
Lavabit code open sourced - jayfk
https://github.com/lavabit
======
matt_wulfeck
I never read the closing letter and it is quite unnerving.

"If my experience serves any purpose, it is to illustrate what most already
know: our courts must not be allowed to consider matters of great importance
in secret, lest we find ourselves summarily deprived of meaningful due
process. If we allow our government to continue operating in secret, it is
only a matter of time before you or a loved one find yourself in a position
like I was – standing in a secret courtroom, alone, and without any of the
unalienable rights that are supposed to protect us from an abuse of the
state’s authority."

~~~
Buttons840
What is the closing letter? Can you give a link?

Edit: Found the source. Link is: [http://lavabit.com/](http://lavabit.com/)

~~~
jaumellado
I was also looking for it, thx

------
kkl
A number of comments in this thread appear to suggest that Lavabit was end-to-
end encrypted. It was not.

[https://moxie.org/blog/lavabit-critique/](https://moxie.org/blog/lavabit-
critique/)

~~~
akshatpradhan
What does end-to-end mean encrypted mean?

~~~
oconnor663
It means that if Alice sends a message to Bob, that message is encrypted with
a key that only Bob (or Alice) knows. No server in between them can read the
message, so the question of whether they _trust_ the server doesn't matter
very much.

------
hartator
It's not the original Lavabit, but dark mail.

~~~
NetOpWibby
Where's the original Lavabit?

~~~
bt3
I would imagine a stipulation of the original subpoena would involve not
sharing the source of Lavabit. It sounds as though what Ladar has done is re-
engineer Lavabit in the form of Dark Mail to bypass any gag orders.

~~~
MichaelGG
I don't it. LE should love a fundamentally insecure design like Lavabit to get
picked up.

When I looked at the Dark Mail draft it was incompatible with regular email.
And the trust models it has were basically the same as you'd get with Gmail
today. End to end remained difficult (of course).

Plus it has weird stuff. Like a field for political party on all contacts or
something.

------
colejohnson66
Curious: what would happen if a bunch of these popped up all over the place
and used end to end encryption between each other making email truly secure
between each other? Would such a thing be possible? Adopt Mega's model where
they store the private key, but encrypt it with the user's password and only
the browser has the decrypted copy.

~~~
pfg
> Adopt Mega's model where they store the private key, but encrypt it with the
> user's password and only the browser has the decrypted copy.

Unless you're going to audit every single line of code Mega uses on their site
every time you use it, that would leave you completely vulnerable to any
backdoor included in the code (because of a court order or a $5 wrench).

Secure E2E Web Crypto is a myth.

~~~
chrisfosterelli
"Secure" anything is a myth, it's about what levels of risk you are willing to
accept.

The bottom line is that yes, this sort of setup would be worse than PGP email,
but it would still be better than traditional web mail which the vast majority
of people use.

 _On an interesting aside:_ You don't have to audit the code every single
time. On first execution of the code, it can store itself in the browser's
application cache indefinitely, and manage upgrades in the same style as
traditional software. This is fairly new ground though :)

~~~
pdkl95
> store itself in the browser's application cache

That _may_ solve some of the distribution problems, but no browser-based
software can ever be truly secure for a different reason: you have to run the
crypto in the same process as the network and parsing code. All browsers have
a history of security issues and other bugs in these areas. We should be
minimizing attack surface, but browser designers instead decided to add more
features that inevitably lead to more bugs.

The browser is an incredible "weird machine"[1], and relying on them for
security requires believing that nobody will figure out how to program that
"weird machine". The solution is something in the style of the "agent"
programs[2] for ssh/gpg. The crypto - especially the private keys - must be
done in an isolated process, so buffer-overflows and parser bugs at worst leak
only the current data. If the crypto is handled in the browser itself, there
is always risk that a bug will allow the keys to be leaked.

[1] [https://media.ccc.de/v/28c3-4763-en-
the_science_of_insecurit...](https://media.ccc.de/v/28c3-4763-en-
the_science_of_insecurity)

[2] ssh-agent(1), gpg-agent(1)

~~~
Drdrdrq
True, browser is more and more looking like a regular OS which executes
untrusted programs. As far as security is concerned though I am hoping Servo
will solve most of the issues.

------
tacojuan
I've seen some opensource implementations of Protonmail's stuff, any
comparisons?

------
sig_chld_mike
so what happens if you run this on Amazon (or any other cloud provider that
would cooperate with govt intrusion)? do you need your own servers to make it
work as intended?

------
deadmaildrop
Fun. Don't believe that an open source version of Magma makes it more secure.
It just means this version you see is one that looks like the one used on a
server. What is actually on the server may not be the version you see in a
public repository. Thanks for sharing Magma!

------
justifier
can anyone speak to the value of the DIME spec?

[https://darkmail.info/downloads/dark-internet-mail-
environme...](https://darkmail.info/downloads/dark-internet-mail-environment-
march-2015.pdf)

~~~
jauer
Relies on DNSSEC or CA to validate keys (pp. 22). Not a good idea of your
threat model is governments.

Defines fairly arbitrary list of non-extensible metadata including gender,
alma mater & political party (pp. 60). Seems like this should be extensible
and predefining a lot of that is short-sighted.

------
Introvertuous
I have no clue how this works but could people not just host their server
outside the jurisdiction of these assholes?

~~~
deadmaildrop
No. Jurisdication is irrelevant. The transmission has to pass through local
jurisdiction servers and wire and thus falls prey to those laws. Hosting in
Aruba for your US customers does not provide any veil of safety from
prosecution.

------
psiconaut
the repo wasn't public before?

------
deepnet
So Ladar Levinson closed his company because he refused to provide a backdoor
to his customers email encryption ?

This seems similar to the Apple case, was Tim Cook just too big to bully ?

Snowden had his own encryption or used GPG so a Lavabit backdoor encryption
key would not lower the entropy of Snowden's encryted emails.

Was Levinson's gag order lifted ? Why did Lavabit have to close but Apple
didn't ?

[EDIT] Levison was not jailed.

~~~
WillPostForFood
Ladar Levinson was never arrested or jailed, and he chose (to his credit) to
shut down his own company instead of complying with a court order.

~~~
MichaelGG
He complied with previous warrants, right? And since he didn't use PFS, when
he finally did hand over his key, it put all previous requests at risk. The
problem was representing more security then he actually had.

~~~
technion
The security provided was fully within the threat model presented, which never
considered this type of attack.

