Feeds

back to article Web giants cry foul over US gov's refusal to budge on NSA spy gag orders

Google, Microsoft, Yahoo! and Facebook are still fighting for permission to warn people who are under online surveillance, after their campaign for transparency was derailed by the US Department of Justice. The web giants had asked the DoJ to lift restrictions on alerting users when they are being snooped on by intelligence …

COMMENTS

This topic is closed for new posts.
Silver badge
Big Brother

Clash of the titans

The trillion dollar national security establishment versus the trillion dollar internet economy. And both include well-meaning big brother types. This might become quite interesting.

Popcorn, please!

3
1
Silver badge

Re: Clash of the titans

It would be except they're fighting over who gets to screw us.....

13
0
Silver badge

Re: Clash of the titans

Well, the Internet is basically "Bend Over" territory. If neither of them are doing it, it's someone else like the Chinese.

0
0
Anonymous Coward

Re: Clash of the titans

At least the Chinese aren't pretending they're not doing it, or attempt to keep up a myth of democracy to peddle their warez.

7
0
Bronze badge

Re: Clash of the titans

It's like Alien vs Predator.

Whoever wins... We lose.

4
0
MJI
Silver badge

Re: Clash of the titans

Well get Sigourney and Arnold in to help.

0
0

Lavabit keys

Lavabit was required to hand over the keys while they went after 1 account, Snowdens, and required to have a box on their network. The Judge was told the box would only record Snowdens account and everyone elses would be discarded, which might well be true....of the box.

i.e. Lavabit's transparency report would say "1 request about 1 account".

But the NSA has the backbone tapped, and it keeps all encrypted traffic for when it can get the keys. The NSA also is the technical center for this tapping. So it *would* get the keys.

So in reality, by giving them the keys, you gave them every past and present Lavabit users account. The box isn't needed because the backbone tap provides the data and they have all the encrypted emails on file.

So suppose the Fed did agree to release the warrants, there would be large blacked out bits to hide the key requests (Lavabit could hardly have been the first, they have the boxes already, so there must be a system of grabbing the keys for these boxes and many boxes on many US networks).

So the release would shed more light on this practice, which is enlightening for the judges I think, because I suspect they've been duped as to the 'narrow' nature of these taps. As well as enlightening Congress and Senate.

9
0
Silver badge
Joke

Re: Lavabit keys

I wonder what the NSA would have done had Lavabit provided Snowdens key in clear (digitally I mean - not the paper trick :) ) and included all the others but redacted them?

What's good for the goose etc.

NSA, you are a bunch of <redacted> <redacted>.

or perhaps that would read better as..

NSA, <redacted> <redacted> <redacted> <redacted> <redacted> fucking cunts.

2
0
Silver badge
Happy

Poetic justice would be....

If the NSA created "corporate profiles" for each of these companies and treated those the way that these companies treat user profiles.

"We've changed our corporate profile privacy settings. You can change these settings, but different privacy aspects are controlled by three different spots on our website. In the meantime, we've changed your profile settings to our default levels--full government access." :)

(More seriously though, I hope these companies can make some headway.)

1
0
Silver badge

StartMail Beta

I got my email today that the StartMail beta is about to launch. Should be interesting, the email says:

"The revelations this summer of NSA spying through the PRISM program prompted us to add even more features to our already rock-solid privacy."

Features of StartMail are supposed to be:

- fully-encrypted user vault,

- protection of perfect forward secrecy and transport layer security,

- state-of-the-art SSL encryption,

- email provider based in the Netherlands, outside of US jurisdiction

1
0
Silver badge

Re: StartMail Beta

To each point, I challenge:

- Who keeps the keys to the user vault? You and you alone? Remember, a master key was what nailed Lavabit.

- Neither forward secrecy nor TLS can do much against cryptanalysis: attacks on the PROTOCOLS using side-channel techniques. That's what led to BEAST and all the other secure-channel attacks.

