially – not allowed to do any surveillance inside the US on US citizens (iirc and ianal).

  35. perlhaqr  •  Aug 20, 2013 @9:53 am

    Dick Taylor: What PJ is saying is that faced with the choice of living under surveillance or opting out, she's opting out.

    It's not about strong crypto, just like her emotional reaction to being burglarized wasn't about strong locks. Sure, you can secure almost anything, but at what cost? And are you really secure?

    And even if they can't see the contents of the messages (crypto) it's really hard to hide the existence of the envelope (metadata).

    A short and simple example. We know the NSA is collecting phone record metadata. There is a website called "KAP" ("Kink Aware Professionals") for businesses (often psychology / counseling related) that are explicitly not-homophobic / polyphobic / SM-phobic, etc. Because it's not useful to go to a psychiatrist and hear "Well, there's your problem…"

    So if someone calls a bunch of psychologists in the KAP directory, they've just outed themselves as kinky to the NSA. And likewise outed themselves as having some sort of mental problem they want help with.

  36. David  •  Aug 20, 2013 @9:55 am

    @Dick Taylor

    David,

    What PJ is saying is that faced with the choice of living under surveillance or opting out, she's opting out.

    It's not about strong crypto

    Since it's not actually possible, apart from extremes of relocation and survivalist ludditism, to "opt out of surveillance", the only thing left for PJ to say/do is to opt out of the extra burden imposed by pervasive surveillance–namely, the employment of security measures (such as elliptic curve crypto and SELinux) that achieve an acceptable degree of security.

    What PJ is doing, whatever the words, is declaring that the burden of dealing with the situation outweighs the benefits of doing so. Making believe that email was secure before these latest developments didn't make it so; that was just ignorance or denial– a particularly widespread variation thereof.

    Edit: I see Nick Weaver's in his briar patch! :)

  37. solaric  •  Aug 20, 2013 @9:58 am

    there's no viable and reliable way to assure that our email won't be read by the state

    This is such a load of shit Ken. I'm sorry, but while you are eminently qualified to comment on matters of law, you are clearly getting way out of your comfort zone when it comes to matters of technological security, which in turn is precisely what makes PJ's hysterical and absolutest decision so disappointing. This is a serious issue and it deserves way, way more respect, consideration, and hard work then luddism or bullcrap strawmen like you resort to:

    Pamela's choice will likely be met with the usual arguments

    Such as there being no general purpose scalable quantum computers even on the near horizon? Because without that, even current asymmetric crypto cannot be broken. Strong symmetric crypto cannot be broken even with a scalable general quantum computer, because there is no algorithm that provides a speedup. And nothing can "crack" properly used one-time pads, which provide completely perfect security. That means that, even today, it's possible to communicate information via email that you can be assured won't be cracked in any mass dragnet. It's more work, but perfectly doable for critical communications. Basic crypto that should still be entirely safe for a good decade anyway is even simpler.

    Security and privacy always are, at the core, economic equations. What we need is more work to shift the balance back in favor of individuals, and we've got the tools for that, even without any breakthroughs like a post-quantum asymmetric algorithm in the future. What's lacking most is public education, and public momentum. What we need is to use what's happening now, which is at last raising awareness of issues that security conscious people having been pushing for decades, to raise the floor of security. We need mass use of crypto tokens, even better and more convenient certificates, trust systems, updated email standards, more convenient and user friendly OTP tools, etc etc. All of which, again, is just building upon what already exists. It's just the sort of thing that is perfect for the community to rise to the occasion, with dividends for the entire world.

    Merely running into the woods is the complete fucking opposite of what needs to be done, and won't do much to help you anyway. Please, please, please don't merely indulge in more luddism and "oh it's all so hopeless and we're all so helpless in the face of BIG GUBMENT" (or ever smaller organizations period, anyone pretending this is exclusive providence of governments is a fool as well).

  38. Ken White  •  Aug 20, 2013 @10:01 am

    Solaric, you seem to have very strong views about what "viable" means — not only to you, but to me.

  39. Chris  •  Aug 20, 2013 @10:04 am

    Why?

    Because they put their faith in a piece of paper:

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    The government told us that they obeyed this piece of paper.

    Now we know that they lied.

    The piece of paper in question really doesn't have that much to do with it. It doesn't take the resources of a government to snoop on somebody's email. Email is horribly insecure (in large part because it wasn't designed to be secure in the first place). Even if we could trust the government absolutely, sending information that needs to remain confidential via email would still be a bad idea.

  40. En Passant  •  Aug 20, 2013 @10:05 am

    Clark wrote Aug 20, 2013 @9:41 am:

    Forget "sacred" trust; … seize a nice truck, big screen TV, or hotel.

    Well, yeah. I was just being nice about it. Book 'em, Danno! First degree mendacity under the influence of avarice and stupidity, with intent to grope.

  41. David  •  Aug 20, 2013 @10:06 am

    @solaric

    I'm sorry, but while you are eminently qualified to comment on matters of law, you are clearly getting way out of your comfort zone when it comes to matters of technological security, which in turn is precisely what makes PJ's hysterical and absolutest decision so disappointing

    You don't seem to understand. In her spare time, PJ has proven that P = NP.

  42. Chris  •  Aug 20, 2013 @10:06 am

    The real worry is compromise of the sever's key and/or acquisition of the server itself.

    Actually, I think the much more likely attack against the setup you describe would be made against the client's computer, rather than the server. No amount of security or encryption on the server or in transit will do any good if everything the client types is being captured by a keylogger.

  43. rsteinmetz70112  •  Aug 20, 2013 @10:10 am

    I've always believed that my email would be read by people other than the intended recipient and have usually acted accordingly. I always laugh at the stupid disclaimers many lawyers put on their email.

    As a long time reader and commenter on Groklaw I believe that PJ's decision is personal and not motivated by some specific action. PJ has always been very private and in the early days was stalked by some very unethical people who sought to intimidate her. I believe that situation has never been far from her mind.

    With regard to various conspiracy theories about direct government action towards Groklaw, that seems very pretty far fetched. The closest I can remember Groklaw ever got to anything the government might be willing to waste time on is the Aaron Swartz case and Groklaw was really only covering it after his suicide.

    Anyway although I didn't always agree with PJ I will miss her commentary and analysis. I wish her well in whatever she decided to do now. Perhaps write the book on the SCO saga she has mentioned form time to time.

  44. Craig  •  Aug 20, 2013 @10:12 am

    @solaric: If you want anyone to take you seriously, learn to write like an adult instead of a potty-mouthed child.

  45. David  •  Aug 20, 2013 @10:13 am

    @Ken, the simple truth is that encrypting email and servers — as Nicholas Weaver describes — is of an order of viability similar to ensuring that your gun is tucked away safely and your life insurance is current.

    The technologies are well understood. Integrating them into routine email has been close to trivial since the mid 90s.

    Inertia and ignorance are the chief problems here, not any defensible notion of non-viability.

    Of course, there's always the $5 ball-peen hammer xkcd problem; but that was always already in play anyhow.

    Here's the situation: people have cultivated an illusion of privacy around email that even cursory research would shatter– the same sort of 10-minutes-with-Google effort for which you hold others accountable when they speak ignorantly about shouting in theaters or doling out maximum sentences or calling posts "blogs" (though that's an edge case, given linguistic descriptivism).

    The sad, sad truth is that the change that has been revealed isn't a shift from security to insecurity; it's a shift from insecurity-and-ephemerality to insecurity-and-storage. So PJ's perception notwithstanding, the change to which she's actually responding is this: the exposure of her ignorance and that of anyone else who didn't know, or take a few minutes to learn, that emailing with an expectation of confidentiality while not using strong crypto on secure channels is similar to posting a 3×5 card on the corkboard in the lunchroom and then expecting everyone but the intended recipient to be polite.

  46. cdru  •  Aug 20, 2013 @10:19 am

    With the encrypted email provider cases, they offered a commercial service that was touted to be secure. They faced likely situations where they would be secretly forced to either reveal encrypted messages, provide backdoors, and/or face criminal charges all without being able to tell anyone. Attempting to fight any of this would be a very expensive process against a foe that has virtually unlimited funds in a very lopsided against them court. Given their situation, they bowed out of being a provider since they didn't want to fight a fight they could not and would not win, as well as ensuring that they did not have to voluntarily or involuntarily compromise their customers communications.

    In Groklaw's case, I think it's different. It's not a commercial venture. It's a journalistic blog. The same sense of violation when you know you've been robbed, or you know you are being watched that seems to suddenly be at issue has been an issue to journalists for far longer than the internet has been around to one degree or another. Yet despite that sense of violation, journalists have continued to want to do their jobs, putting themselves at risk both personally and professional, in order to get the truth out.

    I understand where PJ is coming from. I just think that it's the easy route to take and is more or less just capitulating. It's easy I guess for me to say that she should fight the system (even if there realistically no battle plan that has a winning outcome) since I don't have anything on the line like she would. However I don't think practically abandoning the internet is the solution either.

  47. solaric  •  Aug 20, 2013 @10:21 am

    Solaric, you seem to have very strong views about what "viable" means — not only to you, but to me.

    I do, and with all due respect (and I do have tremendous respect for you) I feel my views are fully justified. Standard, asymmetric crypto via PGP or S/MIME, good enough to at the least completely secure the content of your email for 5-10 years and make vast dragnets infeasible, is quite convenient as well. This is not new technology, it dates back to the 90s, and built-in graphical support is everywhere. It's not zero work to set up nor can it be, and it's not as if there are zero trade offs whatsoever for edge cases (if you happen to have hundreds of gigs of email, want it to all be indexed by the server, and don't want to run your own), but it's an eminently practical step that you can take immediately. In fact, it provides some marginal benefit to adopt yourself even if no one else does: while you can only encrypt if both parties are using it, you can cryptographically sign emails just yourself, which leaves them readable but also ensures they weren't altered en route or forged. This is stuff that everyone here could adopt yesterday, for free. As for symmetric/OTP, you'd need to find a way to exchange a key (best would be face-to-face, but there are other ways to hide in the noise) at which point it just means sending an email with an encrypted document as an attachment. And that's only if you have communications that you want stronger assurance can't be read even decades down the line.

    What we need is a discussion and momentum about how to move forward to the point where centralized, cheap mass surveillance of electronic data becomes impossible once again, thus shifting the economics. What we don't need is immediately throwing up the white flag and sowing of FUD. "Perfection" should not be the enemy of "good", there always have to be first steps. We can do it, and we deserve to have all the critical benefits to freedom and our rights that nearly free, global and instantaneous mass communications have brought while simultaneously maintaining our protections. This is not a zero-sum game.

  48. David  •  Aug 20, 2013 @10:22 am

    @Craig, my sense is that solaric is venting frustration because people are talking about issues as if they understood them, and even getting huffy about it, while demonstrating shocking ignorance of the basics of the domain under discussion.

    Sort of like what would happen if I walked into a criminal court and tried to get something done. A wise man once said, "even crazy stupid bullshit artist lawyers sound different than non-lawyers, as a result of being dehumanized by legal education and the practice of law".

    Same goes for people who try to discuss security and algorithms and ease of integration without cracking a book… or wikipedia… or a billion discussions dating from the heyday of Phil Zimmerman's PGP and Peter Gutmann and Rivest/Shamir/Adelman, and and and….

    Even naming the name of Schneier has no currency if you haven't grokked the concept that some operations are computationally infeasible during the lifetime of the sun.

  49. David  •  Aug 20, 2013 @10:24 am

    In Groklaw's case, I think it's different. It's not a commercial venture. It's a journalistic blog. The same sense of violation when you know you've been robbed

    Actually, it's the same sense of violation as when you know your horrific irresponsibility with confidences has been exposed and you have a subjective need to blame others.

  50. Ken White  •  Aug 20, 2013 @10:28 am

    @solaric and @David:

    So. To what extent do your proposed solutions require me to repose trust in the technological capability, diligence, and thoroughness of (1) clients (2) third parties like expert witnesses?

