CDR: New email could confound law enforcement
By Cecily Barnes Staff Writer, CNET News.com September 22, 2000, 12:20 p.m. PT URL: http://news.cnet.com/news/0-1005-200-2841067.html A start-up is set to release a novel messaging service that lets people send heavily encrypted email directly to each other, a development that could be a boon for privacy advocates but a headache for law enforcement authorities. AbsoluteFuture.com of Bellvue, Wash., has dubbed its service "SafeMessage," describing it as a "direct messaging" service that transmits messages from party to party without the use of a central server. This distinction is significant because email, which always passes through mail servers, leaves a trace copy of itself that can be subpoenaed, read or otherwise accessed by unauthorized readers. Besides bypassing a central server, the messages are heavily encrypted and are programmed to be automatically erased after a period of time designated by the sender. The encryption not only prevents outsiders from reading the message, but also limits the message recipient's ability to forward, cut and paste, or print the message. "(Email) leaves a permanent trail," said CEO Graham Andrews. "Not only on your computer and the receiver's computer, but also three or four servers in the middle." Whether or not direct messaging can strip away all traces of a document sent over the Internet is unclear, as the system does not do away with the need for an Internet service provider to allow parties to share files. "It's certainly going to pass through the server that connects you to the Internet and the server that connects the recipient to the Internet, but it will not pass through the typical mail servers," said Tony McNamara, AbsoluteFuture's chief technology officer. Amid growing concerns about privacy on the Internet, more people are inquiring about the secure transfer of data online, especially in instances of financial and banking data. AbsoluteFuture joins a growing list of companies that are responding to this market need with encrypted email services. Rival products include HushMail, ZixMail, Disappearing Inc. and Authentica. Unlike AbsoluteFuture, however, these services use ordinary email delivery systems that are prone to online eavesdropping and may leave trace copies behind in the computers used to carry them. AbsoluteFuture believes it has found a solution to this problem by harnessing technology known as peer-to-peer networking, which connects personal computers directly, without the need for a central server to route file transfers. Meta Group analyst David Thompson calls the market for peer-to-peer or encrypted messaging nascent. "People are just starting to realize that this kind of thing is even possible," he said. Peer-to-peer technology gained widespread notice after file-swapping company Napster was sued by the Recording Industry Association of America for allegedly facilitating the transfer of copyrighted material. While SafeMessage does not present any copyright violation, it could undermine the efforts of law enforcement agencies that sift and subpoena email messages to catch criminals. Most notably, privacy advocates have called attention to the FBI's Carnivore program, which is installed at ISPs and scans massive amounts of email to track messages sent by people under investigation. AbsoluteFuture's SafeMessage system would potentially allow people to operate below this radar screen. AbsoluteFuture said it is marketing its product primarily to corporate clients. "We believe this should be available to individual consumers, too, but we're not really in a position to handle that, so we are going to go the route of licensing to ISPs," Graham said. "We are very close to signing up several resellers." The company said SafeMessage is already being tested by a number of large corporate clients including a major oil trading company in Moscow, a large accounting firm, and a couple of stockbrokers. To use SafeMessage, a person signs on to the program with an ID and password, similarly to an email client. When typing the recipient, the person sends the contact to AbsoluteFuture's server, which locates the recipient online and allows the sender to send the message directly to the recipient. The message is encrypted before it leaves the sender's computer, and the decoder key is destroyed. If the recipient is not online, the sender must send the message to AbsoluteFuture's server, which will hold the message until the recipient logs on or the message times out. "In one sense this is slightly less secure because we're looking after it," Graham said. "But we don't have the key to get at it. Even if there was a court order for the message, it is highly encrypted. We'd say, 'OK, go ahead try to open it.'" Meta Group's Thompson said that while the system sounds secure, he is not convinced that it is foolproof. He said that during the period of time before the message is destroyed, keys exist that could unscramble the encryption. "At some point everything is gone," he said. "But there is some window in there in which there is still exposure"
On Sun, Sep 24, 2000 at 01:31:12AM -0400, anonymous@openpgp.net wrote:
Laugh or cry? -- 'DeCSS would be fine. Where is it?' 'Here,' Montag touched his head. 'Ah,' Granger smiled and nodded. Oskar Sandberg md98-osa@nada.kth.se
On Sun, Sep 24, 2000 at 01:31:12AM -0400, anonymous@openpgp.net wrote:
Laugh or cry? Cry. These swine have us so badly outnumbered that many more of our pearls will be trampled before we gain the means to escape.
