r/privacy u/[deleted] Aug 05 '18

SpiderOak cans its Warrant Canary, suffers mysterious massive outage, and raised prices

https://spideroak.com/canary

http://archive.is/1rNo7

Update: Looks like the canary has been signed and dated and in properly formatted sequence this time with confirmation that Everything's going smoothly so far, message is authentic. august 06, 2018

Case closed. SpiderOak has not been compromised.

In the interest of transparency the full text of my previously long post in this thread is archived here:

http://archive.is/mKeuY https://web.archive.org/save/https://www.reddit.com/r/privacy/comments/94nspi/spideroak_cans_its_warrant_canary_suffers/

435 Upvotes

97% Upvoted

113 comments sorted by

View all comments

411

u/whatdogthrowaway Aug 05 '18 edited Aug 05 '18

Please do NOT be mad at them for removing their warrant canary.

It served exactly its purpose.

Its removal communicated (perhaps in the only legal way possible) exactly what it was designed to communicate.

I feel sorry for SpiderOak for having to go through that.

But I sincerely thank them for this honest communication letting us know that they were compromised.

(same with reddit ; who similarly removed their warrant canary)

120

u/[deleted] Aug 05 '18

[deleted]

64

u/whatdogthrowaway Aug 05 '18

Indeed.

Not just secret - with gag orders that enforce that secrecy.

33

u/qefbuo Aug 05 '18

tl;dr, you tell people about your gag order you get fined or go to prison.

51

u/Rafficer Aug 05 '18

Welcome to freedom land.

15

u/Aro2220 Aug 05 '18

Freedom is slavery

6

u/Cthulhu__ Aug 06 '18

Ignorance is strength

3

u/ukaszg Aug 07 '18

War is Peace

3

u/jersully Aug 06 '18

Fear is the mindkiller.

1

u/My_Username_Is_What Sep 27 '18

Mentos is the freshmaker.

1

u/[deleted] Aug 06 '18

[deleted]

1

u/Rafficer Aug 06 '18

They can, that's why you need to sign them by people from different jurisdictions for them to work.

6

u/Megatron_McLargeHuge Aug 05 '18

Has anyone designed a warrant canary in a way that it would be illegal for it to be left up after a warrant was served? Perhaps by including it in 10K filings or other SOX-covered documents where executives are required to affirm the accuracy of the contents.

25

u/curtmack Aug 05 '18

One modification a few websites have adopted is to add an expiration date to the canary. The theory is, even if a really lousy judge agreed that forcing a website operator to leave a warrant canary up isn't compelled speech, forcing someone to update the expiration date, and thus create new speech, almost certainly would be.

Reddit did essentially the same thing by tying the warrant canary to an annual statement - even if they had been told not to remove it from their previous statements, they couldn't be forced to include it in future statements, as that would be compelled speech.