UK Secure Email Provider Shut Down His Service In January To Prevent GCHQ From Obtaining Encryption Keys

from the the-fallout-before-the-fallout dept

Shutting down secure email services because of surveillance agency interference apparently isn't just a local phenomenon. Lavabit, Snowden's email provider, shut down earlier this year to prevent being forced by the NSA to sabotage its own encryption. Silent Circle, another secure communications service, shut down its email product only hours later (but not its main messaging product). Silent Circle hadn't yet been pressured by the government, but obviously felt it was only a matter of time.

International Business Times is reporting a similar incident occurred in the UK earlier this year.

PrivateSky was shut down at the beginning of the year after introducing a web-based version in beta and for Outlook and had "tens of thousands of heavily active users".

Brian Spector, CEO of CertiVox, told IT Security Guru: "Towards the end of 2012, we heard from the National Technical Assistance Centre (NTAC), a division of GCHQ and a liaison with the Home Office, [that] they wanted the keys to decrypt the customer data. We did it before Lavabit and Silent Circle and it was before Snowden happened.
Even before the leaks made the Five Eyes' covert surveillance programs public, PrivateSky got an inside peek at the intelligence community's thirst for data. Unfortunately for Spector and his company, complying with GCHQ's request would mean destroying the security it promised to its customers.
[W]e had the choice to make - either architect the world's most secure encryption system on the planet, so secure that CertiVox cannot see your data, or spend £500,000 building a backdoor into the system to mainline data to GCHQ so they can mainline it over to the NSA.

"It would be anti-ethical to the values and message we are selling our customers in the first place."
I suppose GCHQ is satisfied either way. While having the encryption key would have been nice, it's just as simple to gather up communications and metadata from less secure services -- services some of PrivateSky's customers would have resorted to instead. National intelligence agencies seem all too willing to deploy scorched earth policies that destroy companies that don't immediately cave in to their demands. And why not? It does no harm to the government to force secure services out of business. The users of these services have to go somewhere and many of the available options have been compromised already.

Spector hasn't completely given up on the thought of offering a secure email service. He says PrivateSky is still up and running but is currently only used internally by CertiVox. But he does have a plan for another secure email offering based on the internal PrivateSky service.
He said that from the technology it has implemented a split of the root key in the M-Pin technology so it has one half and the user has the other.

"So as far as I know we are the first to do that so if the NSA or GCHQ says 'hand it over' we can comply as they cannot do anything with it until they have the other half, where the customer has control of it."
This could throw up some obstacles for intelligence agencies, the sort of thing they do everything in their power to avoid. The path of least resistance is also the one most frequently traveled. These agencies hate being told "no" almost as much as they hate being inconvenienced. PrivateSky's split key will do both. It should be interesting to see GCHQ's response if Spector takes the service live again.



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    Ninja (profile), Dec 13th, 2013 @ 4:30am

    I wonder if there is a way to encrypt the e-mails from end to end with one private key that only the interested parties know in a easy, convenient way. The secure mails should also start using individual encryption keys for each user so they'd not compromise the entirety of the user base if one key is compromised by the intelligence thugs - though I'm not sure how complex is could be to implement such thing. Maybe have a second encryption layer added so when the primary encryption key is given they can look away and whistle ;D

    I mean there has to be a way to make it at least significantly harder for the inteli morons, no?

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 6:21am

    Idea

    If only there was a way to encrypt a message using some kind of public-private key pair such that a message encrypted with the recipient's public key could only be decrypted with the recipient's matching private key. Maybe someone should invent something like that.

    /s

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 6:24am

    I hope the DarkMail Alliance guys hurry up and release that secure e-mail protocol, and then MAY A THOUSAND SECURE EMAILS SERVICES BLOOM!

