Legal bible Groklaw pulls plug in wake of Lavabit shutdown, NSA firestorm Blogger Pamela Jones will shut down her award-winning legal news website Groklaw following revelations that the NSA is intercepting the world's internet communications. Jones, also known as PJ, said in a final farewell article that the shutdown of encrypted email provider Lavabit, used by whistleblower Edward Snowden, had …
The real problem here is that the repressive attitude of governments and associated intimidation seem to have exactly the effect they were designed for:
Destroy dissent.
That is the real tragedy of it. We seem to be all too eager to self-censor in the wake of the revelations and pressures. I can understand PJ's decision, but can in no circumstance support that decision. It shows us the path to utter and complete destruction of free exchange of information.
Such interception and implying things from what you receive and who you receive it from sort of goes against the whole concept of innocent until proven guilty.
Surveillance is almost the opposite, everyone could be guilty, so we will check what everyone is doing and saying to ensure they aren't guilty.
"Surveillance is almost the opposite, everyone could be guilty , so we will check what everyone is doing and saying to ensure they aren't guilty"
Almost! In reality democracies nowadays have myriad laws, executive orders, treaties, federal laws, state laws, local by-laws etc etc* that even without knowing it, pretty much everyone is innocently breaking some law or other. A recent US study showed that the average person is probably breaking 6-7 laws.
So what's happening is "Everyone IS guilty, we just don't know of what, so we will check what everyone is doing and know what everyone is guilty of. At that point they can either behave like compliant and loyal citizens or we will grind them into the dirt"
*As I saw mentioned on comments of another article: "Corruptissima re publica plurimae leges"
>"At that point they can either behave like compliant and loyal citizens or we will grind them into the dirt"
Indeed, at that point one can either yield unreservedly to the will of their master and do EXACTLY as told or go to prison.
Furthermore, in the UK, once the data's recorded, that threat is eternal: The great Tony B Liar promised the mindless fuckwits a "Statute of Limitations" along with all the sinister fascist crap. Some sort of sweetener/softener for those malleable enough to believe/elect him presumably. Well... we got all the sinister fascist crap all right. No sign of any limitations though. Everything they're amassing on you is actionable for the rest of your life.
Be afraid. Very afraid.
I'm giving you a thumbs up but I still want to point out that 'guilty UNTIL' is part of the problem. It is not 'UNTIL', it is 'UNLESS' !!
'Until' is a part of the problem because it implies total surveillance can be justified because it is simply a matter of time before a citizen breaks the law and can be punished. This cannot be acceptable under any circumstances as it puts the onus on the person to prove their innocence and goes contrary to how law should work.
We seem to be all too eager to self-censor in the wake of the revelations and pressures.
We? Americans, maybe, but not all of us.
It's one of those bizarre things about the US, people there are adamant that they are the most free and democratic nation on each, yet they are so terrified of their own elected government that they insist on the right to keep guns just in case. Just like they insist on separation of church and state, but put "In God we trust" on their money. Americans have to be the most fundamentally insecure people on earth. Comes of having no history, I suppose.
Which country do you think does NOT do this?
Reminder that the UK has just as draconic surveillance as the US, and is presently installing a Great Firewall to "protect" its citizens from porn. That Sweden and France log everything their citizens do online, and let police search it at leisure. That all of the EU is complicit in PRISM and countless similar schemes.
So, which country do you live in that is not suppressing freedom in the name of protecting the children/fighting the terrorists/stopping the pirates/hindering hate speech? I'd sure like to know.
This post has been deleted by its author
> We began trending towards socialism after the "Red Menace" was no longer a threat.
Generally people that say such things have never lived in any other country but the US for any amount of time. They are usually quick to point out the one time they went to Mexico for a weekend or perhaps a week tour of London as proof they are well travelled though. Guess the author misses having the Commies to justify his world view.
You're not wrong. But in fact there's evidence that the founding fathers were absolutely aware they were founding a secular state.
This is the wording of the 'Treaty of Peace and Friendship Between the United States and the Bey and Subjects of Tripoli of Barbary';
"As the government of the United States of America is not in any sense founded on the Christian Religion--as it has itself no character of enmity against the law, religion or tranquility of Musselmen..."
