The Lesson of Lavabit

An implication of undeliverable security painted a bullseye…Post’s Permalink

On Thursday, August 8th, Ladar Levison, the owner and operator of the semi-secure Lavabit.com eMail system, shut down his nearly ten year old service rather than be forced to continue to comply with United States law enforcement demands for the disclosure of personal and private information belonging to his service’s clients. The Lavabit web site now simply displays this notice:

My Fellow Users,

I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on–the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.

What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me resurrect Lavabit as an American company.

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.

Sincerely,
Ladar Levison
Owner and Operator, Lavabit LLC

Defending the constitution is expensive! Help us by donating to the Lavabit Legal Defense Fund here.

What is the lesson of Lavabit?

When news first surfaced about Edward Snowden’s presumptive use of Lavabit’s eMail service for his eMail communication the assumption was that it was somehow “secure.” So I researched the nature of the service that was being offered, and I was not impressed. The trouble was, it was making a lot of noise about security, but as an eMail store-and-forward service it didn’t (and couldn’t) really do anything that was very useful from a security standpoint: Ladar had arranged to encrypt and store incoming eMail to a user’s inbox in such a fashion that his service could not then immediately decrypt the eMail. It would not be until the user logged in that the Lavabit servers would be able to derive the decryption key in order to forward the then decrypted eMail to the user.

As you can see, while this did offer somewhat useful encryption of data-at-rest, it didn’t actually offer his users any real protection because both incoming and outgoing eMail would necessarily be transmitted in the clear.

This architecture would, therefore, inherently expose the Lavabit service, its servers, its owners, and thus its users’ data to law enforcement demands. Which, it seems clear, is exactly what happened. Ladar made his service a target by offering “security” that wasn’t actually secure. (And how very wrong is it that he cannot even share the exact nature of the demands that were made upon him?!)

I am impressed that Ladar chose to shutdown his service rather than continue to promise something that he now unequivocally knew was no longer secure in the face of law enforcement’s quasi-legal incursions. It would have probably been better if he hadn’t attempted to offer security that was beyond his ability to provide.

During my weekly Security Now! podcast with Leo Laporte, we use the acronym “TNO” (Trust No One) to refer to any system where readily available cryptographic technology is properly employed in such a fashion that it is not necessary to trust the behavior of any third party. Unfortunately, without going to extraordinary lengths (e.g. S/MIME, PGP, GnuPG, etc.), today’s eMail technology is resistant to the TNO principle.

In coming weeks our Security Now! podcast will be delving deeply into the ways and means of producing true TNO eMail security.

Steve's Sig

This entry was posted in Uncategorized. Bookmark the permalink.

103 Responses to The Lesson of Lavabit

  1. A says:

    This would make me curious about the email system I use, which is a hosted exchange with the clients connecting over HTTPS. at first glance this would indicate that mail from/to clients on the same system would be secured inside the HTTPS tunnel…

    • Steve Gibson says:

      Yes… except when stored. When stored, the “mail at rest” would still be vulnerable. The ONLY WAY to have secure TNO eMail is for the originating client to securely encrypt the message before it leaves the local machine… and for the recipient to decrypt after the (encrypted) message has been delivered.

      /Steve.

  2. Looking forward to some episodes on secure email solutions. Thanks Steve

  3. Great summary, and the additional insight is fascinating.

    In New Zealand, the government is currently forcing through very similar legislation to the Patriot Act at the request of the US government. We can only hope there’s a better balance struck between needs of the state and individual, because clearly what’s happening in the US isn’t sustainable.

  4. -A says:

    @A: Security of HTTPS assumes your CA/PKI-provider isn’t “compromised”. These days your own corporate CA is the only safe option. It’s been well covered that US based CAs are very likely to have been “compelled” to hand over keys.

    @Steven: Essentially what you say is that anyone within US law enforcement claiming to be able to provide security under 1st/4th amenedment terms are selling something they cannot guarantee. That is either a) sad, b) nihilistic view of the US laws on hand, c) honest, d) all.

