Slashdot Mirror
Silent Circle Follows Lavabit By Closing Encrypted E-mail Service
Okian Warrior writes "Silent Circle shuttered its encrypted e-mail service on Thursday, in an apparent attempt to avoid government scrutiny that may threaten its customers' privacy. The company announced that it could 'see the writing on the wall' and decided it would be best to shut down its Silent Mail feature. 'We’ve been debating this for weeks, and had changes planned starting next Monday. We’d considered phasing the service out, continuing service for existing customers, and a variety of other things up until today. It is always better to be safe than sorry, and with your safety we decided that the worst decision is always no decision.' The company said it was inspired by the closure earlier Thursday of Lavabit, another encrypted e-mail service provider that alluded to a possible national security investigation."
Does anyone have replacement recommendations for people who used these services?
Props to my main home dogg apk
The US government is basically forcing technology firms to move else where.
So what'd be "encrypted email" for? Horny partners? Surprise birthday parties?
I am really curious what they think about it.
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
In USA, if you google search specific terms will result a visit from the authority (hint pressure cooker and back pack). In China, if you want to find something the government does not want you to know, you just can't find it. I don't know which one I like best.
The road to enlightenment.
Who wants to bet that they were just or already contacted by the US government like Lavabit, and ommitted that from their closing explanation for legal reasons?
Does anyone have replacement recommendations for people who used these services?
The first rule of Fight Club is: You do not talk about Fight Club.
Encryption should be end-to-end. How can you trust someone else to do it for you?
Watch this Heartland Institute video
as they say, Location location location. From what we are reading any replacement must be outside the US, otherwise it will not be secure. It sounds like their closing was the only way they could think of to get the message across to us that the government is looking at your secure mail.
Does anyone have replacement recommendations for people who used these services?
I would say "something hosted outside the US", but as the international banking community has shown, Uncle Sam's jack-booted foot extends well outside our own borders.
So that really leaves "GPG" as you sole realistic option. End to end encryption, with no one but you and the recipient knowing what you wrote. Of course, "they" can compromise either end, but it deprives them of the ability to funnel everything on the wire into their data centers for 4th-amendment violating goodness.
Or, we could all go back to writing letters. Oddly enough, that still has more legal protections behind it than any other form of communication.
Does anyone have replacement recommendations for the NSA?
To me, the takeaway message from all of this is that, if you value privacy above all else in your email exchanges, you can't trust a company, because either they'll sell you up the river for a song, or they'll shutter themselves to avoid government pressure. So here's my question: why don't more people simply run their own mail servers? It's certainly not difficult. There are a few problems, of course, namely, needing an always-on computer, sorting out the issue of dynamic IP (dyndns is a great, free solution), and the issue of small mail servers flagging spam blacklists. I also seem to remember various residential ISPs (like Comcast) having running a mail server be against their TOS, but I can't find anything to back that up, so I might be remembering incorrectly. In any case, none of these problems are insurmountable, and I really wonder if this is the solution for the privacy-paranoid among us.
The company announced that it could 'see the writing on the wall'
They were however not able to read it.....
---
Well, Sam is there as well. With USPS mandate to photograph all mail, it creates database of meta data (from who to who).
Just this time it's not Scientology sect, but governments.
http://en.wikipedia.org/wiki/Penet_remailer
The only lesson learned is that there is no such thing as fully anonymous email service, it's always just a certain degree, especially when it comes to USA power play.
Encrypted messages sent by pigeon carriers worked in the past!
Some people die at 25 and aren't buried until 75. -Benjamin Franklin
I don't think Silent Circle would commit an effective suicide just preventively. Lavabit, while technically not saying a word about NSLs, told us very clearly what the request was. If the government criminals are not idiots, they learned and worded the Silent Circle order in a way that prevented such disclosure.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
What the heck is going on over there?
Do you really have running governmant agents around closing shops at will?
That's not a good sign.
bickerdyke
Under "Technical Restrictions," they list
use or run dedicated, stand-alone equipment or servers from the Premises that provide network content or any other services to anyone outside of your Premises local area network (“Premises LAN”), also commonly referred to as public services or servers. Examples of prohibited equipment and servers include, but are not limited to, email, web hosting, file sharing, and proxy services and servers
However, I don't think they go to the trouble of enforcing this very often.
