Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
United States Open Source Privacy Security

Is Surespot the Latest Crypto War Victim? 26

George Maschke writes: Patrick G. Eddington writes in a Christian Science Monitor op-ed about indications that the government may be snooping on users of Surespot, a free and open source encrypted messaging app for Android and iOS. Such users include, but are hardly limited to, Islamic State militants. He writes in the piece: "Has encrypted chat service Surespot been compromised by the US government? Surespot user and former Army intelligence officer George Maschke recently published a provocative theory suggesting the answer is yes. Mr. Maschke’s key pieces of evidence are intriguing. In May 2014, he e-mailed 2Fours LLC, which is Surespot’s parent company, asking whether the company had ever received a National Security Letter (NSL), a court order to provide information, or other government request to cooperate in an investigation. He was assured in writing that 2Fours had received no such requests. That changed in November 2014, when Surespot’s founder, Adam Patacchiola, told Maschke via e-mail that 'we have received an e-mail asking us how to submit a subpoena to us which we haven’t received yet.'"
This discussion has been archived. No new comments can be posted.

Is Surespot the Latest Crypto War Victim?

Comments Filter:
  • by turkeydance ( 1266624 ) on Wednesday June 17, 2015 @05:38PM (#49932643)
    and we act accordingly.
  • What a waste! The only thing even close to being secure are the Sunday classifieds and the Hollywood tabloids... Like they say, just broadcast it wide open, nobody will see it.

  • And then? (Score:5, Informative)

    by wonkey_monkey ( 2592601 ) on Wednesday June 17, 2015 @05:58PM (#49932783) Homepage

    If you're going to end your summary with something that happened in November 2014, you could at least hint that there are further developments to be read about in the article, even if you can't be bothered to copy-and-paste those into the summary itself.

    TL;DR: no-one at Surespot is answering questions about whether or not they've had any Gubmint interference, and someone who used to work there, but doesn't any more, won't talk to anyone about it either.

    • So about a year or so ago when I was working for a company that doesn't comment on requests, I had the process explained to me.

      Essentially, it's illegal to say that you have received a request -- which is something you learn when you get a request. If you haven't had a request however, there is nothing illegal about saying it hasn't happened to you. He'd suggested saying something like "We haven't received any requests this month" to alert people.

      After all the BS is said and done, there's a very high like

  • hey, just tape it to the side of your computer. it'll get there if it's supposed to. trust me.

    • I gotta admit, I thought that was funny...

      'we have received an e-mail asking us how to submit a subpoena to us which we haven’t received yet.

      "Oh...you want to subpoena me and you don't know where to send it? Sure, I'll help. My address is 1600 Pennsylvania Avenue, Washington DC..."

      They're an intelligence agency and they don't know where to send the subpoena?

  • Ironic warrant canary is ironic.

  • Surespot, a free and open source encrypted messaging app for Android and iOS. Such users include, but are hardly limited to, Islamic State militants.

    Endorsed by people who trust it with their lives.

  • by Anonymous Coward

    The company was started by the NSA. There was never a need to breach them.

  • No exceptions.

    The really important stuff should be kept among confidants, and discussed as little as is necessary.

    Important records can still be kept in hard copy if you really need to write stuff down.

    Assume everything you say may be taken out of context and without including your sarcastic tone.

  • by Anonymous Coward

    Or maybe the opposite is true... maybe Surespot is secure.. .thus an attempt to discredit it.

    This is the world of "intelligence". Until people wise up their is nothing "intelligent" about the current path of spening billions destroying data security rather than creating it.. we'll get our wish of insecure systems. Not a single computer with commodity components on the Internet today is safe because of these attitudes. Wish I could point to only one country's government as being the problem but its really mo

    • Exactly. There's about an equal chance it's compromised or not, and there's no way to no. It could be a double bluff, it could be a triple bluff. The only thing we know absolutely for sure is that we're not getting the whole story, because if you'd really compromised it, it'd be a valuable source of data and you wouldn't want to let the other side know. Unless, that is, you're hoping they'll think it's a double-bluff...
  • by Meneth ( 872868 ) on Thursday June 18, 2015 @02:39AM (#49935067)

    Surespot is most likely toast now. I see two possible attacks from someone who controls the servers:

Work is the crab grass in the lawn of life. -- Schulz