Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

CryptoSeal Shuts Down Consumer VPN Service To Avoid Fighting NSA

Soulskill posted about 9 months ago | from the another-one-bites-the-dust dept.

Encryption 361

sl4shd0rk writes "CryptoSeal Privacy, a VPN provider, has closed down its consumer VPN service. The company says it has zeroed its crypto keys, adding, 'Essentially, the service was created and operated under a certain understanding of current U.S. law, and that understanding may not currently be valid. As we are a US company and comply fully with U.S. law, but wish to protect the privacy of our users, it is impossible for us to continue offering the CryptoSeal Privacy consumer VPN product.' The announcement ends with a warning: 'For anyone operating a VPN, mail, or other communications provider in the U.S., we believe it would be prudent to evaluate whether a pen register order could be used to compel you to divulge SSL keys protecting message contents, and if so, to take appropriate action.' Sounds like another victim of FISA-endorsed NSA activity."

cancel ×

361 comments

Sorry! There are no comments related to the filter you selected.

This NSA crap is much too much, and ungentlemanly (5, Interesting)

Austrian Anarchy (3010653) | about 9 months ago | (#45195317)

Back in the old spy days, the gentlemanly thing to do was crack the other guy's encryption, NOT beat his keys out of him. This is just cheating, pure and simple.

ITS THE FUCKING TRUTH YOU MOTHER FUCKERS (-1, Troll)

Anonymous Coward | about 9 months ago | (#45195403)

Blacks are inferior as a group.

Look at the way [waff.com] all of the blacks just go apeshit so to speak [myfoxatlanta.com] over a bunch of fucking sneakers of all things [wdrb.com] !

Then ask yourself why white people don't riot over the latest Apple gadget even though they gather in large crowds waiting for them. I mean an objective person might think whites are more civilized!

Oh does anyone remember when the blacks rioted like crazy [scotsman.com] after Hurricane Katrina? Isn't it JUST A LITTLE STRANGE the way white people in Colorado banded together and helped each other [usatoday.com] when they were hit with a natural disaster instead of rioting and looting [usatoday.com] like the blacks did? I mean an objective person might think whites are more civilized! [blogspot.com]

Oh and blacks are responsible for nearly all the murders in Marion County [blogspot.com] ! That is what you would expect from a violent tribal uncivilized race.

Interesting when a black man admits blacks are to blame [vdare.com] for the hellhole that is (86% black) Jackson Mississippi? Quote: "Look at recent history, like in South Africa, when apartheid was abolished,” Lambus said in a recent interview with The Associated Press. “Blacks went on a crime spree.""

It goes on and on. Probably no point in posting this since people who are objective already understand the destruction and violence and cost blacks bring anytime they are abundant. It is not just USA. All over the world black-governed nations are hellholes. But objective people knew this. It is the people indoctrinated to believe that acknowledging FACTS is somehow "racist" who just can't admit it. None are so blind as those who will not see.

Re:This NSA crap is much too much, and ungentleman (2, Funny)

Anonymous Coward | about 9 months ago | (#45195489)

>NOT beat his keys out of him

Are you telling me TV has lied to me ALL this time?

This... this changes everything. My entire life needs to be re-evaluated.

Re:This NSA crap is much too much, and ungentleman (4, Funny)

liquidpele (663430) | about 9 months ago | (#45195583)

Re:This NSA crap is much too much, and ungentleman (5, Insightful)

asmkm22 (1902712) | about 9 months ago | (#45195897)

The end result seems to be in line with general terrorism. Cause enough fear and confusion in your enemy until they change or give up.

Re:This NSA crap is much too much, and ungentleman (4, Insightful)

Darinbob (1142669) | about 9 months ago | (#45196345)

Old spies were Sean Connery. New spies are Daniel Craig.

Time to start (5, Interesting)

ugen (93902) | about 9 months ago | (#45195319)

Sounds like it's high time time to start a VPN provider in SeaLand (or what do we have left that's not firmly in jurisdiction of governments with grubby hands and long noses)?

Re:Time to start (3, Informative)

Austrian Anarchy (3010653) | about 9 months ago | (#45195405)

Sounds like it's high time time to start a VPN provider in SeaLand (or what do we have left that's not firmly in jurisdiction of governments with grubby hands and long noses)?

Perhaps your solution lies on a "pirate" data boat on the high seas?

Re:Time to start (-1)

Anonymous Coward | about 9 months ago | (#45195439)

Yeah, why don't you get on that. I'm so sick of hearing about how everyone is going to run off to SeaLand.
 
Put your money where your mouth is or shut the fuck up, asshat.

Re: Time to start (0)

Anonymous Coward | about 9 months ago | (#45195449)

You don't necessarily need ones without grubby hands; you just need a couple jurisdictions that are relatively uncooperative with one another. China will sell you out but probably won't respect US NSLs. So some subcontractor will have to bribe them. Suddenly it gets expensive to see your ciphertext where TA then determines it's likely just a loveletter.

Re: Time to start (2, Interesting)

Anonymous Coward | about 9 months ago | (#45195587)

Looks like Brazil is growing a pair.

