Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Lavabit Email Shutdown



On 08/09/2013 03:05 PM, Edward Ned Harvey (blu) wrote:
> They say they encrypt messages upon receipt before saving to disk 
> (which sounds silly, considering the attacker would be more likely to 
> just sniff the inbound network traffic rather than try gaining access 
> to the disk of the recipient server, 

That matters.  The NSA wants all the fruit to be low hanging.  And the 
FBI and friends like to write letters demanding records.  If the mail 
service doesn't have records...well, that makes the police state work 
for it.

> and also because the recipient server must have saved the encryption 
> key in order to perform the encryption upon receipt). 

Public key encryption.  The key to encrypt is different from the key to 
decrypt.  Lavabit could honestly say that they had no ability to make 
sense of any stored data.  To which the feds probably said: "Change your 
system to keep a copy in the clear to give to us."  And instead Lavabit 
decided to fall on their sword and go out of business.  Bravo.

-kb




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org