That was ratified by the legislature in June 1797, and accepted by the executive:
"Now be it known, that I, John Adams, President of the United States of America, having seen and considered the said treaty do, by and within the consent of the Senate, accept, ratify and confirm the same, and every clause and article thereof." So that's two of the three branches of government.
Lately the courts made it unanimous with rulings about the pledge of allegiance "under God" wording.
On the other hand, one curmudgeonly old Catholic Republican of my acquaintance observed that nonetheless, that so-called secular state maintains Chaplains in defiance of the idea that a secular state has no established religion. In fact, he wrote: "... the very session of the Senate that ratified that treaty was opened with solemn prayer by the Chaplain of the Senate, who, I assure you, was a good Protestant Christian clergyman."
OK, we've been hearing the NSA (and other authorities) have been accessing information for how long now? A decade or so? How often did the news come that the big providers were supplying data?
Well, let me share something with you, and then see if the Groklaw declaration make sense.
dig groklaw.net mx
;; QUESTION SECTION:
;groklaw.net. IN MX
;; ANSWER SECTION:
groklaw.net. 86400 IN MX 20 alt1.aspmx.l.google.com.
groklaw.net. 86400 IN MX 20 alt2.aspmx.l.google.com.
groklaw.net. 86400 IN MX 10 aspmx.l.google.com.
It has been this way for many years, so please stop the sanctimonious BS.
Facts, fine, BS, no thanks. If Pamela was so epically concerned about privacy she would have used a less exposed provider, but she hasn't. I have a great respect for what she did with Groklaw, but here I'm calling BS. Big time. Not sure whose "cause" she's trying to support here, but she's going about it the wrong way. If she wanted to stop, a lesser argument would have been more honest.
My apologies if this upsets the fans, but BS annoys me.
He was looking up what the addresses are for Groklaw's email servers by looking at the MX records of their domain. And what the query shows is that Google is handling email for Groklaw. Google....the same Google that says that anyone using the Internet shouldn't expect privacy.
Nearly all comments to weblogs like Groklaw are in the form of posts/comments like these. But if individuals wanted to co-ordinate projects like transcribing legal documents they had to have some form of email collaboration.
Not everyone knew how to use PGP, say. The nature of Groklaw was that some of their projects were always going to tick off people in the FBI or NSA, and Jones would have been at the centre of such conversations. But it was thought not to matter. Gmail or Hotmail should have been fine for most purposes. Jones and company were simply scrutinizing companies and governments for their actions in court.
It's only lately that the need for secure email became clear. To top it all Lavabit and Silent Circle just declared "Guys, we can't tell you why, but there's no secure mail any more".
Until very recently it didn't matter that the email wasn't secure because it was assumed the constitutional protections against unreasonable search and seizure contained in the 4th amendment would prevent misbehaviour by the authorities. Now it has become clear how concepts like sovereign immunity prevent the executive being held accountable, there's no option but to switch to an extranational secure email provider, which Jones has done. But as documented in the Guardian, and TechDirt, to name but two places, even that is too risky to continue with Groklaw in its present form. See Ken White's Popehat article for more details.
Nearly all comments to weblogs like Groklaw are in the form of posts/comments like these. But if individuals wanted to co-ordinate projects like transcribing legal documents they had to have some form of email collaboration.
Actually, we're building systems for that (mainly for diplomatic use), but we found that email was inefficient. You're better off with a combination of bulletin-board style commenting and doc control with versioning.
Not necessarily dumb, but this is an IT site... the post is indicating that Groklaw has been using Google to supply their email services.
Since Google has always made it plain that there is no expectation of privacy for GMail / Google Apps users, it is slightly odd that Groklaw is now shutting down because their emails are being read by third parties...
Not sure "Google has always made it plain that there is no expectation of privacy for GMail" is an entirely accurate statement. In fact for a long time Google led people to believe they could be trusted because they "were not evil" -- except, of course, in the fine print.
I think PJ wanted to make a statement, pure and simple. While I'll miss Groklaw I think she's got every right to do what she did. It's her damn site, her legacy, to manage as she wishes.
The degree to which we've all been exposed to surveillance both by private business and the government has not always been clear to most people, even those working in the tech business. But what's really got a lot of us concerned isn't the fact that we're being watched, but how carelessly the results of that activity is secured. It seems that the contractors have been given run of the whole show, meaning that a lot of people should be worried that their proprietary business secrets are probably up for sale to the highest bidder. If I were a member of Congress or an executive at a big company that's what would be keeping me up at night -- unless I was already a consumer of that stolen info and using it in my own personal financial planning.