Re:Time to start (4, Funny)

dmbasso (1052166) | about 9 months ago | (#45195537)

Will you let the Seamen manage your VPN? Be careful of backdoors!

Re:Time to start (1, Insightful)

Anonymous Coward | about 9 months ago | (#45195577)

You ain't going to do anything. Just shut the fuck up and go back to dreaming about doing something in the face of tyranny.

Re:Time to start (-1)

Anonymous Coward | about 9 months ago | (#45195645)

fuck you all

Re:Time to start (-1)

Anonymous Coward | about 9 months ago | (#45195663)

Including you

Re:Time to start (-1)

Anonymous Coward | about 9 months ago | (#45195653)

Obese, pimpy, basement-dwelling libertardians like the GP truly are hilarious. I'm surprised he didn't throw out the "tree of liberty" quote as well. Basically, yeah, he's a pussy who wants everyone else to do the fighting while he shoves bag after bag of cheetos and totino's pizza rolls down his gullet while wanking to his furry porn.

Re:Time to start (0)

Anonymous Coward | about 9 months ago | (#45195667)

Or get a VPN provider started on Native Reserve.

Re:Time to start (5, Insightful)

PopeRatzo (965947) | about 9 months ago | (#45196043)

Sounds like it's high time time to start a VPN provider in SeaLand

This, though maybe not in SeaLand.

The first country that offers verifiably secure email and VPN services to the world will enjoy an economic boom and the love of billions. And if it's a country like Iceland, it could go a long way toward making them wealthy. And if the US decides to invade Iceland, then at least the gloves can come off and the world can declare the United States a rogue state. But I don't see that happening, because at some point, if the rest of the world really starts to turn sour on the US, you'll start to see things change over here. But as long as we have to cover of the EU and Asia as our allies, the US spymasters can pretend that all is well. But with every week there's a new revelation about a president of a free country having their email hacked by the NSA, maybe we're closer to a worldwide shunning than we think.

I'd gladly pay for secure email that I knew was beyond the reach of the upskirting creeps in the NSA. And I would love to be able to pay a place like Iceland, Finland, etc for that privilege.

No one who values freedom, economic, social or just the freedom to not be watched, should be quiet about this. Me, I've become a one-issue voter thanks to the revelations about what the NSA is up to. Any legislator who voted against reining in those bastards is now on my list to support any opponent who will vote to put a stop to ubiquitous surveillance in the US.

Sorry... (4, Insightful)

Anonymous Coward | about 9 months ago | (#45195325)

You are not going to have much advanced IT business left over there soon if this goes on.

Re:Sorry... (5, Interesting)

ObsessiveMathsFreak (773371) | about 9 months ago | (#45195567)

You are not going to have much advanced IT business left over there soon if this goes on.

I think we are witnessing the (not very) slow disintegration of the principals and reality of the American Internet. Whether the internet itself will survive this is another matter.

Re:Sorry... (4, Interesting)

ColdWetDog (752185) | about 9 months ago | (#45195679)

We all knew this would happen. As soon as the government saw that the Internet was an opportunity and / or threat, they would work to get it under their control. Actually took them a bit longer than I expected, although the NSA-style snooping has likely gone on longer than we realize.

Nothing to see here, move along.

Re:Sorry... (5, Insightful)

houstonbofh (602064) | about 9 months ago | (#45195827)

Nothing to see here, move along.

Plenty to see here. Mainly, that businesses now have yet another reason to offshore.

Re:Sorry... (0)

Anonymous Coward | about 9 months ago | (#45196359)

The bonus for conservative Republicans is that they can pass legislation like CISPA and then claim all the companies are leaving because of environmental laws. It's a two-for-one deal, get the police state they dream of along with killing environmental and safety regulations.

Re:Sorry... (2)

JoeMerchant (803320) | about 9 months ago | (#45196109)

It wouldn't be NSA style if you realized it was going on....

Re:Sorry... (-1)

Anonymous Coward | about 9 months ago | (#45195851)

How, exactly, is this different than your government? Yes, with a warrant they can demand crypto keys. Just like your country.

Re:Sorry... (5, Informative)

Fjandr (66656) | about 9 months ago | (#45196035)

It's a secret warrant issued by a secret court, binding the recipient to secrecy under pain of imprisonment, and with no way to contest the warrant. And since it's the NSA, you can't even see evidence used against you because it's obviously in regards to national security...even if it isn't.

Re:Sorry... (0)

Anonymous Coward | about 9 months ago | (#45196145)

It's a secret warrant issued by a secret court, binding the recipient to secrecy under pain of imprisonment, and with no way to contest the warrant. And since it's the NSA, you can't even see evidence used against you because it's obviously in regards to national security...even if it isn't.

You didn't answer the question.

SubjectsInCommentsAreStupid (3, Insightful)

lesincompetent (2836253) | about 9 months ago | (#45195349)

I hope that when american corporations start seeing their customers scared away by this 1984 crap they'll turn their lobbying powers to reverse the trend.
Isn't this how politics work in the US, the country that legalized bribery?

