" Mike Janke, Silent Circle’s chief executive, said in a telephone interview late Thursday that his company had destroyed its server. “Gone. Can’t get it back. Nobody can,” he said. “We thought it was better to take flak from customers than be forced to turn it over.”
That guy has brass balls. It may very well be that this will be interpreted as obstruction of justice, there is a specific element in there about destroying evidence.
I wouldn't put it past the DOJ to conjure up claims that there are always investigations into every company at all times, so any destruction of property at any time could be construed as destruction of evidence.
They've done it in the past, to the auditing firm involved in the Enron scandal. They actually indicted and convicted them of destroying audit records according to their standard procedures prior to them being investigated by the SEC.
I wonder if they destroyed it before it was part of an investigation? It may have been preemptive to avoid that scenario when the Feds eventually did come knocking on the door.
Edit - yes that looks to be the case. From their blog: We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.
What he did was equally an act of heroism (in face of Internet history) and stupidity (in face of his own life). Perhaps, he should just have wiped and destroyed the disks, and have it "seemed like a system crash at a bad timing" caused it :)
Isn't it fucked up when someone suggests that someone's life might be at risk because of some data he had (and completely had the right to delete) and it doesn't sound utterly ridiculous?
People 'suggest' the government is going to kill people all the time, it doesn't make it true. That is the world you live in. You do not live in a James Bond film.
This guy didn't risk his life. His livelihood perhaps, but not his life.
Snowden's life is probably in danger, and Manning isn't having a swell time, just for coming out and saying that the US is involved in unsavory activities. Sure, this isn't at that level, but it's not inconceivable any more.
he risked his life in in the way that he may be placed in jail for a while. I don't think anyone is suggesting that he may be killed over a destroyed server.
Lying under oath (or even when questioned by the police) is rarely a great idea. Because even if they can't prove you did anything illegal, that can still use your lie to hang you.
Why would it be if there was no on going investigation that they were made aware of (officially)? I think they are smarter than that. This seems like a pre-emptive move.
"State Security" as defined by a handful of war-mongers living in the past and bent upon visiting its ghosts on the present, and sadly, the future generation.
So long as they are doing this to target legitimate national security threats, it isn't. There is no filter on free speech nor any hint that one might be coming. Right now it's just overzealous prosecution that is nipping at the 4th amendment. The 1st amendment is secure for now.
A slashdot commenter put this up a few weeks ago, it's worthwhile viewing for an hour - you can get an idea of what the providers are going through. There's a good interview with an archive.org employee around who also received one, and tried to resist in his capacity as a librarian.
I remember that guy. I think he was the first to fight an NSL, and to make it so you can tell your lawyer about NSL's.
He also tried to crowdfund a very privacy-oriented ISP a while ago, but he could only do it on IndieGoGo, and it was very new at the time, and I don't think he completed the goal.
Reminds me of when they took Megaupload down. There was a domino effect where a lot of torrent and file sharing sites decided to pack their things and go home.
First the file sharers, then the secure emails. I wonder who's going to be next? The reddits? The HNs?
I think you're absolutely right. The only effect that NSA/... (and let's be honest, any other country is just jealous they don't have the capabilities of an NSA :p) has on the Internet community is going to be a wider and further proliferation of darknets, P2P and F2F services.
It's funny I think that's one of the primary results of the internet. I think of movie and music production, software, bitcoin, bittorrent and so on. I would argue they have been decentralised by the internet.
I think centralised services are against the 'spirit of the internet'.
Lavabit was a much more "under the radar" provider. Silent circle has gained huge traction since they started and provide secure Phone, SMS and mail services. They may not be "equal" but silent circle is certainly more of a high profile target.
My e-mail system is set to prefer TLS wherever possible. Spot-checks of headers incoming from other sources show that, at the minimum, a TLS session is successfully negotiated approximately 85% of the time so messages from those sources are presumed to be encrypted while in transit. All clients must connect using TLS (either IMAP-S or HTTPS). Yes, unencrypted copies likely exist on the sending side (the data storage disks for my e-mail servers are encrypted) and the client storage for some of my users is in the clear but it's not possible for my ISP to read the bits in flight.
If they want to get you they're gonna get you. The point is that takes a lot more work than the analyst sitting at his desk typing in friggin Google searches on your Gmail.
Given that I am not an US-citizen I would argue that I am better of an provider outside.. namely myself. Have fun puzzling together a complete picture from dozens of providers.
Right, but my email service is not likely to suddenly disappear overnight (like post) and also isn't owned and controlled by a large corporations in the same pocket as the US government (which isn't even my government... but seemingly still has access to my emails...).
It seems like there's an opportunity for a PGP mail forwarder, a service that encrypts all incoming mail and then forwards it without saving anything in the process. I'd pay bitcoins for that.
This sounds totally useless as a 3rd party service due to how obvious a target it would be but a simple encrypting proxy or MTA config would be pretty useful for self hosted setups.
I'm but a layman but browser-side SSL verification is essentially 3rd-party centralized validation of the authenticity of one side of an encryption mechanism - predetermined vendors tell the browser whether a SSL cert is as claimed and an SSL cert is only an encryption key.
This service doesn't care whether a browser-maker thinks its cert is real; they also provide a means to validate that their downloadable cert is as claimed - the cert is valid encryption between you and them, from anyone not you and them, despite whatever errors a browser throws up.
Obama is willing to deprive his constituents of their bread and butter to enforce surveillance. Un. Fucking. Believable.
This is in no way Schadenfreude, but it does provide an opportunity for countries with more transparency, or less appetite for strong-arming their people.
> Taken together, the closures signal that e-mails, even if they are encrypted, can be accessed by government authorities and that the only way to prevent turning over the data is to obliterate the servers that the data sits on.
Can someone explain to me how this is possible? Or is this inaccurate?
Hm, i wonder why Silent Circle just went ahead and shutdown their relativly young and unknown mailservice without any clear reason other than to use the opportunity to do get some publicity for their other secure services.
Lavabit was alot bigger than Silent Circle and this announcement seems a bit suspicious to me. I might me totally wrong, but going ahead and shutting down the service on the same day a popular competitor does without any clear reason while at the same time embracing their other still running services seems a bit strange to me.
I don't think 'any news is good news' applies to secure services providers. It will not make other offerings more appealing. Why bother with a provider that has to resort to this kind of behaviour to protect its customers?
as someone who (wisely or unwisely) depends on my email account as an online datastore, the prospect of it just shutting down overnight and my losing everything is terrifying. which probably means it's time to start some sort of active backup mechanism, but more to the point i do wonder if any of lavabit's or silent circle's clients ran into the same predicament.
That guy has brass balls. It may very well be that this will be interpreted as obstruction of justice, there is a specific element in there about destroying evidence.
http://en.wikipedia.org/wiki/Obstruction_of_justice