  51. Dan T.  •  Aug 20, 2013 @10:30 am

    If the government is aiming to snoop into her life, how would that stop due to her terminating her blog?

  52. Nicholas Weaver  •  Aug 20, 2013 @10:30 am

    Chris: Attacking individual clients only reveals that client's data, which is substantially less, and is (hopefully) going to be noticed by the client: the real big danger is revealing some or all legal communications, without the law firm or client knowing that its been compromised.

    This is why the NSA (or any) wiretapping is scary: You never know, and law enforcement happily uses parallel construction so you never will know that the initial seed was a wiretap.

    This is also why the locked-down tablet is useful: its a much easier problem to secure, when you are looking to protect the client. In particular, iPad minis might also be a good (but more expensive) choice: if its never synced to a computer after setup, and a real password is used, its really really hard to break into even with physical access.

    I need to check, but it MIGHT even be the case that "10 strikes and your out" passcode protection will protect against USB-based brute forcing.

  53. solaric  •  Aug 20, 2013 @10:31 am

    @David

    Of course, there's always the $5 ball-peen hammer xkcd problem; but that was always already in play anyhow.

    That was a somewhat funny comic, but that's all it was, it wasn't an actual comment on real security and it gets way, way over cited by people who don't understand security. Again, security is a question of economics. No one, not the NSA or anyone else, has a limitless amount of resources. The more expensive it is to go after any individual, the more valuable the expected return must be and the few individuals that can be pursued, which then has second-order and higher effects as well (a immensely tinier pool means it's no longer feasible to do social graphs and get other emergent data). As an analogy, installing a security system in your house and moving to the Middle of Nowhere, Alaska with an entirely unlocked house would both be perfectly viable ways of improving your security, because both increase the relative energy cost for attackers.

    The whole point of plaintext email monitoring, particularly through big central providers or network backbones, is that it scales. It's so cheap and lends itself so well to mining that it truly is possible to cover the entire planet to an ever higher order degree. Sending around some dude with a ball-peen hammer does not cost $5. You only have so many bodies, and they must be paid. Travel costs money. Finding the target at all costs money. Your target may well be armed, now you need a whole team (and there may be fatalities). It is not quiet, people will know you did it which itself is valuable information. You can't get hundreds of thousands that way, let alone millions, let alone billions (though if the population allows it even tiny numbers might have some political effect, but instant comms makes that harder too).

    So yeah, the message of that comic, if taken seriously, is actually harmful and outright stupid I'm afraid, because in general no one is after you per se, they're after "someone" in the sea of information. That someone might be "you" but they don't know it yet and raising the cost of discovering it is an important step by itself.

  54. Chris  •  Aug 20, 2013 @10:34 am

    I need to check, but it MIGHT even be the case that "10 strikes and your out" passcode protection will protect against USB-based brute forcing.

    It's known that Apple has the ability to brute force passcode locks on iPhones.

  55. Hoare  •  Aug 20, 2013 @10:36 am

    I'm confused …
    most here seem to be debating whether encryption can make communications secure…

    it obviously works well or the gov wouldn't be sending threatening letters to encrypted email providers

    when microsoft and google say theirs are encrypted does it mean the gov has a key?

    it appears to me that lavabit got a threatening letter stating their encryption works so well that the gov cant read snowdens email so the gov has no other choice that to threaten lavabit with complicity if they wont give the gov a backdoor

    Groklaw works with open source
    who knows what she was involved with developing

    how much innovation will the gov stifle by sending threatening letters because "the bad guys" might use the technology

    Its happened before …
    I heard Americans have to register at hotels/motels and have license plates on their cars because of people like Bonnie and Clyde.

    When you see someone register at a hotel in a western its a bunch of hooey … no one had to do that then

  56. Hoare  •  Aug 20, 2013 @10:38 am

    @chris

    why would apple need to us "brute force"?
    that's silly
    they control what you can load on it…
    do you really think they would have to "brute force" a passcode?

  57. solaric  •  Aug 20, 2013 @10:43 am

    @David

    @Craig, my sense is that solaric is venting frustration because people are talking about issues as if they understood them, and even getting huffy about it, while demonstrating shocking ignorance of the basics of the domain under discussion.

    To an extent, but I want to reemphasise that I also see this as a big potential opportunity. I've been trying to push this sort of thing for a very, very long time and we never seem to get critical mass. Good security could be both vastly more secure and vastly more user friendly then what people tend to deal with right now, we have the components. A cryptographic token like the CryptoStick or ePass2003 or similar combined with a basic PIN and password/cert management software would be immensely better that what 99.large-amount-of-9s% of users have, but would also be easier to remember and work with then "lots of 20 character random passwords". There's lots of room for this sort of thing, but there has not been any demand or awareness to make it happen. Even though the tech exists, we haven't had nearly enough effort to make it ubiquitous and as easy as possible. We haven't had any updated cert standards either, I'd actually like to see more of a hybrid between PKI and WoT systems. There's room for cool stuff like time-assertions to enable better pseudoanonymous security. All of this too would have knock-on benefits, like an immense reduction in Spam and Phishing and the like.

    But again, it's never happened, because we've never been able to penetrate general awareness. To the extent that the NSA debacle is doing that it could be a wonderful blessing, and we could look back and say that at least some really good value to the public came out of it all in the end and set us on a great foundation. And a stronger foundation is really, really important because networking is not slowing down, it's speeding up. We've got wearable and implantable systems on the way, this is current decade stuff let alone future decades. If on the other hand we wasted this moment of attention, with people saying "go live in the woods" or some equivalent (which just is not going to happen), then it'll fade from the public consciousness again and mass surveillance could become the status quo. It'd be a huge squander, and I'm afraid it could happen. Taking a stance like Growlaw's helps the government and every other force that wants control.

  58. Chris  •  Aug 20, 2013 @10:49 am

    why would apple need to us "brute force"?
    that's silly
    they control what you can load on it…
    do you really think they would have to "brute force" a passcode?

    When you set up a passcode lock on an iPhone, the phone encrypts your data using the AES cipher, using a randomly chosen key. It then encrypts the AES key using the passcode that you selected. The phone can be set to allow a certain number of attempts to enter the passcode. If too many incorrect attempts are made, it can delete the encrypted key, protecting against anyone just trying to enter all the possible combinations (which is important because most people use a 4 digit number for their passcode). What I was pointing out to Nicholas was that Apple has the ability to bypass this protection and just try every possible combination of passcodes to get access to the encryption key.

  59. Chris K.  •  Aug 20, 2013 @10:50 am

    Nicholas, This is not my field, but wouldn't there be a way to work a one time pad into the attorney/client conversation?

    From what I've read they are impossible to crack, no?

  60. Nicholas Weaver  •  Aug 20, 2013 @10:52 am

    PGP is a pain to use, even on a Mac with GPGtools. And it leaks a shit-ton of metadata: the subject line in particular is never protected. Ooops… And its not like I can read my PGP-encrypted messages on my iPhone with the standard apple mail reader. Separate application uglyness ahoy!

    And its just as vulnerable to client compromise as the sketch I made, since unless you like typing in a distinct PGP passphrase, different from your normal passwords, all the F@#)* time, if you log into your computer your PGP key is revealed.

    Yes, it provides greater protection against server compromise, but unless you've swallowed the cloud provider Kool-aid, the server must be in house and protected, and for attorney/client, in firm, and expert communication, its perfectly reasonable (and a good idea ANYWAY) to have a separate mailbox for such communication.

  61. solaric  •  Aug 20, 2013 @10:53 am

    @Hoare

    most here seem to be debating whether encryption can make communications secure…

    it obviously works well or the gov wouldn't be sending threatening letters to encrypted email providers

    People are conflating the word "encryption" with two entirely different uses for encryption: transport, and client-to-client. When a provider says they offer "encrypted email" what they typically mean is that the connection from you to their email servers is encrypted, so some random person sitting in the middle (say, monitoring the WiFi access point you're using) can't see it, but the email itself is still plain text. Imagine you are sending open post cards, it'd be the difference between just sending them through the mail and if there was a closed vacuum pipe between you and the post office. In both cases they're still just open faced post cards, and the post office itself can see them, and if someone subpoenas the post office they could see them trivially also. But the pipe would prevent a random passer-by from reading the card.

    End point encryption on the other hand (such as S/MIME or PGP/GPG), where you encrypt the mail itself on your own system before sending it, would be more like putting your card inside an infinitely strong safe that only the recipient had the key to. Even if you just send it through the open mail, neither random people nor the post office can open the safe. They can see who it is addressed to of course, and if you put on a description label on the outside (subject) they can see that, but the card inside cannot be read, only you and your recipient have the keys involved. That works with any email provider, and it's not something your email provider can do for you either (that'd defeat the whole point of it).

    These two different things get mixed up a lot sadly.

    @Chris

    It's known that Apple has the ability to brute force passcode locks on iPhones.

    They are not bruce forcing (which would be impossible whenever someone chose a good code), it's something more insidious: they're using their own hardware embedded master key. The exact details get complex, but it's an important distinction.

  62. solaric  •  Aug 20, 2013 @11:02 am

    @Nicholas Weaver

    And its just as vulnerable to client compromise as the sketch I made,

    It is a general assumption of security that yeah, the client can't be compromised without compromising some or all of the security. If your system is pwned then that is pretty much that, the possibilities are pretty wide open at that point. There has got to be trust at some point. What if they've installed cameras in your room? Is your whole work space TEMPEST shielded?

    But it's not as much of a concern because that's where the "economics" come in. It's a lot harder (to near impossible) to undetectably root hundreds of millions of client systems then it is to send a NSL to Google/Yahoo/whomever, or get the telecoms to let you siphon their network backbones. If we've change the discussion from "mass persistent dragnet" back to "investigating specific individuals" then we've already scored a big victory.

    Though that said:

    if you log into your computer your PGP key is revealed.

    A security token adds another layer. Used properly it means that even if your system is rooted, you still don't reveal your private key. Of course, while you're plugged in and authorized they may be able to make use of it in some circumstances (not diving into it all), but they won't have the key itself for later offline use. Seeing use of those become more widespread would be nice.

  63. Kevin  •  Aug 20, 2013 @11:05 am

    I can't help but think there's something more to this story we don't know. The stated reasons for the shutdown don't make any sense. Yes, I get that "just use PGP" is not a good answer for many/most, but in this particular case, PJ is tech-savvy, as are her tipsters, so "just use PGP" is actually a perfectly viable solution for her particular situation, if not the general case.

    Something smells fishy.

  64. Xenocles  •  Aug 20, 2013 @11:06 am

    @David-

    "Actually, it's the same sense of violation as when you know your horrific irresponsibility with confidences has been exposed and you have a subjective need to blame others."

    Much like the proverbial woman in a provocative dress, I suppose.

    Guess what? There are others to blame: the ones committing the violations.

  65. Nicholas Weaver  •  Aug 20, 2013 @11:07 am

    Chris: its unclear whether that brute-force bypasses 10-strikes, however. And the brute-forcing itself does have to happen within the phone itself, at least according to what the NSA publicly states and what everyone understands:

    http://www.nsa.gov/ia/_files/os/applemac/Apple_iOS_5_Guide.pdf

    Since the decryption occurs on the phone unless you can extract the UID key from the chip, brute-force is limited to about ~10 tries/s even if "10 strikes" is bypassed.

    Also, the mail app itself uses the data-protected memory for ALL its storage, so you MUST bust the passcode lock to get at the protected data.

  66. Anton Sirius  •  Aug 20, 2013 @11:07 am

    As yet there have been zero documented cases of NSA abuse of the tools at their disposal. No instances disclosed by Snowden, none in the released internal audits… nothing.

    If Pam wants to shut down Groklaw as a protest against the possibility of that abuse, she's certainly entitled, and given the nature of the blog she might be considered in a higher risk group than other folk. But I think the fact that we still haven't been provided with any evidence of actual abuses gets lost in this debate far too often.