Ken Brown wrote:
Yes, it sounded pretty good up until that point. And it must be a windoz thingy anyway -- if your using a linux box, you have your own sendmail server, so, of course, all linux boxes can send email peer-to-peer. But unless they're encrypted at the origin, however, they can still fall prey to Carnivore upstream. A really nice thing would be a mail client that did automagic crypt, plus a mixmaster component to hide the true name of the sender or receiver running on linux. A netscape plugin that did this would be very, very nice, if NS ever became truly opensource. Or some other client that handled html mail well. -- Harmon Seaver, MLIS Systems Librarian Arrowhead Library System Virginia, MN (218) 741-3840 hseaver@arrowhead.lib.mn.us http://harmon.arrowhead.lib.mn.us
Harmon Seaver <hseaver@harmon.arrowhead.lib.mn.us> wrote:
Try mutt. It allows you to default to signing or encrypting all outgoing mail. It supports mixmaster. It slices, it dices, etc. http://www.mutt.org The only thing it doesn't do is handle HTMLized mail, but you can have it call an external program (lynx, netscape, whatever) to do this for you. -- Riad Wahby rsw@mit.edu MIT VI-2/A 2002 5105
Harmon Seaver wrote:
Or any other system. You can get smtp servers for windoze or anything else. Setting up peer-to-peer email between known hosts (even with windows on them) is well possible & there are loads of programs out there that do it already. The program described seems to be some sort of directory service - a sort of encrypted chat server that tells you if your friends are online right now. And of course holds your mail when they aren't. As you both need to be subscribers, I can't honestly see the difference between using it and using one of the many existing conferencing systems to send encrypted mail to other users of the same system. (If AOL/Compu$serve have rules against using their system for encrypted messages, I bet Cix or the Well don't, & even if they did there are hundreds of little geeky servers or old BBs out there still, or you could set up your own)
Well, you could write your own :-) But I think you would be reinventing the wheel.
You probably don't even need a plug-in. It should be possible to set up a single-purpose server that does nothing but take mail from one address & send it onto another, encrypted - in other words a crude remailer. Then run that on your own computer (which could be Windows if you wanted) and set your Netscape (or whatever mail client you like) to use your own machine as a server for outgoing mail. So you carry on using your mail client and it doesn't care that it has been told to use a server on the same PC it is on. Then the server encrypts the message & does a peer-to-peer connection with the other guy's server. I would expect that some of the mail that comes onto this list originates like that already.
On Sun, 24 Sep 2000 anonymous@openpgp.net wrote:
Rival products include HushMail, ZixMail, Disappearing Inc. and Authentica.
I own Disappaering Inc. We have no such product and we have no such product under development. Ray Dillinger
Correction: After a web search through USPTO, I find that there is another company also named Disappearing Inc, on Howard street in San Francisco. This is probably the company that was referred to. To clarify: I have done business as "disappearing inc", and I am the owner of the domain name "disappearing-inc.com", which I have not yet used. This pisses me off.... now they'll probably try to evict me as a cybersquatter. Ray Dillinger On Mon, 25 Sep 2000, Ray Dillinger wrote:
Well, after a short conversation with the USPTO's server, I now have an application on file for a trademark which I can use to defend my business' web address. Unfortunately, after a short discussion with the California Corporation Commission, it appears that I cannot now incorporate under the name "Disappearing Inc" because these guys already did. As it turns out, all the trademark applications they've filed that would interfere with the application I filed are being disputed by the USPTO as being too general -- they are mainly just descriptive words. So they don't actually have trademarks they could use to kick me off my domain name yet. Anyway -- the way it looks now, there's a decent chance of my application being approved, and if that happens, then it will conflict/interfere with the trademark applications they've filed and those applications will have to be refused. There is also a chance that the trademark applications they have filed will be approved, and if that happens then mine will be refused as it will be found in conflict with theirs. And the wheels grind on.... Sigh. I ordered DSL service so I could put this site up on my own server way back in April. It's scheduled to be installed on October 3. Argh, Argh, Argh.... Ray On Mon, 25 Sep 2000, Ray Dillinger wrote:
Ray - it looks like Disappearing Inc. has been disappearing.com for about 1.5 years longer than you've been disappearing-inc.com. In October 99, Maclen Marvit, the CEO of Disappearing, Inc. spoke at the Cypherpunks meeting in San Francisco, shortly after they had a front-page article in USA Today (may have been business front-page, but it was still really nice timing for a small startup to do their press release on a slow news day :-) And there was substantial discussion of them and their service in the Cypherpunks mailing list. Were you paying attention when you picked the name? Or had the meme just been floating around long enough after their announcement that it had gotten unstuck from its roots? You probably ought to sell them the name at cost. At 03:19 PM 9/25/00 -0400, Ray Dillinger wrote:
Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
On Sun, 24 Sep 2000 anonymous@openpgp.net wrote:
WRONG! If data can be displayed by the recipient's computer, then it can be captured. Wanna bet somebody can't hang a screen-copying utility on their keystroke interrupt and capture the information that way? While this kind of stunt (actually just leaving those functions out of the GUI) may give people "warm fuzzies", it does not materially add to security, because fundamentally, the user has physical access to his/her own machine and can do whatever he/she wants to on it. And while it's probably good to notice that servers can get compromised and bypass them, does anyone here think routers can't be compromised? Let's face it, if the bits go from you to the other person over the Internet, there are always going to be lots of places where someone with fingers in the network can get a copy of them. Keeping a copy is not normal behavior for routers, but if someone wants to log traffic at a router they own, they certainly can.
