When President Obama held a news conference on Friday to reassure Americans about the National Security Agency’s hi-tech spying, he focused primarily on policy themes like transparency and oversight. Skeptics immediately described the plan as a way to make people more comfortable with surveillance, rather than changing the underlying practices.
“Instanalysis: President Obama proposed measures to make the American people more comfortable with NSA programs, not to end bulk surveillance.”
—Alex Howard (@digiphile), Aug. 9, 2013
For several providers of secure electronic communications, no amount of official reassurance could change one basic fact: there is no technical way for them to make e-mail that they consider unsnoopable. The day before Obama’s comments, Lavabit, a secure e-mail provider that was reportedly used by Edward Snowden, announced it was suspending its service and offered this word of warning to its now former-users:
“Without congressional action or a strong judicial precedent, I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.”
Silent Circle, a company that provides secure instant messaging and e-mail, also quickly shut down. While the company will continue to offer some forms of communication, it argued that e-mail was insecure by its very nature:
“Silent Mail has thus always been something of a quandary for us. E-mail that uses standard Internet protocols cannot have the same security guarantees that real-time communications has. There are far too many leaks of information and metadata intrinsically in the e-mail protocols themselves. E-mail as we know it with SMTP, POP3, and IMAP cannot be secure.”
Silent Circle didn’t respond to a request for comment. But Dmitry Samosseiko, who runs the Vancouver lab of a computer security firm, explained the general difference between instant messaging services and e-mail services in terms of security. A snoop could install a surveillance device on a service provider’s infrastructure and collect instant messages as they travel back and forth. Still, wrote Samosseiko in an e-mail, doing this on encrypted instant messages is logistically prohibitive: It would “require constant presence and computing power to decrypt and re-encrypt communication in real-time.”
By contrast, e-mail messages, which are not considered “real-time,” are kept on a server somewhere. Web-based e-mail services also have to reside somewhere, in order to access messages from various devices. Even if the messages were encrypted, a government with huge data-processing capabilities might be able to crack it once it got the messages.
Without a way to secure e-mail with technological means, Silent Circle felt that it was essentially trusting that the government would not seize its servers at some point. The company just didn’t feel comfortable that this would never happen.
“We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.”
And by now, it meant now. The company’s chief executive said Thursday it had already destroyed its servers.
“Gone. Can’t get it back. Nobody can,” Mike Janke, Silent Circle’s chief executive, told the New York Times. “We thought it was better to take flak from customers than be forced to turn it over.”