DIME and Dark Mail seek to change the world of digital mail

Secrets

Software, Services, Protocols, and Clients

DIME, however, is looking to take things a step further and publicize the software that it runs in the background. At the end of the day, DIME will be a service that administrators can operate on their own servers, as is the case with email today. In the course of their fundraising campaign, the developers stated this as their express objective: creating daemons for receiving and sending DIME messages on the basis of the software that ran at Lavabit.

A protocol called DMAP is intended as a slot-in replacement for IMAP, but one that will work with DIME. In the meantime, the project has already shifted a fair distance away from its roots; many new features have been added to Lavabit components, and the other parts of the suite are already more than just good ideas. Levison himself presented the DIME client Volcano (Figure 6) at DEF CON 22 [7]; it is based on Thunderbird and shows some similarities, at least in terms of the user interface.

Figure 6: Volcano is a Thunderbird spin-off that has already been converted for DIME; it is intended as the company's official mail client.

Trustful, Cautious, and Paranoid

Volcano gives users a choice of three operating modes, Trustful , Cautious , and Paranoid . Levison himself expressly points out that only Cautious and Paranoid modes can be regarded as secure. Only in these operating modes does DIME rely on end-to-end encryption, where the keys remain on the users' computers.

Speaking of keys: DIME will use an encryption that is similar to PGP for email. It also works with public keys, although DIME calls them signets. Users can then decide to trust each other's signets, which would be equivalent to signing a key in the PGP universe. This point of the story at least sounds a lot like GnuPG with all its weaknesses. Levison, however, solemnly promises that the inherent encryption in DIME will be far easier to use than ever was the case with GnuPG – specifically because it is part of the solution and not just an afterthought.

Anonymization Like Tor

The previously mentioned objective of encrypting the metadata is another obstacle, but one that DIME believes it has already worked around. After all, say the developers, a role model already exists for a network in which the two endpoints can communicate anonymously with one another without being monitored: Tor.

The makers of DIME, led by Levison, described DIME's transport mechanism as similar to Tor, meaning that various hosts are involved in the communications but never get to see the actual traffic. Like an onion, it is hidden under many layers. However, this approach actually causes a problem for DIME users wanting to communicate and exchange messages with non-DIME users. The only mode available to them in DIME is Trustful ; additionally, Volcano expressly warns users about the lack of security before allowing a DIME user to send an unencrypted message to a normal email account.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=