{"id":39477,"date":"2014-02-10T13:34:52","date_gmt":"2014-02-10T13:34:52","guid":{"rendered":"http:\/\/www.transcend.org\/tms\/?p=39477"},"modified":"2015-05-05T22:11:07","modified_gmt":"2015-05-05T21:11:07","slug":"judges-poised-to-hand-u-s-spies-the-keys-to-the-internet","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2014\/02\/judges-poised-to-hand-u-s-spies-the-keys-to-the-internet\/","title":{"rendered":"Judges Poised to Hand U.S. Spies the Keys to the Internet"},"content":{"rendered":"
\"Image:<\/a>

Image: Simon Greig\/Flickr<\/p><\/div>\n

How does the NSA get the private crypto keys that allow it to bulk eavesdrop on some email providers and social networking sites? It\u2019s one of the mysteries yet unanswered by the Edward Snowden leaks. But we know that so-called SSL keys are prized by the NSA \u2013 understandably, since one tiny 256 byte key can expose millions of people to intelligence collection. And we know that the agency has a specialized group that collects such keys by hook or by crook. That\u2019s about it.<\/p>\n

Which is why the appellate court challenge pitting encrypted email provider Lavabit against the Justice Department is so important: It\u2019s the only publicly documented case where a district judge has ordered an internet company to hand over its SSL key to the U.S. government \u2014 in this case, the FBI.<\/p>\n

If the practice \u2014 which may well have happened in secret before \u2014 is given the imprimatur of the U.S. 4th Circuit Court of Appeals, it opens a new avenue for U.S. spies to expand their surveillance against users of U.S. internet services like Gmail and Dropbox. Since the FBI is known to work hand in hand with intelligence agencies, it potentially turns the judiciary into an arm of the NSA\u2019s Key Recovery Service<\/a>. Call it COURTINT.<\/p>\n

Oral arguments in the Lavabit appeal were heard by a three-judge panel in Richmond, Virginia last week. The audio<\/a> (.mp3) is available online (and PC World covered it<\/a> from the courtroom). It\u2019s clear that the judges weren\u2019t much interested in the full implications of Lavabit\u2019s crypto key breach, which one of the judges termed \u201ca red herring.\u201d<\/p>\n

\u201cMy fear is that they won\u2019t address the substantive argument about whether the government can get these keys,\u201d Lavabit founder Ladar Levison told WIRED after the hearing.<\/p>\n

The case began in June, when Texas-based Lavabit was served with a \u201cpen register\u201d order requiring it to give the government a live feed of the email activity on a particular account. The feed would include metadata like the \u201cfrom\u201d and \u201cto\u201d lines on every message, and the IP addresses used to access the mailbox.<\/p>\n

Because pen register orders provide only metadata, they can be obtained without probable cause that the target has committed a crime. But in this case the court filings suggest strongly that the target was indicted NSA-leaker Edward Snowden, Lavabit\u2019s most famous user.<\/p>\n

Levison resisted the order on the grounds that he couldn\u2019t comply without reprogramming the elaborate encryption system he\u2019d built to protect his users\u2019 privacy. He eventually relented and offered to gather up the email metadata and transmit it to the government after 60 days. Later he offered to engineer a faster solution. But by then, weeks had passed, and the FBI was determined to get what it wanted directly and in real time.<\/p>\n

So in July it served Levison with a search warrant striking at the Achilles heel of his system: the private SSL key that would allow the FBI to decrypt traffic to and from the site, and collect Snowden\u2019s metadata directly. The government promised it wouldn\u2019t use the key to spy on Lavabit\u2019s other 400,000 users,\u00a0which the key would technically enable them to do.<\/p>\n

The FBI attached a Carnivore<\/a>-like monitoring system at Lavabit\u2019s upstream provider in anticipation of getting the key, but Levison continued to resist, and even flew from Texas to Virginia to unsuccessfully challenge the order before U.S. District Judge Claude Hilton.<\/p>\n

Levison turned over the keys as a nearly illegible computer printout<\/a> in 4-point type. In early August, Hilton \u2013 who once served on the top-secret FISA court \u2013 ordered Levison again to provide them in the industry-standard electronic format, and began fining him $5,000 a day for noncompliance. After two days, Levison complied, but then immediately shuttered Lavabit altogether. Levison is appealing the contempt order.<\/p>\n

The SSL key is a small file of inestimable importance for the integrity of a website and the privacy of its users. In the wrong hands, it would allow malefactors to impersonate a website, or, more relevantly in this case, permit snoops to eavesdrop on traffic to and from the site. Levison says he was concerned that once the government had his SSL key, it would obtain more secret warrants to spy on his users, and he would have no opportunity to review or potentially challenge those warrants.<\/p>\n

\u201cThe problem I had is that the government\u2019s interpretation of what\u2019s legal and what isn\u2019t is currently at its apex, in terms of authority and scope,\u201d Levison says. \u201cMy concern is that they could get a warrant \u2013 maybe a classified warrant \u2013 that I wouldn\u2019t even have knowledge of, much less the opportunity to object to \u2026 My responsibility was to ensure that everybody else\u2019s privacy was protected.\u201d<\/p>\n

That was Levison\u2019s thinking even before Snowden\u2019s revelations showed us how pervasive and ambitious the NSA\u2019s internet monitoring has become.<\/p>\n

