[Tox Support] Tox data inquiry

ghostlands at autistici.org ghostlands at autistici.org
Thu Feb 18 21:48:32 UTC 2016 

I was going to reply to a bunch of your points (for instance you 
answered the "Such as?" for yourself by including my own examples) but I 
think you killed the whole issue with the excellent point that warrants 
could hypothetically include a canary maintenance clause. I don't know 
how likely that would be legally, but it seems plausible and may in fact 
be why public canaries in general never caught on in all the modern 
security projects.

Thinking on this however, it occurs to me that private/secret/hidden 
canaries could be extremely useful; any number of tells could be 
employed. Even if only for developers, this could increase overall 
security.

I guess I can also say that it doesn't matter whether real-world 
examples can be produced. Theoretical attacks and vulnerabilities are 
entirely legitimate. Paradoxically I will produce a real-world example: 
in a long term scan of tails-dev; you'll see them discussing (and often 
creating) fixes for theoretical vulnerabilities on a regular basis.

gl


On 2016-02-09 07:23, Gregory Mullen wrote:
> Replies inline below
> 
> On Mon, Feb 8, 2016 at 1:55 AM, <ghostlands at autistici.org> wrote:
> 
>> With all due respect (which is a lot btw), a "warrant canary" is 
>> different
>> than a "canary". Canaries in general are useful and can flag for just 
>> about
>> anything.
>> 
>> Just because even the most comprehensive and vigourous search of Tox
>> development resources would reveal no user information, doesn't mean 
>> the
>> team has not been contacted by intelligence agencies with *other* 
>> requests
>> or offers that might come replete with an NDL.
> 
> 
> Such as?
> 
> 
>> Requests or offers that in no way feature a warrant for searches.
> 
> 
>> The broader use of the canary device today is an NDL canary. This 
>> [non]
>> notification "notifies" the public that the project has been served an 
>> NDL,
>> which may have included anything from a search warrant
> 
> 
> For information or data. The tox project keeps no data (to my 
> knowledge)
> that any TLA might be interested in.
> 
> 
>> to a demand for that one or more team members insert a backdoor or
>> generally compromise integrity.
> 
> 
> That's one of the MANY reasons, we use git, it'd be seen by anyone and
> everyone, if anyone tried this. The resources that would be needed to 
> make
> this anything but blatantly obvious, would also be the same that would 
> be
> able to do something like this without a warrant.
> 
> And, even if I was worried, you have to show me anything to make me 
> believe
> that this is a real thing that happens.
> 
> 
>> Not that a whole lot could be done about this if it happened, but it 
>> is
>> some small deterrent to gratuitous use of NDLs and a contributor to 
>> public
>> awareness of their scale.
>> 
> 
> I don't think so, no one who could get a warrant is going to say; You 
> know,
> I was going to serve them a warrant, but they have a warrant canary, so
> maybe I shouldn't.
> 
> All a warrant canary does when you don't have data that's
> worth subpoenaing, is create a lot of extra work, and provide a 
> worthless
> sense of security. I really believe that nothing is better than 
> something
> in this case. But I'm willing to be convinced otherwise.
> 
> Finally, if anyone at this point would be willing to write a warrant 
> with
> non-disclosure language. IMO, they'd also be willing to write language 
> that
> would require the warrant canary to continue to be maintained. Again,
> citation needed if you think this wouldn't be the case.
> 
> 
>> 
>> gl
>> 
>> 
>> On 2016-02-06 17:11, Gregory Mullen wrote:
>> 
>>> The warrant canary was started by one person who didn't really 
>>> understand
>>> the point of a warrant canary.
>>> 
>>> Once he left the project the canary came down automatically, and no 
>>> one
>>> else wanted to put it back up simply because Tox doesn't have any of 
>>> your
>>> data. None.
>>> 
>>> If someone serves us a warrant, we get to laugh about it because 
>>> there's
>>> nothing we could give anyone.
>>> 
>>> That was one of the main goals of Tox, to make sure no one could 
>>> compel
>>> anyone to give away your data.
>>> On Feb 6, 2016 2:15 AM, "Dominic Cammarota" <dom.camma at gmail.com> 
>>> wrote:
>>> 
>>> Hello,
>>>> 
>>>> Love the website, and the service is most exceptionally presented 
>>>> and
>>>> branded. I am to download and begin my experience, and I intent to 
>>>> share
>>>> it
>>>> with many.
>>>> I noticed this 
>>>> <https://twitter.com/ProjectTox/status/549238897172299777>
>>>> on
>>>> your Twitter account, that PSA regarding the removal of the warrant
>>>> canary.
>>>> It would be most appreciated and encouraging if you can share as to 
>>>> why
>>>> the
>>>> warrant canary was removed? And what is being done with the users 
>>>> data
>>>> currently and who is interested in it? I hope to learn more as to 
>>>> why the
>>>> canary was removed.
>>>> 
>>>> Thank you for your time.
>>>> 
>>>> - Dom
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> Support mailing list
>>>> Support at lists.tox.chat
>>>> https://lists.tox.chat/listinfo/support
>>>> 
>>>> 
>>>> 
>>> _______________________________________________
>>> Support mailing list
>>> Support at lists.tox.chat
>>> https://lists.tox.chat/listinfo/support
>>> 
>>

More information about the Support mailing list