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    RyanNerd (profile), Dec 13th, 2013 @ 6:28am

    Re: Idea

    Unfortunately during a trial for NewEgg the founders of this modern day encryption were found by a Texas jury to not have any credibility. Which makes one wonder what may be in the water in Texas.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 6:36am

    the actions by the NSA and GCHQ have left a bad taste in peoples mouths. i am waiting to see if their are any serious consequences for what these have done, in as much as services closed down and then forced customers to move. it is possible that because of the moves, and the greater exposure, private information may easily have been available to others, as well as the agencies, causing all sorts of harm. had there been no wanton and deliberate intrusion, the information would have remained secure and no harm done. i wonder what the excuses will be if that scenario occurs and at whose feet the blame will be laid?

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 6:56am

    Re: Idea

    Except it's not end-to-end. Only the body of emails are encrypted (which is obviously better than nothing but still not enough).

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 7:21am

    This could throw up some obstacles for intelligence agencies, the sort of thing they do everything in their power to avoid.
    Again, I'd like to point out the similarity between these overzealous spy agencies and the Boy Who Cried Wolf.
    Not only are they illegally (and amorally) spying on their populaces, not only are they actively removing all public support for the idea of "fighting terrorism" by using terrorism as a standing excuse to spy on everyone year after year, but by treating the general populace as terrorists, they prompt the public to move to protect itself, which unfortunately must necessarily mean that actual terrorists become better protected as well.
    Nobody will listen to them if they cry "terrorist" now, even in the unlikely event that there is an actual threat. The countries in question are more vulnerable, and it's entirely the fault of their blundering, overreaching spy agencies.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 7:21am

    so it took them this long to come forward ..nothing like dragging your feet on a very important topic .. could have given a heads up to the other secure mail providers or to the world

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 7:26am

    Re:

    It is called GPG/PGP, and the problem is managing the keys. While a public key system can be used with a repository for public keys. It is much harder to mount a man in the middle attack, as the requirement is to get senders to use the attackers keys, and then they intercept, and then re-encrypt with the recipients key. For high security, you make sure that you know whose public key you have, and that they have yours, and sign messages to validate sender, as well as encrypting them for transmission.
    Note this works with GMail etc, though to hide the meta-data requires that people have a mail server and exchange messages via TOR, or similar encrypted multihop links.
    The 'problem' with doing this is that it is not as convenient as current web-0mail systems, but that is a price that has to be paid to secure communications. Any more convenient system relies to a greater or lessor extent on a third part, and could therefore be compromised by compromising them.
    This of course assumes that the user operating system has not been compromised. For the really paranoid, 32-bit arm development boards are available, along with SPI connected Ethernet cards. Attach a keyboard, and a text-mode display, and storage via SD cards, and a highly secure text only email system can be set-up. Note, in this approach, the development board has control over what it sends and receives via the Ethernet card, which can go via a router to the Internet. Any flaw in the network stack is limited to seeing what is handled by the Ethernet card, and cannot get at the development system, which is where all encryption, and decryption is done. It is assumed that the SD card is only used to store encrypted messages, and an encrypted key-store. Note that the storage should not be used in a normal computer just in case it has been compromised, although is set up properly it would only expose encrypted data.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Ninja (profile), Dec 13th, 2013 @ 7:40am

    Re: Re:

    It is called GPG/PGP, and the problem is managing the keys.

    I figured it would be a problem. Thanks for the explanation!

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 7:54am

    Re:

    I assume they might have been under a gag order and maybe still are.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 8:16am

    Re: Re: Idea

    I'd check the pulpit before checking the water. A lot of Texas toxicity comes from there.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 8:38am

    Re: Re:

    "32-bit arm development boards are available"

    Why would this make any difference?

    You still have to load a TCP stack, most likely a GNU/Linux stack so why not just use a PC with GNU/Linux (especially as you will be using GPG anyway)?

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    John Fenderson (profile), Dec 13th, 2013 @ 8:39am

    Re: Re: Re:

    Managing the keys, as such, isn't the problem. The problem is trusting the keys. How do you know the public key you have actually belongs to the entity you think it does? This problem is addressed through certificate authorities, but as we've seen, that's not foolproof.

