Silent Circle Follows Lavabit, Shuts Down Secure Email Service
The secure-communications provider shut down its email service, saying it couldn't guarantee security in the wake of the NSA revelations.
A day after Lavabit, the secure email service used by National Security Agency leaker Edward Snowden, shuttered its doors, a more high-profile secure-communications provider also decided to end its email service.
"Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has," wrote Jon Callas, chief technology officer of Silent Circle, on the company's blog today (Aug. 9).
"There are far too many leaks of information and metadata intrinsically in the email protocols themselves," Callas wrote. "Email as we know it with SMTP, POP3, and IMAP" — the standard email networking protocols — "cannot be secure."
Callas, whose resume includes stints at Apple, Hewlett-Packard and PGP Corporation, said the Lavabit shutdown forced his hand.
"We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now," he wrote. "We have not received subpoenas, warrants, security letters or anything else by any government, and this is why we are acting now."
In his own online posting yesterday (Aug. 8), Lavabit operator Ladar Levison implied that government pressure forced him to close Lavabit.
MORE:8 Ways to Protect Your Email Account
Sign up now to get the best Black Friday deals!
Discover the hottest deals, best product picks and the latest tech news from our experts at Tom’s Guide.
Callas said Silent Circle will continue to offer its fully encrypted voice, texting and video-chat paid-subscription services for iOS and Android devices, but stressed that the company could not guarantee the security of its email service.
"We've been debating this for weeks," he wrote. "It is always better to be safe than sorry, and with your safety we decided that the worst decision is always no decision."
Government vs. encryption
Silent Circle was founded less than a year ago by encryption pioneer Phil Zimmermann and former Navy SEAL Mike Janke, who had approached Zimmermann about forming a company that could provide secure communications that could not be monitored by any government.
Zimmermann himself was at the center of the mid-1990s "crypto wars," when the U.S. government regarded secure encryption as a threat to national security.
For three years, Zimmermann was threatened with prosecution for making his Pretty Good Privacy (PGP) encryption software available to customers overseas, which the U.S. Customs Service and the Department of Justice regarded as a violation of arms export controls. (Zimmermann was never charged.)
Despite the surveillance-unfriendly attitude — such as placing its servers in Canada — Silent Circle says it has signed on numerous U.S. government agencies as clients.
It won't specify which agencies those are, and won't reveal the overall number of clients it has, but Silent Circle has said it's had "overwhelming demand" since the Snowden-driven NSA revelations began in early June.
"We are still working on innovative ways to do truly secure communications," Callas wrote. "Silent Mail was a good idea at the time, and that time is past."
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.