mozilla, like few other companies, has my full faith and confidence that they would pull a Lavabit and close up shop before letting something like this completely erode their users' trust.
I don't believe they would simply close in that case; I strongly believe that they would instead choose to remain open under the logic that compromised but still working for user security / web "openness" is superior to folding and losing a force which aims to work for the "greater good". I believe this given their past choices in things like H264 and EME.
Given that, though, I also believe that enough smart people are in Mozilla that they would try to prevent themselves from being in a position where they would be a target such that they would face the dilemma. Which might be why they're only hosting middle relays, and not exits or guards :)
regarding H264 and EME, there are legitimate reasons for them having conceded on those fronts. Content providers do have a legitimate interest in protecting copyrighted work. Likewise, H264 is widely deployed and is already a sunk cost for most consumers and migrating away from it will take at least a decade, it was never going to work to forcefully go cold turkey; not everyone can pull an Apple and yank Flash support.
while those choices certainly limit user freedom (as in choice), they do not compromise user security (assuming EME is properly sandboxed, etc)
i don't think they would just up and close, they'd likely just sunset/curtail the services which would be subject to interception. in Lavabit's case, that was the entire business.
>Content providers do have a legitimate interest in protecting copyrighted work
Except DRM in the browser doesn't really accomplish that, does it? Hit The Pirate Bay or Google up a torrent and done. Things like Netflix DRM are only one step above HDCP.
regardless of how misguided their attempts are, doing nothing is a non-option for studios, right? what alternatives are there? there are none - those who make the content make the rules, it's something i'm confident will not change.
If you really have to trust Mozilla here someone is doing something wrong.
Presumably these hosts will be part of a relay family and so tor will not select multiple of them in constructing a circuit.
When it comes down to it no matter how trustworthy mozilla has been in the past, any service they offer could be compromised going forward in a multitude of ways. This is why its important that systems and software be designed to be secure even without trust. (Then, add in some trust for good measure too).
trust is always a fun topic, as people are still unaware of how much stuff they trust today.
Let's say you trust TOR. Great.
Now you have to trust Mozilla's software if thats what you run.
Let's say you trust Mozilla too, great.
Now you have to trust your whole OS. Lets say you do that. Great.
Now you have to trust the various devices connected to your computer. Lets say you trust that too. Great.
Now you have to trust the various companies that made all the various chips on your main bus, CPU. And the RAM and many other components.
And don't forget the dynamically loadable firmwares running on them.
Good luck with that!
[note: this might have needed to be a reply to the parent post]
At least Mozilla doesn't have a 'business model' which is strongly dependant on you handing your data over to them, or other opaque/closed activities or software.
Lavabit could do it because they were a small shop (under 10 employees). Do you really think Mozilla is going to pull the pin with over 1000 employees?
More likely would be that they relocate. But relocating over 1000 people would be a massive feat.
how they handle their moral and legal obligations to 1,000+ people is up to them and i am sure those 1,000 people will be able to get as much assistance as they need to hold them over. 1,000 people keeping their jobs is statistically insignificant to the tens (hundreds?) of millions of compromised, faithful users. i dont think it would even be a question for them if the circumstances allowed for no other options. i believe their users would fully expect them to do this.
"I really wish Ladar Levison handed NSA the SSL keys so I could keep my email"
> mozilla, like few other companies, has my full faith that they would pull a Lavabit and close up shop before letting something like this completely erode their users' trust.
That trust is an exceptional asset, a unique competitive advantage for Mozilla. None of their for-profit[1] competitors can hope to compete in that area and I think it's especially valuable now that users are becoming aware of privacy and when the behavior of the competition often is so egregious. Mozilla has a chance to solidify their brand for the long term as the IT provider users can trust. If they can do that, IMHO they have a leg up in every market.
[1] I know Mozilla Corp. is for-profit, but profit is not their primary objective.
