The entire episode was CAUSED by Levison's failure, and
flat-out incompetence, to implement a simple SMTP archive
feature and then his attempted fleecing of the American
taxpayer by charging $2000 to provide that information.
This is an article written by someone who clearly does not know what the fuck. It's pretty remarkable that someone can be so profoundly ignorant with the amount of information literally available at his fingertips.
Yeah, the author seems to be coming at this from completely the wrong angle.
I don't think anyone, the FBI, Lavabit, the NSA, or the non-technical public, is under any illusion that it's fairly simple to route around the at-rest encryption. We all KNOW Levison was just stalling with his 'technical reasons' arguments.
He didn't want to give information over to the NSA, and bluffed for as long as he could, then finally shut the service down in protest. That's obvious right? The author of the article doesn't seem to have figured that out.
He also seems to accept government intrusion into private email as a fact of life, and doesn't seem to comprehend why that might be a bad thing. I can't tell if he's just trying to make a point, or he genuinely doesn't understand people's outrage.
Holy shit, I've read some ignorant "internet expert" posts about Lavabit but this one is, by a wide margin, the dumbest one yet.
If the moron who wrote this article had bothered to spend 2 seconds to scan over the whitepaper (and other security details that have been published since) he would realize that the email files were stored in encrypted form in the Lavabit database, and decrypting those records would require the password for the relevant account. Lavabit DID provide the FBI with a dump of the records they requested, but without Snowdens personal password the records were useless. To retrieve his password they would need to snarf it of the wire as he logged in, which would require specific code written by the server administrator or access to the SSL keys and a listening device installed between the router and server. Ladar offered to do the former, the FBI refused to pay him for his work and demanded his SSL keys instead.
I don't know what this guy is talking about SMTP archiving, that has nothing to do with any of this.
He sounds like someone who has probably toyed around with SMTP software at some point or another and it never occurred to him that you can design a custom system from the ground up to handle email and still implement SMTP functionality just fine.
I guess he thinks Ladar installed some off the shelf SMTP software and didn't bother to configure it correctly? Really weird.
He claims to have his own free email service (linked from his blog). He also claims (remarkably) that it is a "secure" email service, right next to where he complains about Levison's failure to kowtow fast enough to the FBI.
He doesn't sound like the kind of guy who would have a problem handing the feds his SSL keys or whatever else they ask for, so even if his system is reasonably secure I wouldn't trust him as a steward of my information.
It doesn't sound to me like the author is as technically inept as your making it sound here. Perhaps a little ignorant of some legal details of the court orders, but someone who has done a bit more than "toyed around" with SMTP. In fact, obviously so -- making your assertions about his intelligence appear more ideologically motivated than reasonable.
It's not true that he claims on the blog that VFEmail is a secure service in the same sense that Lavabit claimed to be, and his FAQ answers for people concerned about privacy are essentially:
1) Use their web interface to PGP. He's transparent about the fact that with this option your encrypted email could be read, if your password were intercepted.
2) Better yet use client side PGP.
> ...using the Webmail interface for PGP stores your private key on the server, and requires you to send your key password to VFEmail. That subjects your encryption key to interception by a third party.
> ... Most importantly - Use PGP with your own email client. You should store your key on your device(s), under your control. Again, illegal access by a 3rd party could compromise your key, so be very careful of what you open and where you surf.
Lavabit marketed a claim to be so secure that even their administrators couldn't read your email. This was untrue, and curious in juxtaposition to the spam/content filtering features it had. VFEmail is pretty upfront -- unless you're encrypting everything client side, someone can read it.
So basically if one reads beyond the first few paragraph, or visits the email service that he "claims" to own, it's clear that all these "he's a moron, has only toyed around with email, doesn't understand Lavabit's encryption, etc." claims being made are simply character assassination.
Furthermore, the FBI didn't "call" or "ask for" the pen register or SSL keys. They subpoenaed Lavabit and served them with a search warrant for a criminal case. One which they eventually complied with.[1]
[1] http://archive.is/Tdneo: "Since the SSL certificates formerly used to protect access to Lavabit have been compromised..."
>and then his attempted fleecing of the American taxpayer by charging $2000 to provide that information.
Apparently this freaking guy thinks that when the FBI calls, that a person ought to drop anything else they're doing and heel to their demands, AND do it cheap. Bespoke on-demand short-term contract work costs money, especially if one has to put another job on hold. I wonder if he has any idea what AT&T and Verizon et al get for this kind of service?
Seems like his article is way over your head. The issue is not whether or not lavabit could circumvent their own system and decrypt the emails stored on their server. With less than 5 lines of code they could grab Snowden's password the next time he logged in.
The decision to shut down lavabit was purely financial. He bet that he would make more money (via donations) by shutting down the service than he would if he kept it running. So he shut it down. It was always about the money.
The article confuses two things: 1. Live interception of SMTP communication going in and out of Lavabit and 2. Interception of the encryption key to access the stored emails.
The first would be relatively easy, in that the post is correct. But what the warrants actually requested was the stored data of an account. Lavabit provided these, but they were encrypted (as per design of the service). The FBI then wanted the keys for the stored account data. And for that Lavabit asked for 3500USD which is reasonable, because there is no off the shelf software to grab the POP3 or IMAP password in the handshake. Especially as the TLS endpoint and the software decrypting the stored account data with the POP3 or IMAP password was probably the same, so there is no plain TCP traffic in the internal network containing the key.
