Lavabit is back.
In 2013, the federal government launched an all-out attack on the secure Lavabit email service in its efforts to get Edward Snowden. This led to Lavabit’s shutdown. It was a classic secret police operation; at the time, Ladar Levison wasn’t even allowed to talk about what the government was demanding. In 2014, Levison published more details.
The Feds ordered the installation of surveillance equipment on Lavabit and demanded its private SSL keys. This would have let the Feds read anything that users sent over the supposedly secure connection to the site, including their passwords. Levison endured weeks of outrageous treatment by the legal system. Just read his article; no summary could do it justice. In the end, he faced the choice of letting the government snoop all 400,000 of Lavabit’s customers’ accounts or shutting it down. He shut it down.
All this was under Obama. We can only expect worse from Trump. So it was on Trump’s inauguration day that Levison chose to relaunch Lavabit.
The new version uses the Dark Internet Mail Environment (DIME), which is supposed to be easier to deploy and provide better protection than existing frameworks such as OpenPGP and S/MIME. It will provide three options: Trustful, Cautious, and Paranoid. Trustful is the easiest to use and assumes the user trusts the server. Paranoid mode provides the most limited functionality, but no one except the user has the encryption keys. DIME can be used independently of Lavabit.
Former Lavabit users will be able to reactivate their accounts. The service is currently in limited launch mode, but new users can pre-register at half price.
As the Trump State tries to carve away at our liberties, people like Ladar Levison are fighting back. They may be traitors in Donald’s eyes, but if this be treason, make the most of it.
Update: An article on The Intercept explains how the new version prevents anyone from grabbing the SSL key:
With the new architecture, Lavabit will no longer be able to hand over its SSL key, because the key is now stored in a hardware security module — a tamper-resistant device that provides a secure enclave for storing keys and performing sensitive functions, like encryption and decryption. Lavabit generates a long passphrase blindly so the company doesn’t know what it is; Lavabit then inserts the key into the device and destroys the passphrase.
“Once it’s in there we cannot pull that SSL key back out,” says Sean, a Lavabit developer who asked to be identified only by his first name. (Many of Lavabit’s coders and engineers are volunteers who work for employers who might not like them helping build a system that thwarts government surveillance.)
If anyone does try to extract the key, it will trigger a mechanism that causes the key to self-destruct.
I can’t be the only one thinking of John Galt’s lab.