Take a look a the Storj Warrant Canary …
I’m not sure what to do with the statement that “We’re abiding by the secrecy provisions, but we haven’t received any warrants requiring us not to tell you that we have received any warrants.”
EDIT:
I should also add that the HTML marked up PGP signed message is garbled and needs to be re-assembled into plain text in order to be verified.
The appropriate HTML tag for the message should simply be <pre></pre>
It simply states that if a government forbids them from informing the public about warrants received, they will have to comply with them. But they have not received such requests until now.
I understand, but if they did receive such warrants… then they wouldn’t be able to tell you… and the statement would still be the same.
The concept of a warrant canary is that the statement is either no longer updated (in the case of Storj monthly) or removed. That tells you that they have now received such a request.
Again… I understand… but perhaps the secret warrant from the secret court says:
“Storj must place a canary statement on its webpage that says it has not received any warrants.”
The canary statement has exactly zero trustworthiness. It’s existence or non-existence can not be used to determine anything whatsoever.
Most governments can’t force speech like that. That would go against free speech in pretty much every constitution that has a free speech clause. It can’t protect against totalitarian governments of course, but the risk of this is highest in countries where Storj is actually located and/or operating. If I were them, I would stop operating in a country that would force them to say something like that. I’m a little out of my comfort zone now, so I’ll stop addressing this further. I’m sure Storj has consulted with their lawyers around this. It could be a good question for the Q&A session. You can send it to ask@storj.io
@Alexey sorry to bother you, could we have a split off for the warrant canary discussion?
Yup.
There’s an appropriate George Carlin quote somewhere…
Alas! Targeted discussion in a forum is like herding cats… I half-apologize for side threading… but I’m losing my mind a little in lockdown mode.
The rain finally stopped… Time to go outside for a few minutes I suppose.
In that case think it’s standard to post an “unsigned” statement, it’s hard to force someone (or a group of people) to digitally sign a statement against their will.
Let’s verify the posted Canary message
Garbled HTML Mishmash with incorrect format and many other oddities.
—–BEGIN PGP SIGNATURE—–
Version: Keybase OpenPGP v2.1.13
Comment: <a href="https://keybase.io/crypto">https://keybase.io/crypto</a></li>
</ul>
<p>wsBcBAABCgAGBQJeizoGAAoJEPQrujgXjffw75oIAJGjYi/sUnmsG18PdzQz2epe
qX/a7ctisbSNC8WaBGpuDIFHMwdpeoQIWj5Kza/9G+LfG9nQ02Lxbhdt07uj+zfD
Shg61fMld6UiOuK2dFpqfMsKYPsbZlGWOEzPoRJCbfBMRI+kvaRCtpNoLc5WcNO1
jSp67Ti3V12ytr23kArWhzz7nL3fooRPj+EkpkFEEW9XePaCZ0kE9kUsjUw+xD1G
OVV9dvb4liGDubcUlkkansxswrTVm9K3bRYt0Bwqxary6r5XfYqdidiLXSp7aHjx
mhbxdD3dAY8+Kbp+BnVE3bgE5ENw0xk5/459cgmsrZJi4taDFDeVqvAznrx1r+M=
=kugb
—–END PGP SIGNATURE—–</p>
Cleaned up signature with correct format:
-----BEGIN PGP SIGNATURE-----
wsBcBAABCgAGBQJeizoGAAoJEPQrujgXjffw75oIAJGjYi/sUnmsG18PdzQz2epe
qX/a7ctisbSNC8WaBGpuDIFHMwdpeoQIWj5Kza/9G+LfG9nQ02Lxbhdt07uj+zfD
Shg61fMld6UiOuK2dFpqfMsKYPsbZlGWOEzPoRJCbfBMRI+kvaRCtpNoLc5WcNO1
jSp67Ti3V12ytr23kArWhzz7nL3fooRPj+EkpkFEEW9XePaCZ0kE9kUsjUw+xD1G
OVV9dvb4liGDubcUlkkansxswrTVm9K3bRYt0Bwqxary6r5XfYqdidiLXSp7aHjx
mhbxdD3dAY8+Kbp+BnVE3bgE5ENw0xk5/459cgmsrZJi4taDFDeVqvAznrx1r+M=
=kugb
-----END PGP SIGNATURE-----
Now which key?
$ gpg --list-packets -
-----BEGIN PGP SIGNATURE-----
wsBcBAABCgAGBQJeizoGAAoJEPQrujgXjffw75oIAJGjYi/sUnmsG18PdzQz2epe
qX/a7ctisbSNC8WaBGpuDIFHMwdpeoQIWj5Kza/9G+LfG9nQ02Lxbhdt07uj+zfD
Shg61fMld6UiOuK2dFpqfMsKYPsbZlGWOEzPoRJCbfBMRI+kvaRCtpNoLc5WcNO1
jSp67Ti3V12ytr23kArWhzz7nL3fooRPj+EkpkFEEW9XePaCZ0kE9kUsjUw+xD1G
OVV9dvb4liGDubcUlkkansxswrTVm9K3bRYt0Bwqxary6r5XfYqdidiLXSp7aHjx
mhbxdD3dAY8+Kbp+BnVE3bgE5ENw0xk5/459cgmsrZJi4taDFDeVqvAznrx1r+M=
=kugb
-----END PGP SIGNATURE-----
# off=0 ctb=c2 tag=2 hlen=3 plen=284 new-ctb
:signature packet: algo 1, keyid F42BBA38178DF7F0
version 4, created 1586182662, md5len 0, sigclass 0x00
digest algo 10, begin of digest ef 9a
hashed subpkt 2 len 4 (sig created 2020-04-06)
subpkt 16 len 8 (issuer key ID F42BBA38178DF7F0)
data: [2048 bits]
OK, so finally I get the Key ID. Let’s get the public key:
$ gpg --recv-key F42BBA38178DF7F0
gpg: key FF55B791DAB0D433: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg: w/o user IDs: 1
Oops! not there! But there’s another key ID. Let’s see who it belongs to:
https://keybase.io/super3
This is why I don’t like keybase.io … it’s way too complex for something that has been simple for a long time. However, after all that work trying to figure how who and what signed the message, I still haven’t verified the message yet.
