Last Wednesday I had lunch with the FBI, whom I had run in to at the UTA security conference. We met at Chilis and had blue-cheese burgers and one of the agents had a honey-mustard chicken-finger salad. Amongst some of the things we discussed was XeroBank. I brought it up.I mentioned that we will shortly be opening up servers in the US, and would like to avoid any unnecessary raids of our data-centers, as they are an inconvenience to all. Such an arrangement would also help them avoid any embarrassing situations where they end up pointing guns at geeky technicians, only to get a hard disk full of encrypted data. The essence is that we want to send a strong message to the money-fraudsters and child-pornographers that they will not be protected or tolerated by XeroBank, as they are violators of our Terms of Service, and costly offenders to all. Of course, we don't care about the activity of non-violators, and I said as much. I had to stress that unless the violators are international 'terrorists' that pose some immediate threat to human life, child-pornographers, or cash/paypal/e-gold fraudsters then we simply can't be bothered with anything less than a court order, which won't trace or identify the client anyway. In the situation there is such a claim of terrorism etcetera, we will have to go to the trouble of attempting to monitor the account first to see if such a claim is valid. If we find out such a claim is valid, then the user is violating our terms of service and isn't protected by our confidentiality agreement. If the user isn't violating our terms of service, we have to decline to provide any assistance. Of course, we also know who we are dealing with, and if it is an issue of terrorism, we don't think we'll be getting a call from the FBI. In that situations the lights will turn on at the NSA, and the potential threat will be neutralized with little or no involvement from xb whatsoever. As I said earlier, if you are trying to hide from a super-powerful omniscient agency with the ability to monitor all traffic on the internet, you've got bigger problems than anyone can help you with.
Striking a balance is difficult, but it means knowing how far both parties are willing to go. It means that an agency knows they have an uphill battle, and to be given a string to pull means they can't abuse it for petty issues, nor burn their contacts, else they will be stonewalled. It also means that xb has to walk a very tight rope when given a legitimate tip that someone is abusing our service, because we have to investigate the traffic live, in addition to potentially violating the user's privacy if the client turns out to be legitimate. I think we would want to notify the user that they were requested for monitoring, and that nothing showed up, so the investigation of their account was closed. I think we should also give them a new account to restore their anonymity in our system. So if the FBI gives us a tip, and it turns out to be no good, then they burned their chance to nab the criminal. Or if they give us a tip, and it turns out to be something petty or nothing at all, then we've all wasted our time and outraged the privacy of a legitimate client. I think it is important to have such an understanding, because XeroBank has communicated to me they won't be subject to politically or financially motivated claims by any agency, regardless of jurisdiction.
2 comments:
Servers in the US??? Are you sure that is a good idea?
I take your point about violators of the Xerobank TOS and it is obvious that offenders can only be identified through investigation (which surely means compromising the privacy of the account under investigation) however, it is not preferable from such investigations to be under the total control of Xerobank, and not a governmental body.
From the point of view of the omnipresent state apparatuses it is very simple, especially as the US has effective removed the right of habeas corpus for any foreign national on US territory (simply by designating that person a terrorist suspect), because there is only one position that I believe they adopt, and that is that everyone is a terrorist/money-fraudster/child-pornographer unless proven otherwise.
Any and all data held in jurisdictions such as US, Canada & UK (and some other’s) is vulnerable to state confiscation and we surely know that encryption will make no difference, people just get locked up until they reveal the encryption key.
All we can do here is not make it easy for data to be secured because the easier it is the more governments embark on ‘fishing expeditions’. When its ‘offshore’ and not easy they can still get the data BUT they have to be sure of their facts and have evidence of wrongdoing. Yes, there are bad people out there, but we want to rely on Xerobank so as not to be all ‘Tarred with the Same Brush’.
Brian,
Servers in the US shouldn't be a problem. They will only be communication servers, and likely only exit nodes. They are naturally encrypted layer after layer, and it won't matter if anyone comes in to seize them or attempts to monitor the traffic of that single box as all data coming into it will be encrypted and come from servers from other jurisdictions. None of the data is held, and we don't do logging.
It doesn't really change our risk any. Outbound nodes can always be monitoring be an interested party, as that is just the way the internet is.
The diagram still holds true, regardless of jurisdiction (as long as they are split and not in collussion, in which case they have to perform full traffic analysis to beat our crowding, in which case you are too high-profile for anyone to help you.):
http://xerobank.com/images/diagramV3.jpg
Post a Comment