Lavabit Details Unsealed: Refused To Hand Over Private SSL Key Despite Court Order & Daily Fines

from the as-expected dept

It appears that some of the details that resulted in Lavabit shutting down have been unsealed, and Kevin Poulsen, over at Wired, has the details and it's pretty much what most people suspected. The feds got a court order, demanding that Lavabit effectively hand over the keys to everyone's emails. Lavabit's Ladar Levison refused, and he was then threatened with $5,000/day fines, contempt of court charges and possibly more.

Initially, Lavabit was sent a pen register order letting the government know every time Ed Snowden logged in (Snowden's name is redacted, but it's clear that this is about him). Lavabit said that it wouldn't defeat its own encryption system, and the court quickly ordered Lavabit to comply:
By July 9, Lavabit still hadn’t defeated its security for the government, and prosecutors asked for a summons to be served for Lavabit, and founder Ladar Levison, to be held in contempt “for its disobedience and resistance to these lawful orders.”

A week later, prosecutors obtained the search warrant demanding “all information necessary to decrypt communications sent to or from the Lavabit email account [redacted] including encryption keys and SSL keys.”
Once again, Levison refused to reveal the SSL keys, leading to the $5,000 per day fine imposed by Magistrate Judge Theresa Buchanan. The fines began August 6th. Lavabit shut down on August 8th.

Again, something along those lines was what many people had assumed happened, but now it's been confirmed. Kudos to Levison for standing his ground on this. I know that people in our comments like to insist that every company should act this way, but it's not nearly as easy when its your life's work on the line, and you have the entire US government (including huge monetary fines and the possibility of jail time) coming down on you.


Reader Comments (rss)

(Flattened / Threaded)

  • This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Oct 2nd, 2013 @ 3:05pm

    Google, though, COULD easily withstand such fines indefinitely.

    At approximately $50 billion a year, it gets $136,986,301.37 EVERY day, or 27,397 times the $5,000.

    Spying is the main 'business model' of the internet, especially for Google and Facebook.

     

    reply to this | link to this | view in chronology ]

    • This comment has been flagged by the community. Click here to show it
       
      icon
      Shadow Dragon (profile), Oct 2nd, 2013 @ 3:07pm

      Re: Google, though, COULD easily withstand such fines indefinitely.

      Why aren't you civilly committed yet? You clearly show you're a danger to yourself and others.

       

      reply to this | link to this | view in chronology ]

    • This comment has been flagged by the community. Click here to show it
       
      identicon
      jackn, Oct 2nd, 2013 @ 3:15pm

      Re: Google, though, COULD easily withstand such fines indefinitely.

      Come ootb, invest in a dictionary. You dont want people t assume ur dumb do u?

       

      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
     
    icon
    Shadow Dragon (profile), Oct 2nd, 2013 @ 3:05pm

    Insert OOTB incoherent borderline schizophrenic rants

    Come to think of it the only good part of that technology is you can track likes OOTB and have him civilly committed.

     

    reply to this | link to this | view in chronology ]

    • This comment has been flagged by the community. Click here to show it
       
      identicon
      out_of_the_blue, Oct 2nd, 2013 @ 3:10pm

      Re: Insert OOTB incoherent borderline schizophrenic rants

      @ Shadow Dragon (profile), Oct 2nd, 2013 @ 3:05pm

      Insert OOTB incoherent borderline schizophrenic rants

      Come to think of it the only good part of that technology is you can track likes OOTB and have him civilly committed.


      There you go, kids. Just takes the right button to be pushed, an enemy to be hated, here over mere web-site comments, and you'll turn into petty tyrants hoping for the state machinery to be used against them. Your future is grim. Those running the world know how easily manipulated you are.

       

      reply to this | link to this | view in chronology ]

      • This comment has been flagged by the community. Click here to show it
         
        icon
        Shadow Dragon (profile), Oct 2nd, 2013 @ 3:14pm

        Re: Re: Insert OOTB incoherent borderline schizophrenic rants

        Typical OOTB not only you're crazy,you're so gullible that you've gotten a taste of your own medicine.

         

        reply to this | link to this | view in chronology ]

      • This comment has been flagged by the community. Click here to show it
         
        identicon
        Digitari, Oct 2nd, 2013 @ 3:15pm

        Re: Re: Insert OOTB incoherent borderline schizophrenic rants

        OOTB, are you looking in a Mirror when you write some of this stuff???



        (sometimes it's freaking eerie)

         

        reply to this | link to this | view in chronology ]

  •  
    identicon
    Scote, Oct 2nd, 2013 @ 3:14pm

    Wow...

