Skip to main content

Silent Circle Follows Lavabit, Shuts Down Secure Email Service

A day after Lavabit, the secure email service used by National Security Agency leaker Edward Snowden, shuttered its doors, a more high-profile secure-communications provider also decided to end its email service.

"Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has," wrote Jon Callas, chief technology officer of Silent Circle, on the company's blog today (Aug. 9).

"There are far too many leaks of information and metadata intrinsically in the email protocols themselves," Callas wrote. "Email as we know it with SMTP, POP3, and IMAP" — the standard email networking protocols — "cannot be secure."

Callas, whose resume includes stints at Apple, Hewlett-Packard and PGP Corporation, said the Lavabit shutdown forced his hand.

"We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now," he wrote. "We have not received subpoenas, warrants, security letters or anything else by any government, and this is why we are acting now."

In his own online posting yesterday (Aug. 8), Lavabit operator Ladar Levison implied that government pressure forced him to close Lavabit.

MORE:8 Ways to Protect Your Email Account

Callas said Silent Circle will continue to offer its fully encrypted voice, texting and video-chat paid-subscription services for iOS and Android devices, but stressed that the company could not guarantee the security of its email service.

"We've been debating this for weeks," he wrote. "It is always better to be safe than sorry, and with your safety we decided that the worst decision is always no decision."

Government vs. encryption

Silent Circle was founded less than a year ago by encryption pioneer Phil Zimmermann and former Navy SEAL Mike Janke, who had approached Zimmermann about forming a company that could provide secure communications that could not be monitored by any government.

Zimmermann himself was at the center of the mid-1990s "crypto wars," when the U.S. government regarded secure encryption as a threat to national security.

For three years, Zimmermann was threatened with prosecution for making his Pretty Good Privacy (PGP) encryption software available to customers overseas, which the U.S. Customs Service and the Department of Justice regarded as a violation of arms export controls. (Zimmermann was never charged.)

Despite the surveillance-unfriendly attitude — such as placing its servers in Canada — Silent Circle says it has signed on numerous U.S. government agencies as clients.

It won't specify which agencies those are, and won't reveal the overall number of clients it has, but Silent Circle has said it's had "overwhelming demand" since the Snowden-driven NSA revelations began in early June.

"We are still working on innovative ways to do truly secure communications," Callas wrote. "Silent Mail was a good idea at the time, and that time is past."

  • senkasaw
    Another one bites the dust...

    I would really love to hear the government try to publicly explain this one.
    Reply
  • cscott_it
    It is a sad time. I can't remember who wrote it but they more or less said that Lavabit was a canary in the coalmine. I wonder if it will be "too late" or that we have lost the majority of our US based internet privacy when people finally wake up.

    Maybe if the gov't started making pre-emptive arrests based on someones Facebook messages that the general populace will wake up and realize that they've traded a pound of freedom for a penny of security?
    Reply
  • Pailin
    and after the fuss made over the Great Firewall of China......

    Not Really very different in regards of free speech... they are watching you (more easily now) and you are not free to talk freely.

    Blowing the lid on Gov scandals and corruption gets harder every day.

    What was that film : Fair Game - http://www.imdb.com/title/tt0977855/

    Gov's cannot be trusted as much as we would like.
    Reply
  • ethanolson
    So because security isn't as good as he wants it, he's pushing everyone out to the wolves?
    Reply
  • killerclick
    Do not rely on commercial services to protect your privacy from the government. The goal of any company is to make money, and since they have to operate within a legal framework, and they will either cooperate with the government or fold (usually the former).

    The safest thing is to do encryption locally using open source tools (that can be checked for backdoors). It may be a pain in the ass to use, but it's more of a pain to decrypt, at least until the NSA gets a quantum computer.

    However, the best place to fight invasive government surveillance is at the ballot box.
    Reply
  • Someone Somewhere
    Yeah, or run your own email server. Sometime I'll get round to setting one up.

    Your problem is that the two-party system allows for no minor parties.
    Reply