    It's also a very different situation than Lavabit, which shut down to try and counter an actual government action. As far as we know, Groklaw is shutting down only over the hypothetical possibility of government action.

  67. Chris  •  Aug 20, 2013 @11:09 am

    They are not bruce forcing (which would be impossible whenever someone chose a good code)

    Most people don't. The iPhone allows passcodes of up to 37 characters, using up to 77 possible symbols. I'd bet 99% of people who use a passcode (who are themselves a minority) use a 4 digit number.

    it's something more insidious: they're using their own hardware embedded master key.

    [ citation needed ]

  68. Nicholas Weaver  •  Aug 20, 2013 @11:14 am

    They are not bruce forcing (which would be impossible whenever someone chose a good code), it's something more insidious: they're using their own hardware embedded master key. The exact details get complex, but it's an important distinction.

    If there is a master key to extract the UID key from a locked phone (needed to actually brute-force the DP key in parallel), this would be a big deal, and a huge reputational hit to Apple. Do you have any evidence of this?

    Apple is going big into the enterprise space with iOS, and one of the big things is that disk-encryption can't have backdoors: if your disk encryption HAS a back door, its not disk encryption.

    To be honest, they wouldn't NEED a backdoor anyway: the UI is nigh-unusable for the 6-8+ random character alphanumeric keys needed to create a reasonable amount of security from brute-force-on-the-phone: its only usable for 4 digit which is brute-forceable on the phone in roughly 15 minutes…

  69. Kevin  •  Aug 20, 2013 @11:15 am

    @Anton Sirius

    As yet there have been zero documented cases of NSA abuse of the tools at their disposal. No instances disclosed by Snowden, none in the released internal audits… nothing.

    Holy shit, you've drunk so much KoolAid you must be pissing bright red.

  70. Ken White  •  Aug 20, 2013 @11:18 am

    @David:

    Here's the situation: people have cultivated an illusion of privacy around email that even cursory research would shatter– the same sort of 10-minutes-with-Google effort for which you hold others accountable when they speak ignorantly about shouting in theaters or doling out maximum sentences or calling posts "blogs" (though that's an edge case, given linguistic descriptivism).

    The sad, sad truth is that the change that has been revealed isn't a shift from security to insecurity; it's a shift from insecurity-and-ephemerality to insecurity-and-storage. So PJ's perception notwithstanding, the change to which she's actually responding is this: the exposure of her ignorance and that of anyone else who didn't know, or take a few minutes to learn, that emailing with an expectation of confidentiality while not using strong crypto on secure channels is similar to posting a 3×5 card on the corkboard in the lunchroom and then expecting everyone but the intended recipient to be polite.

    But are we talking about two different things?

    If PJ reacted to some recent hacking incident by saying that this latest incident proves that email is insecure — thus showing she thought it was previously secure, which (according to people smarter and more technologically informed than I) is wrong — that would be one thing.

    But I read her more about making a comment about the rule of law. When I send email I don't assume it's safe from all hackers. I may, indeed, be ignorant about the extent to which hackers can get to it.

    However, I may have drawn conclusions, based on the rule of law, about the extent to which the government is ready and willing (in addition to able) to surveil, intercept, review, and store it based on overbroad and dishonest rationales. I may have also drawn conclusions about the government's willingness to demand it from third parties. It's those conclusions — to the extent I've concluded "the government won't be so bold as to intercept emails among Americans on non-terrorism issues" — that are being challenged by recent news.

    Aren't those separate issues?

    Put another way: I take certain steps to secure my house from burglars coming in to steal my papers. I have a slightly-informed idea of how effective those measures are. But I also have views about whether the government is likely to break into my house and steal my papers based on my association with third parties it doesn't like. The fact that I grossly underestimate a burglar's ability to break through my security is separate from the fact that I may be wrong about my government's willingness to break the law to enter my house.

  71. solaric  •  Aug 20, 2013 @11:19 am

    @Ken White
    First, sorry for the slow reply, and I don't mean to spam your comments section either.

    So. To what extent do your proposed solutions require me to repose trust in the technological capability, diligence, and thoroughness of (1) clients (2) third parties like expert witnesses?

    While pithy responses are tempting, the serious answer is "depends on the level of security you're aiming for". The most basic level (using S/MIME with a third party certificate authority) is really, truly convenient, to the point where I was able to make a guide that everyone in my family could follow. The work to set it up is more then just turning on an email account, but it really is doable, and after setup is done in-use it's really really transparent. You'll just see two new buttons appear, one for signing and one for encryption, and that's that. Everything can and should be signed, and if you can encrypt mail to the other person it will, if you can't the option is disabled. "Sharing keys" is simply a matter of sending one signed email first, the system should automatically save the other party's public key and from then on you can encrypt.

    I think it could be even better but even as-is it really should be within reach of anyone who cares and would at least mean a lot more work for the NSA et al. Most platforms have support built-in, including not just Windows/Mac/Linux but also mobile like iOS. Main weaknesses include that webmail won't work without a plugin (which I think might be FF only, I don't use webmail so I haven't kept up there), and that if you're using a third party CA, even if they're in another country, there's still a central point to go after for a man-in-the-middle attack. I can explain that in more detail if you wish or you can look it up, but the short version would be that it doesn't let them get anyone's keys, so they can't open up any past emails, but it would let them spoof you and thus possibly allow them to get new emails.

    One step up would be making your own CA or handing your key around directly, or doing an out-of-band verification like over the phone (only would need to be done once per key). If you want more, then additional options are available with increasing tradeoffs for security vs convenience/setup, but again, don't let "perfect" be the enemy of "good." It's easy to create imaginary scenarios wherein a vast body does XYZ, but it's important to take a step back and think "well, could they do XYZ hundreds of billions of times?" If not, it's still made a difference.

  72. David  •  Aug 20, 2013 @11:24 am

    @Xenocles

    @David-
    "Actually, it's the same sense of violation as when you know your horrific irresponsibility with confidences has been exposed and you have a subjective need to blame others."

    Much like the proverbial woman in a provocative dress, I suppose.

    Guess what? There are others to blame: the ones committing the violations.

    Your response shows without ambiguity that you don't understand your audience. Try not to lapse into folly.

  73. solaric  •  Aug 20, 2013 @11:28 am

    @Nicholas Weaver

    If there is a master key to extract the UID key from a locked phone (needed to actually brute-force the DP key in parallel), this would be a big deal, and a huge reputational hit to Apple. Do you have any evidence of this?

    There were more in-depth articles later that I'm trying to dig up again, but there was a wave of initial ones back in March, ie., this one on Ars Technica. It since seems to have been taken as something of a given, and illustrates why closed-hardware can be dangerous in some instances. I know and agree with you that fundamentally any backdoor negates much of the value of security, but as a practical matter (and depending on the measures Apple has in place) it may unfortunately not be that big a deal for most people if Apple can decrypt their device given physical access to the device itself.

  74. hymie!  •  Aug 20, 2013 @11:28 am

    (an excerpt from an e-mail I sent to PJ)

    As somebody who is being stalked myself, I believe that the correct way to fight privacy invasion is to keep doing what you're doing, and show the invaders that they cannot intimidate you.

    But I realize that this is a decision each person must make for him/herself, and you have made the one you feel is right and best.

  75. Grandy  •  Aug 20, 2013 @11:31 am

    Aren't those separate issues?

    Yes.

    I took your post to be about the principles at work here. I haven't looked at the Groklaw farewell yet so I can't comment on what's being said there.

  76. David  •  Aug 20, 2013 @11:37 am

    @Ken

    But I read her more about making a comment about the rule of law. When I send email I don't assume it's safe from all hackers. I may, indeed, be ignorant about the extent to which hackers can get to it.

    However, I may have drawn conclusions, based on the rule of law, about the extent to which the government is ready and willing (in addition to able) to surveil, intercept, review, and store it….

    Aren't those separate issues?

    They're discrete but interrelated. And AFAIK, the question of whether interception, storage, and retrieval of plaintext messages sent in the open on federally regulated network backbones constitutes a search of the sort rightly proscribed by A4 has not been adequately litigated at the building with the funny fluted columns.

    Note though: if person P is unconcerned that his plaintext email passing over insecure channels will pass through, and potentially be buffered or cached in, every mailserver serving as a hop between Source and Destination, then how much more does that lack of concern imply oblivion with respect to the security state even prior to the latest revelations?

    The expectation that store-n-snoop was not occurring because of the rule of law seems to presuppose a mental model in which email is like (a) stuff going on inside your house (e.g. "I take certain steps to secure my house from burglars coming in to steal my papers"), or (b) the contents of your Audi's trunk, or (c) odors emanating from under your door on your threshold, or some other case in which spatial intuitions reinforce the expectation.

    But that's not even close to being an accurate mental model; closer would be (d) passing stacks of postcards by hand from person to person across a conference center's vendor showroom and hoping that folks will route them to their intended booth cleanly rather than pocket them, scrutinize them, or show the funny ones around for a while before moving them along.

  77. solaric  •  Aug 20, 2013 @11:54 am

    @Ken White

    Here's the situation: people have cultivated an illusion of privacy around email that even cursory research would shatter

    But are we talking about two different things?

    I'm not sure you are. To some extent your final paragraph there is a good illustration of the perception problem, and the danger of trying to use physical analogies for digital systems. As an aside, I'm also ignoring ancient legal precedent like the "email is 'abandoned' after 6 months thing" which dates from the 80s, but that has always been there too even if it wasn't widely applied for a long time due to technical limits. The law itself is not clear or strong for the digital world, but I'll leave that.

    Put another way: I take certain steps to secure my house from burglars coming in to steal my papers. I have a slightly-informed idea of how effective those measures are. But I also have views about whether the government is likely to break into my house and steal my papers based on my association with third parties it doesn't like. The fact that I grossly underestimate a burglar's ability to break through my security is separate from the fact that I may be wrong about my government's willingness to break the law to enter my house.

    That's a great example of what David was addressing I think, in that is bears no resemblance to the situation with email. With email, it'd be more like "you store your papers in an unlocked filing cabinet in at a bulk storage center miles aways that has a fence around it and a lock on the door (that naturally the owners of the storage center can open)." There is no "breaking and entering" involved, all your stuff is stored in the open elsewhere. And any time you sent those, you didn't actually send the papers, but rather you sent a photocopy of said papers to somebody else's cabinet in yet another storage center.

    In that scenario, would your views on what actions the government might able to take be any different? But of course even that doesn't encompass the full scale of things at the digital level, because it doesn't handle mass vacuuming at the backbone level, or "somehow the government has ghost agents that can materialize through walls and perfectly copy anything while leaving no trace whatsoever unless you put the right sticker on the wall" or whatever other tortured analogy we can come up with.

    Even if the law was more clear (and again, it's not and never has been at all, not even counting any undemocratic and evil secret law/rulings) on privacy protection, I'd still think a lot harder about what papers I'd store in that case. It'd be quite different from how I'd feel about things in my own house.

  78. James  •  Aug 20, 2013 @12:06 pm

    @Anton Sirius:

    As yet there have been zero documented cases of NSA abuse of the tools at their disposal. No instances disclosed by Snowden, none in the released internal audits… nothing.

    I'm curious. How would a breach of the trust be defined, if the relatively recent disclosures do not qualify?

    Of personal interest, each of which has been more-or-less confirmed by the NSA:
    Hoovering the metadata on ALL Verizon customers' calls;
    "Accidental" improper searches;
    Collecting calls made to and within the 202 area code, instead of the 20 country code;
    Improper tapping of journalists' and their sources' means of communication.

    Not to mention:
    Stopping the courier for a journalist and confiscating ALL electronics that person was carrying (Miranda);
    Passing around sexy phone calls between USPs and overseas callers;
    Lying to Congress and the American people about the nature, scope, and effects of domestic surveillance.