Re:SubjectsInCommentsAreStupid (1)

Anonymous Coward | about 9 months ago | (#45195511)

Not that many customers are going to be scared off.
Most people don't care about the NSA reading their data.
Businesses care about competitors reading their data, not the NSA.

Re:SubjectsInCommentsAreStupid (1)

lesincompetent (2836253) | about 9 months ago | (#45195521)

Tell that to Airbus.

Re:SubjectsInCommentsAreStupid (1)

AHuxley (892839) | about 9 months ago | (#45195673)

http://en.wikipedia.org/wiki/Lockheed_bribery_scandals [wikipedia.org]
Think how this could have all not made the press and the NSA could be optically "above such things".
RE "Most people don't care about the NSA reading their data." so your rights dont protect as much until your a member of the press or a political leader asking questions :)

Re:SubjectsInCommentsAreStupid (1)

Bovius (1243040) | about 9 months ago | (#45195601)

Not that many customers are going to be scared off.
Most people don't care about the NSA reading their data.
Businesses care about competitors reading their data, not the NSA.

This, sadly. I wish the general public could be bothered with this, and I also wish we could point to one particular distraction as the culprit, like Jersey Shore or the fact that we haven't been able to run a planned government budget since 1997, but the NSA issue is a particularly bad symptom of a larger problem.

Actually, that budget thing sounds pretty bad.

Re:SubjectsInCommentsAreStupid (5, Insightful)

jschrod (172610) | about 9 months ago | (#45195631)

For European companies, the NSA reading their data equals their competitors reading their data. This has been known here since at least the early 90s, when Echolon data was used for commercial advantage of US companies.

Some European companies really don't care. But some do. That's why there was always a healthy mistrust in competetive European companies concerning their crucial data out of house, and why cloud computing has a slower uptake here than in the US. (Their unimportant data, they could care less about, even if it's personal data and against the EU privacy laws. That's life.)

Re:SubjectsInCommentsAreStupid (0)

Anonymous Coward | about 9 months ago | (#45195823)

Echolon data was used for commercial advantage of US companies.

[citation needed]

Re:SubjectsInCommentsAreStupid (0)

cold fjord (826450) | about 9 months ago | (#45195861)

For European companies, the NSA reading their data equals their competitors reading their data. This has been known here since at least the early 90s, when Echolon data was used for commercial advantage of US companies.

That isn't really true.

Why We Spy on Our Allies [cryptome.org] - By R. James Woolsey, former Director of CIA

Re:SubjectsInCommentsAreStupid (4, Insightful)

ewibble (1655195) | about 9 months ago | (#45196313)

So you are going to believe the former director of a spy agency?

Re:SubjectsInCommentsAreStupid (2)

AK Marc (707885) | about 9 months ago | (#45196317)

They talk about how European stuff is more expensive and lower quality than US, and we only watch them because they bribe everyone, and we are trying to level the playing field. I guess that's why when Chrysler build a sports car around their V10 truck engine, they bought off-the-shefl brake systems from Bosch (German), because they didn't know how to make brakes themselves (having been sentenced to a Chrysler LeBaron convertible by family, I can believe it).

Airbus and the automakers are at least as advanced. Some of the networking gear from Israel is better than most US gear. There are lots of examples of friends who have at least something that's better than what we have.

Re:SubjectsInCommentsAreStupid (0)

Anonymous Coward | about 9 months ago | (#45196297)

For European companies, the NSA reading their data equals their competitors reading their data. This has been known here since at least the early 90s, when Echolon data was used for commercial advantage of US companies.

And non-US countries have all been helped by non-US intelligence agencies for commercial advantage as well.

France has been a well-known example of using industrial espionage. Do we need to mention China at all?

I don't particularly like it either (and consider it "cheating" if you can't come up with your own ideas), but the main difference is that the NSA has simply been caught in a more red-handed fashion at the moment.

(Though the NSA is going farther and gathering data on "regular" folks as well, and not just companies and governments.)

Re:SubjectsInCommentsAreStupid (-1)

Anonymous Coward | about 9 months ago | (#45195967)

There are a lot of businesses facing major losses because their rivals can say, "We are NSA free" and get a contract over their US counterparts.

It isn't the US businesses, it is the anti-US sentiment building worldwide as the Guardian keeps the US hate stoked with daily revelations.

Of course, the US isn't the only person in that game... they were the ones that got caught. However, it is costing companies billions because their foreign counterparts might be spied on by other nations... but it ain't the NSA, so all is good.

So, US businesses DO care, and a lot of them are ending up working out of Ireland or other places. I'm pondering a Hong Kong drop because a VC told me that it would get my startup taken seriously.

Re:SubjectsInCommentsAreStupid (1)

alexgieg (948359) | about 9 months ago | (#45196101)

There are a lot of businesses facing major losses because their rivals can say, "We are NSA free" and get a contract over their US counterparts.

Literally true. Here in Brazil at leas one major business ISP is constantly advertising something like this: "In these times of espionage come to ${ISP_NAME} and be protected from international spies! Here your e-mail can be this and that and blah-blah-blah!" (The features listed have nothing to do with actually protecting the data, but clueless business people won't notice.)

I have no idea what the numbers are, but at the very least Google's Brazilian branch must be feeling the heat.