    So, to spy on one guy they wanted the company to give them the encryption key that would allow them to decrypt **all** Lavabit email traffic from the NSA's internet backbone taps. That means they would have been able to **retroactively** decrypt all of Lavabit's (including Snowden's) earlier emails if the NSA stored the Lavabit traffic as part of their huge data dump of encrypted traffic, as well as all future traffic. That is not narrowly tailored, not in the least.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 2nd, 2013 @ 3:47pm

      Re: Wow...

      This is why no attempt at reforming the NSA will succeed unless they are denied the capability to engage in massive domestic surveillance. Prohibiting them from demanding or obtaining private keys from service providers would be one such denial.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      James Burkhardt (profile), Oct 2nd, 2013 @ 3:56pm

      Re: Wow...

      Except that the 'one guy' that is the excuse for this isn't the real target. The real target is all of the rest of the information. Thats why the court order wasn't targeted. Because Snowden was just an excuse.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    Sunhawk (profile), Oct 2nd, 2013 @ 3:28pm

    Hats off to Levison; that's the kind of principle I would like to see in my email provider.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 2nd, 2013 @ 11:37pm

      Re:

      ... and your next email provider, and the one after that.

      I agree I'd rather a provider who follows this approach than one who doesn't, but I'd even-more-rather a provider where it's not even a concern (if such a thing is possible)

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Scote, Oct 2nd, 2013 @ 3:34pm

    Can the government legally force a business to commit fraud?

    Can the government legally force a business to commit fraud? That is what they were asking Lavabit to do, to fraudulently proclaim to provide security while, in fact, doing the opposite. Would Lavabit get that "Telco Immunity"? Or would he, as a mere email provider be subject to prosecution for lying to the public if he followed the government directive?

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      beltorak (profile), Oct 2nd, 2013 @ 8:13pm

      Re: Can the government legally force a business to commit fraud?

      lavabit was a bit player in the cyberscene, so of course they would not get immunity. the major teclos however; now you are talking real money.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 2nd, 2013 @ 3:35pm

    This is why we have forward secrecy (ie. generate a brand new shiny session key for every session that is thrown away after use)... It would force them to do active MiTM which is much more detectable.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 2nd, 2013 @ 4:58pm

      Re:

      Many servers do not implement forward secrecy, it is more CPU intensive to do so. Heck its not even required to be PCI Compliant (Payment Card Industry)

      The technology exists, getting people to use it is the problem.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      beltorak (profile), Oct 2nd, 2013 @ 8:16pm

      Re:

      I really fail to see how this would stop anything. if you implement forward secrecy and are given the order to provide decryption keys, you will be convicted if you fail to do so. if you say "that's not how the software is written" they will respond with "so what? it's open source. modify it and save all ephemeral session keys.".

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 2nd, 2013 @ 11:12pm

        Re: Re:

        AT which point you go public as loudly and as vociferously as possible.

        And then you publish all documents sent to you. And then you dox the fuckers and make THAT info public too.

        After all, if they have nothing to hide...

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Oct 3rd, 2013 @ 1:07am

          Re: Re: Re:

          And then you're put in the same torture chamber that Manning is in.

          He probably made the best decision for himself: He can't decrypt his service if his service doesn't exist. It's part of the EULA to discontinue it at any time for any reason, so the secret courts will be having a bitch of a time trying to argue that he broke the law by discontinuing it.

           

          reply to this | link to this | view in chronology ]

        •  
          icon
          Anonymous Howard (profile), Oct 3rd, 2013 @ 4:38am

          Re: Re: Re:

          Or do your business as far away from the US as possible.. in china?

           

          reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 3rd, 2013 @ 1:05am

      Re:

      His stance always was "It is not possible for me to read your email"

      There's a possibility that he didn't comply not because of his morals, but because of his inability to do so. But good luck explaining that to the secret courts whose only answer to everything is "How soon can it be done?".

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    christenson, Oct 2nd, 2013 @ 3:39pm

    ..every company SHOULD act this way...

    We all know that SHOULD has a habit of falling apart when it meets reality, just as no plan survives contact with the enemy.

    Indeed, Kudos, Mr Levison, for a very difficult decision under tremendous pressure.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 2nd, 2013 @ 3:44pm

    Notice that the NSA wanted to READ THE EMAILS, you know, what they claim they don't do. Is anything more need to be said about the lies of the NSA?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 2nd, 2013 @ 3:49pm

    Even though these actions are appalling and disturbing, it has given us the long-needed proof of said actions.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 2nd, 2013 @ 4:05pm

    If the US Gov got ahold of Lavabit's private SSL key, and Lavabit wasn't using Perfect Forward Secrecy. Then the US Gov would be able to intercept every single Lavabit user's email account password.