Okay, playing devil's advocate here.
LavaBit shuts down "citing" pressure they have received from gov't agencies. No evidence is provided to indicate that reason behind the shutdown...just they guy's word.
Given how everybody is rallying against the gov't at this time - could this actually just be an action of protest rather than a true, official, take-down? Everybody will just assume that the gov't forced the take down "just because". Who would be the wiser? Right? Makes their point, right?
Now, we have Silent Circle shutting down because they "see the writing on the wall". What writing, is that, exactly? Certainly, if they (or LavaBit) have a take down notice but can't share it to confirm the take down...we really don't have proof of their motivations do we? So, trusting souls that we are, we have to assume their motivations are real and not hype for political or protest purposes.
Just say'n.
Security investigations lead to closures of secure services.
Does anyone have replacement recommendations for people who used these services?
Citizen, we welcome you to use the new service at secure.nsamail.com. This will ensure that no terrorists, paedophiles, or drug dealiers co-opt your email account for their nefarious purposes.
Thank you for your cooperation.
Silence is a state of mime.
This is just another day's story in long chain of revelations following Snowden's upheaval. The government is accelerating the pace; tightening their grip. I have never been so politically motivated as I am now. I feel this is going in a bad direction and I want to do something. Now what?
we need a communication system that is outside of the control of any corporation or government
peer-to-peer mesh networking has the most promise in this regard
hopefully one will become popular and accessible enough before the existing infrastructure is locked down so tight that it would be impossible to create
we may already be too late
Open WhisperSystems (https://whispersystems.org) doesn't have encrypted e-mail, however they do have Android-based encrypted phone (RedPhone) and text (TextSecure) capabilities. They are working on iPhone releases in the near future of their products. Btw, all of it is open source and they DO release the source code as well.
Stop making excuses and justifications for this behavior by "elected" leaders. Pack your bags, gather your family, take your intelligence and talent (and savings - while you can!) - and leave this sorry ass country behind. Go somewhere and create a new life where you will be respected and appreciated. Don't think such a place exists? Get a passport...and then look forward to dumping it for a new and improved one in the future.
hushmail.com. The servers are outside the country.
"Does anyone have replacement recommendations for people who used these services?" There is a valiant effort to create an alternative. It's called mailpile --> http://www.mailpile.is/ and you can help jumpstart it by donating here --> http://www.indiegogo.com/projects/mailpile-taking-e-mail-back. Go now...fly like the wind.
Just a suggestion.
Anything known by more than one person is no secret!
Arrrgh!
"Lost time is not found again."
In Germany an initiative is started to use SMTP TLS between email providers.
https://www.e-mail-made-in-germany.de/
Does anyone remember when the press covered stuff like this? Before 2009, the Lavabit shutdown would have been national news. Everyone would have known the name of Lavabit's owner.
His name is Ladar Levison.
Lavabit and silent circle inspired me to think about some kind of peer to peer distributed email system.
Although currently everyone can install an email server (e.g. there are several available in debian). It is not what would solve the problem. Not just because it requires technical expertise, but also because it requires too much dedication on your side to maintain your freshly installed server. Also to make sure it has outside access with SMTP port, and so on. Not mentioning that it needs about 100% uptime. Such solution is too much centralized.
I was thinking about p2p email more like this one which I googled right after I had this initial idea. This is a proof of concept so it can work.
Key features would be:
1) uses p2p distributed encrypted file system, like tahoe
2) each p2p node can act as email receiver/sender
3) to send email to someone you use nick@1.2.3.4 where 1.2.3.4 is any IP that is running p2pemail. Simplest would be 127.0.0.1 if you just run a p2pemail node yourself.
4) everyone can have p2pemail account, just connect via https to nearest p2pemail node. It can be running on your computer or anywhere else. Doesn't matter. This just requires setting up an account name on your side, and a lenghty password, which is also used as a sha256 seed for private key for encryption of your emails and also as a PGP signature for you emails.