    • Steve Gibson says:

      I’m unsure whether “@Steven” was meant for me, but if it was: No, that’s not what I’m saying. Effectively uncrackable crypto technology is free, secure, and readily available. Historically, eMail users haven’t cared much about the security of their eMail exchanges. And many still won’t. That’s fine. But it seems likely that many people who object to the PRINCIPLE of our government (or any government) recording and sifting through everything they communicate will become interested in means to protect their eMail from such prying eyes. The good news is, it’s quite possible and it will doubtless become easier as the demand for it makes it more ubiquitous.

      /Steve/

      • -A says:

        Point taken, a) still stands, given the nature of what seems to be the nature of the closure.

      • I hope demand comes sooner than later. It is still somewhat contrived to set up your own keys. I employ OpenGPG with Apple’s OS X Mail. It was easy to setup, in fact, very easy. The difficult part is persuading others to use it. This is what frustrates me. For myself, it is a matter of principal but it would appear that few are bothered to turn 180 from the standard ‘I have nothing to hide’ motto.

        • Crypto comes and goes, it seems. I’ve been playing with PGP since 1996 but on and off…mostly off. Back then (pulls up rocking chair) there was no easy-to-use interface. But PGP WAS easy to use once You Got The Hang Of It. So the answer to Why don’t more people use secure email is to use secure email more. If you build it, they will…encrypt. First thing to do is advertise your public key with a plain English explanation nearby. Nothing scary. Nothing like Geek Code. Ask for it, and include it where possible. Until it becomes the norm, it will be abnormal–but that’s how it works in the world.

          Freedom to be secure in our persons and our activities is guaranteed, but We have toTake the Action to ensure it.
          Ken 0xE2557AA7
          I love my country, and ALL its freedoms.

  5. Clay Thomason says:

    Is there an email service that is as easy and secure as LastPass? PGP is a pain.

  6. Thank You very much, Steve – – I had some of  the Oracle programs on my computer, and had just received an update.  Never used them anyway, don’t know why I hadn’t gotten rid of them years ago.  Afraid our Country is in some deep do-do!   Best regards, Stan Garrett

    ________________________________

  7. frod says:

    Steve, you should check out countermail….they stand by the principles you suggest.

    By the way, watch show live every week.

    Frod

  8. The Real Nirv says:

    Steve, thank you for addressing this story.

    For the sake of exploring the ‘lessons’ a little further, let’s put aside the security claims Lavabit made versus true TNO. It’s amazing to me that the citizens of the United States of America are witnessing their constitution erode. As Ladar Levison put it himself, “without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.”

    It’s unclear if his statement to recommend anyone trusting their private data to US based companies is in retaliation to his predicament or not but regardless, it does raise the question of the small developer suddenly finding themselves much more powerless than the Apple’s and Google’s of the day when facing ‘charges’ or one of his user(s) are facing charges Apple, Google and gang, as per the PRISM collective ‘partners’ are not shutdown on some suspicion. This is quite unheard of. It also raises the question, should users trust US based companies who offer cloud services going forward? This is very damaging to the ‘cloud’ in the US.

    Unless I have gone off the deep-end, in my mind, the lava bit dilemma raises many questions.

    • Steve Gibson says:

      My position comes purely from a technology perspective. It’s really pretty simple and clear: Since we have readily available unbreakable crypto technology, it’s not necessary for us to trust anyone at all — ISP, Cloud Storage Provider, etc. We merely need to use the technology that’s already well developed and available. :)

      /Steve.

      • The Real Nirv says:

        The purely technological focus prescribed by your blog is precisely why I follow your work. The comments I made were in lieu of an intersection technology finds itself on.

        Without elaborating further, I would naturally conclude and agree that TNO is the ‘toolbox’ that can dilute a government’s ill efforts.

