Internet Privacy Company, CryptoSeal, Hopes To Revive Service With Protections Intact

J.D. Tuccille | 10.25.2013 10:22 AM

The other day I wrote that CryptoSeal, a company offering virtual private network (VPN) services, joined the ranks of companies shutting down privacy-enhancing offerings for fear they'd be forced to surrender user data or even compromise their technology by order of the U.S. surveillance state. Ryan Lackey who, along with Tom Sparks, is one of the men behind CryptoSeal, tells me that there may still be hope for the company's consumer service.

In an email, Lackey wrote that the company is working on a way to be compliant with the law while still protecting user data to the extent possible—that is, to mimize whatever is surrendered under legal pressure.

The goal for the system to launch in 2014 is that the Government will be able to demand records on any user (under pen register), and will receive the bare minimum (ideally, a username only, in response to a username….so basically nothing), but realistically name and billing info, possibly anonymous or incorrect). They can demand more under a warrant, and will receive similarly helpful levels of information (since we don't retain anything).

Any changes made to the system will cause end-user-visible changes. We're still working on whether it's "all or nothing" or "per user" — i.e. if changes made to a single user's account will be visible to all users or just that one user. This protects against both a pen trap order and a warrant (and NSL, and whatever else)

This stuff is all incidental to protecting users from insider threats (e.g. if one of our staff is forced by a criminal gang at gunpoint to subvert the system), but it happens to protect against governments as well, which might be a statement about government's true nature… Also protects against the company being sold, outside hackers, etc. Hoping to do more than just a VPN with the technology.

The idea, then is to minimize the data the company possesses, so that full compliance with legal orders is minimally revealing. If this can be made to fly under the current legal regime, it should offer about the most confidence you can expect from a firm working subject to U.S., or any similarly intrusive, jurisdiction.

Lackey hopes, though, for legislative or judicial solutions to tighten up restraints on the government. He describes himself as "a bit more minarchist vs. anarcho-capitalist than I was in the past," so he's open to something in the form of a strong interpretation of the Fourth Amendment—much stronger than what we have now.

Meanwhile, as I've pointed out, snooping by the NSA and other U.S. government agencies creates an opening for overseas competitors. After my last piece, a representative of CryptoExpress, a British company, wrote me to say his firm "offers similar services" (though only at the corporate level) to those once offered by the American firms that have been shutting down, and that it "is not subject to the USA legal system." The company has a nonfunctional Website and a sparse online presence, so buyer beware. Not to mention that U.K. legal protections aren't necessarily any better than those in the states.

The Rattler is a weekly newsletter from J.D. Tuccille. If you care about government overreach and tangible threats to everyday liberty, this is for you.

NEXT: At Least 5 Injured in Accident at North Carolina State Fair Ride

Hide Comments (18)

Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.

Dave Krueger 11 years ago

Lackey hopes, though, for legislative or judicial solutions to tighten up restraints on the government.

The government has already proven that legislative and judicial restraints on their activities don't work. They use secrecy to avoid getting caught violating the law and even when they do get caught, there are no real penalties.
Ken Shultz 11 years ago

"This stuff is all incidental to protecting users from insider threats (e.g. if one of our staff is forced by a criminal gang at gunpoint to subvert the system), but it happens to protect against governments as well, which might be a statement about government's true nature..."

The framers understood such things about the government's true nature. I wish Lackey were running for office in my state.
DEATFBIRSECIA 11 years ago

None of this shit is going to work until we've repealed both the Patriot Act and NSL.

What a joke our country has become.
1. Fist of Etiquette 11 years ago
  
  Look, do you want protected from terrorists or not?
  1. DEATFBIRSECIA 11 years ago
    
    Not.
    1. Fist of Etiquette 11 years ago
      
      Well, you're going to be protected anyway.
Dweebston 11 years ago

Come on, everyone knows it's a puppet company run by the NSA.
Gindjurra 11 years ago

It really says something about how trustworthy a government is, when the precautions you'd need to take against a criminal gang putting a gun to your sysadmin's head and the precautions you'd take against that government are absolutely identical.
1. WTF 11 years ago
  
  It simply illustrates the true nature of government.
  1. R C Dean 11 years ago
    
    It never ceases to astonish me that almost nobody seems to realize that anything the government does is essentially a demand made at gunpoint. Because if you refuse to do what the government does, you'll wind up looking down the barrel of a gun. Every time.
    
    That non-criminal ordinance or regulation that you got fined for refusing to comply with? Refuse to pay your fine, and they will get an order to seize your property to pay it. Refuse to allow them to seize your property, and hello SWAT team. Its really that simple, even for the most innocuous-looking government rule.
    
    And almost nobody seems to get it anymore.
    1. Kid Xenocles 11 years ago
      
      The corollary to that is that Clausewitz got his famous maxim backwards. War isn't an extension of politics; politics is an extension of war. War results when rivals with power have opposing goals. Politics results when there is a local effective monopoly on power. 99%+ of the time opponents to the monopoly's policy just concede the game and go along.
np 11 years ago

Any changes made to the system will cause end-user-visible changes. We're still working on whether it's "all or nothing" or "per user" ? i.e. if changes made to a single user's account will be visible to all users or just that one user. This protects against both a pen trap order and a warrant (and NSL, and whatever else)

This will be huge if they can pull it off, where any compromise to user's security will automatically trigger notification of "something's changed" to the user.

rsync.net uses a manual canary system to try to get around NSLs, but it's not foolproof as it's not technologically tied into their system.
Paul. 11 years ago

In an email, Lackey wrote that the company is working on a way to be compliant with the law while still protecting user data to the extent possible?that is, to mimize whatever is surrendered under legal pressure.

Why does this short statement make me lose confidence in the whole concept?
Paul. 11 years ago

"is not subject to the USA legal system.

...But is subject to the British legal system. What are the fourth amendment protections you receive in Britain?
1. Will Nonya 11 years ago
  
  And the EU regime as well.
0x90 11 years ago

"They can demand more under a warrant, and will receive similarly helpful levels of information (since we don't aren't secretly/retroactively-legally-bound to retain anything yet)."
Will Nonya 11 years ago

"a strong interpretation of the Fourth Amendment"

Doesn't he know that referencing the constitution has become so pass? that its practically a joke among politicians?
jacklance 10 years ago

These people should really be commended. Instead of taking the easy way out, still making money, and handing secrets over to the government, they decide to shut down. Bravo. Unlike hidemyass.
http://www.hmavpnreview.com/

Please log in to post comments

Internet Privacy Company, CryptoSeal, Hopes To Revive Service With Protections Intact

Latest

Marco Rubio Brags About Defending Freedom of Speech While Eagerly Undermining It

The Liberal Legacy of Mario Vargas Llosa

Why Women Freeze Their Eggs

The Yolk's On You!

Trump's Tariffs Are Starting To Kill Jobs

Recommended

Login Form