85

While browsing VeraCrypt's website I found its warrant canary. I tried to understand what it is and what its purpose was by reading corresponding Wikipedia article. To be honest I find it quite confusing.

Can someone explain what a warrant canary is in a bit less complicated way than Wikipedia does?

Dignissimus - Spammy
  • 105
  • 1
trejder
  • 3,329
  • 5
  • 23
  • 33
  • 2
    This appears to be a duplicate of [Is there any legal theory behind “warrant canaries”?](https://law.stackexchange.com/questions/268/is-there-any-legal-theory-behind-warrant-canaries) on law.se. – Philipp May 16 '17 at 08:19
  • @Philipp That link was already mentioned under dr jimbob's answer. – Mast May 16 '17 at 08:27
  • @Mast Law.SE is not a quick-migration target for Security.SE, so I had to write something into the field for stating the reason to close this question. – Philipp May 16 '17 at 08:29
  • 18
    IMO, it shouldn't be migrated and cross-site duplicates are allowed. – Mast May 16 '17 at 08:31
  • 8
    These is soooooooooooo weird times; I fear official governments much more than I fear "private" criminals. – Uwe Keim May 16 '17 at 11:29
  • 1
    Ironically enough, the PGP signature to that canary is invalid because of encoding problems, and the fact that the news headlines happened to have an é. – NH. Nov 20 '17 at 17:33

3 Answers3

115

Governments may issue secret government subpoenas to communication providers that force them to disclose private data about their users or insert backdoors into their products. Furthermore, governments may give criminal penalties to an organization that chooses to publicly disclose if a subpoena was issued.

Some tech organizations attempt to get around this by regularly issuing "we have never been issued any such government subpoenas" while signing their messages with their private key. This message is called a warrant canary, with an analogy to a canary in a coal mine. (If the mine begins to fill up with poisonous gases, the small canary will feel its effects before humans and serves as a warning to everyone to get out of the coal mine). If the government issues a subpoena to them, they promise they will stop issuing the cryptographically signed message stating "we have never been issued any secret gov't subpoenas". While the law allows the gov't to penalize them for disclosing information about a secret subpoena, there is (currently) no law that would require them to continue issuing such warrant canaries.

Granted, it's feasible for a gov't court to secretly force an organization to give up their private keys that were used to sign their warrant canary, or require them to continue publishing their warrant canaries or suffer severe consequences; whether this happens in practice is not publicly known. It's also possible that the people issuing the warrant canary are not trustworthy people and would voluntarily continue to issue them, even while complying with government subpoenas.

For more information check out these links from the comments:

dr jimbob
  • 38,768
  • 8
  • 92
  • 161
  • 43
    Some additional info that doesn't really deserve its own answer: It is unlikely a law will ever be passed (in the US) that would nullify this "canary" approach because it would be a law mandating that a company tell a lie. Unless something dramatic changes, such a law has no chance in court. – Vlad274 May 15 '17 at 21:19
  • 7
    https://law.stackexchange.com/questions/268/is-there-any-legal-theory-behind-warrant-canaries –  May 15 '17 at 21:32
  • 52
    @Vlad274 The law would mandate that a company tell alternative facts, of course. – Niet the Dark Absol May 16 '17 at 09:07
  • I't feasible (and maybe legitimate) for a government to pursue companies not issuing canary warrants. This due to laws regulating cooperation and compliance to court orders – usr-local-ΕΨΗΕΛΩΝ May 16 '17 at 12:46
  • The warrant canary is basically a contract with the user that says "if ever I get investigated, I will be legally required to lie to you". – Nate Diamond May 16 '17 at 17:30
  • 1
    Not withstanding what chapka said 2 some years ago, the gov't can't really legally compel speech. Just look at the courts ruling on ordering people to give up their phone codes; they won't make such an order. Look at the Apple Iphone case, the FBI couldn't compel the release of their signing key. – Dean MacGregor May 16 '17 at 20:47
  • 1
    It's possible attempting to compel an entity to assert anything could be seen as a fifth amendment violation in the US. Sometimes it's more about shifting the burden of litigation to a party that would rather not deal with being the litigant (like a US or district attorney's office) than it is about complying with the letter if the law. – Todd Wilcox May 17 '17 at 02:41
  • @Vlad274 - I agree US courts would rule against such laws. But, unconstitutional laws often get passed; especially if the law is vague like "no action or inaction taken by the organization issued an NSL can disclose they have been served an NSL to other people". That said, my hunch is that the gov't wouldn't go for that approach (publicly passing such a law would let everyone know warrant canaries are useless). Instead, gov't could steal information or compel organizations to secretly disclose with carrot/stick approach--even with the law on your side a long legal fight can be costly. – dr jimbob May 17 '17 at 14:16
  • 1
    @Vlad274 : I once thought that. But then my government, the American, effectively stole an identity. (*The* reason for them to want Lavabit's signing keys is so that when another computer checks who it is speaking with, the government could identify itself as Lavabit's computers.) – TOOGAM May 18 '17 at 03:11
  • @DeanMacGregor There's scant evidence the FBI couldn't compel Apple to abuse their signing key. In fact: Media reports state the FBI *dropped the case it was pursuing against Apple after it was successful at accessing the data it was seeking.* – WHO's NoToOldRx4CovidIsMurder May 18 '17 at 06:55
  • Possibly the issue is that no company has ever before put themselves in a stupid enough position where the government would need to force them to "lie" (where lie means continue making a statement) to support their objectives. "What you got?" is a high-risk response to a nation-state with the ability to legislate, government lawyers, FBI agents, spies and an army. They have all kinds of answers. – deworde Jun 02 '17 at 07:46
  • @drjimbob, can you add a reference to your answer, such as https://www.yalelawjournal.org/forum/warrant-canaries-and-disclosure-by-design ? – NH. Nov 20 '17 at 17:35
14

Basically, it's a way to get around a restriction on disclosing a warrant has been served.

