dslreports logo
site
spacer

spacer
 
   
spc
story category
Another Secure E-mail Provider Chooses to Shut Down
by Karl Bode 02:40PM Friday Aug 09 2013
Yesterday secure e-mail operator Lavabit announced they were closing up shop, strongly hinting they'd been forced via Patriot Act to not only spy on customers, but were gagged from talking about. Instead of offering a compromised service that didn't really provide what it claimed, they chose to shut down. Now Silent Circle, another secure e-mail provider, has decided to partially follow suit.

In a notice posted to the company's website, Silent Circle co-founder and CTO Jon Callas explains they'd been thinking about shutting down their secure e-mail offering for some time. Unlike Lavabit they did not receive demands or gag orders from government, but they're seeing the "writing on the wall" in terms of being able to offer secure e-mail effectively:
quote:
Silent Mail has thus always been something of a quandary for us. Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has. There are far too many leaks of information and metadata intrinsically in the email protocols themselves. Email as we know it with SMTP, POP3, and IMAP cannot be secure.

And yet, many people wanted it. Silent Mail has similar security guarantees to other secure email systems, and with full disclosure, we thought it would be valuable.

However, we have reconsidered this position. We've been thinking about this for some time, whether it was a good idea at all. Today, another secure email provider, Lavabit, shut down their system lest they “be complicit in crimes against the American people.” We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.
Silent Circle says they will continue to offer their Silent Phone, Silent Text and Silent Eyes services since they're end-to-end secure. Customers of Silent Circle (which include the ACLU) are slightly annoyed in that Silent Circle gave them no warning before closing up shop and destroying all of the data involved in their secure e-mail service offering. "Gone. Can’t get it back. Nobody can," the company tells the New York Times. "We thought it was better to take flak from customers than be forced to turn it over."

Clearly the government's rabid expansion of surveillance power and disregard for the law and Constitution is having more than a small impact on U.S. businesses, the smaller and more ethical of which are making it known they'd rather shut down than be gagged and forced to lie to their subscribers.

view:
topics flat nest 

FFH
Premium
join:2002-03-03
Tavistock NJ
kudos:5

If so worried about gov't intrusion, why did they keep .....

If they were so worried about gov't intrusion, why did they keep their other secure services: Silent Phone, Silent Text and Silent Eyes?

Rather than security concerns and some type of protest against the gov't, which Silent Circle has admitted has made zero demands for their customers info, maybe they are just killing off an unprofitable service.
--
"If you want to anger a conservative lie to him.
If you want to anger a liberal tell him the truth."

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

Re: If so worried about gov't intrusion, why did they keep .....

said by FFH:

If they were so worried about gov't intrusion, why did they keep their other secure services: Silent Phone, Silent Text and Silent Eyes?

Rather than security concerns and some type of protest against the gov't, which Silent Circle has admitted has made zero demands for their customers info, maybe they are just killing off an unprofitable service.

If any demands were made, they wouldn't be able to say. They didn't let it get to that point.

Not profitable? Pure speculation on your part.
--
"We're going to start at one end of (Fallujah), and we're not going to stop until we get to the other. If there's anybody left when that happens, we're going to turn around and we're going to go back and finish it."
Lt. Col. Pete Newell: 1st Inf. US Army
en103

join:2011-05-02

Re: If so worried about gov't intrusion, why did they keep .....

Didn't you read the full info - those services are 'end to end secure'.
App services like email require a host - which can be compromised.
Skippy25

join:2000-09-13
Hazelwood, MO

1 recommendation

Because once you receive a court order you are then 100% required to maintain everything covered by that order.

As they stated, they have not received any such court order thus can shutdown and destroy 100% of their data with no fear of being prosecuted for it.

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

Re: If so worried about gov't intrusion, why did they keep .....

Exactly right.

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

What a sad state of affairs...

Look what's happening now... It's pathetic.

"Candidate" Obama should run against "incumbent" Obama.... oh wait....
Tiger51

join:2008-08-05
Miami, FL

1 recommendation

Re: What a sad state of affairs...

Your buddy George W was the architect of the Patriot Act, maybe he should get some blame.

elios

join:2005-11-15
Springfield, MO

1 recommendation

Re: What a sad state of affairs...

