I had become interested in an e-mail service called Lavabit, once I had read this article that said that Edward Snowden used Lavabit in order to have secured private correspondances.

http://www.businessinsider.com/meet-lavabit-edward-snowdens-email-2013-7

It seemed promising, as all it took was $8 a year for an enhanced account and $16 dollars a year for a premium account, and you would get awesome asymmetric encryption on your e-mails that only could be read by someone with your passphrase.

But yesterday, Lavabit stopped working. They initially had a notice on there that they were doing updates to the site. My initial thought was, "Hmm, is the NSA giving them problems?" Turns out that is exactly what was going on. This is what was posted on their site today.

https://lavabit.com/


My Fellow Users,

I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot. I feel you deserve to know what’s going on--the first amendment is supposed to guarantee me the freedom to speak out in situations like this. Unfortunately, Congress has passed laws that say otherwise. As things currently stand, I cannot share my experiences over the last six weeks, even though I have twice made the appropriate requests.

What’s going to happen now? We’ve already started preparing the paperwork needed to continue to fight for the Constitution in the Fourth Circuit Court of Appeals. A favorable decision would allow me resurrect Lavabit as an American company.

This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States.

Sincerely,
Ladar Levison
Owner and Operator, Lavabit LLC

Defending the constitution is expensive! Help us by donating to the Lavabit Legal Defense Fund here (https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=7BCR4A5W9PNN4).

Anyway, you can imagine what was going on behind the scenes. But it's just sad, although not all that surprising. If anyone knows of a better, private/encrypted service (preferably not based on US soil), let me know.

And yes, I know that using Lavabit would not guarantee me complete privacy anyway, but it would at least be a bit better than the Gmail account I was using.

Dang - this is depressing.

I added the qualifier "(US shuts down the secure email service Snowden used)" to the thread title, so that people would be more likely to have an idea what was in the thread, based on its title.

Dang - this is depressing.

I added the qualifier "(US shuts down the secure email service Snowden used)" to the thread title, so that people would be more likely to have an idea what was in the thread, based on its title.

Technically, they didn't shut them down, but put them in the position to either abandon their core principles or suspend operations, with their only recourse being to wage an expensive legal battle. But it effectively caused them to shut down, so close enough.

Anyway, you can imagine what was going on behind the scenes, but it's just sad, but not all that surprising. If anyone knows of a better, private/encrypted service (preferably not based on US soil), let me know.

My preferred encryption tools are the various PGP tools, which I have been using for many years now myself. Now it has split into the OpenPGP project (http://www.openpgp.org/) (open source) and Symantec's PGP product line (http://www.symantec.com/products-solutions/families/?fid=encryption) (proprietary). I only work now with the OpenPGP side of this split.

The EnigMail project (http://www.enigmail.net/home/index.php) has a GnuPG (http://www.gnupg.org/) (GNU's version of OpenPGP) compatible extension for the Thunderbird email client (http://www.mozilla.org/en-US/thunderbird/), that works on a variety of operating systems, including Windows, Mac OS X and Linux. Or, for the Mac OS X platform in particular, there is a new release of GPGMail 2 (https://gpgtools.org/), that can exchange secure email with any other such PGP/GnuPG/OpenPGP client, including the EnigMail extension.

Anyone can send me secure email using my public key, posted at: http://thepythoniccow.us/Paul_Avalon_PGP_Public_Key.html

By having all the crypto code on your client PC, rather than partially on some dedicated web server, and by only relying on Internet email servers for the basic sending and receiving of email, which any email server needs to be able to do, encrypted or not, this PGP/GnuPG/OpenPGP architecture is far more difficult for the bastards in power to compromise or shut down.

Technically, they didn't shut them down, but put them in the position to either abandon their core principles or suspend operations, with their only recourse being to wage an expensive legal battle. But it effectively caused them to shut down, so close enough.
From what I gather, they didn't shut down the basic website explicitly, but they did shut down the main feature of that service ... it's security from intelligence agency snooping.

By having all the crypto code on your client PC, rather than partially on some dedicated web server, and by only relying on Internet email servers for the basic sending and receiving of email, which any email server needs to be able to do, encrypted or not, this PGP/GnuPG/OpenPGP architecture is far more difficult for the bastards in power to compromise or shut down.

Also it means it is harder for them to try to read your emails covertly. If one subscribes to the idea that the encryption cant be broken by TPTB, then they need your keys and they are not stored on a central server - they have to either overtly force you to hand them over, or hack your PC.