Feeds

Lavabit, Silent Circle form Dark Mail Alliance to destroy email snooping

Plans to open source end-to-end email encryption for all

Choosing a cloud hosting partner with confidence

Two firms at the sharp end of privacy have joined forces to build an email system that provides end-to-end encryption that will hopefully prove impossible for service providers to eavesdrop and crack – even if forced to do so.

"As founding partners of the Dark Mail Alliance, both Silent Circle and Lavabit will work to bring other members into the alliance, assist them in implementing the new protocol and work jointly to proliferate the world’s first end-to-end encrypted Email 3.0 across email software developers and service providers globally," the pair said in a statement.

"Our goal is to open source the protocol and architecture and help others implement this new technology to address the privacy concerns over surveillance and back door threats of any kind."

Both firms have had a lot of experience in the field. Lavabit was the encrypted email service used by NSA whistleblower Edward Snowden, and the outfit shut down in August rather than "become complicit in crimes against the American people," as founder Ladar Levinson said at the time.

Silent Circle was set up by members of the PGP encryption team (including Phil Zimmerman and Jon Callas) and two former Navy SEALs to provide secure voice, text, and email services – although the email part of that was shut down shortly after launch in the wake of Lavabit being confronted by US g-men.

The Dark Mail Alliance team described today's system of email as "fundamentally broken from a privacy perspective," and will work with other firms to get software and legal protocols in place for a more secure service.

Presumably this will mean that the service can't be set up in the US due to laws such as the Patriot Act that give the government the right to access data services while not allowing the companies involved to alert their customers. Silent Circle already does this by basing its servers in Canada and Amsterdam.

The announcement of the alliance was made at Wednesday's Inbox Love conference in Mountain View, California, and more details will be forthcoming shortly. No doubt the NSA and other spook nerve centers will be watching developments closely. ®

Beginner's guide to SSL certificates

More from The Register

next story
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.