by Kashmir Hill
Forbes Staff

October 30, 2013

from Forbes Website



In recent months, Lavabit, based in Texas, and Silent Circle, based in Washington, D.C., both shuttered their encrypted email services.


The companies said they couldn’t keep them running knowing they were vulnerable to surveillance if faced with a dedicated enough attacker… which for Lavabit came in the form of the federal government when it wanted access to NSA whistleblower Edward Snowden’s Lavabit account.


Now the companies are teaming up with plans to offer an open-source tool that could make peer-to-peer, end-to-end encryption an easy add-on for any email service. The challenging part: they need to get other email providers - especially the heavyweights, Google, Yahoo, and Microsoft - to join them in offering the tool.


The easy part: the name, which sounds like a group of superheroes - or supervillains - depending on your perspective on monitoring and data-mining email.


Lavabit and Silent Circle are the first two members of the "Dark Mail Alliance," a group of email providers who will give users control over the privacy of their email so that it can’t be handed over to third parties, scanned for ads, or easily hijacked by an interceptor.

"We’re taking our inspiration from the Rebel Alliance," says Levison. "We’re the rebels who have decided privacy is too important to compromise on. We’re fighting to bring privacy back to the Internet."


"We believe email is fundamentally broken in its current architecture," says Silent Circle CEO Mike Janke, a former Navy SEAL. "This is an opportunity to create a new email service where the keys are created on the device and only the user can decrypt it."


A very simple logo for a concept

dreamed up within the last two months



The problem now is that - as the NSA leaks have made us painfully aware - almost all of us store our email with third parties and send it through a digital ether that has many stops along the way where it can be captured.


On top of that, there’s the possibility of our email being hacked, or being scanned by advertisers, or just being opened by a snoopy ex who has your password.


Google and others have tried to make email more secure with two-factor authentication, but that doesn’t solve that fact that the email sits "in the clear" on a server or in the cloud somewhere - a vulnerability that hackers can take advantage of.


According to a new report from the Washington Post, the NSA has taken advantage of that vulnerability by infiltrating the links to Yahoo’s and Google’s data centers.


Lavabit and Silent Circle think email should be unreadable - decodable only by the sender and the recipient. While it’s possible to set-up encryption on your own, it’s a laborious process - I know from experience; the Dark Mail Alliance hopes to streamline it.


Lavabit founder Ladar Levison and Silent Circle CEO Mike Janke got to meet and swap tales of encryption woe during a privacy event in Seattle in September.


Silent Circle’s impressive cryptography team had been working on a better email encryption system for some time, that wouldn’t leak metadata to the provider (or the NSA) nor depend on keys stored on a provider’s server.


Levison meanwhile had been fighting the feds for months over their request to fundamentally break the security of his email service in order to get access to one of his users’ accounts. Levison, who has given up email since shutting Lavabit down, had downloaded Silent Circle’s encrypted text messaging service to have private bi-coastal conversations with his lawyer.


He and Janke connected via Silent Circle and sat down in Seattle to talk about coming up with a new system together.


Levison then flew to Silent Circle’s headquarters for a week-long project-crunching session with his former-competitor’s engineering team, including master cryptographers Phil Zimmermann and Jon Callas.


The "Dark Mail Alliance" plans to release a white paper about their tool, which relies on SMTP and XMPP.


While still a work in progress,

  • it will assign a private key to a particular user and populate it across their devices

  • put public keys and addresses into a public server

  • store encrypted email for pick-up in the cloud

It’s not the first time technology of this sort has been deployed.


What would make this different is that it, if successful, wouldn’t be sandboxed. If Google, Yahoo, Microsoft, Hushmail, and others signed on - and that is a big "if" - you’d be able to send an encrypted email from one service to another "easily."


Janke says the user interface is designed so that if you’re sending to an address that’s part of the system, it glows green, and if it’s not, it glows red.

"Features of PGP are built into the code itself so it can function like regular email," says Levison. "We want to make it easy enough for your grandma to use."


"We want community participation on the protocols," says Silent Circle cryptographer Jon Callas. "But we are not going to be sitting around, waiting for permission to do it. We’re going ahead with it even if it’s just the two of us."


"We’re going to try to get as many people involved as possible," says Janke. Levison announced the formation of "the Alliance" Wednesday at Inbox Love, a conference at Microsoft’s Mountain View campus for, as you’d expect, mail geeks.


"All of the major email service providers will be there," says Levison.

But will they want to join the Alliance?


Given Lavabit’s dramatic shutdown and the Snowden revelations about the extent of monitoring of our digital communications, there’s momentum right now for the cause of more private email.


And Lavabit and Silent Circle certainly have the industry’s attention.

"Everyone knows now that email is broken and has to be fixed," says Callas.

But is that enough to get established providers to join their crew?

"We want to get the Googles, the Yahoos and the Microsofts to stand tall," says Janke. "But it will be an interesting friction point. These companies make money by mining their free email."

The dark mail tool would prevent scans of emails to deliver ads.


Another potential downside from a provider perspective is that not being able to scan all emails will make it harder to root out spam, says Levison. But they hope that the fact that all email would be signed with particular keys will make it possible to develop a trust system around identity.


Intelligence and law enforcement agencies meanwhile, who have been complaining for years (perhaps disingenuously) about the Internet "going dark," might be the most frustrated with the Alliance. It would make it much harder to monitor people’s emails or to read what they have stored in the cloud.


I asked Lavabit - who is already fighting a court battle with the FBI - and Silent Circle whether they worried about the government reaction to their plan.


Levison says he does worry about criminals - terrorists and child pornographers - using the tool.

"But I balance that with the need to speak privately as a fundamental part of any democracy," says Levison. "Government has brought this on themselves, where this kind of security became a necessity."

"That horse has left the barn. If law enforcement wants that data, they’ll have to subpoena an individual [rather than their email provider]," says Janke.


"I worry more about the big data processors. Google and Microsoft rely on data mining to make their profits. I worry more about them collectively because there is money on the line. I worry about that more than the nation states."

The Alliance is not just focused on the big dogs. They’re also hoping to enlist smaller providers that want to offer more private and secure email services.


Levison will play crypto-prophet, with plans to rack up frequent flier miles to help providers and organizations get this up and running when they release the tool in 2014.

"If we have to fly to Switzerland and South Africa, that’s what we’ll do," says Janke.


"We think the world is ready to embrace a new system," says Levison.