        I eagerly look forward to further blog posts and especially upcoming episodes of SecNow! As I understand it, you will be dissecting email security/privacy.

        Thank you for not letting politics get in the way, my comment would have failed had you done so, and for sharing your tremendous insight, time, research, and so much more.

        Alex

  9. frod says:

    countermail.com is setup just like lastpass….

  10. Margit says:

    Dear Steve,

    Thank you. I am a great admirer of your work

    I have donated to his fund. I have not trusted any government since 1939. ( I was 9)I am a holocaust survivour

    Margit

    • The Real Nirv says:

      I can see why you wouldn’t trust any government, especially after surviving. It’s good on you to support Lavabit’s plan to defend the US constitution.

      Lest not forget that terrible war and all the lives it cost.

  11. Andrew S says:

    Steve your lavabit.com link at the top of the article is a little wonky.

    • Andrew S says:

      Ignore my comment seems fixed now.

      • Steve Gibson says:

        Thanks. I received a tweet mention a few minutes ago that said the same thing. WordPress had helpfully added an extra “http://” and I had failed to test it. So thanks. :)

        • Andrew S says:

          Steve I have been using your forensic cookies analyser on your site and was rather shocked to see that even at version 10 Internet Explorer is still leaking information.

  12. Nice article Steve. I see hushmail chose the other path: http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/

    I created a small service for those who wish to only transfer one time bits of information securely over the web but find encrypted email is overkill, It’s called NoteShred (https://www.noteshred.com)

    It doesn’t comply with Steves “TNO” policy, but it can be useful for the one time transfer of passwords to a client or ad hoc information like IP addresses or server info.
    This is what I created it for.
    As with anything on the web, use your best judgment on how to use it.

  13. Mark Head says:

    —and the never ending question of how safe it is to use Facebook and twitter message system is still a question. It would be nice to hear some commentary

  14. Jonathan says:

    I just saw this:

    SilentCircle is shutting their mail system down as well:

    http://silentcircle.wordpress.com/2013/08/09/to-our-customers/

    • The Real Nirv says:

      This just keeps getting ‘fill in the blank’ by the minute.

    • Steve Gibson says:

      Thanks Jonathan! If people here read the Silent Circle position carefully, you’ll see that they are essentially echoing what I wrote in this blog posting earlier today: eMail is really quite resistant to security. The ONLY solution is end-to-end client-to-client encryption. And that requires robust endpoint authentication to prevent man-in-the-middle interception. And robust authentication is a pain in the butt for typical end users. (It’s what web sites go through with certificate authorities and it’s a pain for us!)

      /Steve.

  15. Steve, I am the developer/owner of ThreadThat dot com. I too used a similar security model. I allow users to choose their own pass key(s) which the code uses to encrypt a system-generated pass key which is used to encrypt threaded conversations transmitted over SSL and encrypted at-rest. The user-defined pass keys can be stored in a KeyBox that is also encrypted using the user’s plain-text password. Passwords are stored as MD5 hashes in the database. The use of a KeyBox is purely a convenience. Users do not need to enter their pass keys every time they want to access an encrypted thread. If users choose not to store their pass keys in a KeyBox, then a “back door” that captures their plain-text password would be useless because it would only get someone into the account, but not allow their threads to be decrypted.

    I am concerned about this turn of events. To see that Silent Circle has also decided to shut down their recently launched Silent Mail makes me wonder how long I will be able to keep TT available. I offer the service for free and cannot afford to pay court costs to defend my users.

    Matt S

  16. Pingback: Lavabit schließt über Nacht - mkln.org

  17. While CounterMail is doing a nice job, one shouldn’t forget that all traffic passing Sweden’s border is subject to the surveillance from the F.R.A. http://en.wikipedia.org/wiki/National_Defence_Radio_Establishment_(Sweden), who seems to be working together with the US government quite a bit.