- Again, the spooks are targeting the protocols, not the keys. IOW, they're not trying to get a key to copy; they're trying to secretly cut a way through the wall.

- May not be good enough. As noted, the NSA can already possess international shared-secret agreements with other nations. That can include the EU at large, of which the Netherlands is a member. Either that or the NSA can compromise those countries even against their wishes. I'm inclined to think the ONLY countries the NSA can't tap in some way are countries that are in turn beholden to ANOTHER, anti-Western state spook authority like the Russians or the Chinese.

2
0
Anonymous Coward

Re: StartMail Beta

To each point, I challenge:

- They have their core DNS records in the US (GoDaddy registration, DNS geo-locates to Manchester, US). In other words, if anyone wants to grab that traffic they're already set up for a MITM attack.

- The company appears to be in the Netherlands, which is not exactly the most benevolent country when it comes to wiretapping. I found their national security services to be rather aggressive - no idea how they behave in relation to following the law, though (haven't had time to dig deeper).

- Storage encryption is actually a problem rather than a solution. If a company supplies the means to encrypt, it can be legally forced to undo that (which makes it pointless), or be told close shop (which then hurts every client they have) - it's only if the CLIENTS encrypt (like you'd do before you go near any cloud service) that you're home free as a provider. An alternative route to that is to use software which the clients can get from anywhere like Open Source derived code, so being forced to supplying a version with a backdoor would be pointless. The UK Regulation of Investigative Powers Act is in that respect actually clearest, but I would suspect the Netherlands have an equivalent as it is derived from EU provided models.

In this last context, trying to bypass local laws or telling people they don't apply (which is really what Lavabit and Silent Circle were doing - it's not like US intercept laws have only sprung up in the last few years) means that you're quite simply lying to your clients. Call me picky, but I don't consider that the best starting point for selling protection.

2
0
Anonymous Coward

[REDACTED]

The [REDACTED] [REDACTED] [REDACTED] fluffy bunny [REDACTED] [REDACTED] [REDACTED] [REDACTED]cucumber [REDACTED] over 16 [REDACTED] [REDACTED] [REDACTED] [REDACTED] or else.

6
0

These companies were complicit all the way, and are now covering their asses.

2
4
Anonymous Coward

I read somewhere it's actually worse, apparently they actually pushed for some of those laws. Oops.

0
3
Anonymous Coward

Ooh, ooh, me too!

Yeah, I read somewhere that they fucked my dog! Bastards!

4
0

Re: Ooh, ooh, me too!

No, that was me. Sorry.

(In my defence, it's a pretty sexy dog...)

9
0
Anonymous Coward

I read somewhere it's actually worse

Umm, yes, since then caffeine has found its way into my blood stream, so I found the "somewhere". Well, duh. Serves them right IMHO.

1
0
Anonymous Coward

Legal Mafia

There is no stopping them anymore, they will only try to make it even more secret.

SO!!!!! When the governments have enough data on all the big & small companies (Google & MS etc. included) on how they conduct their tax avoidance dances & other evil & when they find other suitable people to shake down, then the real fun will start.

The LEGAL MAFIA will make this world hell on earth for those who are still here.

Blackmail (or Tax Collection as we now know it) will be the most efficient then.

In the very near future as young ones grace this planet their DNA & finger prints will be taken for future reference. OH THE POWER.....

I'm only glad it wont be in my life time. I HOPE!!!!!!!

Cesar you were a real prick for starting this.

0
3
Gold badge
Unhappy

A secret opinion issued by a court meeting in secret about secret warrants with a gag order

The only way that gets changed is if the law FISA operates under gets changed, as (IIRC) it was a lot by various clauses in THE PATRIOT Act.

Americans. How does this equate to the principles of democracy you are familiar with?

6
0
Silver badge
Devil

Re: A secret opinion issued by a court meeting in secret about secret warrants with a gag order

"It's fine! They are only listening to foreigners, not us. Or really really bad Americans. And anyway, we're the good guys."

