Establishing Digital Trust: Don't Sacrifice Security for Convenience
Lavabit, which was perhaps best known as the secure e-mail service used by Edward Snowden, recently announced that it's shutting down. Soon after, Silent Circle announced that it's also discontinuing its Silent Mail service (h/t The Register).
According to Wired, Snowden had used Lavabit since January 2010.
In a post on Lavabit's home page, Lavabit owner and operators Ladar Levison wrote, "I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot."
On the same day Silent Circle co-founder Jon Callas wrote in a blog post that referenced Lavabit's shutdown, "We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail now. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The problem, Callas explained, is unique to e-mail. "E-mail that uses standard Internet protocols cannot have the same security guarantees that real-time communications has. There are far too many leaks of information and metadata instrinsically in the e-mail protocols themselves. E-mail as we know it with SMTP, POP3, and IMAP cannot be secure."