Obama has had 2 chances to kill the Patriot Act and he renewed it both times
both are to blame
en103

join:2011-05-02

Re: What a sad state of affairs...

I agree.

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

1 recommendation

I guess there's only so much "change we can believe in".... Haven't heard that phrase in a while.

Forward... off a cliff.

Funny how you think George W's still president... Obama owns this. Can't spin your way out of that one.

--
"We're going to start at one end of (Fallujah), and we're not going to stop until we get to the other. If there's anybody left when that happens, we're going to turn around and we're going to go back and finish it."
Lt. Col. Pete Newell: 1st Inf. US Army
Cogdis

join:2007-03-26
Floral Park, NY

Re: What a sad state of affairs...

said by IPPlanMan:

Funny how you think George W's still president... Obama owns this. Can't spin your way out of that one.

No they both own it. Bush started it and Obama continued it. Both parties in our 2 party system are corrupt.

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

Re: What a sad state of affairs...

It's funny how people continue to fault Bush to justify whatever actions Obama takes or doesn't take.

George W. Bush, the president of perpetual fault. It's frankly amusing to watch the hero worship of Obama. The man who talks about "Washington" as if he's not actually the current President: A level of narcissism that we've never seen before.

Obama can blame himself for what he inherited from himself.
--
"We're going to start at one end of (Fallujah), and we're not going to stop until we get to the other. If there's anybody left when that happens, we're going to turn around and we're going to go back and finish it."
Lt. Col. Pete Newell: 1st Inf. US Army

KrK
Heavy Artillery For The Little Guy
Premium
join:2000-01-17
Tulsa, OK

1 recommendation

Re: What a sad state of affairs...

It's funny how people also strictly focus on Obama and leave their party out of it. It feeds into their ideology that although both are bad, theirs is "better" and therefore they are comfortable with supporting their (R). In this they are dead wrong, they should be pushing to overthrow their (R) party as much as they rail against the (D) party.
--
"Fascism should more properly be called corporatism because it is the merger of state and corporate power." -- Benito Mussolini

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

Re: What a sad state of affairs...

said by KrK:

It's funny how people also strictly focus on Obama and leave their party out of it. It feeds into their ideology that although both are bad, theirs is "better" and therefore they are comfortable with supporting their (R). In this they are dead wrong, they should be pushing to overthrow their (R) party as much as they rail against the (D) party.

Considering Obama's now a two term president, the focus on him is completely appropriate. He's been a monumental failure in this respect, to a degree that will take history to fully appreciate. No excuses. He owns this now... all of it.
--
"We're going to start at one end of (Fallujah), and we're not going to stop until we get to the other. If there's anybody left when that happens, we're going to turn around and we're going to go back and finish it."
Lt. Col. Pete Newell: 1st Inf. US Army

tshirt
Premium,MVM
join:2004-07-11
Snohomish, WA
kudos:4
Reviews:
·Comcast

Re: What a sad state of affairs...

Well, a term and a bit president, the fat lady isn't even warming up yet, and KrK See Profile is correct in spreading blame across the republican party, too many of whom would rather do NOTHING rather than do anything with Obama.
Your intense and repeated negativity towards him demonstrates part of the problem.
The Republican PARTY's internal dysfunction is hampering any positive efforts by anyone, ALWAYS saying NO! is not negotiation, and is neither leadership nor thoughtful governance, and will not result in a better America, just a more bitter and more weary public.

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

Re: What a sad state of affairs...

"Don't just stand there, do something?"
What's wrong with "Don't just do something, stand there"?

The Republican party is entitled to do whatever it wants to.
Who says they have to negotiate about anything?

Them not "negotiating" on their principles doesn't change who's the president and what party he's from. That truth is tough to swallow for some because Obama's been put up on such a pedestal.

The larger the ego balloons, the louder it pops...

I'd say the fat lady's already on stage... Much sooner than anyone anticipated.
--
"We're going to start at one end of (Fallujah), and we're not going to stop until we get to the other. If there's anybody left when that happens, we're going to turn around and we're going to go back and finish it."
Lt. Col. Pete Newell: 1st Inf. US Army
HeadSpinning
MNSi Internet

join:2005-05-29
Windsor, ON
kudos:5

3 recommendations

Re: What a sad state of affairs...