Re:SubjectsInCommentsAreStupid (0)

Anonymous Coward | about 9 months ago | (#45196199)

There are a lot of businesses facing major losses because their rivals can say, "We are NSA free" and get a contract over their US counterparts.

That's because people are idiots. You're running away from the large, obvious bear right into a pack of rabid wolves.

It isn't the US businesses, it is the anti-US sentiment building worldwide as the Guardian keeps the US hate stoked with daily revelations.

Again, because people are idiots and don't have the mental ability to focus on more than one opponent at a time, or understand complex issues which involve more than one variable.

I'm pondering a Hong Kong drop because a VC told me that it would get my startup taken seriously.

Case in point. You're avoiding the US agency which is operating on the shady side of the law, in favor of a country which does just as much, and more, fully legally.

Playing devil's advocate... (1)

Antony T Curtis (89990) | about 9 months ago | (#45195373)

I wonder what the public reaction would be if some pro-democracy dissident who is operating covertly in their own hostile country is murdered and the country gives a press release saying that they couldn't have found their criminal if it wasn't for the help of the NSA compromising internet security...

Does that put the NSA/FISA on the side of dictatorships and other anti-freedom nations?

Re:Playing devil's advocate... (0)

cold fjord (826450) | about 9 months ago | (#45195455)

Since you are making up imaginary circumstances to achieve your desired outcome, how do you know the space aliens didn't intervene to help the hostile country? Does that make the hostile country just a pawn of the space aliens?

Re:Playing devil's advocate... (1)

Qzukk (229616) | about 9 months ago | (#45195545)

imaginary circumstances

What imaginary circumstances? That some guy in Hong Kong might log into the NSA, download all of their back door documentation, and start using that information for their own gain?

No, it makes you a pro-democracy dissident. (0)

Anonymous Coward | about 9 months ago | (#45195475)

This is why I always clear communication with my family and the world with the NSA first.

Re:Playing devil's advocate... (1)

Desler (1608317) | about 9 months ago | (#45195703)

No, it simply means they used the wrong means to get a positive end. No different than cops planting evidence and beating a suspect to catch the real criminal in a case.

Re:Playing devil's advocate... (1)

AHuxley (892839) | about 9 months ago | (#45195733)

Re side of dictatorships and other anti-freedom nations?
http://www.zerohedge.com/contributed/2013-10-17/apologist-assassination-americans-be-named-new-homeland-security-chief [zerohedge.com]
Guess your may find out that the terms "pro-democracy", "dissident" and "internet security" means legally speaking soon :)

Re:Playing devil's advocate... (1)

eyegone (644831) | about 9 months ago | (#45196091)

I wonder what the public reaction would be if some pro-democracy dissident who is operating covertly in their own hostile country is murdered and the country gives a press release saying that they couldn't have found their criminal if it wasn't for the help of the NSA compromising internet security...

It depends. Is American Idol on that night?

DoS? (4, Interesting)

dex22 (239643) | about 9 months ago | (#45195381)

What is to stop the NSA doing a form of DoS attack on these types of services by demanding keys, and giving the services little option but to shut down?

The effect of this is to remove secure competitors from the market and force users onto pre-compromised services.

Re:DoS? (5, Insightful)

LordLucless (582312) | about 9 months ago | (#45195477)

The effect of this is to remove secure competitors from the market and force users onto overseas services.

Fixed that for you.

Re:DoS? (1)

Anonymous Coward | about 9 months ago | (#45195683)

>The effect of this is to remove secure competitors from the market and force users onto overseas services.

Perhaps forcing all U.S. based VPN providers that won't cooperate to shut down is part of the plan. Once you are forced to start dealing with "foreign" VPN providers they will claim that they can legally spy on you.

Re:DoS? (1)

PPH (736903) | about 9 months ago | (#45195697)

That will work until the US Congress passes a law similar to FATCA [wikipedia.org] which compels foreign businesses to turn over financial records involving US persons. So far, few if any foreign countries have attempted to defend their sovereignty to protect Americans. I doubt much will change when it comes to data.

It matters very little anyway. Because the 'big money' is in corporate accounts and corporate data. You and I, as individuals, can't wave a magic legal wand and move ourselves offshore. Corporations can. And that's who the people running offshore banks or data services cater to.

Re:DoS? (3, Interesting)

myowntrueself (607117) | about 9 months ago | (#45196303)

That will work until the US Congress passes a law similar to FATCA [wikipedia.org] which compels foreign businesses to turn over financial records involving US persons. So far, few if any foreign countries have attempted to defend their sovereignty to protect Americans. I doubt much will change when it comes to data.

It matters very little anyway. Because the 'big money' is in corporate accounts and corporate data. You and I, as individuals, can't wave a magic legal wand and move ourselves offshore. Corporations can. And that's who the people running offshore banks or data services cater to.

What FATCA is achieving is that many non-US financial institutions are turning away customers who are US citizens; they won't have their money, don't want their custom. And many of these US citizens are giving up their US citizenship because of this. There are millions of US citizens around the world who are experiencing this financial blacklisting because of FATCA, especially in the EU.