  1. Warrants authorize the seizing of items, including data. Many users want to know if their data has potentially been seized
  2. Warrant canaries have dates on them
  3. It can be against the law to disclose that one has received a secret subpoena or warrant (thank you to cat for the correction) to a third party (such as a user)
  4. Receiving a warrant does not compel one to post a warrant canary
  5. If one does receive a warrant, one does not post a warrant canary. If it is not posted, users/viewers know that a warrant has been served in the last month

For example VeraCrypt deals with encrypting data. It is possible that a warrant or other court order could be issued to attempt to force VeraCrypt to help decrypt something that their software encrypted. This is a way of alerting users to this fact, without falling afoul of gag orders, etc.

sharur
  • 241
  • 1
  • 4
  • 4
    it is against the law to disclose a *secret subpoena*, not *any warrant* – cat May 15 '17 at 23:01
  • 8
    What prevents companies from having a different warrant canary for every single user, not just a general one for everyone? – user541686 May 16 '17 at 06:19
  • 2
    @Mehrdad Apart from the logistics, probably the degree of defensibility. While a company _may_ be able to defend using a generic "warrant canary" (the question appears open), I suspect it would be much harder to defend a per-user canary. The former doesn't release any details of the warrant(s), only (by omission) that one-or-more have been issued. However, ceasing to publish a "We have not received a warrant regarding Joe Bloggs" would reveal specific detail that (I suspect) would be indefensible. – TripeHound May 16 '17 at 09:39
  • @TripeHound: That's what I thought too, but then what defense would individual canaries be more ill-suited for? If the defense is "you can't compel us to lie, especially to our customers", then would the number of customers really matter at all? That's the defense I'm reading everywhere. On the other hand if the defense is "this is a better trade-off for the greater good" then I guess you would be right but that doesn't seem to be the main defense that I'm reading. – user541686 May 16 '17 at 10:13
  • @Mehrdad Probably degree of culpability. IANAL, but reading [the related answer on Law.SE](https://law.stackexchange.com/a/333/3701), even if they are not able to compel you to lie, they perhaps can punish for revealing information you shouldn't have done. For a "generic" canary, this isn't a lot of information: (at least one, could be thousands) of warrants have been served, but no indication as to the subjects. For per-user canaries, you would be revealing _who_ had been served warrants, which I suspect would be dealt with more harshly. – TripeHound May 16 '17 at 10:31
  • @TripeHound "We have not received a warrant regarding anybody with a last name starting with B". – Michael May 16 '17 at 16:40
  • 1
    In this case they might just order you to stop publishing highly specific warrant canaries with the first warrant, which I am reasonably certain they can do. – Joshua May 16 '17 at 21:53
  • @Joshua: D'oh, now I feel dumb. I think you hit the nail on the head... – user541686 May 18 '17 at 09:47
6

In the US, many forms of government cooperation and compulsion are public. Some can be secret, or secret for a period of time. The general idea is that they are public. A company or person may wish to keep such assistance to the government secret or confidential, but there is often no requirement from the government to do so. However, in recent years, that has been changing to a default "make all the things secret" philosophy, and the increased use of National Security Letters.

Warrant canaries are directed at National Security Letters (NSLs), which historically, from what little we know about them, also come with a permanent gag order (aka forced secrecy forever). Because NSLs are issued under the "National Security" umbrella and apparatus (link), the government says they fall outside the normal scope and rule of law, and as such you cannot talk about it or will get thrown in to Gitmo and they will throw away the key. Maybe not literally, but they threaten to do all sorts of horrible things and prevent even the receiving entity of an NSL from seeking counsel, which many view to be an abuse of power and due process.

The warrant canary is an attempt to be a solution for companies, who now hold all our private information (willing or unwittingly) to let their users know if they have been breached by the government by use of force or coercion. This is in addition to the statistics and breach reports companies regularly disclose to their users. The theory is that you can be compelled to be silent, but you can't be compelled to say something, or a particular thing. Therefore, the warrant canary will die when the company goes silent.

A particular warrant canary is only good for a particular length of time, and then must be replaced, refreshed, or updated. If it gets stale or disappears, presumably, an NSL was issued to the company, and that company has been forced to turn over data of one or more of its users.

Source: reading the news on this stuff.

YetAnotherRandomUser
  • 2,290
  • 2
  • 14
  • 20
  • 2
    In Australia you can be imprisoned for NOT handing over your passwords. https://en.wikipedia.org/wiki/Key_disclosure_law#Australia – Mathemats May 18 '17 at 00:47