NEW YORK (InsideBitcoins) — Monetas CTO Chris Odom was recently interviewed by Trace Mayer on an episode of the Bitcoin Knowledge Podcast, and the conversation mainly focused on the financial cryptography products currently in development by Monetas. Odom originally caught the attention of the bitcoin community through his creation of the Open Transactions financial cryptography library, and many financial privacy and security enthusiasts are excited about what the Swiss-based company will be able to offer the world in the near future.
At one point during the conversation, Mayer decided to ask Odom why Monetas is based in Switzerland rather than New York, which Mayer referred to as the “financial capital of the world.” Odom was quick to point out that New York was “certainly the financial capital of the 20th century, but what happens in the 21st century remains to be seen.” The Monetas CTO then used three separate examples to show why the company had “no choice but to locate in Switzerland.” The common theme among the examples used by Odom was the US government forcing companies to turn over private data or private keys by any means necessary.
Why didn’t Yahoo tell the public about NSA spying?
The first example pointed out by Odom was Yahoo not being able to tell anyone about the scope of the NSA’s spying apparatus before certain NSA documents were leaked by whistleblower Edward Snowden. In this example, Odom is referring to a response CEO Marissa Mayer gave at TechCrunch Disrupt in September of 2013 when she was asked what the tech giant was doing to protect users against government spying. Although Mayer admitted that Yahoo fights data requests when possible, she also stated, “If you don’t comply, it’s treason.” She continued by saying, “Releasing classified information is treason, and you are incarcerated.”
As Odom put it in his version of the incident, “Not only does she have to cooperate, but she’s not allowed to say anything to anyone about the fact that she’s having to cooperate.”
Malware for Hushmail users
For his next example, Odom explained what happened when government agents were faced with encrypted email service Hushmail’s hands-off approach to encryption. The email provider was once the most well-respected service for secure email due to their use of client-side encryption through a Java applet in the browser. Bitcoin users may be familiar with a similar concept that is used by Blockchain.info to prevent the company from accessing user private keys. Hushmail was thought to be a wise choice for secure messaging at one point, but Odom explained what happened when Canadian law enforcement officials came knocking:
“If the government goes to Hushmail and says, ‘Hey, let me read this guy’s email.’ The answer from Hushmail would be, ‘Oh, well you can’t read this because it’s encrypted. We’ll give it to you. We’ll give you the encrypted mail, but we can’t open it and you certainly can’t open it.’ And the answer that came back to Hushmail from the government was, ‘Well then what you need to do is, you need to install malicious software on the user’s computer and get their key.’”
This appears to be a reference to when Hushmail admitted that their Java implementation was not perfectly secure because users still had to trust the email provider to deploy a non-malicious Java applet whenever their services were used. The quote from Hushmail CTO Brian Smith back in 2007 was:
“The extra security given by the Java applet is not particularly relevant, in the practical sense, if an individual account is targeted.”
Edward Snowden’s email provider
Odom’s third and final example was Lavabit, which happened to be Edward Snowden’s email provider of choice at one point in time. Lavabit was facing a similar situation that Hushmail faced six years earlier, but Ladar Levison, the owner of the email provider, decided to shut down the company in response to the US Government’s requests for customer data. It has been deemed likely by many that the customer targeted by the US Government was whistleblower Edward Snowden, although Levison eventually indicated that all Lavabit users would have been affected by a the request from the US Government.
The Monetas example
As one final note on this topic, Odom provided an example of how things could go wrong if Monetas decided to operate in the United States:
“Let’s say that someone is using the Monetas wallet on his computer, and he’s got his private key. Whoever gets their hands on that private key gains control over his money. We could not allow ourselves to be in a position where a gun is put to our head and we’re forced to download a malicious version of our software onto someone’s computer where their key could be taken. And even if the government did this with the best of intentions, that doesn’t mean some hacker isn’t going to get in there and get that key as well. If there’s a backdoor, there’s a backdoor. And so, we’ve already seen several times in the United States that a company can be forced — in secret — to put malicious software on their users’ computers that could give the government access to that user’s private key. And we just didn’t want to ever be in the position.”
You can follow @kyletorpey on Twitter.