Re:DoS? (0)

Anonymous Coward | about 9 months ago | (#45195481)

What is to stop the NSA doing a form of DoS attack on these types of services by demanding keys, and giving the services little option but to shut down?

The effect of this is to remove secure competitors from the market and force users onto pre-compromised services.

The free market at work.

Re:DoS? (2)

cyberjock1980 (1131059) | about 9 months ago | (#45195531)

And even if you go with Brand-X VPN service that is all over the world, what's to say that because they might have servers in the USA their key isn't already compromised? Or that someone at Brand-X wasn't paid off by the NSA for the key? Or that they obtained the key directly from the key right when it was signed?

Let's go all out on this. I'm really curious to see what others think of these conspiracy theories. Because lately they could just as easily be believed because of some of the stuff that has come to light from Snowden.

Is there even a design where the VPN service could be compelled to give up the keys, but still be secure? I'm thinking no, but hoping someone can validate that.

Re: DoS? (0)

Anonymous Coward | about 9 months ago | (#45195535)

The effect will hopefully be for users to make their own damn vpn (really, it's not hard) and stop trusting third parties for things that should be confidential.

Re:DoS? (0)

Anonymous Coward | about 9 months ago | (#45195547)

so this is a RICO case? lets look at Wikipedia. http://en.wikipedia.org/wiki/Racketeer_Influenced_and_Corrupt_Organizations_Act

from the summery
'There is also a provision for private parties to sue. A "person damaged in his business or property" can sue one or more "racketeers". The plaintiff must prove the existence of an "enterprise". The defendant(s) are not the enterprise; in other words, the defendant(s) and the enterprise are not one and the same. There must be one of four specified relationships between the defendant(s) and the enterprise: either the defendant(s) invested the proceeds of the pattern of racketeering activity into the enterprise; or the defendant(s) acquired or maintained an interest in, or control over, the enterprise through the pattern of racketeering activity; or the defendant(s) conducted or participated in the affairs of the enterprise "through" the pattern of racketeering activity; or the defendant(s) conspired to do one of the above. In essence, the enterprise is the illegal device of the racketeers. A civil RICO action, like many lawsuits based on federal law, can be filed in state or federal court.[2]"

IANAL but I think we have ourselves a good old fashion treble damages lawsuit brewing.

Re:DoS? (1)

Anonymous Coward | about 9 months ago | (#45195633)

The government generally isn't liable for its own actions short of giving itself liability via an act of congress. Simply put your screwed. Unless the people violently rise up (and I won't be discouraging anybody from doing that) like the 'terrorists' did/are we won't see meaningful change. We will merely be blowing away good money to fight a losing battle.

Re:DoS? (1)

Anonymous Coward | about 9 months ago | (#45195589)

Legally? A whole lot.
In practice, nothing. They could do it and get away with it and you'd never be able to prove it.

Secret courts, secret budget, no real oversight. There is no record of existing oversight mechanisms ever being triggered. This means that the secret courts are essentially a rubber stamping process.

Since this is security, and you must assume worst case, you must assume the NSA can and will do anything and everything. I do enjoy how recent revelations have spurred the crypto/sec communities in to re-evaluating assumptions about anything the NSA might have touched or might be able to do.

Re:DoS? (4, Interesting)

Teckla (630646) | about 9 months ago | (#45195607)

The effect of this is to remove secure competitors from the market and force users onto pre-compromised services.

I know this is going to sound mighty odd, but hear me out...

I kind of wish the NSA sold things like consumer routers, for which they wrote all the firmware, user interface, etc.

The NSA employs Really Ridiculously Smart People, so then I could count on my router being really, really secure against everyone and everything... except the NSA.

Which would be an OK trade-off for me, and I think would be an OK trade-off for a lot of people...

Re:DoS? (1)

noh8rz10 (2716597) | about 9 months ago | (#45195675)

The NSA employs Really Ridiculously Smart People, so then I could count on my router being really, really secure against everyone and everything... except the NSA.

Which would be an OK trade-off for me, and I think would be an OK trade-off for a lot of people...

oh, totes. if the nsa gave you a router with a 100% backdoor for them, then you would be golden against all other threats. except... obv the nsa can be infiltrated cf snowden. and others could engineer your router backdoor. and if the nsa has a router backdoor they could potentially get access to your computer and all your bizness, not to mention the computers and bizness of everybody you communicate with.

So, perhaps you would rethink your hypothetical statement?

Re:DoS? (1)

Teckla (630646) | about 9 months ago | (#45195913)

oh, totes. if the nsa gave you a router with a 100% backdoor for them, then you would be golden against all other threats. except... obv the nsa can be infiltrated cf snowden. and others could engineer your router backdoor. and if the nsa has a router backdoor they could potentially get access to your computer and all your bizness, not to mention the computers and bizness of everybody you communicate with.

I would trust the NSA's security guys to get security better than any for-profit company with strong economic incentive to cut corners.

And I realize I'd be handing the NSA the keys to get inside my network -- that's the trade-off I think many people would find worthwhile -- giving the NSA access in exchange for them writing the most secure firmware they possibly could.

