How does this stuff work? Would someone at the NSA contact dropbox and ask them to build in a backdoor or are they just able to access whatever the fuck they want and simply do?
It's described for a couple of the cooperating corporations in the article.
For example, for Facebook, the analyst goes to a special webpage/site at Facebook, then they simply clicks through a "Yep, this person is a terrorist" EULA and they have full access to Facebook's database (eg. full access to user content). I bet they rejoiced when Facebook Graph opened shop.
People can put their lives on Facebook's database, it's still Facebook's database. The problem is not that Facebook is sharing this information, it is that people are sharing it with Facebook.
I'm aware of the distinction, but the average person out there doesn't think of themselves as sharing with Facebook the company, they think they are sharing with their friends.
The law doesn't care what the average person thinks nor does reality. It's the persons responsibility to maintain his own privacy by not posting private information on a public website. If you post something on the Internet, it's going to get out there; people should know this by now and if they don't it's their own damn fault.
If people don't know something by now it's equally the fault of the services they use for not educating them about the real implications of what they do online.
The 4th ammendment protects us from unreasonable searches and seizures, so I suppose if they were just searching randomly, which you might draw the conclusion they are doing.
LE requests to FB simply do not work that way. They can make a request online, which is checked for proper authority, etc. The guidelines FB follows can be viewed at https://www.facebook.com/safety/groups/law/guidelines/ and the idea that FB just randomly hands out full read access to user data is either a paranoid delusion or calculated deception. Maybe you can tell us which one you were aiming for.
He's referring to the linked article, so your personal attack is misdirected.
'With a few clicks and an affirmation that the subject is believed to be engaged in terrorism, espionage or nuclear proliferation, an analyst obtains full access to Facebook’s “extensive search and surveillance capabilities against the variety of online social networking services.”'
But that's not a personal attack. The comment also mentions speculations about "rejoice" when they opened the Facebook graph, after believing what the article says about FB's methods of data sharing without further questioning.
Again: Questioning the motives behind an attempt of persuasion argument isn't a personal attack.
I don't believe they need backdoors, they probably just ask for the data and it's provided to them by those companies to comply with the current laws (or at least their interpretation of it.)
I'm pretty sure dropbox can reverse any encryption they use for the files they store. Or do they even encrypt the data?
Dropbox has every encryption key used with Dropbox, so they can decrypt any file. Both transport keys and storage keys. Dropbox does at least (allegedly) encrypt stuff for storage, so they can RMA hard drives without having to destroy them first, but that's pretty meaningless.
There are some (flimsy) reasons for Dropbox to have copies of all storage keys (a web UI, which only some users use). Dropbox has done a good job of misrepresenting how their security worked for the past ~4 years to mislead people into trusting it, though.
This is mostly why I don't use Dropbox whenever I have a choice.
I would suggest Spider Oak, however, their support is not timely and there's currently a bug in the Windows 8 client that doesn't let it work. But if they get those issues sorted it could be a decent service.
Could someone please tell me why I can't reply to any comments that are below the third level? The reply link simply disappears!
Edit: Now that I've made this statement there's a reply to gknoy, but not the ones below him or to o0-0o. This is really weird.
Edit 2: Upon refreshing, there's now a reply link to o0-0o but not the other ones below gknoy.
You can just click on the "link" link and then reply from there, instantly.
(I kind of hate the feature, since most of the time "you suck" "no, you do" "no, you do" only goes on a few levels, so the exponential delay isn't an issue, but an actual technical discussion goes deeper. False positives and false negatives. :( )
They were on S3 at one point in time (and pretty widely known as the biggest S3 customer). I'm not sure if they are on S3 today. This may depend on when you interviewed.
From the caliber of engineers I talked to, I can't imagine them bringing storage in house without some major churn. It is a sea of fresh CS grads with no real world operational experience.
Do something for mobile please? You're one of the most trustworthy providers, particularly if you build things on mobile so we don't necessarily need to trust you...
We're genuinely interested in what you mean by this ...
Android devices are unix devices, and (I assume) either have ssh/scp/sftp/rsync in their userland or it can easily be placed there...
If I had a modern phone, which I do not[1], I would probably just load duplicity[2] on it ? But now that I think about it, in the same way that I have zero data on my laptop, I assume I would also have zero data on my phone ?
It's trivial for desktops. I personally like AeroFS the best, but you could use anything and layer crypto on top of it, or use something with a painful UI like tarsnap, or build your own, or really whatever. Wuala/SpiderOak are fine too, but kind of suck for non-security reasons in my limited experience with them, compared to Dropbox or AeroFS. (I personally just use rsync and NFS over VPN, though.)
The problem is mobile. Due to some questionable decisions made by especially Apple but also earlier with Google, you really need every single app to write to your cloud storage provider's API. Dropbox is unquestionably the leader there; iCloud on iOS seems to do ok for newer apps. Neither provides meaningful encryption. Requiring every app developer to figure out encryption and manage keys on his own and then handle that on top of the Dropbox API is also insane.
Arguably Apple has a lot of ways to pwn iOS users already, so I'd consider trusting Apple and iCloud to not be that much worse than just trusting iOS, but it is still bad (and most of the bad things Apple can do to you either involve signing bad things, then requiring an active step by the user or MITM, or doing things like retaining device keys at manufacture time and subsequently seizing the devices, or having some deeply-buried backdoors which probably require physical access or are exceedingly infrequently used.)
There's really no good solution for mobile now. You could probably build something fairly non-shitty in the Android world, although I don't know enough about how applications share files and interoperate to know if it would need to be a per-user-app integration. On non-jailbroken iOS, it's pretty clear you'd need to develop a new API which did client-side crypto, key management, etc., on top of file sharing. It would be a pain, and even more of a pain if you wanted to avoid fully trusting Apple in the process.
The best solution right now is "no data lives on the phone", rather than trying to sync; use some kind of web or app which just uses transport crypto to interact with a server but never stores anything locally. If you trust the OS a lot, you could do something like what Good Technologies does and try to sandbox your data within a specialized app like that.
“Google cares deeply about the security of our users’ data,” a company spokesman said. “We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data.”
They are legally required, personally and individually, to lie about the existence of these programs, or go to prison instantly. These orders are gag-ordered by default.
I doubt that Steve Jobs or Ballmer would "go to prison instantly" if they had disclosed the existence of these programs. Yes, they might have been prosecuted under statute, but they wouldn't vanish. In fact, the high visibility of Brin, Jobs, Ballmer etc would probably have been a deterrent against prosecution. Can you imagine the outrage if Jobs came out with a statement saying that the NSA was requiring that Apple grant access to all user data, and he was then incarcerated?
Jobs was an elitist, knows-better-than-you prick. AFAICT he was fine with this kind of "trust us" nanny state bullshit. Apple does the same "we'll decide for you" stuff by policy as a matter of course.
We can assume that Cook, who appeared behind Obama during The State of the Union, is probably on the same page. Highly powerful people know they can't fight the tide; and truly, why should they? The normal rules could never apply to them.
If you're going to build something like PRISM because the ends justify the means, is prison really going to be the only thing you threaten people with?
Three letter agencies approach the executive team directly. A decision to participate has to be made at the exec team/board level. If the CEO doesn't know about it, then the company has some serious communication issues.
Or wasn't asked because nearly all of the content is public already. Or is going to cave after some unknown amount of resistance in the future like Apple, Facebook, and Google did. Or dozens of other possibilities.
My guess? These companies setup the data-equivalent of the CIA 'black sites' ... Out of the country duplicate databases that the NSA has access to beyond the laws of this nation.
Watch this video and listen how many times 'in the United States' is mentioned.
