Silent Circle Follows Lavabit, Shuts Down Secure Email Service
A day after Lavabit, the secure email service used by National Security Agency leaker Edward Snowden, shuttered its doors, a more high-profile secure-communications provider also decided to end its email service.
"Email that uses standard Internet protocols cannot have the same security guarantees that real-time communications has," wrote Jon Callas, chief technology officer of Silent Circle, on the company's blog today (Aug. 9).
"There are far too many leaks of information and metadata intrinsically in the email protocols themselves," Callas wrote. "Email as we know it with SMTP, POP3, and IMAP" — the standard email networking protocols — "cannot be secure."
Callas, whose resume includes stints at Apple, Hewlett-Packard and PGP Corporation, said the Lavabit shutdown forced his hand.
"We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now," he wrote. "We have not received subpoenas, warrants, security letters or anything else by any government, and this is why we are acting now."
In his own online posting yesterday (Aug. 8), Lavabit operator Ladar Levison implied that government pressure forced him to close Lavabit.
Callas said Silent Circle will continue to offer its fully encrypted voice, texting and video-chat paid-subscription services for iOS and Android devices, but stressed that the company could not guarantee the security of its email service.
"We've been debating this for weeks," he wrote. "It is always better to be safe than sorry, and with your safety we decided that the worst decision is always no decision."
Government vs. encryption
Silent Circle was founded less than a year ago by encryption pioneer Phil Zimmermann and former Navy SEAL Mike Janke, who had approached Zimmermann about forming a company that could provide secure communications that could not be monitored by any government.
Zimmermann himself was at the center of the mid-1990s "crypto wars," when the U.S. government regarded secure encryption as a threat to national security.
For three years, Zimmermann was threatened with prosecution for making his Pretty Good Privacy (PGP) encryption software available to customers overseas, which the U.S. Customs Service and the Department of Justice regarded as a violation of arms export controls. (Zimmermann was never charged.)
Despite the surveillance-unfriendly attitude — such as placing its servers in Canada — Silent Circle says it has signed on numerous U.S. government agencies as clients.
It won't specify which agencies those are, and won't reveal the overall number of clients it has, but Silent Circle has said it's had "overwhelming demand" since the Snowden-driven NSA revelations began in early June.
"We are still working on innovative ways to do truly secure communications," Callas wrote. "Silent Mail was a good idea at the time, and that time is past."