"Okay so maybe I'm being dumb but what the hell are you on about?"
Essentially, if you didn't know about PRISM-like or other schemes (ECHELON, etc.) before Snowden, you weren't paying attention. And if you didn't think Google (who's hosting Groklaw's email based on the MX records) would happily comply with any legal email snooping order, you weren't paying attention.
Essentially, if Groklaw was *that* worried about privacy they'd have been using a smaller, more security-conscious email provider, or self-hosting mail, requiring PGP keys, or at least having a submission-by-web option.
Now I don't know any inside info, but it wouldn't surprise me if PJ was bored with it, and this gives a good way to get out while making a statement. There are plenty of ways to continue on if she wanted to.
Now I don't know any inside info, but it wouldn't surprise me if PJ was bored with it, and this gives a good way to get out while making a statement. There are plenty of ways to continue on if she wanted to.
Personally, I would respect a message "look guys, I think I've done enough here, thanks for all the fish" much more than some party political message that doesn't stack up with reality. Worse, with her legal knowledge she could have engaged here and start to highlight the issues as a new and seriously important project.
Did you know that the exact, specific knowledge to properly protect privacy is left out of the privacy expert programmes by the IAPP? Now I'm not a good conspiracy theorist, but it would be easy to suspect a link between that and the fact that the IAPP is a US based organisation.
So, no, disappointed with Groklaw. There are better ways to end what has been quite a momentous effort, this doesn't do it justice *at all*.
Apart from the fact that all SMTP based email systems expose the mail headers, so From: To: and Subject: in particular give a lot away about your communication, it's entirely possible to conduct S/MIME or PGP/GPG encrypted email conversations via Gmail using a client like, say, Thunderbird. True, you can't read the encrypted messages through the web interface but that's just something you live with. Thunderbird works well with both encryption standards and unless you are likely to be approached by the authorities with a demand to yield up your keys and passphrases, should be good enough for a lot of peoples' confidentiality needs.
Whether Groklaw routinely did that I can't say, but personally I'd feel a lot happier using Thunderbird with Enigmail and a 'no privacy' email provider like Gmail than not encrypting my mails and trusting the email provider to do it for me. But you do have to watch the Subject line, you can give a lot away through that.
Of course, your correspondent has to have enough of a clue to agree to use encryption, and that's probably the stumbling block until more are educated about what to do.
But: mykolab.com does not provide encryption any more than gmail or yahoo do. Encrypt and put the real subject at the top of the body. I use my ISP's email service, encrypt when I think it useful, and hope that a 512 byte key will provide security for as long as I need it. I've had issues sending email while travelling due to ISP restrictions, but never in downloading.
It will be a loss if PJ refuses to allow someone else to pick up Groklaw, although it's hard to imagine anyone doing a better job.
You're right, the extra privacy offered by mykolab isn't from encryption which is done in much the same way as you suggest. But mykolab was mentioned in articles dealing with the demise of Lavabit because they are physically out of reach of the US and EU spy agencies:
"We offer secure email accounts including calenders and address books that synchronize to all your devices. The data is stored in our very own data center in Switzerland and can not be accessed by spy programs such as PRISM, so there will be no spying. There is also no corporate spying, because we show no advertisements. Enjoy the convenience of the Cloud without compromising freedom and openness."
Also they are planning to offer mail encryption services in the future. From their FAQ:
"In the future, it might be possible to store you private key in your browser's local storage securely. Then we will offer encryption in the web interface as well."
Re: I' not buying the Groklaw arguments - see the evidence..
You're right, the extra privacy offered by mykolab isn't from encryption which is done in much the same way as you suggest. But mykolab was mentioned in articles dealing with the demise of Lavabit because they are physically out of reach of the US and EU spy agencies:
Mykolab offers you at least a starting point from both a technical and legal perspective. However, those principles also apply to much cheaper providers in Switzerland. Pick any Swiss ISP and you'll be OK (after investigating they are indeed Swiss, and not just a Swiss subsidiary of a US company).
.... errr, dude, if you're in the IT biz, now would be a good time to either:
a) retire
b) take some continuing education.