    PS. I’ve been listening to Security Now for years, love the show! =)

    • Simon says:

      It does not matter, the whole point with strong cryptography is that they can listen as much as they want, they still can’t decrypt the data without the password & private key. That’s why “they” are shutting down US-based encrypted email services, they already listen on them, but they can’t read the data.

      • Yes, that’s true – the body of the emails will be safe.

        There is a potential problem however, and that is that the swedish police raided the data centre hosting The Pirate Bay a couple of years ago, because the US wanted it taken down (proven by wikileaks, but I don’t have the link).

        If they were to do the same thing to CounterMail, the service would be shut down and the SSL keys would probably end up in the hands of the F.R.A. Which would give them the ability to extract meta data from all of their captured traffic.

        • Simon says:

          It’s one big difference, TPB violated the copyright law in Sweden (according to the prosecutor and the court). Countermail do not violate any law in Sweden. As you write, the body (and attachments) will still be encrypted. Many people do not understand that a private PGP-keyring is almost useless without the password, if the password is good it’s not possible to extract the raw private key, within reasonable time.

          • They were -accused- of breaking the copyright law. That’s all it took to persuade the decision makers to move forward and seize all TPB equipment (as well as some other servers, which had nothing to do with TPB). What happens if the US plays the terrorist-card; and demands that the swedish government shuts down CounterMail? Will it be the same thing all over again? I’m not saying that CounterMail is a bad solution, or that it’s not secure atm – I’m just saying that due to some weak-minded politicians in this country, things can go bad pretty quickly.

        • Frod says:

          if I pay anonymous with prepaid credit card, they dont record ip, and use usb / pgp….I say FRA can have fun trying

          https://countermail.com/?p=mitm

        • The Real Nirv says:

          That’s a great point. In extension, someone earlier posted a comment that in the case of PGP the private key can be subpoenaed. I am not a lawyer but if we follow the course of events that are unfolding, it might be safe to assume, that the government could order the private keys to be handed over. PS I should add that assumptions are generally not a good thing.

          • Frod says:

            the private key, username, password is stored local on usb….its all right on website, in the FAQs, how it works. I’ve spent the time to read the whole site.

            • The Real Nirv says:

              Hello Frod

              I sincerely appreciate the knowledge you shared. I too will devote some time and read through all their documentation. Thanks again for sharing – it’s what makes this particular thread so interesting and valuable.

  18. I think it always boils down to what you are doing if you are served with the national security letter! Here I like TNO policy not even Steves side as everyone can be forced to hand over their private key credentials and being stopped to inform people about it.

  19. Peter Legor says:

    Kudos, Steve. It’s great to see that someone else in the security community is saying what needs to be said- that this is not a US host problem, but an engineering problem. Moving hosts overseas will not address the threat to user privacy. This is why I created Shrouder (which has yet to publish services) about a year ago and why Shrouder, in turn, set up http://www.NoTrust.org toward creating a rallying point for users and security professionals to drive meaningful change in our industry. Companies that purport to protect user privacy against “wholesale” attackers (including those leveraging local laws allowing them to demand server access- even under threat of host imprisonment) must commit to not releasing solutions unless they are provably secure against such threats, subject to ongoing verification of their security by every user (and the security community) in an automated way, and unless privacy is *strictly* under local user control (e.g., via-a-vis local-only access to and storage of private keys). Making such systems easy-to-use is the challenge that Web and software companies must meet. The existence of Prism and these voluntary shutdowns (which we should all applaud) only highlights the extent to which most companies’ claims regarding privacy protection on the web are “all sizzle and no steak”. It’s time for users to demand more of the companies that act as stewards of their data and communications,

  20. Michal Jay says:

    Steve,
    It certainly seems you were rightly concerned about your potential to be compelled into opening an encryption product to the US authorities–it’s definitely happening to US-based services, and apparently to services based in countries allied with the US like Sweden and potentially New Zealand. It also seems to be happening for purposes beyond National Security–such as copyright enforcement.