    Simply by passively eaves dropping/intercepting all SSL traffic from internet backbone exchanges. With Lavabit's private SSL session key, they could then decrypt the packets and view the plain text email password inside each intercepted packet.

    Please, don't get confused and tell me Lavabit's passwords were hashed before being sent out over the wire. This most likely is not true. At least from what I've read about Lavabit's cryptographic setup, which seemed entirely server-side.

    It's true that Lavabit passwords are stored in hash form on Lavabit's servers themselves. However, the email passwords were most likely transmitted in the clear over the wire (not counting SSL encryption, which would have been useless if US gov has SSL private session key). Then the servers themselves, performed the hashing operation on the clear text password. Verifying if the server computed hash matches the hash value stored on the server's hard drive.

    So yes, passwords were stored in hash form on the servers, but the servers themselves were doing the hashing AFTER receiving the user's plain text password over the wire.

    The only way a client can send a hashed password over the wire, is through client-side software. Hashing can be done using javascript code running inside a client's web browser, but from what I read it doesn't seem like Lavabit was doing this.

    So in order to prevent every single customer's password from being sniffed off the internet backbone. Lavabit would have needed to use SSL with Perfect Forward Secrecy or would need clients to hash their plain text email passwords client-side, before sending them over the wire to the server.

    Even then, all it would take is a National Security Letter and gag order, signed by the Secret Rubber-Stamp Court. To insert a backdoor into the client-side software, and compromise all customers, or select customers, passwords.

    This is why I no longer do business with American IT companies. You never know what the Secret Rubber-Stamp Court is going to do next, and what kind of gag orders they'll deploy to shut everyone up. Or throw them in prison.

    I just wanted to explain how the US Gov could intercept all the passwords, for all of Lavabit's customers, if the US Gov had possession of Lavabit's private SSL key.

    Unless Lavabit was using Perfect Forward Secrecy. In that case, being in possession of the private SSL key would do the US Gov no good. Every single client connecting to Lavabit, would have a uniquely generated private session key. With no way to decrypt all those encrypted sessions. Even if the US Gov did have Lavabit's private SSL key.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 2nd, 2013 @ 4:55pm

      Re:

      What makes you think the NSA doesn't already have a backdoor into the SSL security layer for all internet traffic (not that they would admit it)?

      Just saying....

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 2nd, 2013 @ 5:00pm

        Re: Re:

        Um the fact they came seeking the keys tells me that they do not already have a backdoor into SSL.

        Logic dictates that if they had a backdoor, they would not need to ask for the key.

         

        reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 2nd, 2013 @ 7:07pm

      Passwords and encryption

      1. Client-side password hashing is no different than making the hash itself the password and transmitting that password over the wire in plain text. Just copy the hash and you're in.

      2. You don't ever want to send encryption passwords or their hashes over the Internet. The proper way is to encrypt locally and send encrypted messages only. Besides, if you're doing encrypted email you're probably using PKI, which doesn't require any passwords be used or transmitted.

      3. As you've pointed out, client-side software is vulnerable to being replaced with compromised versions. This is why your email provider should never be the same legal entity as the one which distributes the client-side software. This is why encrypted Webmail will never work.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 2nd, 2013 @ 11:07pm

        Re: Passwords and encryption

        You're right. Using a hash for a password would defeat the purpose. Unless symmetric key wrapping is used.

        1. User creates a new account and chooses a password. That password is used to wrap (encrypt) a symmetric key inside an outer AES encrypted 'shell'.

        The user needs to know the correct plain text password to unlock the outer AES 'shell', in order to gain access to the symmetric key wrapped inside the outer AES shell.

        User also generates a hash of their plain text password. User then sends this hash value, plus the wrapped symmetric key, to the server for storage. This is all done with client-side software during account signup.

        2. In order to log into the server, the user creates a hash value of their plain text password, and sends this hash value to the server.

        2. Server compares the received hash value to the one it has on file for that user's account. If the hash value matches, server sends the user back their wrapped symmetric key.

        3. User unlocks the wrapped symmetric key using their plain text password. User can then encrypt and decrypt all email messages using that unlocked symmetric key.


        The only thing the hash does, is verify the user knows the correct plain text password, at which point the server will send the user their wrapped symmetric key.

        The hash cannot unlock the outer AES encrypted shell, wrapped around the symmetric key. Only the user's plain text password can unlock the outer wrapping (shell). The plain text password never gets sent to the server over the wire. The plain text password never leaves the user's computer.

        Of course all the encryption would have to be done client-side. Which is probably why Lavabit never attempted it, because doing encryption client-side is much harder than doing it server-side.

