Online privacy: Snowden’s e-mail service of choice, Lavabit, is back

author Maximilian Holm, about Online Privacy

Online privacy

For anyone concerned with online privacy, choosing a good e-mail provider is of great importance. Lavabit, previously the Edward Snowden e-mail provider of choice was re-launched in January 2017, and with it comes improved security features and the rigorous communication platform DIME.

Back in 2013, Lavabit – the e-mail service of choice for Edward Snowden – was approached by the FBI, who requested that Levison provides them with the SSL key in order to gain access to Snowden's e-mail account. Grudgingly, the founder of Lavabit agreed and provided the FBI with 11 pages of tiny text spelling out the SSL keys of Lavabit. Unsatisfied with what Levison provided them with, they kept pursuing Levison.

This put Levison in a conundrum that many privacy services have encountered before – refuse and get prosecuted, or comply and risk the integrity of every one of their users, as the same SSL keys can be used to gain access to all e-mail accounts.

“This printout, in what appears to be 4-point type, consists of 11 pages of largely illegible characters. [...] Moreover, each of the five encryption keys contains 512 individual characters—or a total of 2560 characters. To make use of these keys, the FBI would have to manually input all 2560 characters, and one incorrect keystroke in this laborious process would render the FBI collection system incapable of collecting decrypted data.” - James L. Trump, US Attorney's Office

Levison (founder of Lavabit) – concerned with both his users and his own integrity – did the only thing he could think of to save not only himself but also his users; he shut his service down. While this meant the FBI could not gain access to his users' accounts, it also meant that his users couldn't access their own accounts. For most, this was a minor problem, and he subsequently became a hero to the online privacy community for his tough stance.

Equipped with experience from his previous encounter with the FBI and Lavabit, he started development of what would later be known as Dark Internet Mail Environment (DIME) – a revolutionary end-to-end communication platform, as well as the open-source e-mail server Magma that would come to incorporate DIME. Both of these are cornerstones to the newly-relaunched Lavabit e-mail.

“I have been forced to make a difficult decision: to become complicit in crimes against the American people, or walk away from nearly 10 years of hard work by shutting down Lavabit.” - Ladar Levison, founder of Lavabit

What is DIME?

DIME is an open-source secure end-to-end communications platform for asynchronous messaging. While OpenPGP and S/MIME are at the forefront for privacy-concerned citizens, they don't provide automatic encryption and metadata protection.

To address these issues, DIME encrypts all parts of an e-mail transmission (body, metadata, and transport layer). DIME solves the problems of current standards, and combines the best of current technologies to give users the greatest protection available without sacrificing functionality. Put simply, some functionalities may not be available for the more rigorous security settings.

“If you knew what I know about e-mail, you might not use it [E-mail services] either.” - Ladar Levison, founder of Lavabit

Encryption Modes

The new Lavabit allows for three different encryption modes:

  • Trustful
  • Cautious
  • Paranoid

Each encryption mode offers different benefits depending on the user's needs.

Trustful

Lets the e-mail server handle all privacy issues, essentially requiring the user to trust the server. Accounts operating in Trustful mode sends messages using Simple Mail Transfer Protocol (SMTP) and receives messages using Post Office Protocol (POP), or Internet Mail Access Protocol (IMAP). This allows users to use existing e-mail software and ensures an easy-to-use service for users that do not want to worry about technical requirements.

Cautious

The e-mail server is only used to store and synchronize encrypted data, such as encrypted copies of a users' private keys, and encrypted copies of messages. This gives a comparable user experience to what's available today, but it drastically reduces the trust placed in the server. While in cautious mode, the user key is only stored in plain text on a user's device and is encrypted before being sent to the server.

If a user wishes to access their e-mail from a separate device, the client downloads the key from the server, together with your e-mails, and is only decrypted when you enter the correct passphrase.

Paranoid

The e-mail server never has access to a user's private keys – neither encrypted nor decrypted. This minimizes the amount of trust a user is required to place in their server, at the cost of reduced functionality.

Using Paranoid mode, you need to manually move your key to any new device that requires access to your e-mails, and the device will only be able to decrypt your e-mail while the key is on the device. This means that even if someone were to get access to your mail server, they won't be able to read your e-mails unless you provide them with the key.


For people concerned with online privacy, VPN services play only a part in improving your privacy. All e-mails you send and receive – even if you're connected through a VPN tunnel – are stored on the mail providers' servers without our encryption. Therefore, it is vital to use a secure and safe e-mail provider to optimize your privacy and keep yourself safe from the prying eyes of unauthorized third parties. A while back we took a good look at some security focused e-mail services, and while we haven’t tried Lavabit ourselves, it will be interesting to see if Lavabit can regain traction within the online privacy community.

Do note that we can only guarantee that our own service is safe to use, and as such we can not guarantee the quality, safety and success of Lavabit or any other services. As always, take care of what companies and services you put your trust in.