5) PGP signing emails would be so easy, that it would be a new standard.
6) all encryption and decryption is done locally on your computer either in javascript or in your email client. Just make sure that your browser and computer are not compromised.
7) if any of p2pemail nodes are running compromised code (eg. like compromised tor nodes) they still cannot read your email, because they have no acces to your private key. The only hope they can have is to monitor when you are accessing your data, but only if a request to the compromised node is made.
8) even if huge NSA datacenter decided to store all p2pemail data, they still cannot read it, and have nobody to file a warrant to.
If we combined that with bitcoins we would get additional (optional) features:
9) buy storage with bitcoins, while buying decide how many copies of your data you want to have (can change this anytime later). Offer any price you want, lower bids might not be taken.
10) provide encrypted storage space and get paid. If you store multiple copies of same data (might be possible before p2pemail gets popular) ensure that at least it is on different physical locations, otherwise you might be compromising security
11) create whitelists with people from whom you want to receive email, add mandatory bitcoin fees if anyone not on the whitelist wants to send you email.
12) You can create various stages if whitelisting, depending on domains you can define different prices to receive email. Or you can say that first email is free for everyone, and each next will be paid or not depending on if you received spam. Or configure spamassasin to decide for you.
PROBLEM: where do my friends send email to?
ANSWER: your_nick@p2pemail.org/net/com/info (we need to register many domains, and use many IPs to resolve those dns-es)
PROBLEM: Will my address still be the same after long time?
ANSWER: your nick in p2pemail will be the same, tell your friends that if they cant send email (eg. govt seized all p2pemail domain names), then they have to find some p2pemail node. Google it, or install one themselves. If they can't do that, you can solve this by installing a node yourself, and making sure it has the same domain name all the time. Services like dyndns can help you with that.
well maybe that's just a pipe dream. But the proof of concept implementation that I linked above gives some hope. What do you think?
#
#\ @ ? Colonize Mars
#
I'm on the verge of installing this Enigmail addon for Thunderbird, however as Thunderbird still uses my web based mail provider it will still show who it's too and from etc, does anyone know of a completely peer to peer e-mail system which could get around this?
In a cybernetic fit of rage she pissed off to another age...
Just post your GPG messages on public forums! The recipients can pick up all messages on a variety of forums and try to decrypt them. Anything that actually decrypts is for them! Bonus: No telling who they're to if you do that. With a little work it could be anywhere from pretty hard to pretty much impossible to tell who they're from either!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I realize that encrypting the message body doesn't hide the fact that Alice and Bob are messaging each other. You don't need a third party service to hide the content. And if it's really important, you don't need to run on SMTP. There are others ways to move bits and some of them don't even use the internet.
It appears that what is happening is that the government is applying pressure to anyone who enables communication in a way where the government cannot detect who is talking to whom. This is a logical extension of the methods that Snowden leaked. He showed that they already have full coverage of the metadata of phone calls, texts, emails, and webpage views routed through the US. The leaks have pressured the US to close the loops. This is a very dangerous threat to our Constitutional rights. Secrecy does not equal guilt, and our founders went to great lengths to enshrine that principle in our Bill of Rights.
mailpile
mailpile
Does anyone remember when the press covered stuff like this?
It was second from the top on http://www.bbc.co.uk/news/ this morning:
http://www.bbc.co.uk/news/world-us-canada-23627656
Continuing revelations about U.S. security agencies (torture, forbidding free speech, spying on their citizens, promoting specific denominations of Christianity) blemishes all other government agencies (Commerce, Agriculture, Education). We envision these other benign government agencies' surveys spying on us, maybe even sharing information with government security agencies. Does U.S. extensive security represent a new necessity, obsessive employees, employees seeking promotions, or a cowardly and impotent population.
http://project-byzantium.org/
set up an ad hock mesh in the area. set up mail servers, encrypt everything.
then send a couple dozen emails containing the bill of rights. and various cookie recipes.
> Does anyone have replacement recommendations for people who used these services?
For those from outside the US, your best bet is probably to use small, local players who might not yet have had pressure applied to them. For those inside the US, I have one recommendation: run for Congress.