You can see that the FBI asked for (2) and not (1) in the transcript of the court hearing, page 50 of the cited pdf http://cryptome.org/2013/10/lavabit-orders.pdf . It is a really entertaining read btw.: The FBI agent and the judge bicker about whether or not Levison should be asked right there in court if he would comply with a warrant (about the TLS key) they haven't even served him yet.
> THE COURT: I don't know, Mr. Trump. I don't think I want to get involved in asking him. You can talk with him and see whether he's going to produce them or not and let him tell you. But I don't think I ought to go asking what he's going to do and what he's not going to do because I can't take any action about it anyway. If he does not comply with the subpoena, there are remedies for that one way or another.
14 comments
[ 3.9 ms ] story [ 49.8 ms ] threadWhy does this feel like a personal attack?
I don't think anyone, the FBI, Lavabit, the NSA, or the non-technical public, is under any illusion that it's fairly simple to route around the at-rest encryption. We all KNOW Levison was just stalling with his 'technical reasons' arguments.
He didn't want to give information over to the NSA, and bluffed for as long as he could, then finally shut the service down in protest. That's obvious right? The author of the article doesn't seem to have figured that out.
He also seems to accept government intrusion into private email as a fact of life, and doesn't seem to comprehend why that might be a bad thing. I can't tell if he's just trying to make a point, or he genuinely doesn't understand people's outrage.
If the moron who wrote this article had bothered to spend 2 seconds to scan over the whitepaper (and other security details that have been published since) he would realize that the email files were stored in encrypted form in the Lavabit database, and decrypting those records would require the password for the relevant account. Lavabit DID provide the FBI with a dump of the records they requested, but without Snowdens personal password the records were useless. To retrieve his password they would need to snarf it of the wire as he logged in, which would require specific code written by the server administrator or access to the SSL keys and a listening device installed between the router and server. Ladar offered to do the former, the FBI refused to pay him for his work and demanded his SSL keys instead.
I don't know what this guy is talking about SMTP archiving, that has nothing to do with any of this.
I guess he thinks Ladar installed some off the shelf SMTP software and didn't bother to configure it correctly? Really weird.
The system design for VFEmail is apparently available here: https://www.vfemail.net/design.php
It appears to have occurred to him to think about how to build custom email systems with SMTP support.
The privacy FAQ for VFEmail is here: https://www.vfemail.net/privacyandsecurity.php
It's not true that he claims on the blog that VFEmail is a secure service in the same sense that Lavabit claimed to be, and his FAQ answers for people concerned about privacy are essentially:
1) Use their web interface to PGP. He's transparent about the fact that with this option your encrypted email could be read, if your password were intercepted.
2) Better yet use client side PGP.
> ...using the Webmail interface for PGP stores your private key on the server, and requires you to send your key password to VFEmail. That subjects your encryption key to interception by a third party.
> ... Most importantly - Use PGP with your own email client. You should store your key on your device(s), under your control. Again, illegal access by a 3rd party could compromise your key, so be very careful of what you open and where you surf.
Lavabit marketed a claim to be so secure that even their administrators couldn't read your email. This was untrue, and curious in juxtaposition to the spam/content filtering features it had. VFEmail is pretty upfront -- unless you're encrypting everything client side, someone can read it.
So basically if one reads beyond the first few paragraph, or visits the email service that he "claims" to own, it's clear that all these "he's a moron, has only toyed around with email, doesn't understand Lavabit's encryption, etc." claims being made are simply character assassination.
Furthermore, the FBI didn't "call" or "ask for" the pen register or SSL keys. They subpoenaed Lavabit and served them with a search warrant for a criminal case. One which they eventually complied with.[1]
[1] http://archive.is/Tdneo: "Since the SSL certificates formerly used to protect access to Lavabit have been compromised..."
Apparently this freaking guy thinks that when the FBI calls, that a person ought to drop anything else they're doing and heel to their demands, AND do it cheap. Bespoke on-demand short-term contract work costs money, especially if one has to put another job on hold. I wonder if he has any idea what AT&T and Verizon et al get for this kind of service?
The decision to shut down lavabit was purely financial. He bet that he would make more money (via donations) by shutting down the service than he would if he kept it running. So he shut it down. It was always about the money.
The first would be relatively easy, in that the post is correct. But what the warrants actually requested was the stored data of an account. Lavabit provided these, but they were encrypted (as per design of the service). The FBI then wanted the keys for the stored account data. And for that Lavabit asked for 3500USD which is reasonable, because there is no off the shelf software to grab the POP3 or IMAP password in the handshake. Especially as the TLS endpoint and the software decrypting the stored account data with the POP3 or IMAP password was probably the same, so there is no plain TCP traffic in the internal network containing the key.
You can see that the FBI asked for (2) and not (1) in the transcript of the court hearing, page 50 of the cited pdf http://cryptome.org/2013/10/lavabit-orders.pdf . It is a really entertaining read btw.: The FBI agent and the judge bicker about whether or not Levison should be asked right there in court if he would comply with a warrant (about the TLS key) they haven't even served him yet.
> THE COURT: I don't know, Mr. Trump. I don't think I want to get involved in asking him. You can talk with him and see whether he's going to produce them or not and let him tell you. But I don't think I ought to go asking what he's going to do and what he's not going to do because I can't take any action about it anyway. If he does not comply with the subpoena, there are remedies for that one way or another.