    If, however, you get the key directly from the person you want to with (and not via the internet), then you can have a very high trust level in it. In those cases, there is no problem.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 8:43am

    Re:

    UK RIPA act includes punative gagging. Giving other providers the "heads up" would have landed them in prison.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    John Fenderson (profile), Dec 13th, 2013 @ 8:55am

    Re: Re: Re:

    I'm not sure I fully understand what he was getting at, but I think it's this: use a dedicated, high security system for your communications and not your everyday computer. There's no technical reason a dev board would be better suited for this task than a spare computer you have laying about, except that the dev board is small, fanless, and uses much less power.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 9:53am

    Re: Re:

    "UK RIPA act includes punative gagging. Giving other providers the "heads up" would have landed them in prison."

    That's why they named it RIPA: Disclose our doings and we gonna RIPA you a new one!

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 10:41am

    Re: Re: Re:

    The proposal is for the paranoid, where it is considered that a Linux system can be compromised by a dedicated attack directed at it. Their is just too much software on a normal system for it to be considered immune from external attack.
    The propose system uses minimum software, running from flash memory. Further its security is not dependent on the provided TCP/IP stack running on the Ethernet card, as it can be assumed that all Internet traffic is available to an attacker. Apart from an optional interrupt to allow the network card to demand attention, the ARM processor initiates all actions and data transfers with the network card, and does so over SPI, which is a simple serial interface. The network card only runs a TCP/IP stack, and the arm processor would only run the software required to manage input, display and encryption.decryption of text only emails. Nether processor is running an operating system or any other code than that required to carry out its task. This makes such a system effectively immune from external attack, especially where the system require physical access to reprogram.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 10:51am

    Re:

    Presumably you have switched to Linux or BSD, as it is quite possible that Windows will send the decrypted emails straight to the spooks, after re-encrypting it with one of their keys. As an operating system windows is too readily compromised,and their have been hints of back-doors, such NSA keys inside windows.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    steve, Dec 13th, 2013 @ 11:09am

    Simple solution

    There's a simple solution for the provider in this situation: use PFS, then when the spooks want to spy on user X, and demand server's private key to do so, just the ban user X. A flag in the database that that username is permanently invalid, and your'e done. The government can no longer claim any need for the key, as it wouldn't enable decrypting past comms (PFS), and there won't be any future comms with user X.

    The orders normally include a command not to reveal the spying to the subject person, but a ban does not do that - any user can be banned for any reason.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    quawonk, Dec 13th, 2013 @ 5:13pm

    Governments worldwide want zero privacy for the people. These companies shutting down is playing right into their hands.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Dec 13th, 2013 @ 7:44pm

    Cyanogen mod coming soon

    I assume you mean a public key (half of a public-private pair of keys, the public key encrypts, the private key decrypts, it's computational unviable to calculate private from public keys, hence you can send the public key with everything).

    I'd like that baked into Thunderbird, but haven't had a moment to code it myself yet.

    I'd like to also see domain to domain encryption public key in the MX record, but wouldn't trust any standards body at this point (e.g. NIST).

    The per-session key, it's not possible, but you could insist your email provider *require* TLS. That would give an extra layer of encryption on the Sendmail to Sendmail link, but TLS is known to be partly compromised.

    PGP is way too techy for users I think, on the other hand if that Cyanogen mod works, and the code checks out, that might be the solution.

    I'm also keen to ditch Google for privacy reasons and so that Cyanogen mod looks very very promising.

    I might give everyone in my family and friends a Cyanogen mod smartphone, especially the friends who campaign and stand for elections.

    Take a look a Thailand to see how easily you can lose a democracy to a thug.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Dec 14th, 2013 @ 12:20am

    Re:

    The companies alternative is to give governments the keys, at which point they become worse than pointless, as they would give people a false sense of security.