I understand that the Blackberry network is encrypted, and their servers are in Canada. Of course, what's the likelihood that Blackberry (via the Canadian government cooperating with the US) has already been sharing stuff? At least its not in the US.
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
These companies are just letting the U.S government win. If nobody fights we all lose.
I don't know a lot about it, but the owner of startpage is forming startmail for private mail...probably similar to these guys. I wonder if startmail is going to face the same problem? From what I understand, the government basically comes in an puts a rack server in your rack, and the server basically listens to all the traffic, and send it back. Totally unconstitutional, and you cant deny them to do this. That's why lavabit just said no and turned their service off.
Host your own at home.
Postfix/Dovecot/GPG, hosted at home.
Register a domain, point it at your home server.
DHCP? No problem; use a dymanic DNS service, point your domain name at that.
Remember when the press in the USA covered stuff like this?
What, you mean that boasting about two former SEALs on your board doesn't protect my data? I am shocked! Can't they go all Chuck Norris on the NSLs?
Founders and Leadership
Kim Dotcom, where are you now when we need you!
...collaboration tool which allows users to both share ideas through the chat interface and share data through the download system. WASTE is RSA secured, and has been hearalded as the most secure P2P connection protocol currently in development.
http://waste.sourceforge.net/
We're open for business. Over here we kicked out the Stasi years ago.
Does TOR have a facility for email? That would seem to be a good place to get away from snooping.
Yes I know TOR was attacked recently, but I think the network is still the 'best deal in town.'
All one needs to do is setup some kind of email system that works with .onion domains within the network and a high redelivery time so sites that bounce on and off line can still receive email. Could all be done with SMTP modified (and simplified for end-users to run a SMTP host within TOR) specifically to operate with .onion host names.
Maybe I'll look into putting something together, can't be too hard and in theory to me would address the need for truly private email exchanging.
If you have nothing to hide, you have nothing to fear. Freedom is Slavery. The government is here to help.
It sounds like we're trending towards not being allowed to encrypt our own stuff because that automatically means we're doing something shady. There's all sorts of reasons I might want to encrypt information that have nothing at all to do with American national security.
Hopefully some non-American company will step up to the plate and give us this, and we can send a big "Fuck You" to the NSA that says we'll encrypt if we want to, and you can eat shit. My rights aren't defined by your security interests.
Sorry, but the rest of the world doesn't give a crap about what you want, and want to retain our privacy without having to cede it to the US government.
Thanks America, you've now essentially broken the internet, and are only going to make computing less secure for all of us. Welcome to the new world, where industry and government demands full control over technology in order to enforce their will on us.
Lost at C:>. Found at C.
This is all true, except I can't find any historical references to protest and demands, actually working. The only evidence I have ever seen things change was under some kind of war or similar military action.
Watergate might have been an exception, but that was the Washington Post, that ws not under government control, nor the rest of the press. Today, the mainstream media is under most control of the NWO. Obama gave an interview to Amazon, and guess what they just bought? The Washington Post.
IT folk do tend to argue with each other about trivial nonsense. Good luck getting a large group of people to agree on anything as simple as a text editor.
Why don't these companies just move offshore? The NSA seems to be limited to violating rights via U.S. companies. So, wouldn't it work to just move your company outside the U.S.? Places like Antigua, Equador, or Iceland might work well. I remember 2 years ago, I found myself lookin' for any decent free online email services that were non-US based. I couldn't find any. It amazes me that there's no major free email provider that's keeping everything on servers outside the U.S. The only real options are Yahoo, Google, and Microsoft. Sadly, I don't see that changing anytime soon. Hey, there's a market for anyone lookin' to create a startup. In this post-Snowden era, I imagine a lot of people would be interested in using that service.
Look into Bitmessage
Okay, playing devil's advocate here.