Re:DoS? (1)

Urza9814 (883915) | about 9 months ago | (#45195983)

What exactly makes you think the NSA would have any incentive to do a better job than the existing producers? My guess would be the NSA's products would be *worse*. They don't need you to trust them. They don't need to turn a profit. Things are easier for them if you shit is not secured. And they don't give a damn if anyone else reads your traffic. Exactly what incentive would they have to make things secure?

Re:DoS? (0)

Anonymous Coward | about 9 months ago | (#45196157)

They certainly wouldn't, also this plan was already played out http://en.wikipedia.org/wiki/Clipper_chip [wikipedia.org].

Re:DoS? (0)

Anonymous Coward | about 9 months ago | (#45195727)

Everyone on slashdot most likely already runs their own home-made router. Something like a low powered comptuer with some network cards and OSS like OpenBSD, or Linux, or FreeBSD. Then at least you have a proper router not some POS switch with a NAT on top.

Then again, people that use "routers" probably use NAT as a "firewall"....

Re:DoS? (1)

gallondr00nk (868673) | about 9 months ago | (#45195617)

What is to stop the NSA doing a form of DoS attack on these types of services by demanding keys, and giving the services little option but to shut down?

Nothing, seemingly. The NSA seem to act completely in secret, US citizens aren't privy to their actions or any court rulings except those disclosed months or years after the ruling. It's like playing a game where no-one but one player knows the rules, you are certain to lose.

The choice seems to be either compromise your service, or shut down your business. I really feel for anyone who is having to give up their livlihood on account of their actions.

One thing is certain. This is the antithesis of democracy.

Re:DoS? (1)

eyegone (644831) | about 9 months ago | (#45196171)

One thing is certain. This is the antithesis of democracy.

Bullshit.

It may be illiberal; it may be unconstitutional; but it is very, very democratic.

A large majority of human beings have always been (and presumably always will be) perfectly happy to trade something as abstract as "privacy" or "liberty" for the comforting illusion of protection from the bogeyman de jour.

Sad (5, Insightful)

Anonymous Coward | about 9 months ago | (#45195387)

We've got technology businesses shutting down their services because they are now afraid of (i.e.: terrorized by) their own government?
Did the terrorists actually win this war on terror?

Re:Sad (0)

Anonymous Coward | about 9 months ago | (#45195433)

We've got technology businesses shutting down their services because they are now afraid of (i.e.: terrorized by) their own government? Did the terrorists actually win this war on terror?

2001 called, it wants its towers back, too.

Re:Sad (1)

game kid (805301) | about 9 months ago | (#45195469)

Won this war, and started this war.

Re:Sad (4, Insightful)

adolf (21054) | about 9 months ago | (#45195625)

We've got technology businesses shutting down their services because they are now afraid of (i.e.: terrorized by) their own government?
Did the terrorists actually win this war on terror?

The terrorists won as soon as we had to take off our shoes and throw away our nail files in order to get on an airplane, starting around 12 years ago.

It's been an easy slide down the slippery slope since then.

Re:Sad (0)

cold fjord (826450) | about 9 months ago | (#45195731)

The terrorists won as soon as we had to take off our shoes and throw away our nail files in order to get on an airplane, starting around 12 years ago.

Did that prevent you from getting on the plane? If not, then no.

Re:Sad (5, Insightful)

adolf (21054) | about 9 months ago | (#45195969)

It doesn't matter if I still fly or not.

One used to be able to board an airplane without a pat down, porno-scan, or a strip-search. One cannot do that now, because we've been terrorized into requiring these procedures.

That's a win.

Re:Sad (1)

jschrod (172610) | about 9 months ago | (#45195659)

Did the terrorists actually win this war on terror?

Yes, for sure, in the USA they did. It was a full-fledged, all-around victory, without any substantial opposition. That the terrorist's victory also helped companies like Halliburton to enormous profits was not inconvenient, either. Haven't you left your mother's basement in the last 13 years?

Re:Sad (0)

cold fjord (826450) | about 9 months ago | (#45195715)

We've got technology businesses shutting down their services because they are now afraid of (i.e.: terrorized by) their own government?
Did the terrorists actually win this war on terror?

No. The problem is that some business what to hold themselves above the law and find that it is very expensive to attempt to do that, and almost certain to fail.

It looks like they didn't shut down because of "terror" but because they didn't want to comply with court orders and didn't have the money to fight a losing battle.

Re:Sad (4, Insightful)

Urza9814 (883915) | about 9 months ago | (#45196047)

It looks like they didn't shut down because of "terror" but because they didn't want to comply with court orders and didn't have the money to fight a losing battle.

It doesn't matter what Congress or the courts say; if the law violates the US Constitution, it is illegal and invalid. Which makes the agents enforcing it part of an organized criminal enterprise. An organized criminal enterprise which has just caused numerous US businesses to close their doors by using tactics intended to produce a state of fear in those businesses. Sounds like the freakin' definition of terrorism to me.

time for internet++ (0)

Anonymous Coward | about 9 months ago | (#45195483)

It's time for a new internet, with strong anonymity and encryption built in at a very low level, resistant to subversion, censorship, and snooping. Identity should be disclosed only voluntarily, and not easily "leaked" by things like panotoclick attacks.