9
0
Anonymous Coward

Re: A secret opinion issued by a court meeting in secret about secret warrants with a gag order

Ironically, that seems to be the exact attitude. In the US; they have indeed managed to frame the debate so that every time you question these laws you're automatically ranked as bad guy. They really, really have come off the rails there.

4
0
Bronze badge
FAIL

Re: A secret opinion issued by a court meeting in secret about secret warrants with a gag order

Why do you assume we Americans are familiar with the principles of democracy?

We've not practiced it since the days of the smoke-filled back rooms and the truck (lorry) loads of cash passing through the back doors. America has long lived by the golden rule*.

If you think it is fun now, just wait until that big-eared, dark-complected person who currently resides in the White House is replaced by a more extreme, fascist-leaning chap with Tea Party affiliations. Several candidates come to mind. Ted Cruz is one. (A pity that he'll never be able to travel abroad; he still believes the 'round earth' theory is so much scientific deception. Those 'photos from space' were filmed in a secret warehouse in the Nevada desert.)

NSA/CIA violations of the Constitution and their Congressional mandate is really nothing new. J. Edgar and his FBI set the standard many years ago; we're just seeing the extension of that practice. To oppose the NSA/CIA intelligence gathering mission is to weaken America's national security. So reads the Gospel of St. Vigilant.

Trust US. We're the good guys.

(* He who has the gold, rules.)

5
1
Bronze badge

I feel sorry for the CIA and NSA

According to the Onion, they have only just realised they have been using black highlighters on documents for years…

6
0
Bronze badge

Re: I feel sorry for the CIA and NSA

"they have only just realised they have been using black highlighters on documents for years…"

Every Parent can sympathize ... but apparently the NSA and the CIA did not even know they had a two year old in the House (let alone 435 of them), a hundred more in the Senate and one in the White House.

You didn't see Mary Poppins letting the little monsters play with black highlighters, did you ? A spoonful of sugar makes the Laudanum go down, sing it with me ....

0
0
Bronze badge

Why not submit

Another heavily redacted document with the opposite conclusion at the bottom. Heck you don't even have to write it...

4
0
Bronze badge

"permission to warn people who are under online surveillance"

isn't that everyone?

2
0
Bronze badge
Angel

The US is a country steeped in commerce

The US is a country steeped in commerce. When the bottom line falls and it's measurably attributable to the NSA then legislators will legislate.

If they don't then it'll be the first time in history.

2
0

Yea, it's all fine, but let one person spy on them and it's off to war they go!

5
0
Big Brother

Google et al need not warn you per se, they can instead choose which adverts to display inline with / alongside your mail, and if it was an advert for FB I /CIA / NSA or other TLA i'm sure you'd get the drift.

2
0
Anonymous Coward

That's so kool...

Yeh!!! put a little ad,, join the CIA or NSA now..

O a advert about X-Rays or mirrors...NICE lol

0
0
Anonymous Coward

3 to tango

"but let one person spy on them and it's off to war they go!"

I think i read somewhere it requires 3 confirmed spying nations,,,,we already have CHINA confirmed.

Now if NORTH KOREA & IRAN were to be confirmed then the spooks would feel justified to start the next WW.

How F**K*D up is that,,,or me for even thinking that..

HHHMMNN???? I guess i need a new tin foil hat.

0
0
Anonymous Coward

Bloodbath

Wow. May you live in interesting times.... The privacy issue is definitely becoming overshadowed by the only thing America truly cares about... the bottom line. The whistle-blowing privacy war has morphed into a hotbed credibility war, with the creditability of US corps now open to question. So Google, Facebook, Yahoo, MS et al are worried that their tech empires are threatened. There'll be some heated conversations going on behind closed doors I imagine.... After all politicians set policy and policy sets NSA behaviour. But Lobby groups set policy too by buying their own politicians. This could lead to a bloodbath...

0
0
This topic is closed for new posts.