    PJ and her decision to shutter Groklaw saddens me, in no small part because I fully expect those who complain about the NSA and related agencies' activities are going to be subject to ever-increasing amounts of surveillance. If they can silence Groklaw, even out of the owners' fear (rather than more-explicit, more-direct action a la Lavabit), that's one more voice silenced. As far as I know, Groklaw was far from a voice of dissent … but dissenters who are familiar with the site, and PJ's choice, will at least consider whether she made the right decision, and whether it might be the right decision for them, as well.

    Not everyone is as willing as Ken to stand up from the foxhole and shout, "Hey! Look over here!"

    Long ago, patriots considered the sacrifice of their lives, fortunes, and sacred honor. Not so long ago, civil rights activists faced dogs, police, lunch mobs, and angry civilians.

    What are we willing to sacrifice, when we decide the government has overstepped its "for the people" mandate?

  79. David  •  Aug 20, 2013 @12:08 pm

    It appears to me that solaric and I are saying basically the same thing, Ken.

    Yet another mental model: (e) your email was always already being saved intermittently and temporarily to cache under the control of Joe Random Mailserver along the way from S to D; now it's (also? still?) being saved consistently to the really, really big cache of Joe Appointed Bureaucrat's Dark Mailserver for a very long temporary period along the way. :)

  80. perlhaqr  •  Aug 20, 2013 @12:09 pm

    Kevin: Yes, I get that "just use PGP" is not a good answer for many/most, but in this particular case, PJ is tech-savvy, as are her tipsters, so "just use PGP" is actually a perfectly viable solution for her particular situation, if not the general case.

    You've still missed half the problem.

    If I encrypt an email with PGP, and send it to you, and it passes through an NSA compromised system in the transport layer, no, they don't know the content of the email I sent. It could be "Snowden has another load for us!" or "The Eagle flies at midnight!" or "Mushroom and pepperoni, please!".

    But what they do know is that I sent you an email. They know when I sent it, they know where I sent it from, they know (roughly) how big the message was, and given the penetration of various providers, this information bundled up might well compromise the anonymity of a particular person conversing with (for instance) Pam.

    And yes, there are other tools, such as anonymous remailers, and TOR, and so on and so forth, but then you're adding even more complexity to the problem in order to eliminate the metadata.

    I mean, I am on Team Crypto. I've worked for a number of players in the security / anonymity / encryption scene, I'm friends with people in these scenes, and I've been getting looked at like I'm a nutjob for talking about the NSA like they're bad guys for the last 20 years. But… I'll be damned if i will second-guess Pam on her decision to shut down Groklaw. I'm tired. I'm really, really, really tired. I can definitely understand why someone might say "Fuck it, I'm out."

  81. David  •  Aug 20, 2013 @12:19 pm

    Remember the end of Miracle on 34th Street (the Edmund Gwenn/Natalie Wood version), when postal workers dump bag after bag of mail onto the desk, person, and dais of the presiding judge?

    That has been de facto "email security" up to this point for the vast majority of uninformed users. The volume is so high that wading into the deluge seemed like a waste of time and potentially hazardous to health; this fact has contributed to the illusion of security.

    The sands are shifting because Big Data technologies have evolved to deal usefully with such magnitudes.

  82. Nicholas Weaver  •  Aug 20, 2013 @12:21 pm

    Solaric: The ars technica reporting gives no evidence nor even well founded speculation that the UID key is either extractable from the device or Apple has a copy, or that Apple is doing anything beyond attempting to brute force the passphrase when connected to the phone itself.

    Additionally, if Apple did have a backdoor to extract the UID key, knowledge of this would damage Apple: the UID key was added into iPhone 4 specifically to provide data protection for governmental and business customers, where Apple was having significantly less inroads at the time.

    Finally, as I said before, the real danger in the lawyer scenario is when the adversary obtains the information but you don't know that. (If you know that, then you can start challenging things, challenge any evidence derived from it, etc…). If the adversary needs to obtain physical access to the device, especially if it needs to be shipped off to a third party, this mitigates the risk of "intercepted but unknowing"

  83. Ken Mencher  •  Aug 20, 2013 @12:34 pm

    Considering we've seen that Security Certificates can be forged/faked (See Google, DigiNotar and Iran), or passwords can be Phished (See the NY Times, CNN, etc, getting twitter hacked), hardware tokens have been broken once already (RSA breach that left Lockheed Martin vulnerable), and the sheer amount of malware out there that is designed to capture passwords, bank info, etc. I don't know that I'd trust any online information to keep out determined Gov't hackers…If they want your data bad enough, they'll find a way to get to it, if they have to sniff the passwords by hacking your keyboard…

    Basically, if, at some point, your data has to traverse public infrastructure, it is vulnerable….

    The government has shown that it is more than willing to ignore the 4th amendment when it comes to data privacy, and that is seriously disturbing…because it means that we can't trust them to not try…

    Considering that a man was detained for 9 hours by the UK Government under "Terrorism" laws because he is the partner of the man reporting on Edward Snowden means that the laws are being interpreted more and more loosely…

  84. Renee Marie Jones  •  Aug 20, 2013 @12:40 pm

    Corporations have been doing it too, which is why I can't understand why you put so much trust in corporations.

  85. ahchoo4u  •  Aug 20, 2013 @12:40 pm

    First time commenting here. I was stunned this morning upon reading her post. I will sorely miss her profound (yes, it was profound) commentary on the legal side of the tech world.

    I want to point out two things: (1) I wonder if she was worried that she herself would have to disclose information about her users. And (2) she is a very humble woman. She closed comments for that post; probably to negate the usual whining when such things happen, but also (I think) so that she wouldn't read the comments seeing how much others would laud her.

  86. solaric  •  Aug 20, 2013 @12:43 pm

    @Nicholas Weaver
    Sorry for the delay. As I said, that was just one of the earlier articles I pulled up, it's been long enough it'd blurred together a bit. However, I now remember that the initial place I saw it was watching Defcon 20 back last year. A video of the presentation by Chris Soghoian is available on YouTube, and while I'd encourage you to watch the whole thing (and if you are interested in security in general, Defcon is something you should be paying attention to in general) the directly relevant bits start at 31:06. According to Mr. Soghoian, this was directly confirmed by Apple, that they have a secondary hardware key. That's actually very common for organizational setups in general, it's trivial for encryption to have multiple keys, partial keys, multiple levels and other more complex arrangements to meet the needs of organizations, but it's something worth keeping in mind for consumer devices. He says that Apple claimed they require a warrant and need the physical device sent back, and they have every reason to treat it really seriously. But the capability does seem to exist.

  87. Chris  •  Aug 20, 2013 @12:50 pm

    But are we talking about two different things?

    Even if you regard the rule of law part of this discussion as seperate from the security of the email system, I think you really invited discussion of the latter when you said:

    I don't think it's my way, yet — though I am having some very concerned conversations about whether it's safe, or even ethical, to have confidential attorney-client communications by email.

    Regardless of how much you trust the government, you should not be having confidential attorney-client communications via email.

  88. Michael  •  Aug 20, 2013 @1:13 pm

    Although, I can understand her concern. This is exactly what they want. They don't want us fighting back. They want us giving up and giving in.
    We need to make our voices heard, even if we feel like we're shouting at a brick wall. When we give up, they win.

  89. Xenocles  •  Aug 20, 2013 @1:15 pm

    "Your response shows without ambiguity that you don't understand your audience. Try not to lapse into folly."

    I don't see what the audience (by which I suppose you meant yourself) has to do with it. There's a difference between acting imprudently and being responsible for a crime. It doesn't matter if e-mail is as easy for a third party to read as a postcard is; we have a right to expect that people will refrain from making the attempt. Put simply, we have a right to expect that the government will not behave in the manner of criminals, and that they will exercise the special powers we have delegated them in strict accordance with the laws that govern that delegation. The vast majority of human experience has shown that there is no reason to expect this, but it remains our right to do so and to take action, to include (at a minimum) being upset, when our expectations are not met.

    Would it have been prudent for her to secure her communications? Yes. But the only party that violated someone's confidence in this matter was the government. In making the statement you did you repeated the folly of the person who says that a rape victim shares the blame for her attack if she did the slightest thing that could be read as an indicator of interest in sex. I do not believe you subscribe to that line of reasoning, but I saw in that statement the same sort of mistake. It is as much a mistake in the case we are discussing as in the one I raised as a counterpoint. I don't see another way to read what your wrote, but by all means please set me straight. (In that event I would appreciate something more constructive than the sort of posturing you offered before.)

  90. Dwight Brown  •  Aug 20, 2013 @1:18 pm

    "The iPhone allows passcodes of up to 37 characters, using up to 77 possible symbols. I'd bet 99% of people who use a passcode (who are themselves a minority) use a 4 digit number."

    I ran across this recently (while doing some writing about this year's DEFCON) and thought it might be relevant here:

    Most Common iPhone Passcodes

  91. TerryTowels  •  Aug 20, 2013 @1:21 pm

    OT, but related, I think. (That is, it's about security).

    I set up a system on all my computers in which I use sub-accounts on the computer for transacting internet business. The admin account is only used for software downloads. The sub-accounts disallow writes to system software. I set this up so that I could lazily avoid most hack attacks.

    So. There's a new adobe flash out there, which works on the admin account, but does not work on the sub-accounts. (I've tried every variation, except increasing the permits on the sub-account).

    I think my early warning system has alerted me to a new threat from the private sector. That is, I'm assuming private sector, but could this be a new threat from the government?

    I don't give a fuck about the government, I'm old and had a good life, and I too am tired. But, I thought I'd add this to this forum since there are some really savvy types out there, and I've not seen this issue anywhere else.

  92. TerryTowels  •  Aug 20, 2013 @1:23 pm

    Oh, re not giving in. I wrote long letters to all my congress people. I only heard back from Feinstein. I'd say that the chances for starting new political parties are rife with possibilities.

  93. grouch  •  Aug 20, 2013 @1:24 pm

    Fuckin traitors — in the NSA, in the White House, in FISC, in Congress, in the Supreme Court — accomplished what no other terrorists could: They have killed the Constitution and the great experiment.

    I have been reducing my dependence on the Internet for commerce. It's almost complete. Our corporate overlords may not notice this one individual's protest, but I suspect there are many others who have or will curtail their business over the Internet due to the traitors' acts.

    traitor:
    noun
    1.
    a person who betrays another, a cause, or any trust.
    2.
    a person who commits treason by betraying his or her country.

  94. mud man  •  Aug 20, 2013 @1:30 pm

    Put another way: I take certain steps to secure my house from burglars coming in to steal my papers.

    Put it yet another way, I would expect a reasonable government to reinforce whatever steps I take. If somebody unlawfully enters and steals my stuff, I hope the government would be vigorous to identify and prosecute that individual; therefore I don't need to install a shotgun on a tripwire, which I really don't want to do for a variety of reasons, including that I have better things to do with my time, and anyway it doesn't protect me from sufficiently clever burglars, which I would have to assume the government has the resources to be as clever as they need to be, solaric's valid point about costs notwithstanding.

    I am forced to conclude that the present government at least is not that reasonable, which drives me in Clark's direction towards hope for a radical solution. Therefore I learn to grow vegetables.

    @ Nicholas Weaver:

    I'd not worry quite so much about the NSA being able to magically break public key without it being known about: if it happens, Suite B would be deprecated in pretty short order, since Suite B is rated for Top Secret communication.

    If there were a simple way to break it that would be true, but if it were hard (and I suppose it would be), requiring NSA-level expertise/equipment, they would have to think about it, wouldn't they? Enjoy their advantage and keep an eye on the Chinese?

  95. Pedant  •  Aug 20, 2013 @1:33 pm

    (1) John de Long says the NSA "only" makes 20 million database queries per month. That's nearly 500 every second.

    (2) Osama bin Laden has won! The goal of terrorism is to inspire terror. The US and the UK have succumbed. The loss of Constitutional rights has been incredible. Kafka and Orwell didn't prepare me for this.

    (Do we know whether Obama and Cameron sleep in beds with sheets?)

  96. Kevin  •  Aug 20, 2013 @1:36 pm

    @Renee Marie Jones

    Corporations have been doing it too, which is why I can't understand why you put so much trust in corporations.

