A month ago, I wrote an article called Internet Privacy for Permaculturists that recommended switching to a secure email service called Lavabit as other email companies help the NSA spy on their own users.
As it turns out, NSA whistleblower Edward Snowden used Lavabit email as well. Why not anymore? Because the entire service just got turned off.
Last week, Ladar Levison, owner of Lavabit, announced that he has completely shutdown the entire email service. Levison built Lavabit to be so secure that even they themselves could not read anybody’s email. When the US government demanded he hand over Snowden’s email or face charges of being "complicit in crimes against the American people", he responded that he’s sorry, but that’s technically (and morally) impossible.
So he took a stand on the principles of liberty and freedom (and self-defence), and suspended the service with over 400,000 customers that he’s dedicated a decade of his life to.
This begs the question: If Lavabit, one of the only secure email systems in the world, just shut itself down rather than get in bed with the government, what does that say about every other email service out there?
Phil Zimmermann, the man who invented modern email encryption technology, pre-emptively closed down his own secure email service Silent Circle upon hearing the news. This man fought against the US government in the 90s (and eventually won) when he was dragged into court for aiding foreign terrorists who used his free email encryption software.
This is certainly disturbing news, when an organisation or person can be charged with crimes for the actions of their customers and users. It sets a terrible precedent and makes you wonder when they’ll be coming round for "bioterrorists" (a.k.a. permaculturists) who assist in "crimes against society" (eco self-reliance and energy independence)?
I just lost several email addresses and years of email (fortunately I backup), but I’m glad for it. I’d rather see it gone than in wrong hands. Thank you Lavabit for standing up for what’s right. We support you.
If anyone knows of some half-decent alternatives before Lavabit is (hopefully) back in business outside the US or available open source, please do share with everyone. I currently use Zoho Mail for business, but given that they have an office in the US, all bets are off.
Maybe Edward Snowden has a few ideas?
hey hey i just signed up with lavabit the day before it was all shut down, following your advice. also trying to check out non USA based email providers. maybe like in bhutan or something. no luck yet. please do let us know if something comes up, will do the same. many thanks
Based on the precedent discussed around Mr. Zimmermann’s case. Wouldn’t such a precedent open the door to Colt, Smith & Wesson, Barretta, Browning and all other firearms manufactures to be sued by the surviving families of anyone killed or injured by someone who committed a crime while using their Products?
Email is an inherently insecure technology. If you want to communicate securely the best option currently is Off-the-Record (OTR) Instant Messaging. For solutions see: https://prism-break.org/
Lavabit was encrypting email on their servers but when you send a email from Lavabit it would likely be sent in plain text over the Internet and stored in the other person’s service in plain text. Easily snooped and read.
The PGP technology Zimmerman invented is effective and still the best option for encrypting an email. But both sender and receiver must be using it and can be difficult to set up and use. PGP only encrypts the body of an email. The sender, receiver and subject are sent in plain text and can easily be snooped.
For more ethical email services that respect your privacy look at:
https://www.autistici.org/en/index.html
https://mykolab.com/
https://runbox.com/why-runbox/
https://www.jumpshipservices.co/
With the recent NSA revelations and increased interest in privacy expect a wave of new services. Some to watch:
https://beta.startmail.com/
https://www.mailpile.is/ (an email client, e.g. Outlook/Thunderbird replacement, you will still need an email service)
https://www.zdnet.com/mega-to-fill-secure-email-gap-left-by-lavabit-7000019232/
You may see recommendations for the Canadian service Hushmail. Hushmail can and does give up their customers’ email to Canadian and US authorities with a court order.
https://www.wired.com/threatlevel/2007/11/encrypted-e-mai/
I hear Hushmail is supposed to be a good alternative. I haven’t used them, but it looks like they are based in Canada.
https://www.hushmail.com
Well then if you really want to send a private communication then the only option is snail mail and even that can be opened if you are under investigation . How do lawyers and businesses go with confidential mail or do they have to send documents and such by courier and how do political parties keep their own mail safe if they endorse the spying tactics nothing private is safe from prying eyes
Good point John, that’s probably why the case was eventually dropped, but of course that was in a pre-911 world…
Thanks for those suggestions Jack!
Hi there Fraser Bliss and other permies, I can’t help but wonder will all that has been going on in recent years, why does it seem when there is some sort of social crisis in the world the number one thing I hear is it involves the US? For example, the US government spying on email, American Multinational company monsanto with their GMO’s and chemicals. I mean If there’s going to be some sort of world wide problem I can make the assumption that the US has its hand in it somewhere. But why is that?
Posteo.de (1 Euro/month, 3 aliases)
Privatedemail.net (free, 3 MB storage only)
Roger, the smart ones use encryption.
https://pressfreedomfoundation.org/encryption-works
One thing to consider is that you may be better off with a small offshore email service provider, than a high profile ‘secure’ one. I chose lavabit way back when cause I figured hushmail was too high profile and might attracts undue attention. Security through obscurity.
As previously mentioned, the plain-text transmission of email is no more private on so-called secure services than regular.
This cartoon helps put things into perspective as well :)
https://xkcd.com/538/
What do we Permaculturists actually have to hide? Why be afraid?
Why Privacy Matters Even if You Have ‘Nothing to Hide’
https://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/?utm_medium=referral&utm_source=pulsenews
https://www.bbc.co.uk/news/world-us-canada-23981291
This is huge.
I wonder if this stuff is starting to sink in yet?
Start a parallel internet:
https://www.motherjones.com/politics/2013/08/mesh-internet-privacy-nsa-isp
https://www.bbc.co.uk/news/world-latin-america-24133161