Lead Image © Orlando Rosu, 123RF.com

DIME and Dark Mail seek to change the world of digital mail

Secrets

Ladar Levison may be an unfamiliar figure except to a few people in the community, but many are familiar with his former company: Lavabit, which was in business from 2004 to 2013. Lavabit was a pioneer in the field of secure email; it was founded with the goal of serving as a secure email provider.

Lavabit's Vulnerability: The Customer's Key

Lavabit really did set standards at the time: Asynchronous encryption was part of the standard – with a quality that even secret services had trouble breaking. The solution had one vulnerability, though: The key that Lavabit used for the crypto part of the installation was stored by Lavabit itself, on its own servers. Lavabit's customers needed to trust the company because Lavabit could always read the content of the email that a customer sent via its service. This functional approach did more than just scare off people with a certain affinity for encryption – it proved to be an existential problem for Lavabit.

For a long time after its founding, Lavabit was simply one provider among many and didn't cause much of a stir. The company cooperated with the authorities as needed and probably would have remained just one mail provider among many, if it weren't for a certain customer with the email address edsnowden@lavabit.com (Figure 1). When Snowden first escaped abroad and began to disclose the most secret of secrets of the NSA, the fun was over very quickly for Lavabit, and the company saw itself facing various court orders (Figure 2) and search warrants.

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES

Print Issues

Digital Issues

 

SUBSCRIPTIONS

Print Subs

Digisubs

 

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia