Topic: BFL subpoena - page 4. (Read 8680 times)

Here's what i know about bcp19

I said something about BFL being a scam. then i got some pretty new red paint on my trust profile

Exclusive interview with Theymos: "I think that I fought for user privacy much more vigorously than most sites would in this situation, and I still had to release a lot of private data."

http://www.coinbuzz.com/2015/04/17/bitcoin-forum-gives-600-peoples-private-info-to-us-government/

The administrator of the world’s most popular bitcoin forum, bitcointalk.org, told users that he was forced by a subpoena to release 600 people’s private messages.

Michael Marquadt, a.k.a. theymos, told affected users that he would mark the information as confidential, but that may not be enough to keep it from going public. He goes on to clarify in the message, “In particular, I believe that BFL has full access to the PMs and could choose to release them.”

The bulk message was sent out to anyone who interacted with the Butterfly Labs staff accounts on the forums. Any messages – even deleted ones – sent to the following accounts may have been released:

    Inaba
    BFL-Engineer
    BFL_Josh
    SLok
    BFL_Sonny
    BFL AM
    Dave
    bcp19
    nibbknot

Forum administrator responds

CoinBuzz reached out to Marquadt (theymos) for more information:

When were you asked to release the PMs?

The subpoena is dated March 3.

Whom were you asked by?

Subpoenas are always sent by a government, usually a court. You can’t just go and send someone a subpoena. This one was issued by the US District Court for the District of Kansas. It is related to case number 14-CV-2159-KHV-JPO.

Are you concerned about what might be done with the PMs you provided?

Yes. That’s why I spent so much time/money reducing the number of PMs I would have to release to the bare minimum. (The subpoena originally requested all PMs that even mentioned BFL, from/to anyone.) Only PMs to/from a few people who (apparently) are/were BFL employees were released. The PMs are also covered by a protective order, which should make it somewhat more difficult for the PMs to become public.

Even though I want to protect forum PMs as much as I can, users of any website should be aware that it is basically impossible for any service to completely protect data that you give them access to. For example, if Google received a similar subpeona saying, “Give us all GMail emails talking about BFL,” it seems plausible to me that they might give up this info without any fight at all, and maybe not even tell the affected users about it.

I think that I fought for user privacy much more vigorously than most sites would in this situation, and I still had to release a lot of private data. Therefore, you should always securely encrypt sensitive information before putting it on the Internet. Don’t trust third-parties with anything important.

Are you concerned about how BFL might respond to this?

I treated both BFL and the plantiff fairly here. They don’t have any reason to be upset with me.

I am somewhat concerned that BFL could get some info about people who were anti-BFL and use this against them somehow. For example, perhaps some of released PMs show that an ex-BFL-employee broke an NDA. (This is just an example — I haven’t actually read most of the released PMs, and I didn’t observe anything like this in what I did read.) This is unavoidable, unfortunately.

What is your opinion on Butterfly Labs in general?

As far as I know, they accepted substantial preorders and then failed to deliver in any reasonable timeframe. This is very bad. But whether this was due to bad luck, incompetence, or malice, I don’t know.
The long and troubled past of ButterFfy Labs

Butterfly Labs are perhaps the most infamous company in the Bitcoin space. For years they’ve been the centre of controversy, due to their long history of false promises, unreasonable delays, and unpopular customer service. In September of 2014 the mining hardware manufacturers were shut down by the Federal Trade Commission. They proceeded to reopen in January and set a timetable for shipping their Monarch hardware and issuing refunds to some customers, but this recent development suggests that they are still being investigated.

I wonder when they will be requesting info on bcp19's alts. He's posted under:

Pokokohua!
badgerkiller
bcpokey
DaBitcoinGuy

Maybe a couple others I can't remember, but the guy just totally lost his mind (probably because of the subpoena) and revealed his latest alt account. Meh, par for the course when BFL is involved.

I wonder when they will be requesting info on bcp19's alts. He's posted under:

Pokokohua!
badgerkiller
bcpokey
DaBitcoinGuy

Maybe a couple others I can't remember, but the guy just totally lost his mind (probably because of the subpoena) and revealed his latest alt account. Meh, par for the course when BFL is involved.

IIRC the DPR subpoena required theymos to appear in court, however it gave him the option to sign a affidavit saying essentially that the records he provided were true and correct copies of the business records; I don't think there would be any reason why it would be different in this case.

If either party wanted to dispute the completeness of what was provided or wanted to dispute anything that was provided was actually a true and correct copy of the forum's records then he would need to testify (or if either party wanted to otherwise dispute what was provided). I would say there is a pretty good chance that theymos won't need to personally appear, or if he does it will most likely only be for a disposition. I would say the BFL case(s) will most likely get settled out of court (and plea agreements will be reached for criminal cases)

It doesn't stop at the subpoena. I had to go to court for an employer as the custodian of records. I was required to sign an affidavit certifying the records I presented were true and correct and testify to that in open court. I hope theymos has some free time blocked out in the future. If they use those records to support their case he'll need it.

