Another Secure Email Service Shuts Down To Avoid Having To Do So Later

from the us-government-destroying-american-businesses dept

When Lavabit announced its sudden decision to shut down yesterday, many of its customers were actually fairly perturbed that they were given no notice, and no way to retrieve their mail before it went away. While I can certainly understand that emotional response to losing your email account like that, it seems rather obvious that there was no real choice here. If Lavabit had alerted customers that they had a day or a week or whatever before the service shut down, it seems quite likely from the hints given that the government would have stepped in with an order to preserve the information it was clearly seeking access to.

Given that, it's noteworthy that another secure email provider, Silent Circle, chose to announce its own plans to close down its secure email service hours later. Silent Circle isn't facing the same hidden court orders/government demands, but it recognized that it would likely come some day soon -- and thus it was better to shut down ahead of time, before the government forced it to make the same decision. I'm somewhat surprised that Silent Circle didn't at least give its customers a day or whatever to close out their email, but rather the company flat out destroyed its servers, noting:
"Gone. Can't get it back. Nobody can."
The company is still offering other secure tools that feature end-to-end encryption such that there's nothing they can hand over to the government.

In discussing this, I saw some people point out that another service, CryptoCloud, has actually had it as a part of its privacy policy for over five years that it would shut down rather than let the government get direct access to accounts:
If a court orders us to allow them to secretly place surveillance "sniffers" on a specific account, we will fight this order to the highest judicial authority possible. If we lose, we will shut down the business and call it a day. End of story.
Still, this kind of thing is showing how these ridiculous surveillance policies from the US government are doing massive harm to US businesses, basically making them either lie to their customers and violate their privacy, or to shut down completely. It's going to drive many, many users to overseas services. Is that really worth it?

Filed Under: email, secure email, shutting down, surveillance
Companies: lavabit, silent circle


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. This comment has been flagged by the community. Click here to show it
    identicon
    out_of_the_blue, 9 Aug 2013 @ 8:11am

    Re: Re: Re: Re: It's imploding

    @ "Which is why Google has been using perfect forward secrecy ciphersuites. As long as both the server (Google's servers do) and the client (Google's Chrome browser do) support ECDH ciphersuites, a passive attacker cannot decrypt the connection, even if the attacker has the server's SSL keys."

    Oh, you've fallen for the oldest flaw in security: assuming that you can trust ANYONE. When applied to an amoral mega-corporation, already known to give NSA "direct access" to its servers, it's worse than naive to trust Google. -- You have NO effective way of auditing actual code run or ruling out backdoors! So don't bother trying to point me to this algorithm or that, because you don't know what's actually in use.

    Here's something known that should make any reasonable non-shill question Google:
    http://refreshingnews99.blogspot.in/2013/07/nsa-is-quietly-writing-code-for-googles.html

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.