    The shutdowns of Lavabit and Silent Circle make me wonder two things: 1) maybe the NSA listens to your podcasts, and 2) have some other providers of truly or mostly secure services in the US and elsewhere *silently* caved to agency pressure without shutting down, allowing the insertion of equipment or code?

  21. Diabolik says:

    Ultimately i am for personal privacy. Yes i use encryption to secure my stuff, yet i do not feel my self as a criminal. I agree with Steve, and his position on this matter. we all need to raise as one and to defend strongly and firmly our right for privacy, or no one will do it for us. what they will do for us is to violate it more and more, IF we allow them to. Governments must understand that we have our rights, and that they must respect our rights. This is why i admire Ladar Levison’s actions, and i admire his courage to do so!

    • The Real Nirv says:

      Privacy and crime are not related…

      It should be noted that privacy is rightly so, a human right. The Universal Declaration of Human Rights, which the US and other states have signed clearly states:

      Article 12.

      No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

      source: https://www.un.org/en/documents/udhr/

      • richguymiller says:

        I love that you bring up the Universal Declaration of Human Rights regarding privacy. But I wonder about the wording. “No one should be subjected to arbitrary interference…” The qualifier “arbitrary” is opposite to “purposeful” interference. I’d agree with the UDHR in this case, but any government can claim that their interference is not “arbitrary,” it is “purposeful,” such as “protection of its citizens.”
        Definition of arbitrary, provided by Dictionary.com: “Based on random choice or personal whim, rather than any reason or system.”

        • Alex Santos says:

          Legal, constitutional, semanticity, purposefulness, and even ideological bias are probably all mixed up in this one vector … each party carrying their own “bits of business”.

          As Gibson highlights, technology is the answer.

          Rationality comes to mind. Being reasonable, responsible, respectful, tolerant and more, these are things I think all people try to embrace but sometimes, we get way ahead of ourselves, all due to fear. Thankfully there is redress.

          • Rationality SHOULD come to mind, tempered with being respectful and tolerant… of course. My comment was to the wording of the Universal Declaration of Human Rights. If dissected literally, it offers no particular hope in this case because the UDHR makes a stand against “arbitrary” interference. What my comment was referring to is interference with intent to gather intelligence for a crime as yet to be determined, which is not “arbitrary,” but very purposeful. That is still “interference” and I think a proper Declaration would include freedom from/ protection from regimes that dig for evidence of crimes where the only “real” crime is protecting yourself from prying eyes.

  22. John W Baxter says:

    Steve, your wisdom in shutting down the Cryptolink project has become even more clear than it was at the time you made the decision.

  23. Zed says:

    Steve, a while ago (ep 61) on the podcast you said “I’m not a PGP user because I just…” but you get cut off. So I guess my question is why not? Is running your own email server on your own hardware enough so satisfy your inner security geek? :)

  24. Diabolik says:

    Zed, Remember the old saying: the more you raise the bar, the least people will try to climb over it? Every gizmo you add, represents an attack surface. the fact that, today the gizmo of your choice does not have developed exploit, does not mean anything. tomorrow, next week or month, the same gizmo of your choice might be exploited. The good Wisdom says, that, you need to run only what you need to get your work done, and nothing else to minimize the attack surface.

  25. Wow, Steve, you really couldn’t be more vitriolic towards Lavabit!

    Without the details, I’m content to suppose that Lavabit were in fact a threat to your government, and that nobody is safe, including the users of PGP or S/MIME. Encrypted data at rest is still useful, so let’s push for that, and mandatory encryption of SMTP connections is still useful, so let’s push for that also. Users are no more safe without those while PGP and S/MIME present impossible hurdles for many ordinary people, and especially outside the US we are not exactly obligated to assist in the US surveillance regimes (at least, not officially). So, while I am hopeful that PGP or S/MIME (but IMO especially S/MIME, which actually has a reasonable chance of success) are eventually used more often, I think these services and the principles they stand for are still important.