According to the actual DNS records, the nameservers are all in the UNC.EDU domain. Not Google.
Google, though, handles the email hosting.
Ibilio handles the web hosting (i.e. www.groklaw.net is in fact groklaw.ibilio.org).
Once again, for emphasis: GOOGLE HANDLES THE EMAIL HOSTING.
Have a nice retirement...
You clearly didn't read her closedown post in enough detail. She tried but failed to obtain any other suitably secure email provider. She gave as a parting email address a new one hosted by a Swiss company (MyKolab) - but added that it wasn't really secure enough, given the latest revelations.
I'd add that it's only been very recently that the extent of Google's compliance with NSA snooping became clear, because Google and others including MS were under gag orders about that. Indeed, the specially cleared techs Google had to hire to work with the NSA enforcers were not even allowed to discuss their work with their bosses. Google and MS were almost as much in the dark as the rest of us.
Exactly, if some of the people who purport to stand up for rights and freedoms openly show how spineless they really are by just giving up and running away; it makes you wonder how sincere and committed they were in the first place.
This is just what the governments and security services want. Well done Pamela Jones, they may give you a medal for your service to their cause.
@AC 14:58
Okay, great - e-mail for the groklaw.net domain is hosted with Google (at least at the time you looked at those records).
That's a fact, based on the DNS information you have presented. But, to get from:
"E-mail for 'groklaw.net' is hosted with Google"
to:
"Pamela Jones is dishonest and full of shit"
requires two very large assumptions: that Pamela Jones and the Groklaw team used the easily identifiable (you found the details) 'groklaw.net' domain for all confidential e-mail - and that they did so without the use of any security in their e-mail client(s). As opposed to, say, just using the main e-mail for day-to-day stuff and preliminary communications and then using one or more other e-mail addresses (which she doesn't publicly advertise) with one or more secure providers for the important, sensitive communications. For really sensitive e-mails she might even have setup specific, disposable addresses.
Now, not knowing Pamela or the full details of the Groklaw operation, I can't say that this is the way they did things but the point is that you can't say that it isn't.
Essentially, there are three facts:
1. Pamela Jones has cited e-mail privacy/security concerns as the reason for closing down Groklaw.
2. E-mail for the (publically advertised) groklaw.net domain is currently hosted with Google.
3. Google has said that there should be no expectation of privacy with their services.
From those facts, there are several possible conclusions one might draw:
>> That Ms Jones and the Groklaw team are honest about their focus on privacy but not technically savvy enough to understand the problem presented by hosting e-mail with Google.
>> That Ms Jones and the Groklaw team are technically savvy enough to understand the problem but are dishonest when it comes to their professed concern for privacy.
>>That Ms Jones and the Groklaw team are honest about their concern for privacy and technically savvy enough to not only understand the problem with conducting confidential communications via Google e-mail but also actually do something about it and use a secure e-mail client and/or use other, more secure e-mail accounts that aren't publically advertised.
Given the fantastic, publically-minded service that the Groklaw team has provided, I am inclined to give them the benefit of the doubt in regards to their integrity and honesty.
Regarding their technical ability, remember also, that Groklaw is not just Ms Jones working off her laptop at home, it is a collection of people with various backgrounds including journalism, law and IT. Also, unless you missed it, the site deals with IT, specifically Linux and other open source endeavours. Given the focus of the site and the spread of people working on it, I find it vanishingly unlikely that they didn't employ a whole range of technical protections to keep e-mail as secure as reasonably possible.
Even without the IT focus, many in the team are journalists. Now, not all journalists are technical wizards, but I get the distinct impression that any journalist dealing with sensitive information and confidential sources has the resources to call on to mitigate at least some of the risks of modern communication.
FURTHER, as it is a TEAM, and not just PJ, you are assuming that ALL the people working at Groklaw used the groklaw.net e-mail domain and not their own, privately setup ones.
I suppose you think that Glenn Greenwald exclusively uses (something like) ggreenwald@theguardian.co.uk for all his communications with Edward Snowden.
And, even if the journalists themselves didn't do this, the people they are communicating with are often IT insiders who have their own share of technical nous and would likely insist on secure communications.