     

    reply to this | link to this | view in thread ]

  24.  
    icon
    The Wanderer (profile), Dec 14th, 2013 @ 7:02am

    Re: Cyanogen mod coming soon

    If I understand the functionality you're describing correctly, there's decent odds that the Thunderbird people would refuse a patch to build that functionality into the core, since it's already available via the Enigmail add-on.

    (The Mozilla attitudes towards add-on functionality vs. core functionality are an entirely separate ranty topic, but I can see the argument in many cases, including this one.)

    On the other hand, aside from a few quirks related to format=flowed support and rewrapping (especially quote rewrapping), Enigmail itself works quite well...

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    DP, Dec 15th, 2013 @ 3:11am

    Keep the populace under the thumb!

    Obviously public hangings and floggings will be the next BIG THING in order to keep these dastardly encryption peasants under. I fail to see how the huge expense incurred (which us poor consumers will probably end up forking out for indirectly) in setting up all these highly invasive snooping facilities is anywhere near justified. Just how many crimes and terrorist attacks have actually been thwarted by these means? Not many (if at all), I'll be bound. Certainly didn't do much for 9/11 or the Boston bombings. "Ah - but it COULD have done", the powers-that-be seem keen on spouting. Total and utter cobblers, I say. It's all down to government control and censorship and needs to be reined in. Don't these technically inept politicians realise the damage they are doing?

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Dec 16th, 2013 @ 3:17am

    Easy way to get customer half

    XKCD already showed how the customer side of this equation is easy to get around. http://xkcd.com/538/

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    John Fenderson (profile), Dec 16th, 2013 @ 9:12am

    Re: Cyanogen mod coming soon


    I'd like to also see domain to domain encryption public key in the MX record


    It'd be impossible to trust this even if the NIST was 100% trustworthy. We already have a lot of problems with DNS cache poisoning.

    I'm not sure what you mean by "if Cyanogenmod works". I use Cyanogenmod. It works. :)

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    John Fenderson (profile), Dec 16th, 2013 @ 9:15am

    Re: Easy way to get customer half

    Yeah, but to kneecap you they'd have to be interested in you in particular. Ubiquitous strong encryption would prevent the blanket "let's spy on everyone" thing that they have going on.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    kitsune361, Dec 18th, 2013 @ 9:43am

    Re: Re: Re: Re:

    Also, something else to point out: there are a lot of theoretical attacks and some evidence of actual exploits in the wild that target the BIOS and firmware of x86, amd64, and ia64 based systems. Why rely on the OS to ex-filtrate data when you can have the network card do it directly?

    Hell, Intel's newest processors support microcode updates, basically applying a patch to the processor. Exploiting the processor's microcode updates would be in undetectable for normal people. Oh the updates are signed with an encryption key only Intel has, but in light of the NSA disclosures, is there any reason to trust them not to hand it over?

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    GCK, Dec 27th, 2013 @ 1:31am

    Re:

    there is try www.Galaxkey.com really cool software :)

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Cactus Jack, Jan 16th, 2014 @ 1:02pm

    Private Email

    We tossed aside client/server architecture and connect sender/receiver directly (p2p) using sender's smartphone as the server. No copies, no data mining, no email to turn over since we never get your email. Private and secure? You bet. Free? Yep. Check us out at shazzlemail.com and help law abiding citizens take back privacy.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Aenemic, Jan 24th, 2014 @ 11:35am

    Response to: Ninja on Dec 13th, 2013 @ 4:30am

    That would be a good idea, however, now encryption number generators are actually integrated into the processors of the new age. Thus, making it so much easier for intelligence agencies to "guess" the keys. It's complete bs that this is the new system, our last bastion of privacy has been compromised, welcome to the United Police States of America. Enjoy your stay. Become an Oathkeeper and protect what's left of our Constitution.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This