US Government Seizes Email of WikiLeaks Volunteer 217
bs0d3 writes "The U.S. Department of Justice has forced Gmail and Sonic.net to hand over the personal information of Jacob Appelbaum, a WikiLeaks volunteer. Sonic says they fought to keep the DoJ out of Appelbaum's records, which was very expensive but 'the right thing to do.' Google said, 'we comply with the law,' although 'Both Google and Sonic pressed for the right to inform Mr. Appelbaum of the secret court orders, according to people familiar with the investigation.' The collected information and the nature of the investigation remain classified. Applebaum's Gmail correspondence seized by the DoJ dates back to November 1, 2009, which is believed to be the month that WikiLeaks contributor and Army Private Bradley Manning allegedly began communication with Julian Assange. Last year, federal prosecutors used a similar subpoena to obtain information pertaining to Applebaum's Twitter account."
The three basics of sensitive e-mails (Score:2, Insightful)
2. Encryption
3. Encryption
Re: (Score:3)
1. No Free E-mail
2. No Free E-mail
3. No Free e_mail
However, applause to Sonic.net (and to a lesser extent google) for fighting the DoJ (and at least fighting to inform the user).
-nB
Re: (Score:3)
Re: (Score:2)
If you can get Sonic's Fusion product, AT&T can't compete with that.
Disclaimer: I am a very happy Sonic Fusion customer.
Re: (Score:2)
Re: (Score:3)
1. No Free E-mail
The government can seize a server from your home, your ISP or anywhere else they wish. This has nothing to do with email being free or not, but where the server is based, and whether your government has power (or influence) over the local law enforcement at that location.
Re:The three basics of sensitive e-mails (Score:5, Insightful)
Even non-sensitive emails may have some value to a government on a witch hunt. It only takes six lines written by the hand of the most honest man...
Re: (Score:3)
Even non-sensitive emails may have some value to a government on a witch hunt. It only takes six lines written by the hand of the most honest man...
You're missing a few lines, please elaborate! :o)
Re: (Score:2)
You're missing a few lines, please elaborate! :o)
I'm probably being trolled, but...
~Loyal
“Give me six lines written by the most honorable of men, and I will find an excuse in them to hang him”
Cardinal Richelieu
Re: (Score:2)
...furthermore: don't leave your email on the server, use an ISP in a country that isn't hung up on trifling matters such as these and preferably an ISP that isn't organised enough to keep a copy of every email that goes in or out; use a VM, they're unlikely to archive the entire TCP stream going in and out of it.
Re: (Score:3)
Sure, that will stop the government: http://xkcd.com/538/ [xkcd.com]
This is a problem that can only be fixed by fixing the government, no technological solution exists.
Re: (Score:2)
Rubber hose cryptography is not unbeatable, but you need to build around that expectation.
"Rubber hose cryptography"?? (Score:2)
There is a difference. How do you intend to encrypt something with your rubber hose? (No, seriously! I can think of one scheme, thought it's hardly secure.)
Re: (Score:2)
Re: (Score:2)
no technological solution exists.
That's simply not true. [wikipedia.org] An implementation of the idea [truecrypt.org]
Re: (Score:2)
If you encrypted a document with an encryption key that was randomly generated and then wiped from all records it is still an offence to not hand over the key when asked for it - even though there is no way you could know it. This is the reality of the laws that are being passed nowadays in the wake of 9/11 security theater.
Re: (Score:3, Funny)
You may of missed the point that the DOJ didn't want the guy to know they were reading his mail.
I think he might have guessed if they were pulling his fingernails out and screaming "what is your email password!"
The problem is the law (Score:5, Insightful)
As I understand it, the 4th Amendment is generally extended to cover contents of communications, meaning a warrant is supposed to be required for such contents. However, as I understand it, the current laws make a difference between recent communications and less recent ones, meaning that old emails can be obtained at a lower burden (and via a subpoena) while newer emails may require a warrant.
Note that all that is required for a subpeona is for the DoJ to say they think there is content in the emails which probably relates to an on-going criminal investigation..... So historical data is up for grabs just because someone thinks it might be relevant.......
Note that these apply only to communications hosted on third parties. It seems to me prudent to actually download all your communictions and stop relying on either IMAP or webmail interfaces, so that the contents can no longer be subject to subpeona.
Re: (Score:2)
You are making the assumption that even if you don't use webmail or IMAP that there will not be old copies of your mail floating around. As we all know google does everything fast, except deleting data.
If you really want to be secure I would suggest using your own mailserver, but this is not realistic for 99+% of the population.
Heck, I don't even own my mailserver (though it is private, on a virtual host on another ISPs machine).
