As the stunning revelations about the NSA’s collection methods and capabilities continue to mount, two secure email providers that have shut down their services in recent months have formed a new alliance to develop and deploy a new secure email platform that will be resistant to surveillance and back doors. The Dark Mail Alliance, formed Wednesday by Silent Circle and Lavabit, aims to put together an open protocol and architecture for private email.
Both Lavabit and Silent Circle made the decision this summer to pull the plug on their respective secure email services, for different, but related, reasons. Lavabit, a provider of encrypted private email services, in August said that it would pull the plug on its service. At first the company didn’t provide many details on why the decision had been made, but it gradually became clear that Lavabit founder Ladar Levison had decided to shut the service down rather than comply with a government request for access to the master encryption key for the service. Edward Snowden, the NSA whistle blower, was a Lavabit user, and the FBI wanted access to his email, but was also asking for access to other users’ accounts. Levison instead shut the service down.
Soon afterward, officials at Silent Circle came to the decision that they needed to end their Silent Mail offering, as well, as they assumed it also would be a prime target for government surveillance requests.
“We said we had to do something and do it now, and tell people why we did. I had to think about it in terms of if I were [the government], what would I be doing? I would be typing up the subpoenas to be delivered at 7 a.m.,” Jon Callas, co-founder of Silent Circle, said at the time of the shutdown in August.
Now, the two companies are pooling their resources in an effort to get a new secure email platform off the ground. Truly secure and private email has proven to be a challenge for more than a decade now, but officials from the two companies say that the need is there.
“Together our mission is simple: To bring the world a unique end-to-end encrypted protocol and architecture that is the ‘next-generation’ of private and secure email. What we call ‘Email 3.0.’ is an urgent replacement for today’s decades old email protocols (‘1.0’) and mail that is encrypted but still relies on vulnerable protocols leaking metadata (‘2.0’),” they said in a blog post announcing the alliance.
“Our goal is to open source the protocol and architecture and help others implement this new technology to address the privacy concerns over surveillance and back door threats of any kind.”
How the alliance will proceed and what the technology will look like remain to be seen, but the interest in this kind of technology in the security and privacy communities is quite high, especially given the revelations of the last few months.
Image from Flickr photos of Frederic Bisson.