    I realize I may be feeding the trolls here, but Renee, on the off chance you are being sincere and not trolling, the difference is that nobody is holding a gun to your head and forcing you to do business with any particular corporation. If you don't trust Google, then don't use Google. If you don't trust Yahoo, then don't use Yahoo. If you don't trust the Government… well, then, tough. There is no opt out.

    Do you see the difference?

  97. Nicholas Weaver  •  Aug 20, 2013 @1:43 pm

    @solaric: There is still no confirmation that Apple is able to decrypt the phone's secure store when the passphrase is strong or really strong. (This contrasts heavily with Android, where Google can remotely unlock phones regardless of the passphrase used.)

    Apple's model works very well in practice for law enforcement even without them being able to extract the UID key from the phone, as less than 6 digit/characters are brute-forceable even without extracting the UID: plug it in, wait a couple of hours, and if successful, cool!

    And it is straightforward for Apple to get the NON-secure store (which is the bulk of the data), since that's not protected with a password+UID derived key, but just the File System key on the flash (this is done to enable quick-wipe of devices: wipe the key in flash acts to wipe the device.).

    Also, even if Apple CAN extract the UID, 12+ character random passwords are not brute-forceable, and the password must be known to decrypt the secure storage.

    Since the iPad, unlike the iPhone, actually has a usable-sized on-screen keyboard, and since the Mail app does keep all its information in the secure store, it is reasonable to do a secure email client on the iPad that, absent the passphrase, should be reasonably secure to device capture.

    (Oh, however, "10 strikes and its wiped" is protected only in the UI for entering passcodes, it provides no protection against device-access brute-force.)

  98. jim  •  Aug 20, 2013 @2:24 pm

    I'm sorry that Groklaw is gone. I think it represents a blow to the open source movement.

  99. Piper  •  Aug 20, 2013 @2:30 pm

    @Ken – any chance of a qualification regarding "I don't trust the people who work for my government"? Does this apply to the Judges you argue cases before? The Court Reporter? The Librarian? I've found that Clark tends to paint with a REALLY large brush (and is rather indiscriminate regarding who gets hit with the paint) when he gets on this subject, and I'm wondering if this is bringing about the same reaction in you?

  100. That Anonymous Coward  •  Aug 20, 2013 @2:58 pm

    I once again challenge every single one of those mealymouthed asshats who claim if you have nothing to hide you don't need to worry, to publish ALL OF THEIR INFORMATION.
    If you have nothing to hide, then there is nothing to worry about citizens looking at all of your meta-data for calls, emails, anything else.

    You ask us to do more than your willing to do yourself, so I'll politely ask you to FSCK RIGHT OFF.

    The Government and its minions stamp secret on everything they possibly can, so given the logic presented your hiding atrocities of an epic scale. We've seen 1, the Constitution and the rule of law perverted to spy on citizens. I don't care how you think you made it legal, the people who voted you into office never agreed to this level of intrusion.

    You can't keep your own data safe, and your supposed to be trusted with everything you've culled from my life?
    A contractor walked out with the keys to the kingdom, I wonder if any of them ever poached an idea for their bosses. (pauses) You don't say, well history shows that it can and has happened, so why are you still pretending the emperor isn't naked in the street masturbating?

    It came out before this Government spied on lawyers talking with their clients, and there was this smugness about well but they were terror suspects, here is the kicker… WE ARE ALL TERROR SUSPECTS.

    End the out of control program, come clean fully finally, put things in place that stops this from EVER HAPPENING AGAIN…

    They attacked Occupy because they feared the Spring coming to the US. Looks like they might have influenced the climate past the tipping point and Spring is coming early.

  101. Christenson  •  Aug 20, 2013 @3:05 pm

    PJ, I am very sorry to see Groklaw shut down. It has been a force for good and for justice, and for reform of the patent system. I hope that the loss of groklaw simply marks another step in the dismantling of the surveillance state. A friend of mine is calling this "Watergate".

    I remark that it is my belief that the secret police, the KGB, is what really destroyed the Soviet Union, and I hold up Groklaw as an example of why the surveillance state *must* end if the United States is to continue as the best place in the world, or possibly even as an independent nation at all.

    I believe PJ's breaking point is the increasing clarity that a terrorist is simply someone President Obama doesn't like, that the fourth amendment has been effectively abolished, and that there is no commitment to a rule of law for the people, and that most terrorism is committed by "authorities" who proceed to lie about it.

    We are all discussing "endpoint" security. I repeat my stance that all of our computers are insecure because the operating systems are not fundamentally set up to allow anyone, as the system owner, to distrust the large, unauditable programs I am running, including the majority of the operating system itself.

    By way of example, the operating system doesn't allow me to tell my word processor that it may only access the file I just opened. I can't bound the help system to reading only what I typed for a help query, and to sending that and only that out to the internet to find the right web page.

    What is needed is a new operating system that, while allowing programs to do what they do now in the way they now do it, also allows the system owner to decide what to do when they misbehave.

    Oh, and Ken, you *do* cause great embarrassment…I'm so embarrassed about my schadenfreude in Prenda I might just have to contribute to the Prenda deposition fund!

  102. Ken White  •  Aug 20, 2013 @3:11 pm

    @Ken – any chance of a qualification regarding "I don't trust the people who work for my government"? Does this apply to the Judges you argue cases before? The Court Reporter? The Librarian? I've found that Clark tends to paint with a REALLY large brush (and is rather indiscriminate regarding who gets hit with the paint) when he gets on this subject, and I'm wondering if this is bringing about the same reaction in you?

    In this context "the government" refers to "the executive and legislative branch's law enforcement apparatus."

    As a defense lawyer I tend to separate the judiciary.

  103. Erwin  •  Aug 20, 2013 @3:31 pm

    There are a bunch of choices…
    (a) Give up. While perfectly feasible, the internet is such a powerful way to spread information that people who opt out are opting out of advocacy.
    (b) Implement reasonable currently available security. This is doable. If doesn't stop the NSA from spying effectively because most people won't do it. If enough people start using secure software, there is a bit of a vaccination effect, wherein the average secure message is too low value to be worth inspecting.

    (c) Change the government. This is hard. A noble task. But hard. Stuff to do includes ending the war on terror and ending the war on drugs. After that, privacy protection becomes easier.

    (d) Revolution. This is probably easier. But – a lot of people will die. At the present time, not worth it in my opinion.

    (e) Make encryption really, really easy and hard to break. There are technological tradeoffs in terms of ease of use but, things really could be much easier than they are. Integration of highly secure protocols into gmail (like, eg, default of secure connections, requiring backdoors into server databases and one button client-based encryption for sensitive emails) and use of low cost, low attack surface linux laptops as email clients (chrome os, to some extent) would make data collection a lot harder. Probably to the point where a warrant and physical search would be easier. To some extent, changes in network protocols may also help.

    –Erwin

  104. Jim Tyre  •  Aug 20, 2013 @3:39 pm

    @TAC,

    It came out before this Government spied on lawyers talking with their clients, and there was this smugness about well but they were terror suspects, here is the kicker… WE ARE ALL TERROR SUSPECTS.

    I have a lapel pin that says simply "Suspected Terrorist." (Which the Prendanistas know I am, anyway, being an EFF Fellow.) Once, when I was in no hurry, I wore it while going through TSA. Fun and games ensued.

    Another time, I had in my wallet a business card sized piece of metal. Imprinted on it is the Bill of Rights.

    I have fun in strange ways.

    (And yes, every single one of us is a suspected terrorist.)

  105. James Pollock  •  Aug 20, 2013 @3:39 pm

    Allow me to offer a somewhat different perspective for your consideration.
    It is a known fact that children and criminals are less likely to misbehave if they believe they are being watched, whether they actually ARE being watched or not. (This is why there's such a thing as fake security cameras.)
    From this we can infer that there is a good reason for those people and organizations charged with reducing misbehavior to overstate, perhaps by a significant margin, their ability and/or willingness to monitor actual behavior.
    Now factor in cost. It is usually far cheaper to fake security activities than it is to actually perform them.

    So… is it coincidence that revelations about wide-ranging, intrusive monitoring activities surface just as the sequester forces constraints on defense department spending?

  106. grouch  •  Aug 20, 2013 @3:51 pm


    As a defense lawyer I tend to separate the judiciary.

    The judiciary rubber-stamps the executive and legislative branches. Checks and balances died a few Congresses ago.

  107. That Anonymous Coward  •  Aug 20, 2013 @4:17 pm

    @Jim Tyre – My hobby is troll hunting. I'm pretty good at it. They might have called you a terrorist, but I'm a triple terrorist according to the GA filings. So there… NYAH. *giggle*

    @James Pollock – The problem is they are lying on so many levels.
    Fact – We spend stupid amounts of money on snakeoil fixes that don't actually work.
    Fact – We give them MORE money even as we prove it doesn't work.
    Fact – Congress is in the business of funneling cash out the door to corporations who promise much and delivery little.
    Fact – Agencies have been caught trying to mislead investigators about how bad things are.

    TSA trying to hide equipment that doesn't work, and yet the contract requires us to pay them for failed tech still. And warehousing it, because its secret sauce inside.

    Congress has made the budget a freaking joke.
    If you don't arrest more people, we see no reason to keep your budget the same.
    If you don't give me a decent soundbite to make me look patriotic I slash your budget.
    I'm sure the original program NSA came up with, had all sorts of checks and balances considered and thought out. Then we needed to add more and more to pay contractors enough to get better "campagin contributions".

    Congresscritters leave office richer than when they went in, and their salary doesn't explain the bump.

    Broken system is broken, and if this was a movie we'd nuke it from orbit and start again. Instead we need to demand punishments, change, laws, and the harshest penalties for those involved in creating this… not exposing it.

    This is just the tip of an iceberg of crap, there is so much just below the water that no one wants to deal with… but we need to find the will to make it change or force it to change.

  108. Bryn  •  Aug 20, 2013 @4:20 pm

    I am sad. I've done transcribing for Groklaw–turning .pdfs into something readable by OCR software. Pamela provided a valuable service to the geek community and I hope she realizes how much she was appreciated and how much she will be missed.

  109. Sami  •  Aug 20, 2013 @4:46 pm

    I'm far, far less anti-government than you are – I'm not a libertarian, and I don't really approve of/agree with libertarianism, tbh.

    I've never liked the "if you have nothing to hide you have nothing to worry about" argument either, but I do a little bit fall on the side of "if you have something that serious to be concerned about why the fuck were you discussing it by e-mail".

    Finding out my e-mail was being read would offend me, and I am not thrilled by the expansion of creepiness by the NSA and similar agencies. (I'm also not impressed by how America instantly caved after a first strike by terrorists. Because, seriously, the terrorists won. American civic society went into immediate convulsions, and America pissed away a century's worth of moral authority and international respect within the next five years.)

    But as a non-American there's not a lot I can do about that. However, even the most dedicated fascistic government thug would probably have difficulty deriving much to attack me with from my e-mail unless they manage to make allegations stick that natter about a friend's small children is totally code.

  110. Christenson  •  Aug 20, 2013 @4:47 pm

    @Erwin:

    Make metadata analysis *much* harder. Tor does this. So does just about any decentralized, forget where it came from and where it is going mail server that accepts data encrypted with its public key, and assumes the contents are ciphertext. If everyone was running a "lavabit" service, specific and useful targeting becomes much harder.

    Oh, and start using all that computer power for encrypting stuff that matters, rather than wasting it on windows!

    However, my co-worker still thinks of the children. It's the pony menace again.

  111. Christenson  •  Aug 20, 2013 @4:55 pm

    @Sami:
    You are naive. I have no intention of doing anything in the next paragraph, believe my accusations in it to be false, and I do not want anyone to act on the suggestions, but to think through the implications. Everything I mention has happened to someone in the news recently.