...and to continue playing, I'll mention that, despite using lavabit.com for my primary email address, I didn't realize it had gone offline until I saw the article on Slashdot. While I saw my email client complain about not being able to contact the server, and my XXMP client complaining that it couldn't connect to the servers, it's been doing that now and then for the last few months and so I didn't think much of it other than that the outage was lasting longer than usual. Perhaps the servers just died for good, and so he said "to hell with it" and posted the explanation he did as an excuse to walk away with whatever cash people have paid despite being unable to continue the service. I can't look at the web site to verify anymore, but I know I always paid a year at a time, and I think there were options for multi-year payments, and of course the cost was proportional to the number of users, so it's possible he has quite a huge chunk of cash he accepted for services he won't be rendering.
At the very least, I would think that replacing the service with an identical service at insecure-lavabit.com would be a good idea if the reason for closing the service is what he describes. It would allow those who never cared about the encryption aspects of the service to continue using what they've paid for, while the new domain name would prevent anyone from accidentally using the service without first learning that it no longer makes any claims about security. I personally didn't even know it did anything of the sort until reading about it here on Slashdot, and so all that shutting down the service has done for me is to make me have to find a new email host and cause me to lose about $10 of pre-paid hosting I'll never get, as I was already assuming the NSA could read my emails. IIRC, the pricing was $15/year/user, and so if someone purchased hosting for 100 accounts for their business, they're potentially out $1500 now depending on how much of the year of service they've received up to this point. While I'm OK with my $10 going into his legal defense fund, someone who has pre-paid for $1500 of service may not be so happy with that arrangement.
I'm on the verge of installing this Enigmail addon for Thunderbird...
Enigmail is great but the problem with it is getting the other folks you communicate with using it as well. This necessarily requires remarkably tech savvy people on both ends. (Don't believe me? Try to explain public key encryption to your mom such that she could do it properly herself. Unless your mom is REALLY geeky you will fail miserably) You can encrypt your message all you want but if the people you are writing to aren't willing to go through the hassle with you then you simply cannot use the product.
Are they opening every single letter that goes through the post too?
just do the smart thing and encrypt everything on your computer before you send it to other ppl. give ppl you trust the means to decrypt, then send everything totally encrypted through unsecure email. even if the NSA forces the email company to give up your emails, they still cant read them.
anon.penet.fi... Oh, wait...
I! Tego Arcana Dei.
There wasn't even whole lot mentioned about the NSA funneling tips to the DEA and from there onto the IRS or local police and their "parallel construction" to avoid disclosing the warrantless collection of evidence and where the investigative trail began.
peer to peer encrypted email service where the exchange of keys was done automatically would be much more usable for everyday users, if it does not exist it might be an interesting project to pursue.
The problem is that the more automated you make it, the less secure it becomes because you necessarily have to trust third parties. The entire point of encryption is that (theoretically) only the sender and the receiver are able to decrypt the message. Once you automate key generation, key security and/or exchanges then it becomes very difficult to ensure the third parties involved are trustworthy. I'm not saying it can't be done but it is not a trivial problem and may very well be too difficult to ever be made truly simple. I'm hopeful but not very optimistic.
Mirror's Edge is getting closer.
Yeah, when GWB was president and they could pin it on him. However, now that their guy is in office, they go silent. I remember the daily scandals of GWB presidency being announced. Today, it is MSNBC coverage of "Fox News" (aka "Faux News") take masquerading as "news". And Obama's in depth interviews are done by the likes of Jay Leno, a comedian talk show host.
It would be funny if it weren't so sad.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Kim Dotcom's services look like they're coming into a underserved market at this rate.
https://twitter.com/KimDotcom/status/365716466441519105
Do the NSA have the private root CA keys to make their life that little bit easier. Most of the top CA's are based in the US. Could they even refused if asked?
I think it's pathetic to create such 'secure' systems and then to cave in at the first sign of trouble.
How hard can it be to set up the systems in such a way that it securely wipes all database files, logs etc. in case one of perhaps many possible trigger events occur. These events can be anything from sending a special mail, a bluetooth proximity, a keystroke, or the absence of any of these. This way it will be obvious that the data is irreversibly lost so there's nothing to gain from applying any 'pressure'.
On the positive side: There's now a huge void in the market, just waiting to be filled! - Profit!!!
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
how about a service that's completely open to tapping? Where all your posts, you know goes to all the authorities and everyone can see everything you do? So much data that it's all useless, lots of duckface photos and useless comments. You know like Facebook. Then you can secretly communicate in the open not with words but with wash-out filters and peace-signs photos.