    Meantime, be afraid. Be very, very afraid. :)

    Cheers,
    Sabahattin

    • >mandatory encryption of SMTP connections
      violates RFC 3207: “A publicly-referenced SMTP server MUST NOT require use of the STARTTLS extension in order to deliver mail locally. This rule prevents the STARTTLS extension from damaging the interoperability of the Internet’s SMTP infrastructure.”

      This suggests that STARTTLS MUST *forever* be optional.

      Yes, I think this is A Bad Thing too, definitely worth violating an RFC at the subscriber’s request. Unfortunately, my limited research revealed that about half of the major email providers DO NOT support STARTTLS on their inbound mail servers.

      But of course any solution that does not include end-to-end encryption cannot guarantee confidentiality. This is Steve’s main point. Lavabit’s problem is that they were trying to provide the convenience of server-side searches in a webmail client.

      Another point to be made by TNO is that any solution with a single point of failure cannot guarantee availability. See some of Lavabit’s customers asking for their email: https://lavabit.zendesk.com/entries/25140757-Requesting-my-mails

      A complete technical solution will include:
      1) end-to-end encryption performed on a reasonably secure client
      2) untraceable psuedonyms not tied to a single domain name — e.g. a Chaum mix network (need not be low-latency like Tor/I2P).
      3) robust multi-node storage — e.g. tahoe-lafs

      One legal caveat is that the service must be community-supported, like Wikipedia. Billing information associated with a subscriber account is very poorly protected in the US today.

  26. Stephen H says:

    So – I thought I’d post a comment here, but figured I’d want to use the secured version of the site. Problem – Chrome (or Windows 8) doesn’t trust the certificate! So do I accept an untrusted WordPress certificate, or just use the (totally) insecure page?

    And for those who seem to think “we can trust the government, this is to stop terrorists” – well no! It has already been revealed that other government agencies have been able to use what the NSA has gathered, while pretty much all government agencies WANT to use it. Then of course, you have to ask whether you trust the countries with whom security information is shared (UK, Australia, NZ – I’m writing from Australia).

  27. joseph hyde says:

    Steve

    Is there automated ‘One Time Pad’ software available?

    Thanks.

  28. Steven V says:

    mail.ru – why not?
    mail.yandex.com – but they have a physical presence in the US, so no.
    safe-mail.net – why not?

  29. Stevelf says:

    Makes me wonder how conceivable is the idea that someday people from the government would come knocking on my door demanding my private PGP keys?

    • Steve Gibson says:

      The most recent appellate court rulings have decided that an individual CANNOT be compelled against their will by court order to disclose a password that is stored IN HIS OR HER HEAD, because that would be tantamount to self-incriminating testimony, which is still well protected by the constitution. So the one thing you want to do is to use TrueCrypt to encrypt your system’s drive, using a very strong password — which you have some means of remembering. And then EVERYTHING it contains, including PGP keys, is protected.

      /Steve.

  30. Diabolik says:

    well the question is not will they come, they will, the question is when they will come. if they can’t crack it themselves, they will come knocking on your door. however, there is a solution, using PFS – Perfect Forward Secrecy. then they cannot take your keys, because each session uses temporary keys for each session, exchanged via diffy/hellman key exchange. then they cannot ask for it for 2 reasons:
    1 the key is created automatically and you never know it, or even seen it
    2 one key is good only for it;s corresponding session, and ALL other sessions, cannot be decrypted, because each session uses it’s own unique key.

  31. The Real Nirv says:

    Reblogged this on The Real Nirv.

  32. Dan says:

    I don’t know very much about email security (I’m desperately trying to learn more!), but I have to disagree with your assessment of the value of encrypting the emails one the server.