-nB
Re: (Score:3)
If you delete your emails, at least, then I would think that there might be stronger 4th Amendment grounds to challenge government possession of said emails via a subpoena. IANAL though.
Re:The problem is the law (Score:5, Insightful)
As I understand it, the 4th Amendment is generally extended to cover contents of communications, meaning a warrant is supposed to be required for such contents.
There's no "supposed to be" about it. Warrants are required for legal access to personal communications.
However, as I understand it, the current unconstitutional laws make a difference between recent communications and less recent ones
FTFY.
Re: (Score:2)
Re: (Score:2)
Define "impunity."
Re: (Score:2)
No. Disobeying unconstitutional or unjust laws is an act of civil disobedience: you do the crime, you then either accept the punishment or fight it in the courts. As the anonymous sibling said, "only if you have more firepower" - but I'd instead say it's more about if you have lawyers and money.
Re: (Score:2)
Re: (Score:2)
Since the 4th Amendment doesn't have an unless they're old clause, I find that differing treatment to be highly suspect.
If there could even be some logical reason to treat old communication differently, it would have to be relevance. Of course if the police want to see it, it clearly isn't old enough to have lost relevance yet.
Re: (Score:2)
I agree the jurisprudence is a problem here. But the issue comes from challenges in the 1970's to the Banking Secrecy Act where the court ruled that financial records in a bank were not protected by the 4th Amendment. In theory there isn't a close reason to see messages on a web server as being protected by the 4th Amendment if we accept that logic because they are stored in the commercial sphere, just like banking records, what cold medicine you buy, etc. Of course this is exactly why William O Douglass
Re:The problem is the law (Score:5, Insightful)
...thanks again, Dubya...
http://en.wikipedia.org/wiki/USA_PATRIOT_Act#Details [wikipedia.org]
The Act was passed in the House by 357 to 66 (of 435) and in the Senate by 98 to 1 and was supported by members of both the Republican and Democratic parties.
Both parties started this, and both parties have continued to support this act. (You'll notice that the Dems didn't repeal this when they had full control of the House, Senate, and Presidency). The sooner you stop thinking there is an 'us' and 'them' when it comes to the two parties, the better off you will be.
Re: (Score:2, Insightful)
Re: (Score:2)
The sooner you stop thinking there is an 'us' and 'them' when it comes to the two parties, the better off you will be.
Nah. He's screwed either way. Give him his little delusion, won't hurt.
Re: (Score:2)
It doesn't help when they don't want to appear weak on terrorism. This kind of thing happens in England too. It's stupid, and just shows how many idiots there are. Of course all this will be resolved when I become the benevolent dictator
Re:The problem is the law (Score:5, Informative)
2011 US House reauthorization of the PATRIOT Act (HR 514):
Republicans:
Yea - 210
Nay - 26
No vote - 5
Democrats:
Yea - 67
Nay - 122
No vote - 4
In 2011, 35% of Democrats voted to reauthorize the PATRIOT ACT and 87% of Republicans do. The sooner you stop thinking that there are no differences between the parties, the sooner you can realize that your vote actually does make a difference.
I know that it's popular to trumpet the 'there is no difference' line on Slashdot. But instead of doing that, why not do some actual research into the positions and voting records of your candidates? Maybe then you will figure out that there *are* real differences and that the reality of a complex representative political system means that you are going to disagree with your representatives on a good number of issues.
Re: (Score:3)
The sooner you stop thinking that there are no differences between the parties,...
How large are the blinders that you are wearing that allowed you to overlook the fact that a Democrat president signed the extension? Or that 80% of Democrat senators voted for it? Or that the Democrats didn't bother to throw this piece of shit law out when they had full control for two years?
...why not do some actual research into the positions and voting records of your candidates?
Oh, sweet irony...
...the sooner you can realize that your vote actually does make a difference.
I already do realize that, which is why neither of these two parties get my vote.
Re: (Score:2)
The PATRIOT act doesn't supercede the bill of rights.
Besides the problem here is not the USAPATRIOT act, but rather the Stored Communications Act.
Re:The problem is the law (Score:5, Insightful)
The problem is that the Patriot Act (thanks again, Dubya.)
You mean "thanks again, Dubya and Obama". Obama signed an extension earlier this year.
Re: (Score:3)
Rule 1: (Score:2)
Re: (Score:2)
Re: (Score:3)
Colocate a server that's using whole disk encryption? Although they would probably just compel you to give up the key, although I seem to recall the EFF was arguing that should be covered under the 5th amendment.
Re: (Score:2)
You COULD always plead the 5th to avoid giving them the key but in this day and age I imagine they'd probably throw you in jail or something worse.