+5, or is it -5, depressing is more like it.
What the government is doing is repugnant, but only because most people are stupid and take the wrong lessons from it. If people had their shit together, then it would actually cause a positive effect, and we'd be talking about how US government's thuggery inadvertently did everyone a favor.
I never even heard of these encrypted email services until yesterday (except for hushmail about a decade ago but that was an even dumber beast) and the more I look into them, the more apparent it is that they sell .. well .. "snakeoil" is maybe too harsh, but I guess I'd have to say they sell the service of closing barn doors after horses escape. If I had to put it really nicely, to the point of sickening insincere sweetness, I suppose I could say they help you deploy "defense in depth" and I might be able to avoid making any gagging sounds as I did it.
Either the sender encrypts your email with your key, or they don't.
If they do it (i.e. if people do things right), then you don't need any service's special help with anything. All you want from your service are reliability, performance, and low prices -- a commodity, just like ISP's service of packet-passing.
If the sender doesn't encrypt the email with your key, then you're fucked. This is the common scenario, and the fact that people are basically fucked but still want to somehow mitigate it, is how this market emerged. Fair enough, I get it: when life hands you lemons, you make lemonaide. But you're taking it way too seriously, expecting far too much from a lossy premise. Your lemonaide is never going to be Dogfish Head 90 Minute IPA, ever, period. You should lament that, that people don't encrypt. You don't know who all read your PLAINTEXT before it got to Silent Circle or Lavabit and then they encrypted the storage of it.
(Worse, from what people are hinting about how lavabit worked, it sounds like they did the storage wrong, and that everyone always knew they would be able to decrypt things under certain circumstances, if forced.)
Users and their endpoint software must provide security. Other people's media and services running on other people's computers, can't really help you. Everything in between the endpoints is untrusted. Gag orders, CALEA-like laws, etc will make even the best-meaning services untrustworthy.
So. If it makes users feel better to move their hosting to other jurisdictions, fine. But for fuck's sake, go beyond just trying to make yourself feel better, and actually do something to make things really better: have a keysigning party. Help webmail users find and upgrade to decent (i.e. openpgp-compatible) mailreaders. And so on. Every time you see an unencrypted email come in, think about WTF went wrong and how that could have been prevented. And if you really do this, then you'll find that you can still host in America.
BTW, we've been through all this before. It's not like anything truly new is happening. All the same issues were coming up ten years ago, and ten years before that. (And probably ten years before that but I missed out on that round.) It always comes down to jurisdiction-shopping being a waste of time. You have the ultimate weapon which makes it all obsolete: 1970s PK tech. The only time you need jurisdiction-shopping is if your government outlaws the tech (France still? Not sure.).
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
The first rule of Cannabis club is , you don't remember the first rule.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Well, it was reported by The New York Times, The Wall Street Journal, The Washington Post, CNN, CBS, and others (ABC, Fox News, NPR, etc.).
As far as I can tell, all the major US news companies reported on the closings.
When will it become illegal to use Secure Shell to remotely access other computers?
Will we be forced to return to Telnet and FTP?
Or will it be that we must use a sanctioned Government-Compiled binary of SSH that has an NSA backdoor?
Easiest way to have secure communications between individuals is through a good old telephone modem interface. Call peer , establish session , transfer data.When you're done : hangup .To all of you who still have 56k telephone modems : you done good keeping them . there's a second life for them. That i am pretty sure would be quite safe from current days eavesdropping techniques. Add a layer of encryption and you got pretty much as private as one ever needed to be.
With this revelation, it seems more and more likely by the second that the attacks on Tor had nothing to do with pedophiles and everything to due with Snowden and the like.
Absolutely - end to end security is key, and people need to get over the attitude that SMTP can never be superseded.
But, jurisdiction shopping is part of defense in depth. I need to order a new VPS for work, and it's stuff where latency to the US doesn't matter - can you give me a good reason to host it in the US?
Before today, they said the cost to industry of PRISM was going to be $40B. I'd say it just quadrupled.
Or, as somebody else said, "Atlas just shrugged".
