Christopher Allan Webber

Signal / Open Whisper Systems' subpoena

Christopher Allan Webber at

This news has been around for a couple of days, but...

Open Whisper Systems was subpoena'ed for user information. They complied, but the only information they keep about users is the date/time of registration and last date of connectivity.

I think that's pretty great. I'm not sure that that could be true of the implementations I'm writing. I guess it depends on whether or not you use transient messages (which are supported by ActivityPub... you can use fragment identifiers where the fragment is a uuid) or something else. Though the implementations I'm writing currently are tuned for the "your server holds information for you." Maybe it's a feature to aspire to.

Probably also though, it's indication to me that the best situation is to not host information for other people. If IPv6 were in better deployment and ISPs weren't as crazy as they are now in their terms of service, people could self-host from home much more easily. Anyway...

Thanks also to the ACLU for helping Open Whisper Systems remove the gag order and talk abou this!

Claes Wallin (韋嘉誠), Benjamin Cook, Charles Stanhope likes this.

Claes Wallin (韋嘉誠), jrobertson, jrobertson shared this.

>> Christopher Allan Webber:

“[...] the best situation is to not host information for other people [...]”

And not to be a centralized system =)

JanKusanagi @i at 2016-10-05T12:14:17Z

Sean Tilley, Christopher Allan Webber likes this.

I think this story is a perfect demonstration of why it's more important to design systems to minimize the collection of personal information than to rely on the goodwill or terms of service to promise to share information.

Benjamin Cook at 2016-10-06T03:52:20Z

Claes Wallin (韋嘉誠), Christopher Allan Webber likes this.

All federated systems are centralized at core. That just means they would subpoena all servers, but they could just grab and take whatever they can get hold of, no warrants, no subpoenas. That also means there will be levels of data security depending on how well or bad each node is secured. Some would be easy to get some not.
Bittorrent is decentralized but trackers are centralized we have seen how much trouble they are facing to keep themselves up. And it is just hollywood vs pirates, had it been state they would already be grabbed, sealed and analyzed.

testbeta at 2016-10-06T05:02:38Z

Claes Wallin (韋嘉誠) likes this.