The judges in last week\u2019s 4th Circuit hearing, though, weren\u2019t interested in hearing about encryption keys. At one point, Judge Paul Niemeyer apologetically interrupted Levison\u2019s attorney as soon as raised the subject, and made it clear that he accepted the government\u2019s position that the FBI was only going to use the key to spy on the user targeted by the pen register order.<\/p>\n

\u201cThe encryption key comes in only after your client is refusing to give them the unencrypted data,\u201d Niemeyer said. \u201cThey don\u2019t want the key as an object. They want this data with respect to a target that they\u2019re investigating. And it seems to me that that\u2019s all this case is about and its been blown out of proportion by all these contentions that the government is seeking keys to access others people\u2019s data and so forth.\u201d<\/p>\n

\u201cThere was never an order to provide keys until later on, when [Levison] resisted,\u201d Niemeyer added later in the hearing. \u201cEven then, the government was authorized to use the key only with respect to a particular target.\u201d<\/p>\n

On that last point, Judge Niemeyer is mistaken. Neither the July 16 search warrant nor the August 5 order imposing sanctions placed any restrictions on what the government could do with the key. Without such a protective order, there are no barriers to the FBI handing the key over to the NSA, says a former senior Justice Department attorney, speaking to WIRED on condition of anonymity.<\/p>\n

\u201cYou sometimes see limitations, or what\u2019s referred to as minimization procedures: The government can only use this for the following purpose. There\u2019s nothing like that here,\u201d says the former official. \u201cI\u2019d say this is a very broad order. Nothing in it would prevent the government from sharing that key with intelligence services.\u201d<\/p>\n

The FBI\u2019s relationship with the NSA is close \u2013 the FBI receives 1,000 tips a year from the NSA\u2019s bulk telephone metadata collection; the bureau\u2019s Data Intercept Technology Unit in Quantico, Virginia channels PRISM<\/a> data to NSA headquarters in Ft. Meade from Silicon Valley. Presumably the two agencies are even closer on the matter that brought the FBI to Lavabit.<\/p>\n

By shutting down Lavabit, Levison obviously thwarted prospective surveillance efforts. But we know \u2013 again, thanks to Snowden \u2013 that the agency sometimes collects encrypted data that it can\u2019t crack, in the hope of getting the key later.<\/p>\n

\u201cWe know from the minimization rules that are out that if they collect encrypted information they\u2019re allowed to keep it indefinitely,\u201d says Jennifer Granick, Director of Civil Liberties at the Stanford Center for Internet and Society. \u201cThat\u2019s exactly why the Lavabit case is so important.\u201d<\/p>\n

If NSA did collect Lavabit traffic, \u00a0users who checked their email using Safari or Internet Explorer are theoretically compromised now. That\u2019s because\u00a0Lavabit failed to preference the full suite of encryption algorithms that provide \u201cperfect forward secrecy,\u201d\u00a0which generates a temporary key for every session, making both passive eavesdropping and retrospective cryptanalysis unlikely. Firefox and Chrome users should not be similarly vulnerable.<\/p>\n

If it wasn\u2019t collecting Lavabit traffic already, it\u2019s safe to assume the NSA began doing so when Snowden revealed himself as the NSA leaker in early June.<\/p>\n

The NSA could not legally target U.S. citizens or legal residents without first getting a specific warrant from the Foreign Intelligence Surveillance Court. But non-U.S. Lavabit users would be fair game.<\/p>\n

Levison flew back to Texas on Friday to await the 4th Circuit\u2019s ruling and continue work on his new initiative: a surveillance-resistant email infrastructure called Dark Mail. He notes that one possible \u2013 even likely \u2013 outcome of the case is that the appeals court rules against him on a technicality. Some of his lawyer\u2019s arguments weren\u2019t clearly raised below in front of Judge Hilton. The court could find that those arguments are forfeit now, and leave the substantive issues undecided.<\/p>\n

Pragmatically, that could be the best outcome, given the panel\u2019s hostility to the encryption question and its faith in the government\u2019s honesty. But Levison would prefer to lose on the substantive issue and continue the fight all the way to the Supreme Court. If the 4th Circuit doesn\u2019t decide one way or the other, other U.S. internet companies won\u2019t know where they stand when the government comes for their keys. The cloud of distrust that\u2019s gathered over U.S. companies in the contrail of the NSA revelations will grow even darker.<\/p>\n

\u201cIt\u2019ll leave this issue completely in limbo, with no end in sight,\u201d Levison says. \u201cSo how is the industry going to handle that? They\u2019ll have to wait years for somebody else to come along who\u2019s willing to stand up and say, \u2018no,\u2019 and take the government back to court.\u201d<\/p>\n

_________________________<\/p>\n

Kevin Poulsen is the investigations editor at Wired and author of <\/i>Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground<\/a> (Crown, 2011). His PGP fingerprint is A4BB A435 2FE1 B4A8 46E1 7AF6 DA4B 5DFA FF09 4870<\/a><\/i>. Read more by Kevin Poulsen<\/a><\/i><\/p>\n

Go to Original \u2013 wired.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

How does the NSA get the private crypto keys that allow it to bulk eavesdrop on some email providers and social networking sites? It\u2019s one of the mysteries yet unanswered by the Edward Snowden leaks.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[],"class_list":["post-39477","post","type-post","status-publish","format-standard","hentry","category-whistleblowing-surveillance"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/39477","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=39477"}],"version-history":[{"count":0,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/39477\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=39477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=39477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=39477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}