Linked by Thom Holwerda on Sat 8th Jun 2013 14:57 UTC
Legal And yes, the PRISM scandal is far, far from over. More and more information keeps leaking out, and the more gets out, the worse it gets. The companies involved have sent out official statements - often by mouth of their CEOs - and what's interesting is that not only are these official statements eerily similar to each other, using the same terms clearly designed by lawyers, they also directly contradict new reports from The New York Times. So, who is lying?
Thread beginning with comment 564132
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Comment by Nelson
by voidlogic on Sat 8th Jun 2013 19:24 UTC in reply to "RE[2]: Comment by Nelson"
voidlogic
Member since:
2005-09-03

Right. So you're running a large company, and the government comes to you and says, 'We need some information from your servers about Joe Sixpack, and by law, you must provide us with this information.' So, what are you going to do? Are you going to play the hero and get yourself thrown in jail, and your company possibly put out of business? I'm sure we could get a good debate going about whether such things should be legal, but the point is that they ARE legal, and businesses are legally obligated to hand this information over. So I personally don't hold it against them.


Fair enough, the first few times it happened. Then I would like to see companies like Google to take technical measures to make it impossible to comply with these kind of orders in a meaningful way (Ideas follow):

It could be as simple as making sure non-encrypted user data is in jurisdiction non-amenable to assisting other security states and owned by a subsidiary local to that jurisdiction.

So they might comply, but the powers that be would get no useful information. For example, my gmail messages could be encrypted using my public key and only decrypted client side using my private key. Then Google could not read my mail (after storing it) and they could not provide anything but cryptotext to governments. They could still do all their advertising/search stuff by doing keyword indexing or whatever they do at receive time.

Q: How much extra work is this?

Not much, the server has one extra public key encrypt (which is cheap and happens every-time you visit a HTTPS page), after that the extra work is done client side (and is still pretty cheap). The only thing burdensome perhaps is that any search/ad indexing must happen are receive time and is not deferred (which may or may not be the case now for gmail).

The real technical challenge here is how to make sure the user has their private key on their devices/browsers without storing the key at Google, etc. Perhaps putting this key server in a different legal jurisdiction or letting users sneaker-net it at their choice is an option.

Reply Parent Score: 2

RE[4]: Comment by Nelson
by WorknMan on Sat 8th Jun 2013 20:06 in reply to "RE[3]: Comment by Nelson"
WorknMan Member since:
2005-11-13

Q: How much extra work is this?


Not only how much work, but how much would it cost, including server resources? Would you be willing to pay for this extra level of security?

Reply Parent Score: 2

RE[5]: Comment by Nelson
by voidlogic on Sat 8th Jun 2013 20:16 in reply to "RE[4]: Comment by Nelson"
voidlogic Member since:
2005-09-03

Not only how much work, but how much would it cost, including server resources?


With the design I have in mind, very little. I tried to make that clear.

Would you be willing to pay for this extra level of security?


Yes. However, a company that claims to be concerned about government invasion of privacy on moral grounds should make this their base offering. I don't think, even at scale, the cost increase would be substantial, at least compared to the current cost of operations.

Reply Parent Score: 3

RE[5]: Comment by Nelson
by darknexus on Sun 9th Jun 2013 01:58 in reply to "RE[4]: Comment by Nelson"
darknexus Member since:
2008-07-15

Not only how much work, but how much would it cost, including server resources? Would you be willing to pay for this extra level of security?

Don't forget that Google would never do such a thing. They make money from analyzing your emails (along with anything else you give them) to try to shove ads down your throat. Encrypt your mail so Google couldn't utilize the only part of their business plan that is actually bringing in the cash? Lol.

Reply Parent Score: 4

RE[4]: Comment by Nelson
by tylerdurden on Sun 9th Jun 2013 01:11 in reply to "RE[3]: Comment by Nelson"
tylerdurden Member since:
2009-03-17

The problem is that part of google's business plan depends on being able to read your mail... It's also a reason why it's a free (as in gratis) service

Reply Parent Score: 3

RE[5]: Comment by Nelson
by voidlogic on Sun 9th Jun 2013 03:20 in reply to "RE[4]: Comment by Nelson"
voidlogic Member since:
2005-09-03

The problem is that part of google's business plan depends on being able to read your mail...


That is why I suggested the ad/search indexing be done at receivable time prior to long term (encrypted) storage.

Reply Parent Score: 2

RE[4]: Comment by Nelson
by talaf on Mon 10th Jun 2013 06:20 in reply to "RE[3]: Comment by Nelson"
talaf Member since:
2008-11-19

Q: How much extra work is this?

Not much, the server has one extra public key encrypt (which is cheap and happens every-time you visit a HTTPS page), after that the extra work is done client side (and is still pretty cheap). The only thing burdensome perhaps is that any search/ad indexing must happen are receive time and is not deferred (which may or may not be the case now for gmail).

The real technical challenge here is how to make sure the user has their private key on their devices/browsers without storing the key at Google, etc. Perhaps putting this key server in a different legal jurisdiction or letting users sneaker-net it at their choice is an option.



Actually, if I get you idead correctly, it would mean doing public key encryption rather than private key encryption for Google, which is orders of magnitude slower. While it's technically "cheap", the cost in processing would be gigantic.

Reply Parent Score: 2