    Suppose for a minute I am a government thug and I don't like you, you terrorist pedophile! You have been visiting terrorist websites, like Popehat, and you have been nattering about small children, so you must be a pedophile. It's jail for you, sorry, it will be five years before a jury sees the case, IF YOU SURVIVE being beaten to a pulp in jail for being a pedophile. So, you'd better do what I say, now, and tell me about that commie neighbor of yours.

    Don't believe me? What about Henderson, Nevada, where the cops were ready to gun the neighbor of a wife-beater down because he didn't want a spy post set up in his house?

  112. James Pollock  •  Aug 20, 2013 @5:08 pm

    "I'm sure the original program NSA came up with, had all sorts of checks and balances considered and thought out. Then we needed to add more and more to pay contractors enough to get better "campagin contributions"."

    I don't see mutual exclusivity between your rant and my suggestion. The fact that they spend a lot of money on a monitoring program doesn't mean they can actually monitor anything, and the fact that the whole thing is a circular money flow campaign contributions –> contracts –> campaign contributions doesn't negate the possibility that the actual scope of actual monitoring may be being intentionally falsified.

    If you started with the assumption that is not secure and thus adapted by not putting anything potentially incriinating in email, then the revelation that email is not secure does not require you to change your behavior.

  113. SKT  •  Aug 20, 2013 @5:15 pm

    Osama 3
    Obama -1

    I think we should call this game on account of darkness.

    (Stupidly, I Posted this previously in the wrong article).

  114. Another Anon Coward  •  Aug 20, 2013 @5:37 pm

    When PJ started Groklaw ten years ago she did it because she wanted to. She wanted to tell people what she knew of the intersection of open source tech and the law. And she wanted to learn how to blog. Nobody paid her to run Groklaw, the Paypal begging bowl helps keep it afloat. There doesn't seem to be any Incorporated Society behind it. It was just fun to do.

    I know not to ask a lady's age. I know also a fact of life is we all get older. I finished my last regular day job three years ago. But the tech and the law are getting younger, faster, and more insanely litigious. Some of the recent cases PJ has covered have shown that even judges cannot keep up with the pace. The largest tech corporations use their riches to buy dissembling mendacity to serve up in court. The result is that to the analytical observer judges seem to be making mistakes. I don't know if the judiciary can call on the same heavies as other branches of government to threaten those who speak unpleasantries. This has been suggested as a possible chilling effect on Groklaw.

    I prefer to believe a simpler reason, it is no longer fun to do.

  115. Stephen Perdue  •  Aug 20, 2013 @5:42 pm

    She's ending it because, in the post-9/11 era …

    Because I'm an incorrigible nitpicker, I'll point out that Groklaw's entire existence has been in the post-9/11 era.

  116. Jim Tyre  •  Aug 20, 2013 @5:53 pm

    @ Stephen Perdue

    Because I'm an incorrigible nitpicker, I'll point out that Groklaw's entire existence has been in the post-9/11 era.

    True enough. But what NSA did before then has little resemblance to what it started to do after.

    As far as public awareness, no one had a clue until, after sitting on it for a year, the New York Times published a story in late 2005. After that, some of the lawsuits began, including the first one that we (EFF) filed in early 2006. Then, in about 2008, Congress passed the FAA, FISA Amendments Act, which made (ostensibly) legal much of what had been legal before. But that wasn't good enough, the governments hasn't even been abiding by FAA. Though Snowden is not the first relevant leaker, some of us have been quite well aware of the goings-on for a long time, most of the public hadn't a clue until Snowden came along.

  117. htom  •  Aug 20, 2013 @6:02 pm

    Ken — Good cryptography is usually hard work. Most "breaks" in modern crypto are not of the math, but of human failings to "do it right". They find a shortcut, an easy way, reuse a password, … and that — the thing they were warned not to do — is the key that lets the snoops in.

    The modern PC/ phone/ tablet/ what have you comes with a built-in "man in the middle", the operating system.

    Bruce Schneier is the public's go-to guy about cryptography. His books are (usually) readable, and with effort, the hard ones are comprehensible. http://www.schneier.com/

  118. AlphaCentauri  •  Aug 20, 2013 @6:10 pm

    I don't think it's my way, yet — though I am having some very concerned conversations about whether it's safe, or even ethical, to have confidential attorney-client communications by email.

    Holy shit, you use unencrypted email to communicate with clients?

    I would never send any confidential information, especially HIPAA-protected information, in ordinary email. That's not somenew and scary information. It has always been that way. Internet traffic travels on a network of cables and servers that are owned by multiple private and government entities. Any of the entities whose equipment is used to transmit your data is capable of reading it if they choose. Multiple employees of your email service provider have privileges that allow them to go into the folder that holds your email and read it. Even TOR is a problem, because anyone can set up a node, and the exit nodes can monitor the content of unencrypted communications. (They caught out some embassies making that mistake a few years ago, in fact.)

    IIRC, the creator of PGP was in hot water because he refused to give the government backdoor access to the encryption, and because when he was prohibited from exporting it for sale, he released it as freeware. It was well known that the government was scanning email transmissions for interesting keywords. (I believe the program was named Carnivore.) This was all years ago. There was never an expectation of privacy in plain text emails the way there is in snail mail. The only way to change that situation is for people to consider encryption the norm rather than the exception, so that encrypted emails aren't unusual enough to call attention to themselves.

    Of course, if you really want a message to be secret, I've always thought that encoding it in a email for V1@gra and sending it to 2 million people might actually be the best disguise ;)

  119. That Anonymous Coward  •  Aug 20, 2013 @6:15 pm

    James Pollock – I have problems with them lying to our elected leaders. Misinformation is pretty much free to create, and pouring billions into outside corporations to scam the 'terrorists' while the rest of the country suffers… not a fan.

    I don't think they were smart enough to build a deceptive system, I think they saw the value of total surveillance and never stopped to consider how wrong it could go.

    While these are being held by the NSA have we forgotten that like 90% of that workforce is contractors to outside firms. Not only does NSA have my data, but so does skippy at the water cooler if he wants it, or his corporate masters.

  120. SKT  •  Aug 20, 2013 @6:15 pm

    @ James

    What threat do lunch mobs pose, other than eating all of the meatballs before you get a chance to place your order for a meatball sub. I kid. I kid.

    On a side note is there an equivalent term for sidetracking a post about personal choices and turning it into a discussion about encryption. I'm thinking something like "godwining". "encryptining"? "encypsilating"?

    I realize Ken expressed concerns for his attorney/client confidentiality, but seems to me his post is primarily about a person (PJ) and her choice to opt out of email, based on her principles not out of a lack of security or her ability to implement secure email.

  121. Malc  •  Aug 20, 2013 @6:31 pm

    Ken,

    For the privileged communication issue, it's worth thinking a little about a system like those used by those strange bedfellows, the defense industry and the health care industry[1]:

    Set up (have set up) a private web-based HTTPS-only email system.

    When a new message arrives, it sends you a regular email, and then you have to go to the private website to read the actual message.

    Use two-factor authentication to cut down on brute-force or phishing attacks on the website. This used to mean things like RSA SecurID tokens, but increasingly sending one-time pass codes to cell phones is becoming popular (so you need your password, your cell phone and coverage to receive a text message to log in).

    Keep the servers in an attorney's office (suite), so that anyone trying to get physical access would have to go through the same effort as they would to search your file cabinets.

    An added value is that you can avoid the whole "attachment too large" problem, because you never mail an attachment.

    Obviously, you'd have to issue clients and other correspondents with user-ID's, but in return you get the ability to _know_ if messages were received, which is useful.

    Just a thought…

    [1] For entirely different reasons, both industries care about securing information that must traverse the public interwebs, the latter because of HIPAA.

  122. Amber  •  Aug 20, 2013 @6:32 pm

    Strong symmetric crypto cannot be broken even with a scalable general quantum computer, because there is no algorithm that provides a speedup. And nothing can "crack" properly used one-time pads, which provide completely perfect security. That means that, even today, it's possible to communicate information via email that you can be assured won't be cracked in any mass dragnet.

    That is very nice, but until Joe SixPack can transparently install and use the described encryption, its existence is so useless for Joe SixPack, that it might as well not exist.

    Basic crypto that should still be entirely safe for a good decade anyway is even simpler.

    Somebody does not understand how useful rainbow tables are. Nor do they understand how effective Beowulf Clusters are, when tasked with decryption of data, for which one does not have the appropriate passwords.

  123. David  •  Aug 20, 2013 @7:02 pm

    @Amber
    Somebody does not understand computational complexity:

    To see why exponential-time algorithms might be unusable in practice, consider a program that makes 2n operations before halting. For small n, say 100, and assuming for the sake of example that the computer does 1012 operations each second, the program would run for about 4 × 1010 years, which is the same order of magnitude as the age of the universe

    Desirable are algorithms that can run in polynomial time (or faster). But consider integer factorization:

    When the numbers are very large, no efficient, non-quantum integer factorization algorithm is known; an effort concluded in 2009 by several researchers factored a 232-digit number (RSA-768), utilizing hundreds of machines over a span of 2 years

    The upshot is that as far anyone has been able to tell, there are some calculations that are easy to verify once the answer is known but are so time-consuming to perform in the first place that it doesn't matter how many millions of Beowulf Clusters you throw at 'em. Generally speaking, calculations of that sort are at the heart of strong crypto, from your bank card to your browser to your bomb codes.

  124. Amber  •  Aug 20, 2013 @7:08 pm

    @David

    The Beowulf Clusters create the rainbow tables, thereby making computational complexity irrelevant.

  125. That Anonymous Coward  •  Aug 20, 2013 @7:12 pm

    @Malc – can we just accuse NSA of HIPPA violations and let the government eat itself?

  126. solaric  •  Aug 20, 2013 @7:27 pm

    @Nicholas Weaver

    There is still no confirmation that Apple is able to decrypt the phone's secure store when the passphrase is strong or really strong.

    Um, so you're calling Chris Soghoian a liar basically? And saying that Apple's process must only apply to phones using PINs? Because otherwise yeah there is confirmation: from Apple.

    Also, since you didn't seem to catch on the first time, this is utterly wrong:

    Also, even if Apple CAN extract the UID, 12+ character random passwords are not brute-forceable, and the password must be known to decrypt the secure storage.

    No. It's straight forward and standard to have encryption systems with multiple keys, any single one of which is sufficient for decryption without the need to know the others. This is critical in institutional settings in particular to deal with situations like some user getting hit by a bus (or arrested by the government for that matter), a "recovery key" or "organization master key" or whatever terminology you use for it provides a backup and escape plan. Hell, it's used by Apple themselves for a major consumer product: FileVault 2 (their current FDE offering as part of 10.7 and later). They offer to create a recovery key, and also provide instructions for a managed setting. The whole point is that you don't need to know the user's password. And that's extremely crude too. There are a lot of ways to have a "secure" (as in it can't be derived any more then the original key can, obviously having an additional party involved adds risk) backdoor to any given encryption system. I don't understand what you find so surprising here. I mean sure, in a perfect world it'd be a major economic negative, but I don't think that's actually the case, and at any rate there's no technical issue at all.

  127. solaric  •  Aug 20, 2013 @7:31 pm

    @Amber

    Somebody does not understand how useful rainbow tables are.

    Somebody is spouting terminology without understanding it at all. Rainbow tables are a memory-computation tradeoff attack that are trivially and easily 100% negated by a salt, which absolutely everything of even the slightest merit uses. Brute forcing is handled via key stretching. A Beowulf Clusters doesn't do jack squat. You can go from billions of quadrillions of years to, uh, mere millions of quadrillions of years? Congratulations.

  128. AlphaCentauri  •  Aug 20, 2013 @7:41 pm

    For those not familiar with the term "rainbow table," it's like cracking a code in reverse. Instead of starting with the encrypted form and trying every possible solution to find the original form, you start with a list of all possible solutions and encrypt them. Now you can just look up the encrypted form in a table and see what you started with to get it. For instance, all credit card numbers are 16 numeric characters, so a list of the encrypted form of all 16 digit numbers would be very useful. You can get around that by adding a "salt" to each number in your database before encrypting it — additional characters that completely change the encrypted form, preventing someone from having a pre-calculated table if they don't know what the salt is — but even that is defeated frequently with the large amounts of computing power available in even a single gaming computer, let alone a botnet of malware-infected computers that can be rented by the hour.