    I used Lavabit along with PGP (via Enigmail with Thunderbird) for secure correspondence with the few contacts i have that were willing to use PGP also. However the majority of my contacts won’t bother, and so having end-to-end encryption is impossible. Lavabit seemed to be one of very few providers that actually encrypted messages on the server, and not just when the receipient was also a member (like on Hushmail, for instance). The main concern was programs like Prism that required massive hand-over of data for a huge number of users, not a dedicated attack on one account. Further my understanding (which is still pretty shallow about these things),was that by using TLS lavabit was protecting emails to and from users.

    Anyway, I don’t think anybody was fooled that the service wasn’t as secure as PGP, because decryption/encryption happened server-side. But because most people correspond with others who don’t have encryption software, having encryption among stored messages that would otherwise be unencrypted seems like a common sense step that few companies provide.

    • Visa Holopainen says:

      From a usability point of view, the following is convenient: You store the email (body and attachments) at the originating server in encrypted format, and email a link to the recipient. The recipient can then follow the link (over https) to fetch the email contents. Thereafter the message can be locked at the server, allowing no more access to it. There is at least one company offering this kind of product (http://www.deltagon.fi/en/).

  33. Pingback: Tornado Quest Gee-O-Science Links: Aug. 5 – 11, 2013 | Welcome To Tornado Quest

  34. bob is a common name right? says:

    well, maybe for cloud someone should make an open source program that uses truecrypt to encrypt your data before putting it on the cloud and then when you want it again it automatically decrypts for you. That is after your windows password is put in.
    Idk, The hushmail is using java to be more secure (an oximoron.)

  35. Mark A. Huebner says:

    Thank you Steve!

        a wonderfully insightful perspective on the times we live in.  Does it seem strange that we watch movies about spies, have congressionally mandated agencies whose sole purpose is to spy, and yet,

    apparently, the whole world is surprised to find out that people are spying?

      Thanks,

    Mark A. Huebner

    >________________________________ > From: Steve (GRC) Gibson’s Blog >To: markahuebner@yahoo.com >Sent: Thursday, August 8, 2013 1:50 PM >Subject: [New post] The Lesson of Lavabit > > > > WordPress.com >Steve Gibson posted: “An implication of undeliverable security painted a bullseye…Post’s Permalink On Thursday, August 8th, Ladar Levison, the owner and operator of the semi-secure Lavabit.com eMail system, shut down his nearly ten year old service rather than be forced t” >

  36. richguy says:

    Steve, thank you for this piece and for mentioning it on the Security Now show. I have been learning so much about security issues on your show and being an IT student, it is more than entertaining, it is educational on many fronts.
    I’d like to make a point about the Constitutional argument about the “expectation of privacy.” If I encrypt my email, wouldn’t that action preclude any doubts about my expectation of privacy? To illustrate, I have expectation of privacy in my home… not because I lock the door, but just because i live behind four walls. Just so, if I put up some walls around my email (encryption), even if the government can break down the “walls” because I didn’t completely lock up and throw away the key, I made an effort by putting up walls to ensure privacy. Encryption means “this is private space, not public.” I think that demonstrates an expectation of privacy.
    On a more humorous note, I’d like to comment regarding the government access to email on an email server that is 6 months old, due to some law that stipulates that after 6 months, it is considered abandoned. If my taxes are 6 months unpaid and they haven’t taken action, perhaps I can consider that claim abandoned.
    Thanks again for making an amazing and timely show, spiced with your wonderfully dry sense of humor.

  37. Pingback: Steve Gibson: The Lesson of Lavabit | The Freedom Watch

  38. BloodyViking says:

    It is suspected, since national security letters violate the first ammendment, Levison is threatened with imprisonment if he does not install an NSA tap on all his customers. What is the value of services like proXPN? If not outright sting operations for the intelligence community, we have to assume services like these that are still in business have NSA taps. As mission creep grows all tapped information is going to become more and more available to an alphabet of agencies, subcontractors and corporations.