I believe it's technically possible. The question is whether we have the will.

Re:time for internet++ (1)

Urza9814 (883915) | about 9 months ago | (#45196083)

That's existed for over a decade, but nobody wants to use it:
http://en.wikipedia.org/wiki/Freenet [wikipedia.org]

Bad business plan? (-1)

cold fjord (826450) | about 9 months ago | (#45195487)

Looks like a problem with thin profit margins and a desire to fight court orders instead of comply. That is going to be expensive which isn't a good fit for a small business with thin margins.

FTA [arstechnica.com] :

Selling to enterprises is more lucrative than selling to consumers, of course, providing one possible reason CryptoSeal chose this route. Another factor is that businesses seeking a VPN service may be more concerned about security from hackers than about hiding Internet activity from governments and Internet service providers.

A comment on Hacker News apparently posted by CryptoSeal founder and CEO Ryan Lackey points to the cost of legal services being one of the main factors.

"The financial issue was the potentially huge liability due to a legal action or battle, not the (small) costs of operating the service," Hacker News user "RDL" wrote. The service "was covering operating costs and some profit," but the risk of defending against a government order would have wiped that out.

anyone anywhere (5, Insightful)

YesIAmAScript (886271) | about 9 months ago | (#45195497)

For anyone operating a VPN mail or other communications in any country you should consider that your government can compel you to produce information.

This intellectual exercise has been done a long time ago by those who looked a little deeper than you. It's why there were crazy ideas such as offshore data havens.

In the end, you can't really do anything about it. The government your company is under (at the very least, maybe other entities too) can compel you. So now it's just a matter of which government you're least worried about.

Re:anyone anywhere (0)

Anonymous Coward | about 9 months ago | (#45195685)

sure you can - you just need several emp devices ;-)

Re:anyone anywhere (1)

BitterOak (537666) | about 9 months ago | (#45195837)

For anyone operating a VPN mail or other communications in any country you should consider that your government can compel you to produce information.

True. Is anyone here old enough to remember anon.penet.fi?

Re:anyone anywhere (1)

cold fjord (826450) | about 9 months ago | (#45195899)

In the end, you can't really do anything about it. The government your company is under (at the very least, maybe other entities too) can compel you. So now it's just a matter of which government you're least worried about.

In the end the problem is bigger than that. The government of the countries you do business in can tell you to do certain things too, as many Europeans are fond of pointing out to Americans.

Re:anyone anywhere (0)

Anonymous Coward | about 9 months ago | (#45196121)

"Compel" just doesn't seem to adequately describe physical aggression.

Until a libertarian is in office, we may never see (0)

Anonymous Coward | about 9 months ago | (#45195523)

Until a libertarian is in office, we may never see encrypted boobies on the internet ever again. That's a real shame since seeing a libertarian in office is as likely as us going to the moon again. :(

Re:Until a libertarian is in office, we may never (0)

Anonymous Coward | about 9 months ago | (#45195775)

Tea Party-ers describe themselves as "libertarian".

Re:Until a libertarian is in office, we may never (1)

Fjandr (66656) | about 9 months ago | (#45196077)

And any of them who are socially conservative or who believe corporations have rights are not actually libertarian, much like Christians for War are not actually Christians.

Restricting trade (0)

Anonymous Coward | about 9 months ago | (#45195525)

Isn't free trade the mantra of our political system? Seems all this NSA information gathering is actually causing restrictions to free trade. Could be a problem for the corporate cronies in DC and then ultimately a problem for the NSA.

Full disclosure, or it's just an empty gesture (0)

Anonymous Coward | about 9 months ago | (#45195573)

I suspect that no significant change is likely to occur until many of the the recipients of the USA's totalitarianly named 'National Security Letters', instead of merely shutting down amid elliptical comments, defy their local laws and issue press releases stating clearly and in full what the government of the Land of The Free is attempting to coerce them into doing, and until they include in full the NSL and any other documents, etc., that were served upon them, in the dossier that is released to the world.

Of course, any such heros would need to be sure there was NOTHING in their backgrounds, hard drives, or acquaintances to the n'th degree that could allow the Home of The Brave to paint them to Fox News as a paedo, druggie, terrorist, commie, and so forth; and, even then, be prepared to go through the court system the hard way for their principles.

Shutting down small, random services that few have heard of, is little more than a real-life parody of the 'Suicide Squad' in the last scene of 'Life of Brian': "That showed 'em, eh?"

Would the real Samuel Goldstein, please stand up.

Subjunctive Case (1)

chiefloko (450100) | about 9 months ago | (#45195619)

It seems all very fishy. Shut down your end user service, but keep corporate service going?

Legal fees? You need not be a lawyer to write a letter (or not write a letter) or better yet, not sign for any Certified Return receipt mail.

Most of these companies are leasing hardware...without any real office space. Let Uncle Sam do the leg work, find the data center; subpoena the data centers, so on and so forth.

This reads to be...we aren't returning enough profit for our non-business class players, let's switch to corporate pricing and take it from there.

