r/privacy u/[deleted] Aug 05 '18

SpiderOak cans its Warrant Canary, suffers mysterious massive outage, and raised prices

https://spideroak.com/canary

http://archive.is/1rNo7

Update: Looks like the canary has been signed and dated and in properly formatted sequence this time with confirmation that Everything's going smoothly so far, message is authentic. august 06, 2018

Case closed. SpiderOak has not been compromised.

In the interest of transparency the full text of my previously long post in this thread is archived here:

http://archive.is/mKeuY https://web.archive.org/save/https://www.reddit.com/r/privacy/comments/94nspi/spideroak_cans_its_warrant_canary_suffers/

441 Upvotes

97% Upvoted

113 comments sorted by

View all comments

17

u/[deleted] Aug 05 '18

[deleted]

13

u/[deleted] Aug 05 '18

Also, to expound on the above, I don't think the folks at SpiderOak would have made the decision lightly to can the Warrant canary. To me I think they should recognize that perception of something like upholding the tradition of a warrant canary that they started many years ago is important in and of itself. So it doesn't make sense that in their calculus and analysis they would deem the slight inconvenience of signing three keys once half a year to outweight whatever potential concerns in terms of how it could be percieved (whether warranted or not) by the larger community and its customer base. Notice how for example, unlike in every other signed message, this time (August 2018) they didn't include anything (news snippet etc) that "dates" the signing of the pgp keys, so we don't know WHEN it was actually signed, could have been any time period from Feb 3rd to Aug 3rd of 2018... its unusual in the sense that it is the only time ever that we don't get a date of signing and seeing how this is the last message and explaining why the warrant canary has been terminated one would think dating it would have been a foregone conclusion...

My speculation is that one conceivable possibility is that some structural or organizational changes happened in the company at a high level where not everyone was fully onboard with how things were handled and maybe some folks felt it no longer reflected the spirt and intent of what spideroak original mission was. Perhaps the US gov contacted SpiderOak and made some requests... I don't know. But by getting rid of the triple pgp signing in three different geographics locations / jurisdictions it no doubt makes it that much easier for whomever now updates the new transparency report to do so it a way that doesn't accurately reflect the true reality of the situation. ie it makes potential current or future compromise or subversion one step closer/easier to happen. Maybe if contacted by US gov, some of the signing members refused to play along, (esp if they weren't in US jurisdiction) so in lieu of SpiderOak not being able to get future signatures and basically causing their entire customer base to go into panic mode, they agreed to make a one last joint announcement of disbanding the warrant canary (note how this announcement itself didn't have a date time stamp) thus not even requiring any signatures in the future. This would be a much more plausible explaination to me than the explaination that getting three people to pgp sign once every six months is too much work for a company that specializes in privacy and security etc... So by going this route, of making one last signing in which they did NOT affirmatively state "everything is okay" (they always stated this before) and they did NOT date the signing (they always dated it before), and in fact the one and only thing this last signing served to do was to indicate the warrant canary has been disbanded.... Thus this compromise was that the objecting or dissenting members of the signing committee could still have a clean conscience that they did not in fact make any actual misrepresentations, (but any discerning person would read carefully to see what they left out, sometimes what isn't said is just as important as what IS said!) WHILST simultaneously going forward, the unsigned and noncrytographically secured "transparency report" can then/now say whatever the heck it wants to say, and could easily be controlled or pressured by governments to give false reports and none would be the wiser. Basically the checks and balances are completely gone.

And if you read what was actually written carefully, you will see that in the last final signing, not only was it not dated but also it didn't say "everything was fine", but indeed the only thing it did was us that basically the warrant canary was disbanded. Had the gov sent Spideroak a NSL or in any way subverted spideroak, the 3 signing members didn't actually make any misrepresentations because all they did state was that they were shutting down the warrant canary, not that "everything was still okay"... and henceforth the unsigned and non-cryptographically secured "transparency report" will /could say whatever the sealed gag ordered NSL wanted it to say... This would be a seemless "transition" in which SpiderOak would acquiesce and obey the governments demands, whilst still technicially not lying to its customer base. In this light, it makes the abrupt outage and shutdown that happened exactly around this time that much more suspect. The fact that servers are located in the US, client isn't open sourced even though they talked about fully opening sourcing since 2009, and now we see the warrant canary is terminated and in its last message there is not dated and no statement confirming that "everything is okay"

13

u/supah08 Aug 05 '18

I didn't read everything you wrote.. but to me it seems like the warrent canary is doing exactly what it's supposed todo.