  129. RQM  •  Aug 20, 2013 @7:42 pm

    "As yet there have been zero documented cases of NSA abuse of the tools at their disposal. No instances disclosed by Snowden, none in the released internal audits… nothing."

    Remind me again how General Petraeus' affair was uncovered, right before he was supposed to testify about Benghazi?

  130. AlphaCentauri  •  Aug 20, 2013 @7:47 pm

    BTW, the antichat.ru database was a salted hash. After Brian Krebs was able to get 44% of the passwords cracked in 18 days, another hacker used his personal computer to get 77% of them in 8 hours:

    http://krebsonsecurity.com/2011/06/antichat-hacker-forum-breach-reveals-weak-passwords/
    http://translate.google.com/translate?sl=auto&tl=en&prev=_t&hl=en&ie=UTF-8&u=http://habrahabr.ru/post/122633/&act=url

  131. David  •  Aug 20, 2013 @8:38 pm

    @Amber

    The Beowulf Clusters create the rainbow tables, thereby making computational complexity irrelevant.

  132. Christenson  •  Aug 20, 2013 @8:45 pm

    Back to the original topic: I think Aaron Swartz weighs heavily on PJ. He was basically prosecuted for an opinion that he once expressed.

    How much salt is required to defeat a rainbow table for 16 digit credit card numbers, assuming the entire internet is my botnet and I have a year?

    I like calling my local computer a man in the middle. I claim that a radical change to the basic OS is required to undo that, one where no program is ever really trusted.

  133. kallethen  •  Aug 20, 2013 @9:07 pm

    I wouldn't be surprised if it's more than just the government email snooping that turned PJ's stomach. Between some politicians in the US trying to define who can call themselves "journalists", bought off 'journalists' giving statements and suggestions that their fellows that broke the NSA spying drama should face charges, and now Miranda's detainment…

    It honestly is a bleak foreshadowing of the future of journalism. It makes me feel sick and more than a little scared.

  134. Xtifr  •  Aug 20, 2013 @9:19 pm

    Well, I've now lost one of the best sites covering legal matters directly related to both my day job and one of my main hobbies. On the bright side, though, I've still got a site to cover legal matters related to snorting the taints of ponies–although I decline to reveal just how high that is on my list of hobbies.

  135. Sami  •  Aug 20, 2013 @10:04 pm

    Christenson:

    Suppose for a minute I am a government thug and I don't like you, you terrorist pedophile! You have been visiting terrorist websites, like Popehat, and you have been nattering about small children, so you must be a pedophile. It's jail for you, sorry, it will be five years before a jury sees the case, IF YOU SURVIVE being beaten to a pulp in jail for being a pedophile. So, you'd better do what I say, now, and tell me about that commie neighbor of yours.

    I get what you're saying, but… I'm Australian, and a woman, so none of that really applies to me. My government doesn't care about Popehat, doesn't do a fraction of the creepy things the US government does, and paedo charges are a lot harder to stick on a woman.

    And our media would be *all over* a story of Government Thug Behaviour, because our media is kinda messed up but not in the same way yours is, and isn't so psychotic in any direction (excluding the Murdoch-owned press, but that currently hates the government, so). They'd have a field day with false accusations of that kind of thing, and showing interviews with the kids' pretty, charming mother being outraged, and the adorable, well-spoken three-year-old.

    Bear in mind: In my country, a prank was pulled that humiliated the police in a high-profile, terrorism-related security scenario. A group of comedians penetrated to the heart of the highest security setup Australia had ever seen – one of them dressed as Osama bin Laden, no less – and were right outside the hotel containing the US President, among other notable international dignitaries, when they stopped and turned around of their own volition.

    Note that a significant portion of the media and public discourse was calling for their heads for this, along with the police, who wanted to lock them up forever, largely for the crime of Making Us Look Bad… but it was largely over, as a story, by the time their court date arrived.

    They didn't go to jail. Not because they had brilliant lawyers – their lawyers didn't really have much to do with it. The charges were dropped by the Department of Public Prosecutions, because the DPP had looked at what the cops had brought them, and concluded that the charges were obviously stupid.

    But it wasn't just a pure prosecutorial discretion thing, declining to prosecute public figures – the DPP dismissed the charges citing reasons.

    The DPP argued that it was never the intention of The Chaser to breach security and that they were allowed into the restricted area only because of the mistakes of the police. The laws enacted for the summit meant that entry into the restricted zone needed justification, which could include police permission. The DPP stated that by waving The Chaser through, they had granted permission to be in the restricted zone. A further defence was available: all members charged, except Morrow, could argue that they were present for work-related purposes, and part of their employment was to be with Morrow, who was directing the stunt.

    (http://en.wikipedia.org/wiki/The_Chaser_APEC_pranks)

    Essentially: I get your point, but I don't fear my government as much as you fear yours.

  136. Jim Tyre  •  Aug 20, 2013 @10:51 pm

    @Sami,

    I get what you're saying, but… I'm Australian, and a woman, so none of that really applies to me. My government doesn't care about Popehat, doesn't do a fraction of the creepy things the US government does, and paedo charges are a lot harder to stick on a woman.

    I hate to break it to you, but Australia, New Zealand, Canada and the UK (in no particular order) are the primary spying partners of the U.S. They share a tremendous amount, and it isn't uncommon that if one country can't do directly under its laws something it wants done, it just asks one of the other spying partners to do it for it.

    Australia's actual spying mechanisms aren't as sophisticated as what the NSA has (or the NSA counterpart in the U.K., GSHQ) but you are being watched.

  137. Aaron Spink  •  Aug 21, 2013 @12:05 am

    I'm continuously shocked at the number of people that think email is or ever has been in anyway private. I remember back in the day when I was an incoming freshman at the University of Michigan engineering school, they explicitly stated that email was not private. It been like this since forever.

    The physical analog for email is typing what you want to send on a sheet of paper with an to address and handing that sheet of paper to a person. That person reads it, and send it to another person who then reads it and sends it to another person, repeat until it actually reaches the person it was intended for.

    There is nothing private about email. There never has been and their never will be. It is open plain text that is sent through hundreds of entities. It is stored in multiple buffers and queues and servers along the way. And the NSA has been filtering internet traffic for decades. Its been pretty much an open secret.

    @Ken, if you want your attorney client communication to be secure, then you have to use encryption. There is no other way. Would you hand the opposing attorney or law enforcement an open sheet with attorney-client privileged information to hand to your client? Would you ask a complete stranger to hand an open letter with sensitive client information to your client?

    The simple rule of communicating with email is, if you wouldn't yell it and hand out fliers about it on a street corner, then you should send it in unencrypted email.

    The reality of the electronic world is that if you want something private and/or secure, you must encrypt it.

    As far as the iphone, no one knows if Apple has a master key, though there are third party suites out there that make it completely immaterial for iOS as they store all the secure information in their own encrypted locker and bypass the apple security. I've had such software install on my iphone in that past as part of a corperate security requirement. It required secure password entry after any time the phone locked.

  138. Geeves  •  Aug 21, 2013 @1:39 am

    I had two points to make about this but Aaron Spink made the first one more eloquently than I think I could. Although I would add that even encryption doesn't make something 'secure' in any absolute sense, it just makes it more effort than it's worth to decrypt in most situations. If the NSA or any other agency / actor with sufficient resources wants to access your encrypted material, they will. PGP doesn't stand for 'Pretty Good Protection' for nothing.

    The second point is, I don't really understand how the American response to this seems to be OMG THEY'RE SPYING ON AMERICANS instead of just all them foreigners! Us foreigners don't have any say in what government you buggers put in place, why is it OK to violate our "privacy" but not yours? It's not like unhinged individuals have some overriding patriotism gene that makes all threats be against other countries. Besides if it's OK for NSA to spy on everyone non-American, surely GCHQ spying on Americans is fine by exactly the same logic.

  139. grouch  •  Aug 21, 2013 @1:49 am


    I'm continuously shocked at the number of people that think email is or ever has been in anyway private.

    There are two different concepts of privacy at play here. There is actual, physical privacy which plain email does not provide, and there is the legal concept of privacy which plain email has been presumed to have under ordinary circumstances. (See, e.g., Warshak v. U.S.).

    I can't speak for PJ but I strongly suspect that the evidence revealing that our government shows such disdain, disregard and disrespect for the U.S. Constitution is a significant factor in her despair. She loves (loved?) the law and has (or had?) faith that the courts would constrain the other two branches to operate within the Constitution, as amended.

    It would be great if coder geeks could devise physically enforced, user-selectable privacy in communications. That would be really nice to have while fighting to convert the Bill of Inconvenient Suggestions back into the Bill of Rights. (Might even be able to convince PJ to rejoin the battle if she could be assured that she wouldn't be endangering tipsters).

    Meanwhile, vote ALL the bastards out.

  140. grouch  •  Aug 21, 2013 @2:04 am


    Us foreigners don't have any say in what government you buggers put in place, why is it OK to violate our "privacy" but not yours?

    It isn't.
    On the other hand, our Bill of Rights is supposed to force our government to get particular and specific if it wants to spy on a citizen, either openly or surreptitiously.

    Some of us are shocked that spineless jellyfish with rubber stamps can wear judicial robes. Then again, FISA and the Supreme Court could simply be computer generated virtual courts after all.

  141. bst  •  Aug 21, 2013 @4:49 am

    @Christenson

    Your question about salt and 16 digit credit card numbers doesn't make much sense. Salt and rainbow tables are used with password hashes, not with encryption. People do not use their credit card numbers as a password to log in to a system. If they did, assuming the password was hashed using bcrypt, the rainbow table for a single value of salt would take about 23 petabytes of storage. That is the amount of storage that would have to be allocated per user (since each user would have different salt) if every user and their salt was known in advance, which makes the size of the salt not a factor. If the salt is not known in advance, then you multiply that by the number of possible salts. Bcrypt uses 128 bit salts, so multiply that 23 quadrillion bytes by sticking another 38 or so zeroes on the end. That is quite a bit of storage, even for an entire Internet.

    Rainbow tables are useful for cracking weak passwords that are hashed with no salt, or very weak passwords with very little salt. Long salt strings do not protect weak passwords – The salt just makes it so that you would not use rainbow tables when cracking the weak passwords and would not crack multiple users' passwords in one computation loop.

    In any case none of the above applies to encrypted credit card numbers.

  142. RQM  •  Aug 21, 2013 @5:00 am

    That Anonymous Coward

    ”I'm sure the original program NSA came up with, had all sorts of checks and balances considered and thought out. Then” the NSA found all sorts of dirt on the congresscritters through their email and phone calls, dirt that could cost them jobs and families. “That's a great senatorial career ya got there, it'd be a shame if something happened to it.”

    There, fixed it for you. ;)

  143. RQM  •  Aug 21, 2013 @5:09 am

    Federal agents have launched a criminal investigation of instructors who claim they can teach job applicants how to pass lie detector tests as part of the Obama administration’s unprecedented crackdown on security violators and leakers.

    By attempting to prosecute the instructors, federal officials are adopting a controversial legal stance that sharing such information should be treated as a crime and isn’t protected under the First Amendment in some circumstances.

    http://www.mcclatchydc.com/2013/08/16/199590/seeing-threats-feds-target-instructors.html

    I'm surprised nobody has picked up on this. I find it disconcerting.

  144. AlphaCentauri  •  Aug 21, 2013 @5:10 am

    @grouch, even if the 4th Amendment prevents the emails from being admissable, it doesn't stop them from spying on you.

    The government has been monitoring internet traffic before most of us ever heard about email. And apparently only the early adopters really understood that they were jumping into somebody else's sandbox when they started using the internet without paying for the use of all the cables and servers beyond their own ISP.

