So yeah, my suggestion currently is to acknowledge the level of secrecy (or rather lack of) available with your email setup and use it accordingly.
This raises the barrier enough so that the NSA/FBI can't just request access to your mail. Instead now they would have to either physically access the mail server, or use extremely offensive techniques (backdoor your computer, take control of your mail server via a software vulnerability, etc).
Even running your own mailserver (on a computer in your home, for example) won't save you from dragnet NSA surveillance or targeted attacks, but at least you'll know if the government sends you a National Security Letter or obtains a FISA court order for your email.
At which point you could disconnect your mail store from the server, stick it somewhere safe, and claim that you don't store mail, you just read it then delete it. They'd have to get a warrant to search your home, they'd probably decide it isn't worth it.
If you run your own MTA/IMAP server and lock down the OS and BIOS sufficiently -- including encrypting the hard drive -- you can be fairly confident that your at rest emails, including metadata, will not be accessed without your knowledge. But there's not much at all you can do to prevent mail sent to or from your machine from being intercepted. Configuring your MTA to only converse over TLS will help, but ultimately you have no good reason to trust the other mail server.
You can encrypt all your message bodies using either PGP or S/MAIL, but that requires the people you are conversing with the have key pairs, and doesn't protect metadata.
Even more interesting is the fact that even Lavabit's founder seemed to have overlooked this fact, and instead of relocating his servers and all the user data to Iceland, Norway or New Zealand, he chose to shut it down for good.
Why?
“If you knew what I know about e-mail, you might not use it either.”
Perhaps he is referring to the Stored Communications Act ( http://en.wikipedia.org/wiki/Stored_Communications_Act ). I haven't seen it referenced in coverage of this but the gist is under the right circumstances email that is older than six months and stored on a server that you don't own can be accessed without a warrant. Lavabit's encryption process as described would interfere with that. Not being able to comply AND being unwilling to take steps to comply in the future is the sort of thing that feds don't like.
This wasn't a big deal when it was passed in 1986 and small mail quotas were the norm but now with IMAP, multiple devices, and archiving it becomes a pretty big issue as you are talking about someone's electronic life instead of abandoned mailboxes.
AFAIK the issue of Fourth Amendment issues and SCA hasn't made it to the Supreme Court yet so interpretations vary depending on circuit.
Nevertheless, the means to decrypt those messages still is the critical difference here.
That is, they may have referenced the Stored Communications Act when requesting the information, but that is not what puts a gag on Lavabit.
SSL/TLS is available for everyone.
> Most mail servers transmit messages in the clear to each other and only encrypt the server to client side.
I hear this again and again, but I can't really find any data that confirms this claim one way or another. Anyone on HN running their own mailserver wanting to comment on how large portion of connections get encrypted?
Sending Client [--A---> Sender SMTP Server [--B---> Recipient SMTP Server [--C--> Recipient IMAP/POP server <---D----] Recipient Client
Connections A and D are easily possible to encrypt, provided your provider provides SSL/TLS on their SMTP and IMAP/POP servers. Most usually do. Connection C is usually local to a single machine, or for large email providers will go over an intranet of some kind.
What is at issue is connection B, which goes over the public internet. That is almost always in clear text, as most of this infrastructure was designed 30 years ago and hasn't evolved much since then. If you are sending email within a single provider (e.g. sender@gmail.com to recipient@gmail.com), such delivery can be trivially encrypted.
Of course, one certainly still argue that this a line that the Government should not cross - I'd wholeheartedly agree with that. However, statements such as “We’ve had a couple of dozen court orders served to us over the past 10 years, but they’ve never crossed the line,” do not imply that the government required him to install software or otherwise compromise his security in a way that he was not already able to do.
If you look at the quotes he made, he strongly hints that this affects all his users, that they want to collect data for later review, and that they would have the ability to decrypt any emails they wanted. Yes, there is a lot of speculation going on here, but it is based on facts--what they technically would be able to do based on how Lavabit worked.
Edit: this wasn't just some casual speculation, I did quite a bit of research on this and carefully reviewed every statement he has given to the press. I carefully analyzed their infrastructure and encryption techniques. I'm fairly confident with my conclusions.
1. Force Lavabit to provide their private SSL keys and route all their traffic through a government machine that performed a man-in-the-middle style data collection; 2. Change their software to subvert Lavabit’s own security measures and log emails after SSL decryption but before encrypting with the users’ public keys; or 3. Require Lavabit to install malicious code to infect their own customers with government-supplied malware.
It sounds like he already has the ability to comply with demands for information. I don't see where this new stipulation by them requires any meaningful change to his existing infrastructure.
What if the founder of Lavabit took the documents that the US government sent him and gagged him with and put them somewhere where they could be stolen or illegally accessed? For example, what if he put them on a computer with a public facing ip address, or even left them on his desk in his office? If he could have plausible deniability couldn't they get stolen and leaked without him really getting in trouble?
This may seem like a stretch, but when you consider the government is using secret interpretations of laws how is it any different than what they are doing?
The difference is that they have the guns, the tanks, and the full weight of the Department of Justice behind them.
Secrets have no place in a "democracy".
Now i will speculate:
As long as he does not know his customers passwords he can't retroactively view the customers mails, once the mails have been encrypted and the plain-text thrown away the stuff is unreachable.
So the US gov probably wanted him to save his customers passwords when they logged in.
1) he was told he had to use the same monitoring process all the other providers were using
2) as a state secret, he couldn't reveal he was doing it ever to his users
3) if he complied he would totally undermine the nature of his service
Anything else is superfluous.
Is this any different to writing a few lines of code to sniff the PreMasterSecret or even just a plain ol' MitM attack?