Re: (Score:3)
In England they've already got that covered with the RIPA - which IIRC requires you to give up passwords, and denies you any whistle blowing.
Re: (Score:2)
Truecrypt already has that covered with hidden volumes.
Re: (Score:2)
They'd still need a warrant, which means a lot more than telling a judge they think there is probable evidence that is somehow relevant to a case in order to get a subpoena.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
It's a lot harder to get a warrant to break down your door and take your computers than it is to subpoena records from Google.
Re: (Score:2)
Better yet encrypt the drives and then plead the 5th when they ask for the boot password.
Re: (Score:2)
Re: (Score:2)
Run your own mail server.
Download it all to your own client and choose a good client.
curious.. (Score:3)
Isn't one of the requirements for legal action the notification of what specific charges one has filed against him, for the purposes of a speedy and competent defence?
Since when does the government have the authority to conduct secret searches, siezures, and investigations of private citizens without disclosure of an offical charge?
Re: (Score:2)
I think the thinking goes that you are not required to be notified that you are a person of interest. If they do not charge or detain you, I don't think you are legally entitled to be notified (*should* be notified, yes, required? I don't think so). IANAL, if there is AL here I would appreciate it if they could confirm this.
Re: (Score:2)
Is this not in direct contravention of the 4th amendment?
Was not the spirit of the 4th amendment to prevent abuses of government against private citizens?
Are there not constitutional provisions preventing legal and judicial reprisals against witness testimonies?
From what rational and legal, as defined by the terms granted by the constitution, does the federal government assert authority to demand such information and papers without first lodging a formal charge, and issuance of a proper subpoena via a lawfu
Re: (Score:2)
Is this not in direct contravention of the 4th amendment?
The 4th Amendment doesn't always apply anymore, especially in high-profile cases (this relates to Wikileaks, i.e. front page news), or much at all in California, where the courts and Governor agree that your phone (think about what a smartphone does) can be searched without a warrant. If this doesn't scare you, it should. This exemplifies a recent and major swing in the balance of power, in favor of those in office or who already have the power. Most of us will still be okay most of the time, but if we piss
Re: (Score:3)
Re: (Score:2)
It certainly is a violation of the 4th. It's why the courts are joining the police in the steady loss of respect amongst the people.
Re: (Score:3)
Since when does the government have the authority to...
Since the moment they decided to assume that authority, and nobody stopped them.
Re: (Score:3)
Since 1986 (It is all explained in the article). Further, he hasn't had any charges filed against him.
Re: (Score:2)
Three words: National Security Letter
Re: (Score:2)
Since the US government used a terrorist attack to pass all kinds of new laws (most of which would not have helped stop 9/11)
Re: (Score:2)
Since Bush in 2001. (PATRIOT Act). Extended by Obush in 2011.
The terrorists won.
Re: (Score:2)
This particular law is codified into the foundational fabric of the document which gives any power whatsoever to said government. Said document explicitly states that any and all powers and authorities not explicitly granted to it by that document or by legal bodies produced through the procscribed proecess therein, are reserved to the individual states and citizens respectively.
The government has therefor already denied itself such authority, and granted authority to the states and private citizens to enf
Re: (Score:2)
1) I am not interested in, nor did I solicit your opinion, weak minded, repititious, and disturbed troll.
2) this sentence does not make sense. My mother has only one face, and while old and wrinkled, is certainly not that of a fool, as she holds 3 degrees in hard sciences. This clearly illustrates my prior assertion about your competency to conduct a civilized and informed discussion, so no further evidence on your behalf is needed, thank you.
3) yes, the constitution can and has been amended in the past. Ho
Re: (Score:2)
*gigglesnort*
Damn you George Bush!!!! (Score:5, Funny)
I will be soooo glad when that fascist George Bush is out of the White House! Shit like this will not happen when Obama is finally inaugurated! Change is coming!
Re: (Score:2)
Umm.... the law in question was signed by none other than Ronald Reagan. It's the Stored Communications Act, signed in 1986.....
Re: (Score:2, Informative)
Man, the Demoplican party must have a huge cache of mod points because anything that points out the truth about Obama gets modded down.
Glen Greenwald had a great piece yesterday on how people who once vehemently attacked Bush for secret legal memos (*) and civil liberties violations, are doing the same things they decried with secret memos and worse civil liberties violations now that they are part of Obama's presidency. Civil liberties would have been safer with a Republocrat in office because then the De
Re:Damn you George Bush!!!! (Score:4)
Actually, it does bring something useful to the conversation, because most anti-Bush people do believe this is somehow all Bush's fault, and that Obama is blameless, and Vinegar Joe is doing his part to help bring the Obama supporters to reality.
