09Feb, 2017

Is The New Email Void Of Government Eyes?

Not less than a few months ago a government entity, NSA approached Lavabit requesting, or better stated demanding, a broad surveillance compliance. As has become widely known, or accepted, the endeavor behind this was to intercept Edward Snowdens’ emails as reported by Techdirt.

“Founder of Lavabit, Ladar Levison can now confirm that Edward Snowden was, in fact, the target of the 2013 prying”. This fell obvious when the federal government neglected to emit the email address Ed_Snowden@lavabit.com from official case documents.

Standing firm in his refusal to give out the key for an SSL/ TSL private key that would inevitably unlock the confidential information of its users, Levison instead opted to close his company entirely. Prompted by this decision, and what would seem like an agreeance of positioning, Silent Circle preemptively shut down their services too.

The Future Of Encrypted Email

Meeting at the Privacy Identity Innovation Centre and now more recently jLavabit have collaborated with Silent Circle, cofounded by Janke and CTO Jon Callas, and are launching the new, more secure service Dark Mail. Under the preface that governments are no longer trustable, this service provides email encryption with a peer-to-peer system designed to hide metadata.

In short, metadata consists of the email ‘title lines’ i.e. sender, receiver and subjects fields. These are generally not encrypted even though the actual email is. It is this information that NSA obtains and uses so easily. Revolutionary in their approach, Dark Mail aims to encrypt this data whilst still communicating effectively with existing email servers. Though still ironing out technical issues, the processes are going strong.

“It is imperative to construct a new resilient system built to withstand this interference” stated Levison when questioned on the current initiatives. Silent Circle will incorporate Dark Mail into their secure email services as well as into an open source system set on XMPP protocol and SCIMP originally designed by them for its security. Working together, Levison and Silent Circle are assisting other service providers with their own implementation of Dark Mail further strengthening email security.

Announced at an Inbox Love Conference technical details awaited release coinciding with the official launch. Taking email to the next level Dark Mail is designed to remove the ability for providers to access data in any circumstance, in turn, preventing data access to NSA, FBI or other such organizations.

Email Encryption Challenges Heading Forward

Ingeniously created in the 90’s by Phil Zimmerman PGP software and still the most popular method of emailing to date, will leak a small amount of data. Dark Mail, however, creates the encryption keys on the device waiting for the recipient to receive a notification eliminating the ability of the provider seeing an unencrypted message.

Not alone in their search for ideal email encryption, Dark Mail has succeeded in their ability to find a better balance between both security and user-friendly interfaces. It would seem the challenge lays not so much in the success of the software but rather the need to have others implement the use of Dark Mail. With conglomerates such as Google and Outlook unlikely to take on such changes easily after the past 40 years of using such services it is wise to select your email provider carefully.

About The Author

Read more