Four years ago, Lavabit was caught on the horns of a massive dilemma that would have forced it to release the crucial encryption keys for their encrypted email service, risking the privacy of their hundreds of thousands of users in the process.
They inevitably shut down as the founder of the email service provider, Ladar Levison, saw it fit to shut down the whole operation rather than put the privacy of Lavabit’s users in the hands of the government.
These events were spawned by the infamous Snowden revelations of 2013 when he leaked the sensitive details of PRISM, a mass surveillance program ran by the National Security Agency.
Being a user of the encrypted emailing service, the government eventually turned its attention to Lavabit and forced Levison into a position where the best option was to turn the service off completely.
Lavabit Rises from the Ashes Four Years Down the Line
Fast forward to January 20, 2017, Lavabit founder announced in a published note that he would be relaunching the encrypted email service.
He cited the entrance of the new administration that has just recently been inaugurated into the White House as the reason for the relaunch, going as far as timing the launch of Lavabit to the inauguration of President Donald Trump.
Lavabit Comes with New Improvements in Security
The new Lavabit features some significant changes. In terms of security, Levison ensured that Lavabit users’ emails were protected from third party intrusions using the vital end-to-end encryption system that Facebook and WhatsApp have since adopted.
He has also made sure that he will never be placed in a compromising situation again by taking the liberty of creating a new security architecture that will make it impossible to hand over the SSL encryption key to third parties, should they ever ask for it.
This new security enhancement comes in the form of a hardware security module; one that is completely tamper-resistant and primarily used to store encryption keys alongside performing other classified functions.
The new Lavabit security module is the brainchild of engineers and coders who volunteered to ensure the revitalization of Lavabit in its second launch.
These individuals requested to remain anonymous for privacy and security concerns.
The new Lavabit security module also guarantees the security of the key by causing the system to self-destruct upon the forced extraction of the key.
The Lavabit founder, however, says that this is only a temporary solution until the end-to-end encryption system has been fully implemented.
A Lot of Hurdles Still to Overcome
Levison was liberal enough to admit that things would not be the same as they were before the Snowden revelation.
Lavabit had its reputation tarnished by some significant email leaks, aside than the Snowden leaks, and would have to address these security issues as soon as possible.
Nevertheless, former Lavabit users were thrilled to learn that they will be able to access all their old accounts as well as migrate them to the new Lavabit security module to enjoy the consolidated protocols.
Currently, the site has not begun taking on new customers but they are offering preregistration at an annual fee of $30 for 5GB of storage space and $60 for 20GB of storage space, payable in standard currency or in Bitcoin.
The introduction of an open-sourced communications platform in the form of a 2013 Kickstarter Project known as Dark Internet Mail Environment (DIME) in conjunction with a new email server dubbed Magma will play a huge role in restoring customer confidence in Lavabit, especially by offering end-to-end encryption.
Consequently, DIME will provide three levels of privacy: Trustful, Cautious and Paranoid, for its users.
Lavabit will have a lot more competition than it did previously due to the considerable amount of options out there for consumers looking to shield their traffic from the prying eyes of the government.
Latest posts by Richard (see all)
- Exclusive Interview with Commander X - September 22, 2018
- Further Tor Vulnerabilities Discovered: Public IP Address of Tor Hidden Sites Identified via SSL Certificates - September 7, 2018
- What is SADD.IO and How Does It Work? - September 3, 2018