Obama supporter, 2005: "the TSA's actions are violations of privacy."
Bush supporter, 2005: "we need to put aside concerns of privacy so we can be safe from terrorists."
Obama supporter, 2011: "we need to put aside concerns of privacy so we can be safe from terrorists."
Re: (Score:2)
Here's a conceptually similar cartoon:
http://americanextremists.thecomicseries.com/comics/123 [thecomicseries.com]
Re: (Score:2)
Wow, that whole comic series really hit the nail on the head with Obama and his followers. Thanks for the link!
Re: (Score:2)
"We know this isn't a matter of Republican/Democrat."
Some do, and others need it hammered home that the HNIC is as much a piece of shit as the Shrub he replaced.
"
Re: (Score:2)
you mean like... deep dish?
Encrypt everything (Score:5, Insightful)
Re: (Score:2)
Encryption does very little when they wanted to know info in the (unencrypted) headers: who he was talking to, and where/when.
Re: (Score:2)
Re: (Score:3)
And when you're sitting in Jail for 30 days as a suspect terrorist I am sure you will be more than willing to give them your keys and passwords to all your encrypted information just to be free again. Encryption only prevents people from listening in, it is not very effective when you have been arrested or the law compels you to give over your password.
Re: (Score:2)
The trick is to avoid being caught in the first place; Encryption is a liability once you are.
well... (Score:2)
Re: (Score:2)
At least they didn't just have a drone fire a hellfire missile into his apartment.
No, Lulzsec are doing that, now that they have control of the drone craft by way of their carefully crafted virus ;-)
Re: (Score:2)
That might be one reason why they're so reluctant to let him back in the country whenever he returns from a conference.
@ioerror Every single time I re-enter the US, I am denied information about why I have been selected, detained, and so forth. It's clearly not random
Re: (Score:2)
And yet people use webmail (Score:4, Insightful)
Re: (Score:2)
Well, for one, Appelbaum travels a lot. Sometimes to the US. His laptop has been confiscated by CBP before, if I remember correctly. So your solution amounts to dramatically increasing both the likelihood that you lose all your e-mail and the likelihood that you have a ton of encrypted data that annoys border security. Which might be "the right thing" but is hardly convenient if you're a traveling volunteer.
GPG won't do a damn thing to protect what the government asked for, which is e-mail headers.
Re: (Score:2)
Re: (Score:2)
Why would *anyone* involved in something as sensitive as WikiLeaks trust a webmail provider of any kind, or any third-party email storage?
Good question, but what makes you think he used it for WL stuff?
Re: (Score:2)
Especially a mail service located within the United States.
Ditto (Score:2, Insightful)
I'm frankly amazed that PGP / GnuPG hasn't caught on by now. I mean, it's almost 2012 for pete's sake - why are we still sending emails in the clear? Maybe events like this will make people rethink the importance of privacy in communication...
Re: (Score:3)
Obviously, encryption only means you have something to hide.
Add to that, you're posting as AC, what exactly are you hiding?
We have verified your IP address, please stay put.
Our agents will be with you shortly.
Contributor to the tor project (Score:2)
Jacob is a contributor to the tor project, I am sure he is extremely aware of the privacy issues of using an email provider.
Re: (Score:2)
Jacob is a contributor to the tor project, I am sure he is extremely aware of the privacy issues of using an email provider.
You'd think so, but then why would he be anywhere near gmail?
Re: (Score:2)
If he used that address for anything security or privacy relevant, it's surely encrypted.
This isn't scary for the threat to Jacob Applebaum's secrets so much as for the precedent and principle. We can't all afford, effort-wise, to be as security-conscious as tor developers are. Yet if our email records can be forced from us without charges filed, then we need to be in order to keep our privacy.
Re: (Score:2)
Re: (Score:2)
Jacob is a contributor to the tor project, I am sure he is extremely aware of the privacy issues of using an email provider.
You'd think so, but then why would he be anywhere near gmail?
Why does anyone else use gmail? The issue is not what he may/may not have said in the email, the issue is why has the US replaced "probable cause" with a star chamber [wikipedia.org]?
