Snowden's ultra secure email provider is back online
Lavabit relaunches its encrypted email service as Dime
Email provider Lavabit revived its services on the first day of Donald Trump's presidency, after shutting them down in the aftermath of Edward Snowden's revelations about government spying in 2013.
CEO Ladar Levison chose President Trump's inauguration last Friday to reveal a revamped email service, which provides end-to-end encryption for secure communications, vowing to protect "shared values of freedom, justice and liberty".
In a statement to "fellow citizens & Lavabit users", Levison explained that little had changed since the Snowden discoveries in 2013, and that email remains "insecure, unreliable, and easily readable by an attacker".
Lavabit, which had been in operation since 2004, was revealed in 2013 to provide a secure email service to Snowden, and subsequently closed without warning. It later emerged that Levison closed the business to avoid a court order demanding the hand over of SSL keys needed by US authorities to track specific Lavabit accounts - namely Snowden's.
"In August 2013, I was forced to make a difficult decision: violate the rights of the American people and my global customers, or shut down. I chose freedom," said Levison. "Lavabit chose to shut down rather than allowing access to this tunnel which would have compromised username and password logins."
With the help of a 2014 Kickstarter campaign, Lavabit has been busy building a new service called the Dark Internet Mail Environment (Dime), which promises to offer an end-to-end encrypted standard, and an associated "Dime capable free and open source mail server" called 'Magma'.
The encrypted email service's launch coincided with Trump's inauguration on Friday, who made surveillance expansions and increased government access to encrypted services key tenets of his campaign.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Dime is the only automated, federated, encryption standard designed to work with different service providers while minimising the leakage of metadata without a centralised authority," said Levison. "Dime is end-to-end secure, yet flexible enough to allow users to continue using their email without a Ph.D. in cryptology."
Dime is able to encrypt an email transmission in its entirety, including the body, metadata and transport layer, something which current OpenPGP and S/MINE standards are unable to do, according to Levison.
Both Dime and Magma have been released free to the public, and former Lavabit users will be able to restore historical accounts to the new service. Users will be able to use Dime in three different security 'modes': 'Trustful', 'Cautious' and 'Paranoid'. Each option will provide increasing layers of security, even at the expense of functionality, including the use of SMTP protocols and options to restrict account access on multiple devices.
Magma provides a free open source server ready for use with Dime promising to "fundamentally change the way business transmits encrypted data". Domain operators will be able to deploy Magma or implement their own encrypted Dime server, according to Levison.
New users interested in the service are able to pre-register their interest for a 50% reduced price off future subscriptions, with either 5GB or 20GB storage options.
Dale Walker is a contributor specializing in cybersecurity, data protection, and IT regulations. He was the former managing editor at ITPro, as well as its sibling sites CloudPro and ChannelPro. He spent a number of years reporting for ITPro from numerous domestic and international events, including IBM, Red Hat, Google, and has been a regular reporter for Microsoft's various yearly showcases, including Ignite.