Keep arguing. When are you all going to stop being Republicans or Democrats and start being Americans? Interesting vantage point, living next door... geesh.
--
MNSi Internet - »www.mnsi.net

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

Re: What a sad state of affairs...

Really? How does one "be" an American?
HeadSpinning
MNSi Internet

join:2005-05-29
Windsor, ON
kudos:5

Re: What a sad state of affairs...

said by IPPlanMan:

Really? How does one "be" an American?

Apparently, you're demonstrating the current state of affairs perfectly.
--
MNSi Internet - »www.mnsi.net

KrK
Heavy Artillery For The Little Guy
Premium
join:2000-01-17
Tulsa, OK
Just keep voting for your (R) and keep telling yourself it's much better.
Cogdis

join:2007-03-26
Floral Park, NY
said by IPPlanMan:

It's funny how people continue to fault Bush to justify whatever actions Obama takes or doesn't take.

George W. Bush, the president of perpetual fault. It's frankly amusing to watch the hero worship of Obama. The man who talks about "Washington" as if he's not actually the current President: A level of narcissism that we've never seen before.

Obama can blame himself for what he inherited from himself.

I didn't fault Bush to justify Obama, I faulted Bush AND Obama. Like I said both parties are corrupt and they both share fault.

IPPlanMan
Holy Cable Modem Batman

join:2000-09-20
Washington, DC
kudos:1

Re: What a sad state of affairs...

Only one party has a President now. That doesn't require any equivocating.

battleop

join:2005-09-28
00000
Bush is retired. He doesn't "own" shit anymore.

tshirt
Premium,MVM
join:2004-07-11
Snohomish, WA
kudos:4
Reviews:
·Comcast
said by Tiger51:

Your buddy George W was the architect of the Patriot Act, maybe he should get some blame.

GWB took the blame, the Cheney gang pushed most of the buttons.

battleop

join:2005-09-28
00000
Can't keep blaming Bush when Barry has 5+ years to fix it. Remember he ran on "fixing" this stuff.
--
I do not, have not, and will not work for AT&T/Comcast/Verizon/Charter or similar sized company.

StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

They're exactly right

said by Silent Circle :

There are far too many leaks of information and metadata intrinsically in the email protocols themselves. Email as we know it with SMTP, POP3, and IMAP cannot be secure.

Exactly. You can encrypt the body of email but both the sender and receiver(s) must be able to deal with that. Most people don't bother doing it.

What you can do is send/receive email between a client (PC/Tablet/phone/etc) to/from a server using an encrypted connection. However it transverse the internet in plain text.
--
Don't feed trolls--it only makes them grow!
ISurfTooMuch

join:2007-04-23
Tuscaloosa, AL

Re: They're exactly right

Well, if you trust the app developer to write a secure app, then you can encrypt the message contents from end to end. However, the routing information has to be in the clear; otherwise, the message can't be delivered.

There's nothing inherently wrong with the current e-mail delivery system. Sure, some will say that a new system could encrypt delivery information so it's only readable to the sending and receiving mail servers, but if the government can essentially demand access to those servers, then encryption does you no good. In that case, the only encryption that matters is true end-to-end encryption using a mail client installed on the computers, tablets, etc.

However, the best cure for these shenanigans is a high-profile court case. Someone needs to stand up and say no, they refuse to bend over for these kinds of demands and dare the government to take them to court. For that to happen, the EFF and ACLU need to get together, round up some really good attorneys who will take the case either pro bono or for whatever money these two organizations can pay (so there's no cost to the client) and then post a hypothetical scenario where they'll jump into action, then wait to be contacted by someone. Basically, these groups and their legal team need to fully back the client all the way to the Supreme Court. Make the thing as high-profile as they can get away with. Do that, and I bet you'll see the feds back off of this shit.

mackey
Premium
join:2007-08-20
kudos:8

Re: They're exactly right

said by StuartMW:

However it transverse the internet in plain text.

said by ISurfTooMuch:

However, the routing information has to be in the clear; otherwise, the message can't be delivered.

