Did I just upload my private SSL keys to the NSA?

5 points by jacobn ↗ HN
With the Lavabit SSL key seizure [1,2], the US Government and the US courts have shown that they'll take the private keys if they feel they need them.

Have e.g. AWS received similar orders for keys used with ELBs? Or anything on the EC2 VMs? Or CloudFlare?

When I upload my private key to these services, does it go straight to the NSA keystore? Or do they only seize certain keys? Or no keys at all and I can take off my tinfoil hat now? Can we know?

What happens when an NSA employee is disgruntled / makes a mistake / becomes a mole / whatever and leaks the entire keystore?

Did we all already know? Should I stop tinfoiling? Should we trust that they don't do this? Should I never have been such a lazy moron as to use any such services?

Sigh

For the record I believe the government should be able to do warrant-based eavesdropping etc of specific individuals - it's the dragnet aspect to this whole mess that just breaks my heart. So there's no need to put me on that list you got there Mr USG...

Sigh^2

[1]: https://news.ycombinator.com/item?id=6517553 [2]: http://www.newyorker.com/online/blogs/elements/2013/10/how-lavabit-edward-snowden-email-service-melted-down.html

1 comment

[ 3.0 ms ] story [ 14.9 ms ] thread
We don't know - and because the rules of this game apparently bless lying about key compromise, and allow prohibitions on the disclosure of key compromise, you can't rely on the absence of bad news to assume everything's OK.

You have the greatest allowable protection when keeping your keys on hardware where you keep physical custody - e.g., on your person, or stored in physical locations where you have exclusive access (e.g., not colocated/VPS, etc).

Ultimately, you've got to decide if it bothers you to have the government - and the corporations and individuals that act on behalf of the government - archiving/indexing/searching copies of your data.

I don't believe that it's appropriate for the government to invade our privacy without due process - but this view is not universally held.

There's a core problem that's tough to solve - if people have access to strong, unbreakable crypto, then it's possible that there will be circumstances where a legitimate warrant will not produce usable information.

On the other hand, if nobody has strong, unbreakable crypto, then it's possible that there will be circumstances where privacy is invaded without a legitimate warrant.