Secure E-Mail Companies Say There’s No Such Thing Anymoreby
When President Obama held a news conference on Friday to reassure Americans about the National Security Agency’s hi-tech spying, he focused primarily on such policy themes as transparency and oversight. Skeptics immediately described the plan as a way to make people more comfortable with surveillance rather than changing the underlying practices.
“Instanalysis: President Obama proposed measures to make the American people more comfortable with NSA programs, not to end bulk surveillance.”
—Alex Howard (@digiphile), Aug. 9, 2013
For several providers of secure electronic communications, no amount of official reassurance could change one basic fact: There is no technical way for them to make e-mail that they consider “unsnoopable.” The day before Obama’s comments, Lavabit, a secure e-mail provider that was reportedly used by Edward Snowden, announced it was suspending its service and offered this word of warning to its now-former users:
“Without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.”
Encrypted-communications provider Silent Circle also shut down its secure e-mail services. While the company will continue to offer some forms of communication, it argued that e-mail is insecure by its very nature:
“Silent Mail has thus always been something of a quandary for us. E-mail that uses standard Internet protocols cannot have the same security guarantees that real-time communications has. There are far too many leaks of information and metadata intrinsically in the e-mail protocols themselves. E-mail as we know it with SMTP, POP3, and IMAP cannot be secure.”
Silent Circle didn’t respond to a request for comment. But Dmitry Samosseiko, who runs the Vancouver lab of a computer security firm, explained the general difference between instant messaging services and e-mail services in terms of security. He said a snoop could install a surveillance device on a service provider’s infrastructure and collect instant messages as they travel back and forth. Still, Samosseiko wrote in an e-mail, doing this on encrypted instant messages is logistically prohibitive: It would “require constant presence and computing power to decrypt and re-encrypt communication in real-time.”
By contrast, e-mail messages, which are not considered “real-time,” are kept on a server somewhere. Web-based e-mail services also have to reside somewhere to access messages from various devices. Even if the messages were encrypted, a government with huge data-processing capabilities might be able to crack them once it got the messages.
Without a way to secure e-mail through technological means, Silent Circle felt it was essentially trusting that the government would not at some point seize its servers. The company apparently didn’t feel comfortable that this would never happen:
“We see the writing [on] the wall, and we have decided that it is best for us to shut down Silent Mail now. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.”
And by “now,” Silent Circle meant now. Chief Executive Officer Mike Janke on Thursday said the company had already destroyed its servers.
“Gone. Can’t get it back. Nobody can,” Janke told the New York Times. “We thought it was better to take flak from customers than be forced to turn it over.”