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
http://www.schneier.com/blog/archives/2013/08/lavabit_e-mail.html
Last para:
"When the small companies can no longer operate, it's another step in the consolidation of the surveillance society."
Game. Set. Match.
https://openmailbox.org
They are no different than their cowardly and/or fascist peers in 1930s Germany.
Yes, I went there.
Dear NSA:
AAF08 A782F 1D5EA 756C7 3EF5E 31538 2624F 61563 99765 17C3D 9E29F 38DDF 32978 10EEB A9B3C 7E77E 1B909 D24A9 2F7B5 BC0FB AA9ED 00404 D091E B9CBC F3908 BB9A0 FEBF7 CB3A3 B1499 98748 409DD 09507 F8AF4 71756 3205A 8F780 153F1 B33A5 C6D0F 61F56 E70EF A4B7C 2C633 8731A 1142D 65FD4 59F35 EAB9C A39D3 99AAD B0C8A 4C834 C9EF1 D782F 53641 5272E C0197 D62FB 28D4E D630A 6046C E0351 AF3A7 9AF27 39CA3 2BA59 848D9 91E0A 81337 0EB68 AC5CD 728D6 E0EE4 9486A F1BC8 99493 C36DA 79950 C0EA1 AACEF 59349 E75CC 68DD2 8AE73 A8C41 15085 97C07 12351 0C2FA CAE6E BC281 B0DAA 4C4A7 9E57A A1AF3 E7BB7 DA
Hugs and kisses,
Teh Peoples
Number of mentions of the Obama Administration in the five linked stories: zero.
Expect this sort of abuse to continue and escalate until someone in charge of it is held responsible.
Are you Yanks starting to get it now? The USA is joining the ranks of Nazi Germany, and Soviet Russia, but outstrips the worst period of either by a massive degree, and is getting worse by the day.
The USA has destroyed the secular regimes of Iraq, Libya and Syria (if it wins this current war) and replaced them with violent unstable hyper-radical Islamic ones. Think about this. THINK ABOUT THIS. The closest Muslim regime to the USA is the obscene, racist, medieval, women-hating nation of Saudi Arabia, a nation created and shaped almost entirely by American actions. America has always supported brutal dictatorships over democracies, and has actually worked to EXTERMINATE democracies across the globe.
But, like Ancient Rome, the vile lawlessness was NOT supposed to make it within US borders. The big change we are seeing is that uncontrolled abuse of authority is now common-place within all aspects of American society. The Constitution, when needed for IMPORTANT protection of Rights, is effectively dead. It functions now only for Rights that don't clash with the desires of the US government. This allows the elites that rule the USA to state "hey, most of you still have constitutional protection" simply because they don't care about what most of the ordinary population do. But cross them, and they have no hesitancy in making you a "constitutional exception". Indeed, worse, the sheeple have been brainwashed by the mainstream media to assume the constitution CANNOT apply to 'dangerous' criminals.
Companies with PRIVATE information of a sensitive nature are in the worst dilemma. If Obama's murderous goons threaten them directly, they are obliged to turn over ALL the information they store, and CANNOT even admit this fact in public. If they choose to close down their service first, they may legally destroy ALL the data they hold, so that it can never be successfully requested. This allows their clients (including political activists in nations where the USA empowers the violent dictatorship in charge) to make alternative arrangements.
Of course, Team Obama is playing the vilest of games. Legitimate companies offering secure services are to be persecuted into non-existence. Then the ad-hoc services that political activists will have to fall back on will be deionised in the mainstream media, as you have recently seen happening to Tor. The sheeple will be told that ONLY dangerous terrorist subversives need to use less formal methods of encrypted communication.
With Google and the NSA working to identify grass-roots movements and leaders in their earliest embryo stages, so they can be co-opted or destroyed before they ever gain traction, there is NO FUTURE for real political opposition to those that control the USA and the West. You are either on their team, or you are an actual enemy of the State. The ability to have bottom up change has ended. Top down propaganda campaigns, and fake activist organisations controlled by the governing forces, are all the people of the USA have to look forward to. Who owns Slashdot, and what does George Soros control? A comment like this is all the freedom we have left.