Even assuming the ridiculously unlikely proposition that everyone involved in Groklaw exclusively used @groklaw.net for all communications, PJ specifically mentioned in her post the following:
"If it's encrypted, they keep it for five years, presumably in the hopes of tech advancing to be able to decrypt it against your will and without your knowledge."
That you have decided to choose the explanation that assumes the worst about the conduct and motives of Pamela and her team says far more about you than it does about her.
Sorry for the TL;DR but when I tell someone they have been a nasty, narrow-minded git, I don't tend to do it lightly.
to get from: "E-mail for 'groklaw.net' is hosted with Google"
to: "Pamela Jones is dishonest and full of shit"
requires two very large assumptions
No, it doesn't. It requires a serious comprehensive reading deficiency on your behalf. I simply stated that I didn't buy the argument because to me there was a disconnect between currently expressed sentiment and the long term facts. I made no assumptions (they are 100% yours, and you are thus responsible for your own defective conclusion), I merely stated that *I* did not buy the explanation because of the facts on display.
If there was something in the background, fine - but you have provided zero facts. Based on your approach to reasoning, I would be able to prove that you ritually burn children for breakfast because I can drag in all sorts of assumptions and then make statements about them in the manner you waffle on about a statement I made nor implied: Pamela Jones is dishonest and full of shit.
I never make such statements. They are emotional, not factual, idiotic and impolite.
I demonstrated a clear discrepancy, on the basis of which I flagged the reason stated as incongruent with the real world facts. If you don't like that, tough. Facts have an ugly habit of remaining facts, even if they not fit into your wishful thinking. You could have argued that this might not have been used in general, fine, but where is the evidence? Why is the only email address available the Gmail one? Why is there not even a public GPG key if everyone on the site is reasonably well technically versed? Strictly factual, the argument does not fit the facts. Simple, end of story. If you see that as a slight on PJ you really need to seek professional help.
Sorry for the TL;DR but when I tell someone they have been a nasty, narrow-minded git, I don't tend to do it lightly.
Sorry for the TL;DR, but if you insist on providing the evidence for your inability to read you deserve the feedback. Have a nice year, and please don't take your aura near anything important.
Groklaw is/was a truly brilliant site. The dedication shown by PJ is astonishing with time and attention to detail.
It was one of the few places that was able to counteract the shills like FossPatents spreading their FUD.
However shutting it down just allows a win for the companies that would love an dhave tried to have it shut down for years.
However, I just can't help feeling that this was an excuse rather than a reason to shut it down. PJ has been trying for a while to remove herself from Groklaw (and I really don't blame her, the work load must be tremendous). She 'resigned' a while ago but after protests it was taken over by Mark, but I'm guessing the demands of the site meant he couldn't continue with it, so PJ starting writing more and more articles for it again.
This is probably why the comments have been closed so there is no more "outcry". It's a shame for sure, and SCO isn't even finished yet, but it was way too much for one person.
It not that Mark was particularly deficient in anyway I think PJ just couldn't leave it alone - with Groklaw there it probably felt like a black hole continuously sucking her in.
The site desperately needs to keep going in some form or other but I cant blame here for getting out while she's still got some life left in her.
She has set the bar very high for anyone to follow and the shitty governments on either side of the pond are making it very difficult but there really is too much to lose here to make it not worth trying.
But how?
Yes, Groklaw has on many occasions exposed the dishonest and dishonourable in the software industry, and has been a vital source of education on such things as why software patents don't work and should not be allowed. PJ maintained very high standards of accuracy, integrity and general politeness, more so than any other blog that I have seen.
Right now I think there will be great merriment in Redmond and Cupertino, homes of two of the most corrupt and obnoxious abusers of the patent system and other laws. The rest of the world will be feeling a great loss, the end of an era.
A sad day indeed. Giving it all up for groklaw might be devastating and would eventually hurt free software and freedom in general. I don't know, perhaps it's just a momentary breakdown of Pamela, and she'll come back, but one should be certain that there will be plenty of partying going on around the world. NSA, Microsoft, Apple, Oracle and other patent trolls will sure chip in for the celebrations.
About the only thing email is good for now is sharing amusing pictures of cats.
Won't be long before the US catches up with the UK and installs more CCTV cameras.
Do CCTV cameras have sound recording? I can only assume that a huge network of microphones recording what people say will be next on the agenda.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