Let’s finally import the keybase.io special purpose public key server key:
$ gpg --fetch-key https://keybase.io/super3/pgp_keys.asc?fingerprint=9f824b3d9bc857c790e747deff55b791dab0d433
Check signature time.
Again a Garbled HTML Mishmash:
<p>—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512</p>
<p>As of 04/06/2020, Storj Labs Inc. has never received a National Security Letter, an order under the Foreign Intelligence
Surveillance Act, or any other classified request for user information. If we ever receive such a request, we would
seek to let the public know it existed.</p>
<ul>
<li>- Nation is told to brace for a difficult week ahead</li>
<li>- Stock markets surge even as covid-19 cases near peak in parts of U.S.</li>
<li>- U.S. hospitals facing ‘severe shortages’ of equipment and staff, watchdog report says</li>
<li>- Trump blocks Fauci from answering question about drug Trump is touting</li>
<li>- Boris Johnson remains ‘under observation’ in a London hospital; aides say he continues to lead government
Clean up time:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
As of 04/06/2020, Storj Labs Inc. has never received a National Security Letter, an order under the Foreign Intelligence Surveillance Act, or any other classified request for user information. If we ever receive such a request, we would seek to let the public know it existed.
- Nation is told to brace for a difficult week ahead
- Stock markets surge even as covid-19 cases near peak in parts of U.S.
- U.S. hospitals facing 'severe shortages' of equipment and staff, watchdog report says
- Trump blocks Fauci from answering question about drug Trump is touting
- Boris Johnson remains 'under observation'; in a London hospital; aides say he continues to lead government
-----BEGIN PGP SIGNATURE-----
wsBcBAABCgAGBQJeizoGAAoJEPQrujgXjffw75oIAJGjYi/sUnmsG18PdzQz2epe
qX/a7ctisbSNC8WaBGpuDIFHMwdpeoQIWj5Kza/9G+LfG9nQ02Lxbhdt07uj+zfD
Shg61fMld6UiOuK2dFpqfMsKYPsbZlGWOEzPoRJCbfBMRI+kvaRCtpNoLc5WcNO1
jSp67Ti3V12ytr23kArWhzz7nL3fooRPj+EkpkFEEW9XePaCZ0kE9kUsjUw+xD1G
OVV9dvb4liGDubcUlkkansxswrTVm9K3bRYt0Bwqxary6r5XfYqdidiLXSp7aHjx
mhbxdD3dAY8+Kbp+BnVE3bgE5ENw0xk5/459cgmsrZJi4taDFDeVqvAznrx1r+M=
=kugb
-----END PGP SIGNATURE-----
Result:
gpg: Signature made Mon 06 Apr 2020 10:17:42 AM EDT
gpg: using RSA key F42BBA38178DF7F0
gpg: BAD signature from "Shawn Wilkinson <shawn@storj.io>" [unknown]
So… What was the original message that was signed? Maybe it wasn’t the one posted.
Plain text… or <pre></pre> tags along with the key ID of the signature would make the verification process a lot less messy. PGP keys leak that information anyway… So, one might as well just put it up on the screen.
In any case, the basic problem still exists… The Canary statement can not be trusted. It’s presence or absence can not be used as assurance of any truthfulness of what is written in the statement, signed or otherwise.
And this is the precise point I was making other threads about the importance of not allowing any unencrypted user data onto the network. Storj is open source, and that a good thing… and having a protocol which expressly rejects unencrypted user data protects SNOs from possible future legal issues.
The way Storj has implemented their canary isn’t helping matters.
Ideally it should NOT be a web page but rather point to a plain text file ( i.e. storj_io/canary.txt) that can beeasily scraped with no additional stripping required, with a link to the associated public key.
Something that could be bought up in the Q&A next week ??
Thanks for pointing it out. We will put it in a sprint for one of the web developers to fix. It was in plaintext but got changed when we switched over website backends.
Solution to the problem of message verification.
However, I still feel strongly that the conversation regarding the effectiveness of the statement should continue… and that addressing possible future legal issues for SNOs will be a real sticking point for long term Storj network growth and peace of mind for node operators.
Well, a warrant canary always assumes you trust the person signing it. If you don’t then of course it’s meaningless. And even if you trust the signer, the best it can do is say whether or not a request has been received. Since they tend to come with gag-orders, you won’t know which government requested it or what was requested.