        On a bright note though, the user never has to worry about loosing their private encryption key, because it's stored (encrypted) on the server. Which avoids all the PKI key distribution headaches.

        I realize I wasn't clear about all this in my first post, but I was trying to keep things simple and not long winded. I just find cryptography an interesting subject, but I'm far from a cryptography specialist.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    ChurchHatesTucker (profile), Oct 2nd, 2013 @ 4:42pm

    My favorite bit

    ...is when he handed over the SSL keys as printouts. In 4pt type.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    PopeRatzo (profile), Oct 2nd, 2013 @ 4:48pm

    Heroic corporate leader

    If Mr Levinson decides to start a new venture, all he needs to do is put it on kickstarter, and I bet it will be funded in no time.

    I know I'd drop $100 on just about anything he does.

    He's a hero.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 2nd, 2013 @ 5:08pm

    If the NSA had a backdoor for all SSL traffic, then they wouldn't have needed to ask Lavabit for their private key.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 2nd, 2013 @ 6:17pm

    Kudos as well to the federal court judges for promoting the rule of law...

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Oct 2nd, 2013 @ 8:38pm

      Re:

      To which law do you refer?

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 2nd, 2013 @ 11:15pm

        Re: Re:

        The bad ones that prohibit even the dissemination of the fact that you've been asked to commit a crime in the name of "safety".

         

        reply to this | link to this | view in chronology ]

    •  
      icon
      Mike Masnick (profile), Oct 2nd, 2013 @ 11:22pm

      Re:

      Kudos as well to the federal court judges for promoting the rule of law...


      Huh? I don't see anything remotely resembling that here at all. It looks like a very confused judge who didn't seem to care that the remedy the gov't sought would completely decimate the privacy of 400,000 users.

      That's not the rule of law at all.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Wolfy, Oct 2nd, 2013 @ 6:36pm

    I'm sure Mr. Levison could use your donations to his legal defense fund...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 2nd, 2013 @ 8:56pm

    So to sum up, it's non-targetted, it would intercept *all* Lavabit users. 'Probable cause' doesn't have any meaning in that instance.

    They also wanted to do it in a way that would let them not just read emails but also write fake emails. i.e. write fake untraceable evidence, since emails can and are used as evidence.

    "accomplish the installation and use of the pen/trap device"

    They've also substituted a 'device' for the request for data. So instead of the data being handed over in a way that a court can verify (and Lavabit can verify in its role as guardian of the data), a black box is added with an unverifiable promise that it only does legal stuff and grabs nothing else. The leaks show these devices go far beyond their legal remit.

    The judge, a non-techie, trusts the badge, without understanding the issue.

    "“He’s had every opportunity to propose solutions to come up with ways to address his concerns and he simply hasn’t.”"

    *He* should address HIS concerns? What some sort of self arguing?

    "“It filters everything, and at the back end of the filter, we get what we’re required to get under the order....No one looks at that, no one stores it, no one has access to it."

    Liar. It splits the data into filtered and unfiltered. The filter is made available to the FBI agent, the unfiltered+filtered is stored in the NSA giant database aka 'lockbox'. General 'collect it all' collects it all. We got that from the leaks.

    But the key to me is, IT LETS THEM FAKE COMMUNICATIONS. He would be handing over a key that would let the NSA make fake & send emails, impersonating any Lavabit user with an audit trail that would pass forensic investigation. I assume that was the intention when they didn't just want Lavabit's email, they wanted the ability to put a device in with Lavabits own SSL keys.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Marak, Oct 2nd, 2013 @ 9:49pm

      Response to: Anonymous Coward on Oct 2nd, 2013 @ 8:56pm

      Thats a bloody good point you make.

      Why not ask for access to decrypted emails instead of asking for the ability to pretend to be the user?

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Oct 2nd, 2013 @ 11:16pm

        Re: Response to: Anonymous Coward on Oct 2nd, 2013 @ 8:56pm

        Because that doesn't account for the rampant data theft that the US Government (through the NSA) wants.

         

        reply to this | link to this | view in chronology ]

  •  
    icon
    Ninja (profile), Oct 3rd, 2013 @ 3:43am

    Closing down was the ethic decision. The guy surely made several fans. And now he's going activist. Talk about unintended consequences ;)

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 3rd, 2013 @ 5:28am

    hero

    lavabit is right ! government has gone to far and people need jail time for crimes they are committing against americans avg joes not terrorists

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Kent Henry, Oct 15th, 2013 @ 7:58am

    $5k fine

    I'm curious as to the justification for the fine. I mean, isn't that important?

    If it is legal, what the hell kind of law allows for that. "Tell us WHATEVER we want or else we fine you, because I'm a judge and f*** you"

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This