The developer of Lavabit, the secure email service that Edward Snowden used to leak details regarding the mass surveillance program of the National Security Agency back in 2013, will soon release source code for an open-source email program with end-to-end encryption.
The service, which would be a revival of sorts for Lavabit promises a messaging platform that will be free for all forms of surveillance.
The Revival Of Lavabit
In 2013, after Snowden used Lavabit to become perhaps the world's most famous whistleblower, the email service was shut down.
The service's developer, Ladar Levison, decided to close Lavabit in August 2013 instead of giving in to the demand of the United States government to hand over the email program's SSL encryption key. The authorities said that they only wanted to gain access to the communications of Snowden stored in his Lavabit account, but if Levison gave them the key, they would have been able to breach the accounts of other Lavabit users, which at the time numbered about 410,000.
Levison has now announced that he would be relaunching Lavabit in the form of the Dark Internet Mail Environment or DIME, which is a global standard for end-to end encryption, and Magma, a DIME-capable email server that is both free and open source. DIME and Magma has now been released, with DIME providing several modes of security including Trustful, Cautious, and Paranoid.
Trustful mode encrypts the emails of users on the company's server, and Cautious mode, on the other hand, also offers end-to-end encryption, that is encryption from the moment that the email is sent to when it is received and stored. Users interested in using Cautious mode will need to install client software to be able to generate encryption keys. For Paranoid mode, the encryption key is stored in the user's devices instead, with the need to transfer the keys manually if they would want to use another device.
According to Levison, DIME is the only automated and federated encryption standard that has been designed to work with various service providers while at the same time reducing metadata leakage with no centralized authority. While DIME is secure from end-to-end, it still offers enough flexibility to allow non-expert users to enjoy the protection that it provides.
In addition, the SSL key will no longer be in the possession of the company, which means that government will no longer be able to demand it to hand over the encryption key to compromise the accounts of users.
How To Sign Up For DIME
In the note that Levison published online, he said that former users of the Lavabit service will once again be able to access their accounts, which they could now update. The accounts are in Trustful mode by default, with the option to increase the service's security on their communications to be implemented in a future release.
For users who did not have Lavabit accounts but are interested in DIME and Magma, they would have to pre-register for the service's next release. The source code for the service can be accessed by anybody for free though, allowing users with their down domain to launch Magma or utilize their own DIME-encrypted server.
The next goal for the service would be to build graphical clients for the various operating systems, including Microsoft's Windows, Apple's Mac OS X and iOS, Google's Android, and Linux.