So much misinformation in this thread....

As someone who runs a mail server, I can assure you it is possible to have end-to-end encryption with e-mail. However, both/all servers must support it. SSL encryption (the same encryption used for https: websites) between servers has been around for years, yet gmail is the only large provider using it from what I can see in my logs.

Aug  5 16:01:06 postfix/smtp[25620]: setting up TLS connection to gmail-smtp-in.l.google.com[2607:f8b0:4002:c01::1a]:25
Aug  5 16:01:07 postfix/smtp[25620]: Trusted TLS connection established to gmail-smtp-in.l.google.com[2607:f8b0:4002:c01::1a]:25: TLSv1 with cipher RC4-SHA (128/128 bits)
Aug  5 16:01:11 postfix/smtp[25620]: <snip>: to=<<snip>@gmail.com>, relay=gmail-smtp-in.l.google.com[2607:f8b0:4002:c01::1a]:25, delay=5.3, delays=0.26/0.27/0.22/4.6, dsn=2.0.0, status=sent (250 2.0.0 OK <snip> <snip> - gsmtp)
 

So, in this case, my e-mail client connects to my server using encryption (IMAPS), my server then uses encryption to send it to gmail (SMTPS), and gmail clients use encryption when viewing the message (HTTPS). The only way any sender or recipient info, other then the recipient's domain name (which can be sniffed from the DNS lookup), can be discovered is if either my or gmail's servers are compromised.

/M

StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

1 edit

Re: They're exactly right

Your example simply shows that when you send (or receive) email from the Gmail server the connection is encrypted. I said that

said by StuartMW:

What you can do is send/receive email between a client (PC/Tablet/phone/etc) to/from a server using an encrypted connection.

Now if the email leaves Gmail's servers--that is transverse the internet to, say, Yahoo it will be in plain text (the body of the message could be encrypted).

On the other hand if another Gmail user reads an email, via an encrypted connection from the same server you sent it to (i.e. it never transverse the internet) then in theory it may never appear in plain text (depending upon how Google stored it etc).

The point is that email does not generally go from sender to receiver but via a series of intermediate servers. Those servers must be able to read the headers which is why they're in plain text. As for the body the servers don't care so they can be encrypted or not.

quote:
Today's email systems are based on a store-and-forward model. Email servers accept, forward, deliver, and store messages. Neither the users nor their computers are required to be online simultaneously; they need connect only briefly, typically to an email server, for as long as it takes to send or receive messages.

»en.wikipedia.org/wiki/Email




»blog.hostbaby.com/2010/08/email-···elivery/
--
Don't feed trolls--it only makes them grow!

TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless

Re: They're exactly right

There is no reason why "How Email Appears to Work" can't be "How Email Really Works".

I run my own Email server on my home network and send direct to MX outbound. A few (very few) folks I email also have their own SMTP server, so for us, "How email Appears to Work" is indeed the way it does work.

Of course, there is a monetary price for this privacy. But then, there is always a price for everything in life. If you want "free" monetarily, you will pay with privacy. If you want privacy, you will pay with money. The fallacy is that you can have both!

If you use any of the "free" email services, you are paying for it with your privacy, and that is your choice, only stop complaining about it! Nothing is "FREE"!!

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"

ISurfTooMuch

join:2007-04-23
Tuscaloosa, AL
Ah, didn't realize that was possible. However, as you said, this assumes that none of the e-mail servers are compromised. And, if the government comes calling, congratulations, your server has just been compromised.

Rambo76098

join:2003-02-21
Columbus, OH

Overseas

Sounds like secure services are going to have to move operations and servers overseas to continue operations outside of the jurisdiction of the NSA/FBI etc.
firedrakes

join:2009-01-29
Arcadia, FL

Re: Overseas

wont help. usa will bitch and whine and the country will allow them to take it down

Camelot One
Premium,MVM
join:2001-11-21
Greenwood, IN
kudos:1

1 recommendation

said by Rambo76098:

Sounds like secure services are going to have to move operations and servers overseas to continue operations outside of the jurisdiction of the NSA/FBI etc.

