How Lavabit, Snowden's Email Provider, Punked The Government

The Edward Snowden scandal is far from over. One of the latest developments involves Lavabit, the pro-privacy e-mail company that Snowden allegedly used to communicate his leaks of classified information. New court documents published by Wired's Kevin Poulsen show that the federal government demanded that Lavabit turn over encrypted information on its 400,000 users as part of its investigation. While Snowden was not named in the search warrant issued to Lavabit in July, "the offenses under investigation are listed as violations of the Espionage Act and theft of government property — the exact charges that have been filed against NSA whistleblower Snowden in the same Virginia court," writes Poulsen. The feds demanded that Lavabit compromise its own security in order to provide this information. But, Lavabit has not exactly complied.
While most email providers could easily hand over the information requested by the government, Lavabit encrypts all of its email messages with SSL keys known only to its paying customers. The government was not seeking individual messages, but instead only the "to" and "from" lines, along with the IP addresses used to log in to a user's mailbox, which it requested with a "pen register" order — similar to a wiretap order, but with much less evidence necessary. "Because they provide only metadata, pen register orders can be obtained without 'probable cause' that the target has committed a crime," writes Poulsen. Still, Lavabit would have had to essentially defeat its own encryption system and compromise the privacy of all its users in order to comply.
Lavabit wasn't having any of that. Instead, its founder, Ladar Levison, employed every tactic to avoid giving the government this information. When he initially claimed it couldn't be done, he was threatened with criminal contempt by a federal judge. He was then ordered to provide all of the information necessary to decrypt the wanted data. The prosecutor in the case told the court that users shouldn't worry, and that only essential information would be captured. "So there are no agents looking through the 400,000 other bits of information, customers, whatever," he said. But, that's hardly comforting to people who pay for privacy.
When the court sided with the government, Levison decided to play dumb. He provided all of the private SSL keys the following day — on an 11-page printout, in four-point font. The government was not amused, calling the document "illegible."
“To make use of these keys, the FBI would have to manually input all 2,560 characters, and one incorrect keystroke in this laborious process would render the FBI collection system incapable of collecting decrypted data,” prosecutors complained.
Levison did not provide an electronic copy. Instead, he shuttered Lavabit on August 8, because he refused "to become complicit in crimes against the American people," he wrote on the site. But, his role is far from over — he still faces court appeals and is asking for donations to help him fund his case in the 4th Circuit Court of Appeals. If you want to support Lavabit's cause, check it out its campaign here. (Wired)
lavabitPhoto: Via Wired.

More from Tech

Pokémon Go was this year's biggest app sensation. Within 24 hours of its launch, the game became a mega hit and has since seen users walking billions of ...
For the second time this month, earthlings of the Western Hemisphere will experience a special event involving our moon. Earlier this month, we got our ...
If you want to look up information about your favorite celebrities, your first instinct is probably to google them. But depending on who you're curious ...
GENERATION STARTUP presents Women In Tech, an episode of an exclusive web series with footage left on the cutting room floor. The feature documentary ...
Complaining today is much easier than it used to be. Lost luggage, bad service, extra charges, broken products — you used to have to put a letter in the ...
It's Google's 18th birthday which means it can finally see all the porn it serves up
Tonight marks the first of three presidential debates between candidates Hillary Clinton and Donald Trump. Because of the debate's close proximity to New...
(Paid Content) Refinery29 is now on Versy, a messaging and content-sharing app made for busy people like us
The American Civil Liberties Union (ACLU) developed a phone app that will assist you in recording and reporting police conduct. The app, Mobile Justice, ...
If you aren't registered to vote, don't panic. As a matter of fact, thanks to Snapchat, you can now do it in just one minute, reports Time. The social-...
You may start to notice your Uber drivers snapping a lot of selfies, but it doesn't necessarily mean that you're riding with an Instagram addict. Your ...
Snapchat CEO Evan Spiegel announced that the company has developed new video-enabled sunglasses, called Spectacles, and will subsequently be rebranding ...
You're at 20,000 feet, and you realize your flight doesn’t have WiFi — which wouldn't be a big deal, except you forgot your book at home, and none of your ...
It's a sad but true fact that a bad commute — one where you just miss the bus or subway — has the power to ruin your day. More often than not, these near...