Rival products include HushMail, ZixMail, Disappearing Inc. and Authentica.
As the owner of Disappearing Inc. I can tell you right now that we do not yet have a product in this space and do not have one under development at the current time. We have completed a feasibility study, in the context of a larger product encompassing a lot of different protocols, and that is all. A product, *IF* we decide to go ahead with one, is still over two years out.
Unlike AbsoluteFuture, however, these services use ordinary email delivery systems that are prone to online eavesdropping and may leave trace copies behind in the computers used to carry them. AbsoluteFuture believes it has found a solution to this problem by harnessing technology known as peer-to-peer networking, which connects personal computers directly, without the need for a central server to route file transfers.
It seems odd to see Disappearing Inc's product described in this way since we don't have one.
To use SafeMessage, a person signs on to the program with an ID and password, similarly to an email client. When typing the recipient, the person sends the contact to AbsoluteFuture's server, which locates the recipient online and allows the sender to send the message directly to the recipient.
And also provides a central monitoring point that allows SafeMessage to maintain logs of who mailed who and when, and to do a complete traffic analysis of all messages sent with this system. Isn't that special?
The message is encrypted before it leaves the sender's computer, and the decoder key is destroyed. If the recipient is not online, the sender must send the message to AbsoluteFuture's server, which will hold the message until the recipient logs on or the message times out.
And we know, of course, that when the message times out or is delivered, it's erased from the AbsoluteFuture server. We know it because ... well, actually, we don't. Unless we extend greater fundamental trust to the AbsoluteFuture server than to the servers we bypass by using it. There is no protocol for making sure that something is erased. Now, they are probably erasing. But we can't verify it, any more than we can verify erasing in any cypherpunk remailer. And they have their heads up far enough to attract attention, and they have investors to answer to so they can't just shut down if compromised the way cypherpunk remailers do. So there could be a carnivore already in place on their system for all we know, and they wouldn't be allowed to talk about it.
"In one sense this is slightly less secure because we're looking after it," Graham said. "But we don't have the key to get at it. Even if there was a court order for the message, it is highly encrypted. We'd say, 'OK, go ahead try to open it.'"
Right. While this system provides a route outside the normally monitored routes for traffic, it is not a route that can't be monitored. While it provides a server other than those normally subpeona'd, it is not a server that can't be subpeona'd. The only hard security this system can offer, therefore, is the encryption. So, if the product can be exported or downloaded from a website, I would have to suspect since it's made in the US that somewhere in the headers or trailers, the message bears a block that contains most of the key (all but the last 40 bits) encrypted in a form the NSA (and whomever else has their key) can read. -- This is the same thing that happened to Netscape after v4.07 for example, and Internet Explorer after v4. If it can't be exported, that would be a good sign. Aside from that, I don't know the particulars of the encryption they use - they claim to use a product cipher, but so far I haven't seen what the components of the product cipher are, what the key lengths are, how they do key management, etc etc etc. Ray Dillinger Disappearing Inc
participants (8)
-
anonymous@openpgp.net -
Bill Stewart -
D.Popkin -
Harmon Seaver -
Ken Brown -
Oskar Sandberg -
Ray Dillinger -
Riad S. Wahby