A most disturbingly and amazing look at how bad our country is getting:
The U.S. government in July obtained a search warrant demanding that Edward Snowden’s e-mail provider, Lavabit, turn over the private SSL keys that protected all web traffic to the site, according to to newly unsealed documents.
The July 16 order came after Texas-based Lavabit refused to circumvent its own security systems to comply with earlier orders intended to trace the internet IP address of a particular Lavabit user. The name of the target is redacted from the unsealed records, but the offenses under investigation are listed as violations of the Espionage Act and theft of government property — the exact charges that have been filed against NSA whistleblower Snowden in the same Virginia court.
The records in the case, which is now being argued at the 4th U.S. Circuit Court of Appeals, were unsealed today by a federal judge in Alexandria, Virginia. They confirm much of what had been suspected about the conflict between the pro-privacy e-mail company and the federal government, which led to Lavabit voluntarily closing in August rather than compromise the security it promised users.
The filings show that Lavabit was served on June 28 with a so-called “pen register” order requiring it to record, and provide the government with, the connection information on one of its users every time that user logged in to check his e-mail. Because they provide only metadata, pen register orders can be obtained without “probable cause” that the target has committed a crime.
In the standard language for such an order, it required Lavabit to provide all “technical assistance necessary to accomplish the installation and use of the pen/trap device”
A standard email provider can easily funnel such information to the government upon request. But Lavabit offered paying customers a secure e-mail service that uses custom software to protect user’s information.
Lavabit founder Ladar Levison balked at the demand, and the government filed a motion to compel Lavabit to comply. Lavabit told the feds that the user had “enabled Lavabit’s encryption services, and thus Lavabit would not provide the requested information,” the government wrote.
Full article: http://www.wired.com...avabit_unsealed