    • The Real Nirv says:

      There is an exclusive interview with Levison on democracy now.org, http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service

      After the first half of the interview an ISP is interviewed on his 8? year litigation with the NSA re an NSL he received. Additionally, an interesting video of Obama, while still senator who challenged NSLs on the premise of the US Constitution, particularly the first amendment. One of the interesting things regarding the ISP’s tale, is that the government was reluctant to continue as it would have lead to an eventual supreme court decision and they were afraid of the precedent it might set at the supreme court level, namely making NSLs as they are unconstitutional on a national scale. According to the peice NSLs have NOT yet been challenged constitutionally at the federal level. It appears the government is reluctant to address such a challenge.

  39. tecmunky says:

    The MAJOR problem here, is that the site operator described in this post cannot LEGALLY talk about what occurred. This SECRETIVE nature of the law is the real problem. When law enforcement agencies are allowed to conduct operations in secret, the potential for abuse is present.

    This constitutes “A CLEAR AND PRESENT DANGER”. As such, it is the duty of the POTUS to take action.

    All activity by law enforcement should be transparent. The only secretive actions which should be allowed by any official agency in the United States should be those which would otherwise put troops in immediate danger.

  40. Tyler says:

    Steve, I love the podcast. It’s one of my “hafta hears” each week, and I’m slowly making my way through the archive. Thank you so much for your hard work on the podcast! It makes me less of a dummy than I would be otherwise.

    In your discussion about secure email, I would love to hear your expert analysis on mailpile (http://mailpile.is). I’ve seen the name turn up in discussions about Lavabit and Silent Circle, and I’ve read that it is end-to-end encryption, though I can’t seem to confirm that on their website. I’m curious to know if mailpile can pass a Steve Gibson sniff test.

  41. adam says:

    Its suitable time to have plans in the future and its time to be happy. I have read this submit and if I could I want to propose you handful of interesting points or suggestions. Maybe you could write following articles talking about this article. I must read more things about it!

  42. Thomas says:

    Considering that Silent Text has just launched on Android, will you take a look at Silent Circle’s SCIMP protocol for P2P instant messaging?

    https://silentcircle.com/static/download/SCIMP%20paper.pdf

  43. Emmanuel says:

    This paragraph is actually a fastidious one it assists new net visitors, who are wishing for blogging.

  44. drbaltazar says:

    Question for Steve:didn’t one country created new law exactly very harsh to protect data?2:you know any secure service that were born or made avail from those very secure country.I don’t believe any can have secure data with browser avail.might be time for GRC.com to create a paid secure e-mail service (assembler?)this is one service that always seem to have ties with potentiality for security problem.

  45. Joseph Hyde says:

    Steve it seems to me that ‘email security’, ‘secure browsers’, TOR etc. Is missing the point if the NSA has had a backdoor(s) into Windows since Win 95 according to this World Net Daily article.

    http://www.wnd.com/2013/06/nsa-has-total-access-via-microsoft-windows/

    When I Google “Windows (put your NSA etc. alphabet acronym here) backdoors” you get articles like these.

  46. youtube.com says:

    Hello colleagues, its enormous post on the topic of educationand fully explained,
    keep it up all the time.

  47. Linette says:

    Je peeսx vous dire que c’est incroyablement
    un plaisir de viswiter ce blog

  48. C’еst du bοnheuг de visiter ce site web

  49. noiraude says:

    Je pense que cet article va aller sur un site perso

  50. It’s really a cool and useful piece of information. I am glad that you simply shared this helpful
    info with us. Please stay us informed like this.
    Thank you for sharing.

  51. Delmar says:

    Un article vraiment rempli de vérité

  52. Vous publiez constamment des articles fascinants

  53. But those endorphins may play a more important and longer-lasting role: thesy could help alleviate symptoms of depression, according to The
    Mirror. The city has rider made some progress in recent years who stress
    their commitment to clean riding. And if you are participating in marathon races or long-distance biking excursions.

  54. fake hermes birkin bag ebay The Lesson of Lavabit | Steve (GRC) Gibson’s Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s