By being overseas, all data to and from them then falls under perfectly legal NSA snooping programs.
--
Intel i7-2600k /ASRock P67 Extreme4 /4x 4Gb G.Skill /2x Intel 510 series 250Gb SSD /3x WD20EADS 2TB /2x PNY GTX 260 /Silverstone 850W /Custom water cooler /Antec Twelve-Hundred

CosmicDebri
Still looking for intelligent life

join:2001-09-01
Port Saint Lucie, FL

Why are we getting the same story 2 days in a row?

This is a trend I've noticed for quite awhile actually....... this particular story was the last item from yesterday and that is happening all the time.....

Can't be a shortage of news....
--
Follow Your Bliss -- Joseph Cambell
I reject your Reality and substitute my own! -- Adam Savage, Mythbuster
TBBroadband

join:2012-10-26
Fremont, OH

Re: Why are we getting the same story 2 days in a row?

I think its the reporters doing. At times it even removes the comments and reposts right away the next day as well. And its happened well before moving to the cloud.

meeeeeeeeee

join:2003-07-13
Newburgh, NY
said by CosmicDebri:

This is a trend I've noticed for quite awhile actually....... this particular story was the last item from yesterday and that is happening all the time.....

Can't be a shortage of news....

While articles of importance seem to be recycled (kicked-up) every once in a while, this is a new article (key word "another") that I suspect we'll be seeing more and more with key words "and yet another".
--
"when the people have suffered many abuses under the control of a totalitarian leader, they not only have the right but the duty to overthrow that government." - The U.S. Declaration of Independence

batterup
I Can Not Tell A Lie.
Premium
join:2003-02-06
Netcong, NJ

Neard shack too.

I had email form both and wondered why they stopped working. I even used one for a banking account. I guess you get what you pay for. Paperless billing, never again; thank you Barry.

This form the owners of Lavabit; he states he is gagged from saying he had to close.

»lavabit.com/

Mikesco

@charter.com

What we need is

A standard e-mail program that splits an optionally encrypted message randomly through multiple servers maintained by different providers into essentially a hundred e-mails and mails them off over a period of say 5 minutes and at the receiving end is able to glue them back together. That may still not be fool proof but at least would make things much more difficult.

batterup
I Can Not Tell A Lie.
Premium
join:2003-02-06
Netcong, NJ

Re: What we need is

said by Mikesco :

A standard e-mail program that splits an optionally encrypted message randomly through multiple servers maintained by different providers into essentially a hundred e-mails and mails them off over a period of say 5 minutes and at the receiving end is able to glue them back together. That may still not be fool proof but at least would make things much more difficult.

The CIA Director and his paramour thought they had it figured out, they NEVER sent one email; they used one account and just read the never sent drafts. I wonder if the NSA, sent the DEA information that was forwarded to the FBI who busted the CIA.

This is like one of those 60s spy movies; I know who is really behind this "TPC".



ARGONAUT
Have a nice day.
Premium
join:2006-01-24
New Albany, IN
kudos:1

Mega will have encrypted email 2014

CLOUD STORAGE MAGNATE Kim Dotcom has promised to release his secure encrypted email system next year.
Dotcom's Mega mail will keep communications between users secure, he claims, and unintelligible to PRISM snoopers at the US National Security Agency (NSA).
"#Mega's open encrypted email service outside of #NSA reach will change the way people use email forever. You'll see. Coming 2014," he said on Twitter.

»www.theinquirer.net/inquirer/new···-in-2014

Hella Yes.
--
Dogs have masters. Cats have staff.
nltech

join:2007-06-13
West Haverstraw, NY

No change in policy until...

The only way this will change is if people would stop voting for Progressives and Neo-Conservatives in either party. True liberals, Conservatives and Libertarians would never stand for such policy.

batterup
I Can Not Tell A Lie.
Premium
join:2003-02-06
Netcong, NJ

Re: No change in policy until...

said by nltech:

The only way this will change is if people would stop voting for Progressives and Neo-Conservatives in either party. True liberals, Conservatives and Libertarians would never stand for such policy.

Huh?