It is very easy to say "No" to the government, the fight may be long and arduous but an attorney is not needed every step of the way.

Hell, some 1 or 2L's would probably eat this sort of pro-bono work up to get written up in a law review.

Better honey than vinegar.

Dear NSA,

Thank you for your correspondence. It is my understanding sitesomelegalprecident.
If you have any further questions, please feel free to contact me at this email address; I do not accept US mail.

I don't know? This all reads as profit farse.

$.02

Re:Subjunctive Case (1)

gnoshi (314933) | about 9 months ago | (#45195993)

I agree with the essence of what I think you are saying. Right now is an excellent time for companies in private e-mail, encryption provision, or any related area who are not seeing good returns on some part of their business to close it down (potentially without refunds, if paid), say 'Oh, I shut down because NSA', and ride a wave of good publicity.

I'm not saying that was the case for Lavabit, or for Silent Circle Mail. Both of them are special cases, because not only did they hold the private keys but they held data at rest. Thus, getting the private key and forcing the provider to implement passphrase capture from the client was necessary to get the data that was at rest.
This is simply not true of a VPN service. They don't have data at rest, and the NSA can (I expect...) use the current legal processes to collect the data directly from the VPN provider. They don't need the private keys of the customer to do that.

Note: all this depends on my understanding of CryptoSeal being a VPN provider in the sense of 'VPN-from-home-to-CryptoSeal-to-Internets' rather than 'VPN-from-home-to-work-directly-using-CryptoSeal-software'. If I misunderstood that, then my argument about the NSA not needing the private keys falls apart a somewhat. (I did check their site but it seemed like a VPN-to-Internet service).

Re:Subjunctive Case (1)

chiefloko (450100) | about 9 months ago | (#45196163)

I agree 110% with you and your eloquent statement on "Data at Rest"

I am still not sure at the service that they offered. It reads that they did actually track usage and page visits? I wonder what big brother is doing about AnchorFree?

        When you register for CryptoSeal we ask for information such as your name, email address, billing address, credit card information. Members who sign up for the free account are not required to enter a credit card.
        CryptoSeal uses collected information for the following general purposes: products and services provision, billing, identification and authentication, services improvement, contact, and research.
        Cookies are required to use the CryptoSeal services.
        We use cookies to record current session information, but do not use permanent cookies. You are required to re-login to your CryptoSeal account after a certain period of time has elapsed to protect you against others accidentally accessing your account contents.
        CryptoSeal uses no third party vendors in the operation of its services. Datacenter partners are used for Power, HVAC, and Physical Security. Although CryptoSeal owns the code, databases, and all rights to the CryptoSeal services, you retain all rights to your data.
        CryptoSeal may disclose personally identifiable information under special circumstances, such as to comply with subpoenas or when your actions violate the Terms of Service.

NSA is tipping their hand (2)

arthurpaliden (939626) | about 9 months ago | (#45195701)

So the NSA is supposed to be covertly gathering intelligence. Yet they use high pressure tactics that force these sites to shut down therefore tipping off their users that something may be amiss. Leading them to change their procedures there by wasting all the time an effort the NSA put into thin initial investigation.

A different objective? (3, Interesting)

duke_cheetah2003 (862933) | about 9 months ago | (#45195963)

Maybe the US Government's objective here is not collect data from these types of services like LavaBit, SilentCircle or whoever else has shuttered in fears (or actual) of being tapped by the NSA.

It's starting to feel like to me the objective isn't the data, the objective is the services. This is denial of service. Denial of crypto services by the US Govt.

I just can't really see why they would put the pressure on so blatantly. It's like they're sending a clear message to all of us, no more crypto services, we're going to find you and tap you so you're are ineffective, or shut down.

Re:A different objective? (5, Insightful)

duke_cheetah2003 (862933) | about 9 months ago | (#45196001)

As a side to this.. at least it tells us something...

they can't break the crypto.

the gov't strategy is becoming clear.... (0)

Anonymous Coward | about 9 months ago | (#45195985)

scare u.s. based companies into closing up shop or at least dropping products the gov't can't easily hack into.... which creates a void in the marketplace to be filled by overseas companies and services..... then the agencies with (u.s. granted) authorization for overseas operations can do whatever the fuck they want on foreign soil, and to those overseas companies and their services, out of the reach of the u.s. courts and scrutiny......

Blame every single NSA worker (1)

Anonymous Coward | about 9 months ago | (#45196107)

Except Snowden - a true hero and patriot.

Every single NSA worker has committed treason against the American people. I hope to see the day every single one of these individuals are exposed as traitors, for not only furthering a tyranny that is backed by big money , but totally subverting the constitution. Remember, your oath is to protect the constitution, not the federal government, or military industrial complex, or corporations.

So collect your nice paycheck, but be a banker's bitch, you little little bitch. you spineless little coward bitch. I hope none of you can ever sleep at night.

Donate Here to Protect SSL Keys (4, Informative)

Heretic2 (117767) | about 9 months ago | (#45196339)

Donate to Lavabit legal fund [rally.org]

The legal briefs filed so far [wired.com] look like they are about to hand the government its own ass in respect to seizing SSL keys.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>