  145. ZarroTsu  •  Aug 21, 2013 @5:35 am

    If you have nothing to hide you have nothing to worry about.

    It's just too bad that everyone does have things to hide.

    Maybe the NSA should start a dating service? Just imagine.

    "Male Caucasian John Hues enjoys long passionate walks on the beach with a partner wearing a revealing assortment of bathing clothes, so that he may take repeated glances at their breast and torso area while they remain distracted by the surrounding scenery. Male Caucasian John Hues enjoys his coffee black, and usually drinks it while failing to complete crossword and Sudoku puzzles every morning. Male Caucasian John Hues' credit card number is openly stated as 4592000002201258 to all women who buy him at least $5.99 worth of beverages in his favorite local tavern, "Open Nightlies"."

    Just think of the possibilities! Who wouldn't want this kind of exposure?

  146. That Anonymous Coward  •  Aug 21, 2013 @5:43 am

    @RQM – As the NSA is like 5 people and 50,000 contractors its more likely the contractors got the dirt and expanded their role that way.

  147. AlphaCentauri  •  Aug 21, 2013 @5:48 am

    While we're worrying about privacy, this page wants to run javascript for Twitter, Facebook, Delicious, Sharaholic, Google, and Amazon when I visit. I haven't checked what cookies it sets. And that's the site of people concerned about privacy. Most commercial websites will have layers and layers of marketers getting access to information about your visit if you permit it, which you often have to do to see any content at all.

    If you aren't paying for content, you're the product, not the customer.

  148. grouch  •  Aug 21, 2013 @7:20 am


    @grouch, even if the 4th Amendment prevents the emails from being admissable, it doesn't stop them from spying on you.

    There's the rub; it's supposed to stop them unless they obtain a particularized warrant. Secret laws and secret puppet courts are incompatible with democracy.

    BTW, re: your other comment — no javascript here and popehat set 4 cookies on my system, with permission.

  149. Steven H.  •  Aug 21, 2013 @8:14 am

    @Geeves:

    "Us foreigners don't have any say in what government you buggers put in place, why is it OK to violate our "privacy" but not yours?"

    So, you're suggesting here that your government doesn't spy on ANYONE, anywhere in the world?

    Somehow, I think not…

  150. Nicholas Weaver  •  Aug 21, 2013 @8:39 am

    Um, so you're calling Chris Soghoian a liar basically?

    No. I trust his work.

    Its just there is no evidence he or anyone has yet presented that Apple can extract/knows the UID key (enables parallel brute-force to determine the DS key: bad but not horrid) or escrows the DS key using an Apple public key when the passcode is changed (stupid, and doesn't actually help Apple!). Not much data is protected by the DS key, but what data is protected does matter.

    A lot of effort has gone into people reversing that security process, including the NSA. If the NSA had a reasonable suspicion that Apple could extract the UID key, they would recommend a 10 character passphrase in their iOS securing guide (which will eliminate brute forcing on UID capture) rather than 6. [1] And if they had a reasonable suspicion that the DS key was escrowed, I suspect there would be warnings about the probability.

    But its all academic anyway: Device capture is very different from a wiretap, because parallel construction can't be used to hide how the evidence came about. The threat lawyers need to worry about is wiretapping.

    And even in the case of device capture, so much important data is NOT protected by the DS key (messages, contacts, calendar, reminders, pretty much everything except mail and security software), and what is protected is almost invariably available by subpoenaing the mail service provider anyway.

    [1] I do not trust the NSA's surveillance side. But I do trust the guides and procedures they develop for securing US governmental computers.

  151. Kevin  •  Aug 21, 2013 @9:40 am

    PJ is not being entirely honest with everyone when she explains her reasons for shutting down groklaw.

    1. She previously shutdown groklaw – http://www.groklaw.net/article.php?story=20110409161444432
    2. Then she rethought her decision and tried to find a replacement editor http://www.groklaw.net/articlebasic.php?story=20110515173831922
    3. When she couldn't find anyone who satisfied her demands she continued doing it herself

    She has just been looking for a reason to quit and the NSA story gives her a way out. Sure there is a lot to debate about the NSA, but lets be honest, it isn't her only reason for quitting. I doubt it is even her main reason.

  152. Dan  •  Aug 21, 2013 @9:45 am

    This is a publicity stunt by Ms. Jones. If she needs to encrypt her communications, she can do that without too much difficulty (PGP is secure). But even so, it's absurd to throw in the towel on the entire blog because your email is being read. Email was always being read. We pretty much knew it. Email was never secure to begin with, even against random people who care enough to spy on other random people.

  153. htom  •  Aug 21, 2013 @10:53 am

    Dan, PGP doesn't do anything to prevent traffic analysis. Since one of Groklaw's primary sources was leaks, traffic analysis would be deadly to leakers, even if their message content was not known.

    I suppose you could set up a scheme where you encrypt the to:, from:, date, and subject along with the message, and openly email that package to someone who'd ignore it, having a secret wizard in the middle who'd copy the encrypted message, decrypt the addresses, and send the encrypted message onwards, eventually it would arrive somewhere where Groklaw was watching the incoming mail and stealing those addressed to it.

    Maybe you could do something with shared browser cookies to paste and pass urls to messages.

  154. David  •  Aug 21, 2013 @12:02 pm

    @htom The relay you describe is a chained remailer.

    Note: while it's true that traffic analysis is possible wrt Groklaw, traffic analysis was always possible; that doesn't represent a change in circumstance.

  155. Kevin  •  Aug 21, 2013 @12:43 pm

    @htom "Since one of Groklaw's primary sources was leaks."

    Maybe we were reading different blogs. Groklaws articles almost always involved a discussion of publicly available documents. Indeed, I can't think of an article that involved a so called leak, can you point me to one?

  156. En Passant  •  Aug 21, 2013 @1:01 pm

    AlphaCentauri wrote Aug 21, 2013 @5:48 am:

    If you aren't paying for content, you're the product, not the customer.

    Amen!

    Corollary: If you give government permission to access with no judicial oversight every word, jot and tittle that you think you are sharing only with friends, you're a subject, not a citizen.

  157. Orv  •  Aug 21, 2013 @1:40 pm

    @Erwin: I don't think revolution will help. While our own revolution ended happily, if you look world-wide, you'll see that most of them end in military-run dictatorships. That's unlikely to result in *less* surveillance, since agencies like the NSA are intimately intertwined with the military.

    @Malc: In my experience the health care industry gets around the "email is considered insecure" problem largely by faxing everything. Ironically, this means that if you own a substantial block of phone numbers, you will get misdirected faxes containing private medical information nearly every day. (Happened in a previous job I had where we owned a 16-number DID block.)

    @Christenson: SELinux is one attempt to do that — it defines what actions a program is allowed to take, in great detail, and blocks actions that don't correspond. For example, a web browser might be allowed to modify files inside a user's home directory, but never outside it. A web server might be allowed to access files under its web root, but never anywhere else on the system.

    Unfortunately, in practice these types of systems are extremely hard to configure. (I think I'm a fairly smart guy and there's stuff I just can't figure out how to make work with SELinux turned on.) You also still have to trust the underlying OS, unless you wrote it yourself without using any 3rd-party libraries.

  158. Doctor Railgun  •  Aug 21, 2013 @2:50 pm

    While I'm sad to see PJ and Groklaw go, especially after all the work she did with the IBM-SCO cases… frankly I thought she had already handed over Groklaw to someone else and was popping in only once in a while to offer insightful commentary.

  159. Malc  •  Aug 21, 2013 @4:47 pm

    After I read all the comments yesterday, someone pointed out who P.J. used for an Email provider:

    Google.

    So, yeah, this wasn't about email privacy. It might be about distaste for the failure of the judiciary to grow a pair and/or a spine, but it's not about email privacy.

    @RQM: Polygraphs are technically as accurate as Ouija boards. They "work" because the subjects believe they work, and so confess:

    Q: Are you a terrorist?
    A: No, well… a Patriot(tm) is not really a terrorist, is he?

    Amusing things to do to polygraph examiners: ANSWER THEIR QUESTIONS! so…

    Q: Have you seen a psychiatrist in the past 12 months?
    A: Yep.
    Q: Oooh, tell all!!!
    A: Well, she's kinda cute, and we've met up for drinks several times…

  160. htom  •  Aug 21, 2013 @7:51 pm

    Kevin — My bad. Not leaks. Addresses of difficult to find yet public documents.

  161. Mark - Lord of the Albino Squirrels  •  Aug 21, 2013 @8:33 pm

    Looks like time to head to the W.A.S.T.E. bin – gotta see if Trystero does e-mail.

  162. rsteinmetz70112  •  Aug 22, 2013 @11:52 am

    Groklaw is not totally dead.

    Someone has started posting new News Picks.

    Perhaps Mark Webbink or someone else will step up.

  163. bst  •  Aug 22, 2013 @3:58 pm

    @Malc,

    I think that the use of GMail was a reasonable result of considering various tradeoffs. A GMail account provides a certain amount of anonymity. If you use the web mail interface the emails you send do not contain an ip address. Only Google knows the ip address used and the information that was provided to create the gmail account. Data communication between the user and the mail software is encrypted over https, so can't be intercepted on the way to the server. You can probably count on the stored email being pretty safe from anyone who does not have governmental authority to take it.

    Until now PJ did not have to worry about law enforcement taking an interest in her Groklaw emails. She needed to be more concerned with supporters/agents of the companies she reported about, such as SCO and Microsoft, and private individuals who did try to stalk her and to discredit her. The type of privacy and anonymity facilitated by GMail makes it a reasonable choice when that is your threat model. Her PGP key was published for people who had reason to use it when contacting her.

    PJ's closing article makes pretty clear her reasons for shutting down. It is not so much that email is so less secure. It is the creepy feeling of being watched always, no matter what she doing. The realization that every bit of communication is swept up and rifled through. The same irrational reaction as when she threw out all her underwear after her apartment was burgled because she could not help thinking about the stranger who violated her personal space pawing through it. I have to admit that I am a bit creeped out knowing that because I am typing this outside the US that these bits and my IP address are being stored away by the NSA. That if someone there decides that they need to know who is posting as "bst" on popehat and what ID I used on Groklaw and what I posted there under that ID and what other web sites I visited on the same day I posted this and if I made any phone calls from this location to the US on the same day … I have not set up everything I do so as to make it hard for the NSA to know all of those things given the revelations that every single bit of communication traffic in and out of the US is being (J Edgar) hoovered up. It is creepy, and that is true whether or not I have "something to hide".

  164. bill  •  Aug 22, 2013 @7:19 pm

    @Nicholas Weaver – that's a good start but the vulnerability is always on the client side – a keystroke logger, the reusing of a password, a reallyStr0ngP433W0rdL1k3Th1S works, but only if it's not written down or used elsewhere. If you're not familiar with it already, put Cellebrite in Bing or Google and see how problematic this is, particularly in the context of a Tablet.

  165. Castaigne  •  Aug 27, 2013 @10:27 pm

    @Ken White: I tire of responding to those. Let me offer one response that applies to all of them: I don't trust my government, I don't trust the people who work for my government, and I believe that the evidence suggests that it's irrational to offer such trust.

    OK, honest question. If you believe that government is that evil, that government simply cannot be trusted, then why are you not abandoning the legal industry and executing all government officials? If the government is that evil, then killing the government and all who work in it and support it is a duty that takes precedence over any law or any right that exists. Evil MUST be destroyed.

    And before you say that death is not the final answer, I must contradict you. Death is ALWAYS the answer. The evil government cannot exist if all of the people who work in it and support it are dead. Dead = No Evil. No one left to commit the evil.

    If I didn't trust the government as you (and Clark) claim to, I would be hip-deep in blood by now. And that's serious.

  166. Fred  •  Aug 28, 2013 @12:38 am

    Terrorism is whatever the government says it is.

    Wrong, it's what the government decides it is, and they won't tell you until after they've caught you doing it.

7 Trackbacks