Monday, January 27, 2014

TorMail? You could always write notes in invisible ink

Back in early 2012, there was a forum thread that discussed a service called TorMail. Even the proponent of TorMail, grandpaflo, made the point of saying this:

...nor should you trust *any* free e-mail provider for *anything*. You and your data *are* the product.

Now we're reminded of this via Kevin Poulsen, who wrote:

While investigating a hosting company known for sheltering child porn last year the FBI incidentally seized the entire e-mail database of a popular anonymous webmail service called TorMail.

Now the FBI is tapping that vast trove of e-mail in unrelated investigations.

Poulsen provided details later in the Wired article:

[T]he FBI obtained a search warrant for the TorMail account, and then accessed it from the bureau’s own copy of “data and information from the TorMail e-mail server, including the content of TorMail e-mail accounts”...

The tactic suggests the FBI is adapting to the age of big-data with an NSA-style collect-everything approach, gathering information into a virtual lock box, and leaving it there until it can obtain specific authority to tap it later. There’s no indication that the FBI searched the trove for incriminating evidence before getting a warrant. But now that it has a copy of TorMail’s servers, the bureau can execute endless search warrants on a mail service that once boasted of being immune to spying.

This brings new meaning to the term "private cloud."
blog comments powered by Disqus