Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Lavabit's closure marks the death of secure cloud computing in the US

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 12 Aug 2013 06:57:20 +0000 (UTC)
http://www.theguardian.com/commentisfree/2013/aug/10/lavabit-closure-cloud-computing-edward-snowden

By Alex Hern
theguardian.com
10 August 2013
On Thursday afternoon, Ladar Levison, the owner and operator of Lavabit, an email service that prides itself on privacy and security, abruptly closed his website, posting a short message to his former users. "I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly 10 years of hard work by shutting down Lavabit," he wrote. "After significant soul searching, I have decided to suspend operations. I wish that I could legally share with you the events that led to my decision. I cannot."
Levison might be gagged by the law, but it's not hard to guess at least part of the reason why his site is having legal troubles. In early July, journalists and human rights activists received an email from edsnowden () lavabit com, inviting them to a press conference in Moscow's Sheremetyevo airport. Given the NSA leaker's understandable desire for security, it is not surprising that Edward Snowden would use a service designed for keeping messages out of prying hands. But knowing the American government's desire to go to extraordinary lengths (such as grounding the Bolivian president's plane) necessary to recapture him, it was perhaps a given that Lavabit would be a target once Snowden's use of the service was public.
Assuming the former infrastructure analyst's justified paranoia was put to good use, even a fully co-operative Lavabit wouldn't be able to provide the US government with much help. One of the site's biggest selling points against more popular email services such as Gmail is its full support for public-key encryption.
This is a form of encryption which uses two numerical "keys" to encode a message. One, the public key, is given out freely. Anyone wanting to send a message to Snowden would know his public key, encrypt the message with it, and send the now-garbled text. Snowden would then use his private key to decrypt it. 

[...]



--
Find the best InfoSec talent without breaking your budget!
Post a Job! $99 for 31 days
http://www.hotinfosecjobs.com/
Previous By Date Next
Previous By Thread Next

Current thread: