Thursday, June 7, 2012
The developer of a leading open source application for encrypted online chat, Nadim Kobeissi, claims to have been detained and interrogated at the US-Canadian border yesterday. "Out of my 4 DHS interrogations in the past 3 weeks, it's the first time I'm asked about Cryptocat crypto and my passport is confiscated," tweets Kobeissi. The US interrogator also asked about which encryption algorithms Cryptocat deployed and they were curious about its level of censorship resistance.
But, the implications for privacy and freedom are truly astounding. An application like this can save lives, because during the tense moments of the Arab Spring the sources of certain instant messages and other online communications were tracked down and killed for their political views and organizational skills. Indeed, in journalism sourcing also, the privacy of an off-the-record source can be a matter of life and death.
Unlike other cryptography products that can later be used as a verifiable record of the communication event and the identities of the participants, perfect forward secrecy leaves no such trail. Kobeissi readily admits that this feature can be used for bad as well as good but it's worth the risk: "It's like if someone says 'Hamburgers: they can be used to feed the good and they can be used to feed the Taliban. I guess that means we should get rid of hamburgers then.' It bothers me that we're so afraid that our freedom will be used against us that we're willing to just give it up."
On television, RT America has even gone so far as to refer to Cryptocat as CISPA's kryptonite because it's a service that denies third-party access to private conversations online thereby making the Cyber Intelligence Sharing Protection Act largely irrelevant.
Encryption programs like Cryptocat that safeguard our private conversations and correspondence may not be the only government target. Just last year, a bitcoin developer coming from China was denied entry and questioned for hours by US Customs agents about how Bitcoin worked, where he got them, and how he traded Bitcoin for legal tender.
According to the ACLU, the border interrogation about Kobeissi's encryption program raises troubling questions about the government's claimed powers at the border. The "SSSS" designation stands for Secondary Security Screening Selection and if selected you become subject to extensive searches and interrogations -- for any reason whatsoever. Ironically, since overall awareness about the existence of the Cryptocat program has increased, perhaps this unfortunate detention at the US border has done some good after all.
For further reading:
"Anti-surveillance App Developer Targeted at Border by Department of Homeland Security", Brandon Turbeville, Activist Post, June 9, 2012