Snowden's Favorite Email Service Returns, With 'Trustful,' 'Cautious,' And 'Paranoid' Modes

from the can-a-phoenix-be-composed-of-lava-(and,-um,-bits-I-guess)? dept

A little more than three years after it shut down to avoid complying with federal prosecutors' demands for its encryption key, Lavabit is returning to life. The secure email system, whose most famous user was Edward Snowden, fought the US government in court over demands to produce the key that would unlock access not only Snowden's emails, but those of every user. Not only did it shut down, but it also memorably delivered a 4-point middle finger to the feds in the middle of the legal battle.

With its users' privacy secured -- along with its legacy (Snowden-approved, man-sticking-it-to-itiveness) -- the Lavabit team gave the code to the public and started working on a newer, more secure email platform. As Kim Zetter reports for The Intercept, Lavabit's successor is now live.

[Ladar Levinson is] relaunching Lavabit with a new architecture that fixes the SSL problem and includes other privacy-enhancing features as well, such as one that obscures the metadata on emails to prevent government agencies like the NSA and FBI from being able to find out with whom Lavabit users communicate. He’s also announcing plans to roll out end-to-end encryption later this year, which would give users an even more secure way to send email.

The "SSL problem" was the weak link the government sought -- the key that would unlock all users' accounts, rather than just the one targeted. With this eliminated, Lavabit's new basic option should be far more resistant to government demands than its earlier version.

With the new architecture, Lavabit will no longer be able to hand over its SSL key, because the key is now stored in a hardware security module — a tamper-resistant device that provides a secure enclave for storing keys and performing sensitive functions, like encryption and decryption. Lavabit generates a long passphrase blindly so the company doesn’t know what it is; Lavabit then inserts the key into the device and destroys the passphrase.

But if vanilla Lavabit still feels a bit compromisable, there are a couple new tiers of increasing darkness available to users, known as "Cautious" and "Paranoid." (The vanilla tier is "Trustful," which places the security duties completely in Lavabit's hands.) "Cautious" offers end-to-end encryption, with the encryption key being stored in users' devices, but while still using Lavabit's server to transfer the key from device to device. (This will also allow users to recover keys if needed.)

"Paranoid" goes even further.

Some people who want more security — like activists, journalists, and whistleblowers — might balk at having their key stored on a third-party server. That’s where Paranoid mode comes in. The key for doing end-to-end encryption remains on the user’s device and never goes to Lavabit’s server. But to use another device, the user has to manually move the key to it. And there’s no way to recover the key if the user loses it or deletes it.

In all three cases, it will be difficult-to-impossible for governments to demand access to users' communications. Additionally, Lavabit's service will deliberately mangle metadata, making it mostly useless to surveillance agencies engaging in passive collection, as well as to government agencies seeking to obtain these so-called "third party records." This is utilized in all three tiers and is based on Tor's origin/destination obfuscation tactics. The most that can be gleaned from the metadata is the domain sending or receiving the email -- but not both on any single record.

Unsurprisingly, Lavabit had little to say on its "responsiveness" to government demands for users' communications, letting the end products speak for themselves. If the internet perceives censorship as damage and routes around it, communications platforms are more frequently coming to the conclusion that government surveillance is just more wreckage to avoided.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ed snowden, email, encryption, ladar levison, privacy
Companies: lavabit


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 23 Jan 2017 @ 3:11pm

    This is an outrage! In the old days, all communications however sent could be recovered by journalists. When messages were written on paper, all manufacturers of sulphur matches could be required to provide technical means of reconstructing envelopes from ashes. Manufacturers of hammers, celts, or clubs could be required to provide tools to re-assemble broken cuneiform tablets. In a civilized society, Lavabit would be subject to the same requirements.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Jan 2017 @ 3:12pm

    With the new architecture, Lavabit will no longer be able to hand over its SSL key, because the key is now stored in a hardware security module — a tamper-resistant device that provides a secure enclave for storing keys and performing sensitive functions, like encryption and decryption. Lavabit generates a long passphrase blindly so the company doesn’t know what it is; Lavabit then inserts the key into the device and destroys the passphrase.

    I'm just trying to understand - If that device breaks and needs replacing at some point, are those emails forever unrecoverable?

    link to this | view in chronology ]

    • identicon
      Thad, 23 Jan 2017 @ 4:03pm

      Re:

      Hardware security modules are typically deployed in clusters. It's possible for an HSM to mirror data from another HSM without allowing that same content to be copied to an unauthorized device.

      link to this | view in chronology ]

    • icon
      Arthur Moore (profile), 23 Jan 2017 @ 11:45pm

      Re: If that device breaks and needs replacing at some point, are those emails forever unrecoverable?

