Edward Snowden used to use the Lavabit, an encrypted email service while gathering information against Central Intelligence Agency and other United state agencies.
In 2013, Ladar Levison, founder of the encrypted email service Lavabit, took the strong step of shutting down the company rather than abide by the federal law enforcement request. Lavabit had more than 410,000 user accounts at that time.
That time, the FBI had requested them to access the email account of one of their most prominent user's account, Edward Snowden. They didn't give them his SSL encryption key because that could have help the government to obtain the credentials for other users as well.
“The SSL key was our biggest threat,” Levison says.
After this incidence, Levison became a hero of the privacy community for his tough stance. For last three years, he has tried his best to ensure that he’ll never have to help the feds break into customer accounts again.
On Friday, he launched a new version of Lavabit which has a new architecture that fixes the SSL problem and includes other privacy-enhancing features, and now it will prevent government agencies like the NSA and FBI from stalking the Lavabit users.
“This is the first step in a very long journey. ... What we’re hoping for is that by the end of this year we’ll be more secure than any of the other encrypted messaging apps out there on the market,” Levison added.
“We have installed FIPS 140-2 hardware security modules which allow us to use a TLS key without having to access it directly. Any attempt to extract the key will trigger a tamper circuit causing the key to self-destruct. The only account capable of extracting the key is the HSM supervisor. To prevent this we set the passphrase blindly thus locking us out,” the company explained.
While, Edward Snowden said that he too plans to reopen his account, “if only to show support for their courage.”
In 2013, Ladar Levison, founder of the encrypted email service Lavabit, took the strong step of shutting down the company rather than abide by the federal law enforcement request. Lavabit had more than 410,000 user accounts at that time.
That time, the FBI had requested them to access the email account of one of their most prominent user's account, Edward Snowden. They didn't give them his SSL encryption key because that could have help the government to obtain the credentials for other users as well.
“The SSL key was our biggest threat,” Levison says.
After this incidence, Levison became a hero of the privacy community for his tough stance. For last three years, he has tried his best to ensure that he’ll never have to help the feds break into customer accounts again.
On Friday, he launched a new version of Lavabit which has a new architecture that fixes the SSL problem and includes other privacy-enhancing features, and now it will prevent government agencies like the NSA and FBI from stalking the Lavabit users.
“This is the first step in a very long journey. ... What we’re hoping for is that by the end of this year we’ll be more secure than any of the other encrypted messaging apps out there on the market,” Levison added.
“We have installed FIPS 140-2 hardware security modules which allow us to use a TLS key without having to access it directly. Any attempt to extract the key will trigger a tamper circuit causing the key to self-destruct. The only account capable of extracting the key is the HSM supervisor. To prevent this we set the passphrase blindly thus locking us out,” the company explained.
While, Edward Snowden said that he too plans to reopen his account, “if only to show support for their courage.”