General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsForget The Backdoor: The Government Now WANTS KEYS To The Internet
Lets all move to Russia.......
Internet privacy relies heavily on the ability of tech companies to hide user contentsuch as your emails and bank informationbehind a secure wall. But the Department of Justice is waging an unprecedented battle in court to win the power to seize the keys of US companies whenever the US government wants. Edward Snowden has shown that the government is already doing a great job at getting companies to hand over information, breaking down weak doors, and scooping up unlocked material. But if the Justice Department succeeds in this case, it will be far easier for it to do so, andpoof!there will no longer be any guarantee of Internet privacy.
The case started this summer, when Lavabitan alternative email provider that promised highly secure emailwas handed a subpoena by the Department of Justice. The subpoena required that Lavabit supply the billing and subscriber information for one of its users, widely believed to be Edward Snowden. Lavabit supplied this information. Then, the government asked to install a device on Lavabit's servers that would allow it to monitor all of the metadata (time and email addresses) of the individual's account. But Lavabit encrypted all of this information, and the only way for the government to view it was to use Lavabit's private keys to break the encryption. Those keys weren't set up to access an individual account. Instead, they broke the encryption of 400,000 Lavabit email users and would allow the government to rifle through all of that content.
Lavabit offered to record the individual's information that the government requested and hand it over on a regular basis, for a fee of at least $2000but it refused to give up its keys. As Ladar Levison, Lavabit's 32-year-old founder, told Mother Jones in August, "What I'm against, at least on a philosophical level...is the bulk collection of information, or the violation of the privacy of an entire user base just to conduct the investigation into a handful of individuals."
The government obtained a warrant demanding that Lavabit give up the keys anyway. When the company refused (at one point, Levison turned over the keys in 11 pages of 4-point type that no one could read) it was held in contempt of court and slapped with a $5,000-a-day fine. The government prosecutor in that closed-door hearing argued that "theres no agents looking through the 400,000 other bits of information, customers, whatever... No one looks at that, no one stores it, no one has access to it. The judge presiding over the case said that sounded "reasonable." Lavabit handed over the keys right before shutting down the entire company. On October 10, it filed its appeal of the contempt charge in the US Court of Appeals for the Fourth Circuit, in a case that civil liberties groups say is the first of its kind (A Justice Department spokesman says it does not comment on pending litigation. The department is scheduled to file a brief in response to Lavabit by November 12.)
cont'
http://www.motherjones.com/politics/2013/11/department-justice-privacy-internet-lavabit-encryption-keys
Segami
(14,923 posts)rbixby
(1,140 posts)Maybe the best practices would be to create individual keys on a per-user basis instead of using a single one for the whole site.
woo me with science
(32,139 posts)There is no other word for what they are doing.
This is not politics. This is the deliberate murder of our Constitution by corporate fascists.
librechik
(30,797 posts)whttevrr
(2,347 posts)Uhm... my only problem with this is this statement: "there will no longer be any guarantee of Internet privacy." There never really was "any guarantee of Internet privacy."
The only privacy anyone has is that of hiding a piece of hay in a haystack. With enough time and resources any haystack could be sifted, sorted, and cataloged.
I am not poo pooing privacy, surveillance, or any of the ideological aspirations. It is just a reality that everyone should understand when venturing out onto the internet. Almost every connection you make is stored in someones logs. Every web server logs all the IP addresses that connect to it. Every ISP logs the IP assigned to your computer. The only thing 'hiding' you is the amount of sifting that would need to be done to find your tracks through the Internet.