      No, because the SSL key is separate from E-Mail encryption.

      SSL keys are used to secure communication between machines. In the case of encrypted E-Mail that's the "To" "From" and "Subject" fields that aren't encrypted. So, the metadata.

      The thing about SSL keys is that they prove that a site is who it says it is. They're the reason we trust the green lock icon in our browser. If a website lost one, they could just get another. It would be a bit of a hassle, but isn't too big of a deal.

      We only worry when an adversary has those keys. Then they can sniff traffic, or even pretend to be the website to get the e-mail encryption key.

      link to this | view in chronology ]

  • icon
    flyinginn (profile), 23 Jan 2017 @ 4:47pm

    If it works as advertised, really good news at last for Immigration, Human Rights and Asylum legal practices where the opposition is always government.

    link to this | view in chronology ]

  • icon
    Roger Strong (profile), 23 Jan 2017 @ 5:09pm

    Not only did it shut down, but it also memorably delivered a 4-point middle finger to the feds in the middle of the legal battle.

    ....[Prosecutor James] Trump said.

    Prosecuted by Trump over not giving in to government demands on mass surveillance.

    I'm glad that's the last we'll hear of THAT.

    link to this | view in chronology ]

  • icon
    Roger Strong (profile), 23 Jan 2017 @ 5:59pm

    Snowden's Favorite Email Service Returns, With 'Trustful,' 'Cautious,' And 'Paranoid' Modes

    Much like government prosecution of leaks, depending on who is doing the leaking. Nice.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Jan 2017 @ 7:19pm

    Compromised Yet?

    "hardware security module — a tamper-resistant device"

    We're not positive that these devices haven't already been compromised. If you use Lavabit, you may want to look into something other than the vanilla tier.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Jan 2017 @ 8:43pm

    Groklaw coming back?

    I hope this will bring PJ and Groklaw back. I miss them dearly.

    link to this | view in chronology ]

    • icon
      Designerfx (profile), 23 Jan 2017 @ 9:10pm

      Re: Groklaw coming back?

      I've emailed her in the past; I didn't get an impression she was willing to come back after having Maureen O'Gara personally attack her and privacy etc. :/

      link to this | view in chronology ]

    • identicon
      SpaceLifeForm, 24 Jan 2017 @ 10:29am

      Note for PJ

      It is ECC not RSA.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 23 Jan 2017 @ 9:54pm

    Location, location, location. Where are the servers located? I would prefer Russia or Mainland China to a fourteen eyes country.

    link to this | view in chronology ]

  • icon
    reader50 (profile), 23 Jan 2017 @ 11:09pm

    It is unfortunate that there are no links to this new service. The story has 5 links to other TechDirt articles, and an Intercept link (which does link to lavabit).

    The missing link: https://lavabit.com/

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Jan 2017 @ 3:28am

      Re:

      Thanks for the link. I may never actually use the promotional code, but the $30 donation to Lavabit in re-startup mode eases my heart.

      link to this | view in chronology ]

  • icon
    Narcissus (profile), 24 Jan 2017 @ 3:49am

    Progress... I guess

    So this is what the world is coming to: Paranoid is now a desirable tier in e-mail communication.

    link to this | view in chronology ]

  • icon
    Ninja (profile), 24 Jan 2017 @ 5:38am

    Awww.. I was hoping the next time the FBI asked for the keys he would print them in a grain of rice and deliver with a microscope neatly packaged in a red box with green ribbons.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Jan 2017 @ 8:44am

      Re:

      Don't send the microscope but do send a container of water to expand the rice... LOL

      link to this | view in chronology ]

  • icon
    Sok Puppette (profile), 24 Jan 2017 @ 7:01am

    "Paranoid"?

    The "paranoid" mode is basic least-common-denominator crypto security practice.

    I know the kids today want everything to be easy, but some things are not easy. You can't rely on somebody else to hold your crypto keys and expect to have any security.

    link to this | view in chronology ]

  • identicon
    David, 24 Jan 2017 @ 7:25am

    Not enough.

    Snowden's Favorite Email Service Returns, With 'Trustful,' 'Cautious,' And 'Paranoid' Modes

    He'd probably prefer his favorite homeland to return. Which sort of conflicts with 'schizophrenic psychosis with borderline syndrome, determined to hurt itself and others' Mode.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.