>If they provide user-data after being served with a warrant their servers were never accessed, yet the data was provided.
Yes, that's true. But if you run an email service that's based in Cupertino, what do you do when served with a lawful search warrant or wiretap order? Say "no," and be found in contempt of court and have all your servers carted away by some men in black so they can find the file they're looking for?
There are a few ways around this. One is not to permanently store warrant-worthy user data (Snapchat, Wickr, etc.). Another is end-to-end encryption (original version of Hushmail), though key distribution and UX become problems. A third is to move your servers to Switzerland, though then you get served with process from the Swiss authorities instead of FBIDHSDEAetc.
Apple has taken none of these steps. Assume our hypothetical Cupertino-based email service has not either. What do you do when the Feds show up with a lawful order?
> A third is to move your servers to Switzerland, though then you get served with process from the Swiss authorities instead of FBIDHSDEAetc.
And, if you keep your headquarters in Cupertino, quite possibly from US authorities as well (see the currently in-progress Microsoft case about access to servers in Ireland).
I go under the assumption that if I'm not the one generating and providing the encryption keys (and really, pre-encrypting the data), absolutely nothing is secure/encrypted. And in all honesty, if it touched the internet, it's already insecure to some extent.
It's been "fun" to read Jewel vs. NSA proceedings, press statements, and officials' statements about these issues because of the extent to which they play word games to technically not lie according to specific (re)definition of words.
Why stop there? If you're not root, you're not secure either. For example, if someone else is root, they can do whatever they want with your locally generated keys, upto and including sending them to the NSA with a little bow on top.
Even if you are root it's no guarantee, thank you rootkits :/
As with all things security, sometimes it comes down to trust and legal protections.
Open source client libraries providing end-to-end encryption and zero knowledge search, would enable a functional e-mail system that operates without any server held keys.
You could still NSL a backdoor, but if the service is open source at least there's a chance of the code being audited.
End-to-end encryption will improve things but it is still only as secure as your key management. For email to be convenient you need an easy way to get you friend's public key and easy ways are hard to make secure.
Without a trust the only thing that comes close is an in person P2P pairing ceremony.
Key management might work in an enterprise setting with a central authority, but making sure your friend's public key isn't swapped with the government's is pretty hard if you don't trust the cloud provider, telecom, or intermediate infrastructure.
There's no reason the refusal to store warrant-worthy data or to use end-to-end encryption would prevent men in black from carting away all your servers. In fact, it might very well increase the likelihood of them doing so.
Yes, that's true. But if you run an email service that's based in Cupertino, what do you do when served with a lawful search warrant or wiretap order? Say "no," and be found in contempt of court and have all your servers carted away by some men in black so they can find the file they're looking for?
There are a few ways around this. One is not to permanently store warrant-worthy user data (Snapchat, Wickr, etc.). Another is end-to-end encryption (original version of Hushmail), though key distribution and UX become problems. A third is to move your servers to Switzerland, though then you get served with process from the Swiss authorities instead of FBIDHSDEAetc.
Apple has taken none of these steps. Assume our hypothetical Cupertino-based email service has not either. What do you do when the Feds show up with a lawful order?