As The Intercept reports, Lavabit founder Lardar Levison had possession of the SSL encryption key that would help provide Snowden’s password, and “though the feds insisted they were only after Snowden’s account, the key would have helped them obtain the credentials for other users as well. Lavabit had 410,000 user accounts at the time.”
Now Lavabit is back in business. “In 2014, with Kickstarter funding, I started the development of the Dark Internet Mail Environment (DIME), a revolutionary end-to-end encrypted global standard and Magma, its associated DIME capable free and open source mail server,” Levison said on the email website. “Today, I am proud to announce that we are releasing DIME and Magma to the world. DIME provides multiple modes of security (Trustful, Cautious, & Paranoid) and is radically different from any other encrypted platform, solving security problems others neglect.”
As The Intercept pointed out, Levison has re-released Lavabit so that the SSL encryption key isn’t a key factor. “The SSL key was our biggest threat,” he said on the site. We’re getting into some very heavy geek-speak here, but this means that, according to the site the site, “Lavabit will no longer be able to hand over its SSL key, because the key is now stored in a hardware security module — a tamper-resistant device that provides a secure enclave for storing keys and performing sensitive functions, like encryption and decryption.”
Engadget adds that for now the service is only open for people who once had a Lavabit account. Eventually, new users can sign up for one of three email “modes;” Trustful, Cautious, and Paranoid.
Given the current temperature of the world climate, those three modes should prove to be fairly popular.
