LavaBit & Silent Circle launch Kickstarter initiative…

dark_mailLavabit founder Ladar Levison and Silent Circle recently began a Kickstarter initiative to help fund the development and roll out of the first Dark Mail clients.

“The Summer of Snowden may have taken the Lavabit email service offline,” the project’s Kickstarter page says, referring to National Security Agency leaker Edward Snowden, “But the lifeblood of the service is still alive and relevant to Dark Mail.”

Dark Mail is a newly proposed email protocol from Levison and Silent Circle that promises to encrypt not only the body of messages, as is the norm with today’s email encryption, but also protect the “header” metadata accompanying every message, such as the subject line, sender, recipient, and so on.  The plan is to turn Dark Mail into an open source protocol so that any email provider or client app maker can make their services Dark Mail compatible.

Metadata is one of the big weakpoints of secure email communciations , since you cannot hide it from a third-party observing Internet traffic—a fact highlighted this summer when leaks about the National Security Agency’s surveillance activities started coming to light.  The core Dark Mail ideal is that even if law enforcement forced a service provider to hand over its users’ communications, all the company could hand over would be unintelligible junk. Like other encryption schemes, only the recipient with the proper decryption keys would be able to read the message.  Levison and Silent Circle also hope that open-sourcing the Dark Mail protocol would encourage software providers to build Dark Mail capabilities into email clients, and that in turn will make using encrypted communication as seamless as using Gmail or Outlook.com is now. Current efforts to encrypt the body of email messages requires at least a modicum of technical knowledge and a willingness to troubleshoot potential set-up problems.

The Dark Mail Kickstarter campaign hopes to raise $196,608 to clean up the Lavabit secure webmail source code and build in the Dark Mail protocol. The campaign would also fund development of the first Dark Mail clients for numerous platforms, including Windows, OS X, Linux, iOS, and Android. Pledges for the campaign start at $25, which will give you access to the project’s official binary package for the apps and the Lavabit webmail code.  Pledges of $1,000 and up also give you access to the binaries in addition to technical assistance and a limited edition polo shirt.

NSA-resistant Android application…

Silent Circle, a company specializing in encrypted communications, released a messaging application for Android devices that encrypts and securely erases messages and files.  The application, called Silent Text, lets users specify a time period for which the receiver can view a message before it is erased. SilentText2It also keep the keys used to encrypt and decrypt content on the user’s device, which protects the company from law enforcement requests for the keys.  Silent Circle, whose co-founder is encryption expert Phil Zimmerman, abandoned its privacy-focused email service in early August following leaks by former NSA contractor Edward Snowden detailing the U.S. government’s vast electronic surveillance efforts.

How it works – The Silent Text application generates a new encryption key for each new message. The key is then destroyed “so even if your device is examined, there are no keys to be had after the conversation is complete,” according to the company’s website.  Only the sender and receiver can view a message. If it was intercepted in transit, it would be unreadable unless the interloper could obtain the encryption key or use brute-force computing power to decrypt the content.  The “Burn Notice” feature lets the sender set a time for a text, video, voice recording or picture to be erased from the recipient’s device. The sender can also recall or destroy previously sent messages. It supports files up to 100 MB.  Although I’ve been reading mixed reviews about the app and I’m not sure if casual users would be willing to pay the services fees, This sounds pretty cool.  I especially like the fact that the keys are stored on the device.  Here at the Villainous VooDoo, we take our privacy seriously and welcome tools such as Silent Text available to the general public.  Hopefully, in the near future we  can begin seeing such apps offered free.  Doom on you, NSA.

Encryption App Silent Circle Shuts Down…

The communications encryptions firm ‘Silent Circle’ chose to shut down it’s e-mail service as one if its competitors ‘Lavabit’ recently shut down it’s core email service.  Lavabit cited that he had been the subject of a U.S. government investigation and gag order.  It appears the NSA came knocking and instead of fighting for our disappearing privacy rights, Lavabit decided to fold.  Silent-Circle-screenshot5Co-founder and CTO Jon Callas said in a blog post Friday that Silent Circle’s e-mail service had “always been something of a quandary for us.” This, in spite of the fact that one of Silent Circle’s other co-founder is Phil Zimmermann, inventor of the popular e-mail encryption software PGP.  Electronic mail uses standard internet protocols that cannot have the same security guarantees that real-time communication has, Callas said. “Email as we know it with SMTP, POP3, and IMAP cannot be secure.”

“We’ve been thinking about this for some time, whether it was a good idea at all. Yesterday, another secure email provider, Lavabit, shut down their system lest they ‘be complicit in crimes against the American people.’ We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail.”  Callas said Silent Circle had not received subpoenas, warrants or anything other similar request from any government. The company had been debating what to do about its email service for weeks, and up until Friday was ready to phase the service out so that it would continue for existing customers. “It is always better to be safe than sorry,” Callas said.  What he meant was “…better whipped and submissive than free…”

Friends, this is truly sad.  On a daily basis, I see our rights and liberties evaporating due to the efforts of our government and it’s agencies that LIE to us and SPY on us, all under the banner of Social Reform.  This post show that a society that fears and distrusts it’s own leaders cannot thrive.  Had enough yet?

UPDATE – 08/15/13 – Monterey-based Privato Security sped up the launch of its email service.  “I think it is a golden opportunity for us,” CEO Neal Smith, 68, said Tuesday.  Privato works by sending an email to a cloud server, an Internet-based storage system, where it stays — heavily encrypted — until the recipient downloads it, instantly deleting it from the server.  Check it out.

UPDATE – 08/16/13 – NBC reports that senior US Attorney James Trump sent Lavabit founder Ladar Levison and his lawyer a veiled arrest threat when Levison shut down his private email service (used by NSA leaker Edward Snowden) rather than comply with a secret order to spy on his customers.  More interesting reading on the subject here.

UPDATE – 08/23/13 – Ladar Levison, the owner of the now-shuttered encrypted email service used by Edward Snowden said that he will continue to defend online security free of government surveillance, hopefully with success in courts or a possible move of his company overseas.

UPDATE – 08/29/13 – Usage for Tor doubles in wake of secure email shutdowns.

UPDATE – 09/16/13 – Interesting reading on the subject.

  • Ads