The company whose message-scrambling software is being adopted across Silicon Valley has had a first legal test of its commitment to privacy.
Open Whisper Systems—whose Signal app pioneered the end-to-end encryption technique now used by a swathe of messaging services—was subpoenaed for information about one of its users earlier this year, according to legal correspondence released Tuesday.
The American Civil Liberties Union, which represented Open Whisper Systems, says the company didn't produce the user's name, address, call logs or other details requested by the government.
"That's not because Signal chose not to provide logs of information," ACLU lawyer Brett Kaufman said in a telephone interview. "It's just that it couldn't." Created by anarchist yachtsman Moxie Marlinspike and a crew of surf-happy developers, Signal has evolved from a niche app used by dissidents and protest leaders into the foundation stone for the encryption of huge tranches of the world's communications data.
http://phys.org/news/2016-10-subpoena-privacy-encrypted-messaging-app.html
[More Details At]: New Documents Reveal Government Effort to Impose Secrecy on Encryption Company
[Also Covered By]:
The Washington Post
ABC News
[Legal Correspondence]: Legal correspondence released by the ACLU:
(Score: 3, Insightful) by Arik on Tuesday October 04 2016, @09:54PM
Exactly. It's almost certainly compromised and we don't know exactly how. And you act like this is reassuring?
"Spying on a commercial cell phone user, on the other hand, is not merely technically trivial and perfectly legal, but has been fully implemented by now, in all likelihood, so I don't see much of a contradiction in drawing a line here."
All such hardware is clearly deeply compromised, and not only by design, but also by incompetence in many cases.
"As miniaturization continues and hardware becomes "smarter", we will have to tackle this problem with the same degree of urgency and scrutiny, but for now, I think, we would be consistent in pursuing software freedom without necessarily asking just as much from the hardware in the same breath."
That sounds like a very myopic lesson to take from this.
Free software is absolutely important, important enough even to preserve through a period of compromised hardware, but its promise requires trustable hardware to be fulfilled.
If laughter is the best medicine, who are the best doctors?