[Foundation-l] Warrantless (government) surveillance of reader activity. Was: Release of squid log data

[Gregory Maxwell]

I'm splitting threads for a tangent here. Ray brought up an
interesting subject in the log thread.

On 9/15/07, Ray Saintonge <saintonge at telus.net> wrote:
> Trust and signatures are not enough.  How will they react if a
> government demands the release of private information?  If we determine
> that we will not release it in the absence of a court order, what
> recourse do we have if the acquirers are not willing to resist a
> government order in the courts?  In some jurisdictions there may be no
> such right to challenge such an order.

As it stands right now wide scale illicit surveillance of reader
activity would not be much of a challenge for a well funded group such
as a government, all it requires is the ability to intercept the links
which carry the traffic.

Outside of government activity, ISPs and their employees also have
access to this data.

We could substantially mitigate this risk by scaling our SSL handling
ability able to the point where it can handle a substantial portion of
the traffic coming to our site and then take measures to encourage
readers to do this.  Then someone wishing to intercept reader activity
would be forced to either compromise reader systems, come to us, or
disclose that they know how to break SSL.

Scaling up our SSL handling is possible but not without considerable
capital and non-zero operating costs. Squid can act as a SSL
accelerator, but we may need to purchase addition hardware (crypto
cards, more cpus, etc) and we would need to deal with potentially
buggy paths in the code. ... but these are technical matters which
belong on another list.

The appropriate question for foundation-l is, should we be spending
some money to do something like this?