As any married couple will tell you, trust is the most precious commodity. And, once it’s gone, its almost impossible to get back. That maxim is just as applicable to the technology world when it comes to security and privacy. That’s why a giant brick and mortar retailer like TJX can lose the credit card information belonging to tens of millions of customers and barely miss a beat, while a firm like the Dutch certificate authority DigiNotar (part of the U.S. based firm Vasco Data Security Intl.) can lose a few hundred certificates and be forced out of business. Put simply: when your business is trust, and there’s a breach of that trust, you’re out of business.
We’ve seen this dynamic play out, more recently, with the self imposed exile of two, prominent secure e-mail services: Lavabit and Silent Mail, a service run by the firm Silent Circle.
In the case of Lavabit, the decision to shutter its operations came after the ten year-old company was used by former NSA contractor Edward Snowden to transmit stolen, classified information to journalists. That caught the eye of the U.S. government, which, it is believed, issued a National Security Letter to Lavabit requesting information about information stored on behalf of its users. Ladar Levison, the owner and operator of Lavabit LLC said that he had been “forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work.” He chose the latter.
Silent Circle, a firm that sells secure communications technology for voice, instant messaging and video, said it opted to shutter Silent Mail soon after learning of Lavabit’s decision – though CEO Mike Janke told me that the decision was being mulled well before Lavabit shuttered operations. SilentMail, he said, couldn’t be totally shielded from prying eyes because of “fundamental flaws” in the e-mail infrastructure. He was talking about the metadata that is sent back and forth as part of every e-mail exchange – header information and the like that, while they don’t reveal the content of email communications, provide government spies with plenty of useable information.
Speaking with the publication Ars Technica this week, Lavabit’s founder said his fears were dire: that authorities would force him to alter the code running Lavabit’s e-mail service to harvest the passwords used to encrypt and decrypt communications, or to hand over the master encryption keys used to secure HTTP (or HTTPS) connections to and from Lavabit. While he has known all along that his encrypted email service could be subverted, he considered it essentially unbreakable, because the means of subverting it would require the government to violate U.S. law and the Constitution. That seemed unimaginable ten years ago. Today that kind of thing is not only imaginable - it looks like business as usual. That's a big change.
True, in the wake of Lavabit and SilentMail going dark, others have stepped forward. The inimitable Kim Dotcom declared his intention to step into the void with a new secure email service using his Mega platform. Another alternative, Mailpile quickly surpassed their $100,000 fundraising goal on the crowdsourcing web site Indiegogo. And its also true, so far, there’s no evidence that the FBI or any other arm of the U.S. government tried to compel Lavabit or Silent Circle to break the law.
Still, Levison’s decision and that of Silent Circle to obliterate their secure email services rather than take their chances with the U.S. government sends a powerful message. What is that message? Simply: times have changed. E-mail – wonderful as it is – can’t and shouldn’t be trusted, even if its encrypted six ways to Sunday and stored in a cloud-hosted server on the Island of Togo.
Simply put: the days of secure e-mail are over. The medium is a marvel of the modern world and amazingly useful. It's just that its no longer appropriate for any communication you don’t want read by a federal agent, intelligence officer or any of the myriad federal contractors (like Edward Snowden) working in their stead.
“This idea that you can put your servers or service on some remote island with a volcano, and you will be ‘out of reach’ of the world's governments -is ridiculous,” said Janke of SilentCircle. “It has never worked. Ask Kim Dotcom or the swiss bank UBS. If you hold the data, they can get it.”