Feeds

Lavabit, Silent Circle form Dark Mail Alliance to destroy email snooping

Plans to open source end-to-end email encryption for all

Intelligent flash storage arrays

Two firms at the sharp end of privacy have joined forces to build an email system that provides end-to-end encryption that will hopefully prove impossible for service providers to eavesdrop and crack – even if forced to do so.

"As founding partners of the Dark Mail Alliance, both Silent Circle and Lavabit will work to bring other members into the alliance, assist them in implementing the new protocol and work jointly to proliferate the world’s first end-to-end encrypted Email 3.0 across email software developers and service providers globally," the pair said in a statement.

"Our goal is to open source the protocol and architecture and help others implement this new technology to address the privacy concerns over surveillance and back door threats of any kind."

Both firms have had a lot of experience in the field. Lavabit was the encrypted email service used by NSA whistleblower Edward Snowden, and the outfit shut down in August rather than "become complicit in crimes against the American people," as founder Ladar Levinson said at the time.

Silent Circle was set up by members of the PGP encryption team (including Phil Zimmerman and Jon Callas) and two former Navy SEALs to provide secure voice, text, and email services – although the email part of that was shut down shortly after launch in the wake of Lavabit being confronted by US g-men.

The Dark Mail Alliance team described today's system of email as "fundamentally broken from a privacy perspective," and will work with other firms to get software and legal protocols in place for a more secure service.

Presumably this will mean that the service can't be set up in the US due to laws such as the Patriot Act that give the government the right to access data services while not allowing the companies involved to alert their customers. Silent Circle already does this by basing its servers in Canada and Amsterdam.

The announcement of the alliance was made at Wednesday's Inbox Love conference in Mountain View, California, and more details will be forthcoming shortly. No doubt the NSA and other spook nerve centers will be watching developments closely. ®

Intelligent flash storage arrays

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.