They don't care about individuals speaking as I do, on this logical calculation. If enough people felt the same way, those in power would NOT keep power, and since they not only keep power, but actually gain ever more control, there clearly are not enough free-thinking people to make a difference. And they want to attack Iran with Nuclear weapons. And they want such an attack to lead to a global war. They are bored, or they are mad, or they are delusional, or they are psychopathic, and they are led by a small number of insanely evil people. The demise of 'Silent Circle' is another tiny step in this direction.
I should point out that for years now, the evil that rules the USA has made extreme forward progress through acts large and small. We (and they) do not know exactly what the tipping point will be. But we have seen not one counter act in the direction of good. The progress has been all one way, and relentless.
It's unclear if the "European leaders" refer to one of the Ceasars (there are so many to choose from), Napoleon, or one of many others of similar reputations.
Godwin's law is specific to a certain regime and its leadership.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
My thought is a system where the keys are generated by the email client itself
The problem isn't generating the keys. That's relatively manageable though not completely without risk. The problem is distributing the keys. How do you ensure that the recipient and only the recipient has the private key? Somehow you have to get the key to the recipient without it being compromised along the way. I cannot really conceive of a way to do an email service whereby you could truly trust the third party to handle the key distribution. What is to prevent the service from giving a copy of the key to the NSA or the FBI or someone else? Any such service is going to have to have both the public and private keys. Software publishers and network services have proven to be vulnerable to (il)legal pressure from governments.
Perhaps someone smarter than me can solve the problem but I just don't see a feasible way for it to work AND be simple. I can think of workable solutions and simple solutions but not one that is both.
Multiple sources say that Silent Circle hasn't gotten any government requests yet.
Are they really doing this out of altruism, or did management just decide it's time to close up shop for whatever reason, and figured they now have a ready-made excuse that makes them look like it's altruism.
It not a good US government can takeover the lavabit and should run the service
Website Development Company in Delhi
You may prefer The Guardian, who have recently launched a US edition: http://www.theguardian.com/technology/2013/aug/09/lavabit-email-edward-snowden-shuts-down
i'm not sure what mentioning the Obama Administration entails -- names?
They got stinky BO anyway!
i'm not sure what mentioning the Obama Administration entails -- names?
On the rare occasions that the US press talks about something that went wrong in the government, President Obama is portrayed as either a spectator or a victim of whatever went wrong, rather than the guy in charge of directing the government and fixing the problem.
The NSA answers to President Obama. President Obama could declassify anything at any time. President Obama could stop chasing and prosecuting whistleblowers. President Obama could stop the spying. He doesn't do it. He's not a innocent bystander, any more than Bush or Nixon were.
Effectively these secretive programs have resulted in lowering the national security of western nations. Wasn't IPv6 supposed to be encrypted?
If no-one is legally able to make encrypted systems, identity theft and other criminal activities will cost a huge amount and stifle innovation.
Seriously, governments need to think about the internet like any other critical infrastructure.
Does it make sense to weaken a bridge on a major highway in case terrorists decide to send a convoy over it?
The discussion is now officially closed.
My e-mail address is at Yandex.com. Yandex is in Moscow. My friends and I encrypt and sign messages using gnu PGP keys. The encryption is reliable. Yes, Yandex must answer to the KGB. But the KGB doesn't talk to the NSA.
Spread it around. Get your Internet services from different countries. E-mail, search, storage, web site, translation, maps, they don't have to all be Google, they don't have to all be in the USA. The Internet is global - spread it around.
So only Google will have access to you data.
Elon Musk should provide them with a satellite. If he uses PayPal's new "bill me later" service, he won't have to pay himself for the launch in advance...
Just get your own signing cert? They still allow you to do that, don't they.
Vaporware, yes. But I'm working on it.
https://github.com/scholarly/kbsum/wiki/Anonymous-Private-Communications-Service
Unlike others, I don't consider convenience and server-side searching essential features. I consider them fatal features. The only place a message should ever be decrypted is on a computer the recipient physically controls and knows and trusts the administrator.
I am open to suggestions, reviews, criticism, and help.