So, silently comply with warrants and other requests until a high-profile case comes along, then refuse to cooperate until a judge gets you to hand over everyone's data and your master keys, then turn that into a big PR show? OK.
if protecting whistle-blowers requires a PR show, i'll buy a front-row seat and pass me that popcorn. i believe what happened with the snowden request was not the same as other requests, obvious why in retrospect. http://www.wired.com/2013/09/lavabit-snowden-pen-register/
> So, silently comply with warrants and other requests
so are you suggesting, for the purpose of avoiding accusations of hypocrisy, all businesses should either comply unconditionally or close immediately and relocate to another country? what he did was unorthodox and perhaps somewhat PR motivated, but he did ultimately close his primary (only?) source of income on moral grounds. i'm not sure how much shit-slinging he deserves here.
anyhow, i think you took the analogy too literally.
the only type of architecture that is resistant to this would have to be distributed. for anything centralized and under control of a US company, the US laws can compel them to install intercept devices. sadly, not everything can be distributed, there will be centralization somewhere.
it's hard to answer this with a blanket statement because it's one company that does many things and builds many products. i'm not sure what the law says about requiring a company to continue to operate a service just for the sake of intercepting traffic, when the morals/mission of the company would otherwise terminate the service. i'd be interested to see if something like this has been tested in court.
the general rule of thumb is, don't base critical parts of your business or personal life on third-party cloud products that may go away for whatever reason, without your control and without notice. this includes Google's random termination of APIs, encrypted email services, etc. have a plan B if for some reason the Tor relays need to be suddenly taken offline, forever.
Company morals, mission statements, constitutions etc are marketing material and not law. If the law requires a company to comply but their mission statement goes against this, the law will win every time.
This is why the right place to put this sort of thing if you're really serious about it is in the corporate charter. Then it does become law as far as the company is concerned, since it's only chartered to operate under the terms of the charter.
Unfortunately, some jurisdictions don't allow sufficient customization of corporate charters to do this yet. It's been getting a bit better recently.
i dont think i claimed their morals would allow them to not comply with the law. but a company's past conduct is pretty important to evaluate in the context of how such situations will be handled. i'm unaware of a law that requires companies to continue providing compromised services to their users, for example.
I still don't see why someone worried about the US government would even start using a service where the best outcome of a warrant is that the service gets shut down.
PRISM operates on a completely different layer than Tor. Tor does NOTHING to protect you from PRISM, and using Tor can be much less safe than just using your direct connection.
I'm really not sure why I'm being downvoted (or even killflagged). The Mozilla Foundation is a US based organisation and has no choice in the matter if the feds come knocking for PRISM signup.
Another disturbing aspect is that TOR itself is funded by the US govt. It is not so much of a contradiction. It is very likely that 3 letter agencies actively use and benefit from TOR backed services. But should the cost benefit balance tilt the other way, the money stream will probably disappear and/or its security compromised.
French press makes coffee that's way over extracted. You can get a Hario v60 for like $10 and it will change your life (well, at least you coffee habits).
Even since moving to pour overs, I rarely go back to espresso. And this is from a 3-5 double espressos a day guy.
> French press makes coffee that's way over extracted.
I usually control that with the time the grounds are in contact with water and the size of the grounds.
But heck at $10 + paper filters I will get it and try it out. Might even have to get the cute little metal hot water pot. I have to say, like any proper addiction, the ritual of making the coffee, the anticipation, the smelling of grounds and so on. I can see how this provides those elements.
Not sure why cDc is on the front page on HN right now, but along the same vein, here's PLA (Phone Losers of America) and it looks like he's still going strong (even has a YouTube channel):
That's a very good point. The post seemed to skip all the juicy actual security bits, but made sure to explain thoroughly how good the rucksack was, how everything fit into it nicely, and how it was waterproof.
Or simple "gear whoring". Working in lucrative tech can allow for expensive toys, and the personality type of a tech pro as a tool maker/builder crosses over to other hobbies/interests. See also http://www.militarymorons.com/ which I believe is primarily self funded.
The BD ATC is perhaps the most popular belay/rappel device around, even if everyone who read this article went out and bought one it probably wouldn't affect their overall sales much.
I tried replying to your email, but it bounced because your mail server mandates STARTTLS. I have postfix with opportunistic enabled, so not sure where the problem is.