They mostly needed official business records from theymos not what can be accessed publicly. Also they needed a lot of PM's as well as deleted posts.

They most likely emailed him the subpoena, at least that is how they served him the DPR subpoena

I wonder how do they send you Subpoena ? Does not it require to have your physical address ? But, do they have it ? What would they have done if BitcoinTalk owner were not located in USA ? Sending Subpoena to forum admins appear ridiculous to me. Conversations are all open in public. They can directly collect their info from there. And how would they verify whether you are sending them correct PMs or not ? How can this become an evidence in a judicial process ?

I wonder how do they send you Subpoena ? Does not it require to have your physical address ? But, do they have it ? What would they have done if BitcoinTalk owner were not located in USA ? Sending Subpoena to forum admins appear ridiculous to me. Conversations are all open in public. They can directly collect their info from there. And how would they verify whether you are sending them correct PMs or not ? How can this become an evidence in a judicial process ?

I recently received a subpoena related to a case against BFL (Case No. 14-CV-2159-KHV-JPO). I had to release all database info on a few employees/ex-employees of BFL (including their PMs), plus a complete copy of every thread in which anyone mentioned BFL or in which a BFL employee participated. (It was a huge hassle to put all of this info together.) The subpoena originally demanded all PMs that even mentioned BFL, which is ridiculous, but I managed to get this part eliminated.

If a PM of yours was released due to this, then I already sent you a PM about it.

I don't think that I'm going to send PMs about deleted posts that were released. 3196 users had deleted posts released, and I don't really want to send that many PMs when almost no one would care. I feel like people should have basically no expectation of privacy for something that they posted publicly anyway.

I also released all "report to moderator" reports involving or mentioning BFL. I don't think that these are very sensitive, so I'm not going to send out PMs about these.

If your password is compromised, it is possible to change it. One way of doing this is to generate a random master key, which is actually the key that decrypts the PM's, and encrypt the master key with a password. So how it works is you open your Inbox, bitcointalk sends your browser your encrypted master key and encrypted PM's, you type in your password, your master key is decrypted using the password and then the PM's are decrypted using the master key. If your password is compromised you can change it, all you need to do is re-encrypt the master key with the new password, however should you ever forget the current password your PM's are gone unless you have another way of recovering your unencrypted master key. This is similar to how it works with PGP.

My opinion is that PGP should really only be used of private information. Automatically PGP encrypting PM's is not a good idea, you should really only PGP encrypt PM's that actual private information. The reason for this is that if the receipient's PC is ever compromised, if they are unlocking their private key everyday to read their PM's then the malware can easily keylog them, however if they are only unlocking their PGP once every month or two to decrypt private information, there is a greater chance that the recipient will discover the keylogger before they unlock the private key.

People also use their PGP keys for other purposes too like signing code, and this puts their key at more risk.

Well with blockchain.info/wallet if your password is compromised then you can simply move your funds to another address that is not compromised (hell you can create a new bc.i wallet with a better password). With having a private key that is decrypted in the browser if your password is compromised and the password protected private key is stored by the forum (I think it would have to be) then it would not be possible to protect the privacy of your PM's.

If the passphrase to my PGP private key is compromised (but not the private key itself) then I can simply change the passphrase to my PGP private key (I think this is possible- you could have it temporarily in decrypted format then re-encrypt it with a new passphrase (then obviously securely delete all old copies of your PGP private key).

Having the forum automatically encrypt your PM's to the recipients' PGP public key allows the person receiving the message to choose their own level of security. You are right that less people will use it if it is dependent on any third party software, however the forum can only hold people's hands so much when it comes to security/privacy.

I think the PM encryption system shouldn't be dependant on any software other than a standard web browser as a lot of users won't install the third party tools and thus a lot of users won't turn on PM encryption. The idea is this system will be used for most messages as an extra layer of security, anything private should be encrypted with PGP or something similar, if most people don't turn it on it is completely useless.

I disagree with theymos and actually think that forgetting your password is a feature. Anyway in your case losing your private key is the same as forgetting your password, and if you use default GnuPG settings and encrypt your private key, should you forget the passphrase for that you'll still lose your private key and as a result, your PM's. Users who fear they may lose their PM's due to forgetting a password should backup their PM's.

You are right that the JS can be modified, I mentioned above one solution is to copy blockchain.info's solution which was to use a browser addon to verify the JS. Users worried about the JS being modified can install the addon, however it should be optional.

publicly viewable?

It is open source.

Well to avoid the problem of people potentially forgetting their password to decrypt their PM's the forum could automatically encrypt PM's sent to someone using javascript, users would then store the private key locally, outside of their browser in order to decrypt the message. If PGP is used, and the user is using GPGTools as their PGP client, and their private key is stored locally, then decrypting it would be as arbitrary as highlighting text and making two clicks (and entering your passphrase).

In theory, the javascript could be modified so that whenever someone enters their password to decrypt a PM that the password is transmitted to either the forum or a third party attacker which would essentially allow them to decrypt any PM for that user.