

Lavabit appeal against data handover - debugunit
http://www.bbc.co.uk/news/technology-25930222

======
themartorana
I can't figure if this spells the beginning of - forgive me - "Email 2.0",
which is inherently encrypted and secure (starting with the Dark Mail
Alliance, perhaps), or if the general public's lack of understanding about the
wild insecurity of email, mixed with a no-so-small amount of apathy means
nothing will change at all?

It would be nice to look back on this in 2 years with a "what were we
thinking?" attitude towards email as it currently exists, as we all moved to a
better solution invented by smarter people than me.

~~~
runn1ng
We need some decentralized way to send e-mail.

Oh wait, there is such a way. It's absolutely decentralized, everyone is free
to join and use it and add encryption on top, and it's called SMTP.

~~~
Zikes
One of the flaws in that is that while you can encrypt the information in the
email body, you can't obscure the metadata like who the sender and recipient
are, when it was sent and received, etc.

~~~
fossuser
I think combining pgp with tor solves that problem, the issue is main stream
usability. Even beyond that a bigger core problem is that many (most?) people
communicate outside of email because it's too slow. Facebook chat, google
hangouts, iMessage, SMS - these are the real things that matter to secure
today.

As much heat as cryptocat has taken - I think they have the right idea and are
working on an important problem (whispersys too). Security should be built in
and easily adoptable. It should be equivalently usable to what people are
already communicating with or they won't use it.

~~~
Zikes
The sender and receiver are still necessary for the SMTP protocol to work, as
the mail servers need to access that to know where to route the email.

At best, tor+pgp would allow you to create a pseudonymous email address (or
series of addresses), but there would still be nothing stopping people from
looking at your mailbox and seeing what other addresses you've communicated
with, even if they can't decipher what those communications are.

The SMTP protocol itself needs rewritten to function more like tor, so that
each intermediary is incapable of seeing the complete picture.

