The Lavabit case


You may recall the case of Lavabit that I have written about before where Ladar Levinson, the owner of that encrypted mail service, shut down his business to avoid giving the government the master encryption key they demanded so that they could read all his 410,000 clients’ emails. This happened last June, likely when the US government first learned of the NSA leaks and discovered that Edward Snowden used Lavabit to communicate.

Well, the Obama administration took Levinson to court for defying the court order to hand over the keys and is asking that he be found in contempt of court.

The case is now being deliberated upon by the Fourth Circuit Court of Appeals but the oral arguments did not seem to go well for Levinson. The judges seemed to be fixated on Levinson’s initial refusal to hand over the unencrypted data and viewed the request for the keys as a ‘red herring’, revealing a lack of sophisticated understanding of what was involved.

There was a bit of good news at the end of the news report.

Levison is currently working with the founders of Silent Circle, another secure online service that shut down, fearing the FBI would compel it to compromise its service. They are planning to launch a service called Dark Mail that will offer an open-source tool that could make secure encryption an easy add-on for any email service.

They exceeded their Kickstarter fundraising goal for Dark Mail. For those who know more about this than I do, here is what they plan, taken from their Kickstarter page.

The goal is to perfect and release its source code as a free and open-source software (F/OSS) project. The “magma” daemon supports access via SMTP, POP3, IMAP4 and HTTP. Magma can be clustered and transparently encrypts user data before storing it on disk. It includes a Javascript webmail system that uses a JSON-based API to provide secure mail access via the web.

Along with preserving existing functionality, the team will build in support for the Dark Mail protocol. Dark Mail, a newly developed messaging protocol, is designed to provide end-to-end encryption of both the message itself and the email in transit. Because encryption will be integrated into the protocol itself, it will be invisible to the user. Dark Mail users will get the security of PGP without the cognitive burden; if someone can use email today they will be able to use Dark Mail tomorrow.

I hope they succeed.

Comments

  1. DsylexicHippo says

    I wish they did not call it Dark Mail. There shouldn’t be a villainous connotation to ensuring privacy from Snoop-Daddy.

    As for our judges -- hardly any of them appear to be technologically literate. Bunch of cranky, bumbling, horse-whip cracking fuddy duddies.

Leave a Reply

Your email address will not be published. Required fields are marked *