Technical solutions don't matter! cDc and TOR! (Score:3, Informative)
I see a lot of talk about technical solutions, not using free email, et cetera. If you think things through, you will see that none of that matters at all. Firstly, it's a safe bet that someone in the US Government not hampered by even the pretense of following the law already had all Jacob's official correspondence, encrypted or not. As I've posted multiple times already (see my previous posts), AUSCANNZUKUS has had access to a production quantum computer system capable of cracking PKI for many years, running as a virtual quantum machine on a winner-take-all style recurrent topological quantum neural network based on a physical system composed of non-abelian anyons (e.g. solitons) in a two-dimensional electron gas (e.g. in a HEMT, now present in most computers). For insight into this little-known factoid, digest this [nobelprize.org] published [wikipedia.org] research [arxiv.org]. Presumably, someone tipped off DOJ that there was something in Jacob's correspondence worth looking at. For those of you not yet willing to believe that PKI was cracked long ago, it's also rather trivial to inject a key logger onto most anyone's system, which is just as good as cracking PKI and ALSO defeats synchronous shared-secret cryptography. Personally, I'm disinclined to believe in such things, but I saw indirect evidence of it and figured out (after years of monomaniacal research) exactly what it must be and how it must work. Email me for details, or wait for the book.
Second, to the silly posters who wish to teach Jacob security fundamentals, you should be aware that he MAINTAINS THE TOR PROJECT, and is a member of the cDc. He certainly knows more than you or I about security fundamentals, and I've been a CISSP for years, wrote banking software, and was a security lead for Symantec. Do you really think that the MAINTAINER OF THE TOR PROJECT does not know how to become anonymous online? Hacktivismo is a spin-off of the cDc, and Wikileaks is a Hacktivismo project. That detail still has not been in the media, as far as I can tell, but it is obvious to anyone who looks into the topic, and is certainly known to three-letter agencies. Just google for "disruptive compliance" and their mission statement floats right to the top (this is a Google hack, from the people who wrote Goolag). Consider Wikileaks, and then answer this question posed by that document in 2003 (the year the Wikileaks project began), "But what disruptively compliant, hacktivist applications shall we write?"
Third, in case this hasn't been pointed out before, Wikileaks did not break any laws. If they had, you can bet the US DOJ would have ALREADY charged someone with something, rather than trumping up a sex offense at just the right time. FYI, the Swedish attorney who charged Julian Assange with a sex offense is the SAME Swedish attorney who represented the CIA for the Extraordinary Rendition [wikipedia.org] trials, which makes him a CIA asset by definition. What Jacob Applebaum did was travel to Iceland and meet with other Wikileaks people for a few weeks. It's safe to say there was online correspondence, too. It's also safe to say, unless someone was downright stupid, that any truly sensitive communication was done anonymously. The ENTIRE POINT of Wikileaks was to set up the document submission policy to keep submitters anonymous, to make it IMPOSSIBLE to pressure the Wikileaks journalists into revealing sources (as governments have done to so many journalists recently). You can't tell what you don't know! If a source (e.g. Private Manning) is foolish enough to REVEAL THEMSELF then they are going to get in trouble. Even then, one can make a VERY STRONG argument that the documents he leaked (assuming he did it) reveal WAR CRIMES, in which case he was morally AND LEGALLY required to leak them, given that the usual chain of command was CLEARLY n
I can't be the only one (Score:2)
to think, why would anyone doing anything anti gov or illegal use a free email server or even keep the emails on the server. Cant be that hard to download all your emails from a hosted server and store them on an encrypted usb drive. Would it have been that hard to pay $20 per year for a shared hosting/vps not on US soil?
Re: (Score:3)
Did you think Google deletes email you download?
There's Law for YOU and Law for THEM (Score:4, Insightful)
Accept the facts: the rules that apply to you do not apply to the government, especially the secret bits of it. Not because you can't find a statute to support your argument, but because they DON'T CARE and will ignore the rules when it suits them.
And they have bigger, badder guns than you do, and are able to send you off to foreign prisons if they figure it will shut you up.
In movies the Good Guys can win. This is real life though.
Surprising (Score:2)
Considering the United States is already pretty much strip-searching him whenever he goes near a border, you'd think they already know far more about him than they wanted.
Apparently there's a sort of "Do Not Fly Without TSA Harassment" list.
Message to Jacob Applebum and his sister (Score:2)
Bonita, Bonita, Bonita.
Crypto isn't the point (Score:2)
The point isn't "sucker should use crypto" or "well
Re: (Score:2)
And that's a federal DA speaking, like I get he convicts pedos and murders and stuff, but have you ever heard of justice and ethics dude? Your DA score card isn't worth 1/1000 of a human life.
The way I see it, prosecutors forget the reason why they are immune from prosecution. Our Founding Fathers intentionally stacked the deck against the government to reduce the possibility of the innocent being convicted. But they gave prosecutors this ultimate power, this reminder, their immunity, which is intended so that they can afford to be just without external influence like politics, bribery, extortion, or prosecution. Most prosecutors at all levels seem to regard their immunity as though they were a