Introducing the PRISM-Proof Storage Device

Yesterday, Least Authority CEO Zooko Wilcox-O'Hearn issued a press release for his storage and encryption company, which read, "For obvious reasons, the time has come to push hard on verifiable end-to-end encryption. Here's our first attempt. We intend to bring more!"

Wilcox-Ohearn was referring to Least Authority's newly-announced "PRISM-proof" storage device—Simple Secure Storage Service (S4), "a backup service that encrypts your files to protect them from the prying eyes of spies and criminals." PRISM-proof is a provocative claim, and certainly a great marketing gambit. But maybe it can actually deliver.

“People deserve privacy and security in the digital data that make up our daily lives.” added Wilcox-O'Hearn. “As an individual or a business, you shouldn't have to give up control over your data in order to get the benefits of cloud storage.”

This, of course, is a big concern in the post-NSA leaks landscape. The "cloud" might have been the biggest tech buzzword of 2012, conjuring an elegant, ethereal solution to data storage. But Edward Snowden's leaks highlighted the fact that big corporations dominate the cloud market—businesses which have allegedly put themselves at the NSA's disposal. And since these cloud services haven't made any guarantees that user data won't be surveilled, Least Authority's service might be able to strip some users away from the big boys.

I spoke with Wilcox-O'Hearn over email about Least Authority's S4 and its forthcoming Magic Folders service, and how the company is making its storage devices "PRISM-proof". To be honest, I was skeptical of the service, but it does sound promising. That is, if users don't mind parting ways with around $50 per month for the pleasure of PRISM-less snooping.

MOTHERBOARD: Least Authority is a pretty provocative company name. Kind of a thumb at the nose of the establishment. Was that the intention?

Well, it has two meanings. Or, actually, just one meaning that can be applied to either the technical or political realm. There is a theory in computer science called "The Principle of Least Authority", which says that when you are building a system, each part of the system should not have more power than it needs to do its job. That principle is the most important guiding principle in our design, and that's why we named the company LeastAuthority.com.

For example, that's why the storage servers in our architecture—which are responsible for holding your data, preserving it over time, and serving it up to you when you need it—don't have the ability to read or alter your data. It's because they don't need that power to do their job; and therefore, according to The Principle of Least Authority, they shouldn't have that power.The US military and espionage establishment also uses this same principle, both in human organizational terms—where it is related to the "Need To Know" principle—and in computer technologies like the Least-Authority File System.

The other meaning, or the other application of the same principle, is political. There, too, it makes sense that each entity should not have more power than we need it to have. This isn't a provocation or an insult to "the establishment," though! It's just common sense. It is what I was taught in high school civics class about the American principles of separation of powers, checks and balances, and limited government.

Where are you guys based?  The reason I ask is because readers will be interested in the issue of cooperation with the US government's surveillance state.

I live in Colorado. Some of our employees are in the USA, one in the UK, and another in Germany. We also accept contributions to our open source codebase from all over the world, including contributions from Pakistan, Turkey, and China. Since I live in the US, our company would certainly cooperate with any lawful requirements imposed on us by US law. The useful thing about our service is that we can't read your data even if we try; so whether or not we're required to spy on you is irrelevant to the question of whether your data is private.

The website says "Freedom Matters," but do you think it's pretty difficult to be truly free and private in this technological age?

Yes, people are legitimately concerned now about what sort of information about them is being collected and to what purpose it will be used. I don't have easy answers for all of it. But it is important not to give up, not to become cynical. It is important not to think that you have no choice and you have no freedom. You do have choices.

Right now, if you are a computer programmer developing your own product, or a system administrator responsible for backing up some files, you can use LeastAuthority.com's S4 service instead of some other storage service, and you will gain the added feature of the confidentiality and security of your files. It isn't any more complicated to use than the alternatives. In the future, we'll launch the Magic Folders product, and then you will have the choice of using that instead of Dropbox.

When did the idea for S4 take root? Did you know you'd offer S4 first to programmers or "power users," then release Magic Folders for general users?

We've been working on this technology for a long time. LeastAuthority.com was already a successful business from selling to other businesses who use the Least-Authority File System, and from getting government contracts and grants (including, by the way, a prestigious grant from DARPA and support from other national cyber-security agencies). But when the PRISM scandal hit, we realized “Hey, a lot of people really care about this! We need to put this out there so other people can use it”, and that was why we launched the S4 product. We also realized that there were a lot of people out there who are not programmers or system administrators but who care about the privacy and safety of their files, and that they need an alternative. So that's why the “Magic Folders” product, which had long been a gleam in our eyes, became our priority.

How is your system PRISM-proof? 

All of the data that you store in S4 ends up stored on Amazon's S3 service. S3 is a very reliable and widely-understood service. Programmers know how it behaves, which is why we chose it for our backend storage. However, if Amazon.com, or a US government agency, or a foreign cyber-spy who remotely penetrated Amazon's servers, were to inspect the data stored there, they would see only opaque, indecipherable ciphertext. That's because all of the data stored in S4 is encrypted, and the encryption keys are kept only on the customer's personal computer. The plaintext and the decryption keys are never transmitted to LeastAuthority.com's servers, and never transmitted to Amazon's servers. That's why we say the service is “PRISM-proof”: because it prevents casual, indiscriminate snooping on everyone at once. The only way to get access to the customer's data is to take over the customer's personal computer. So, this is not a very strong defense against a specific, targeted investigation! If police investigators seize your computer, then they'll be able to access all the files that you could access. S4 is not designed to prevent that.

Likewise, if some kind of cyber-espionage team from a foreign country remotely takes over your laptop, then they'll get access to your files, too. S4 is not designed to prevent targeted investigations against one person's laptop, it is intended to prevent mass, indiscriminate surveillance of everyone at once.

Any final thoughts on surveillance culture?

Mass surveillance of everyone is a reality, and it is a serious issue. We don't know who all is doing it, although it is clear that NSA isn't the only organization with the capability and motivation to do so. But the situation is not hopeless. You can take steps to retain control of your own data.