[cryptopolitics] Silent Circle and Secure Email

[Adam Back]

Reading what Jon Callas wrote he said silent circle interoperated with
unencrypted SMTP email (unencrypted other than SSL over the transport), and
they used some bump in the wire PGP thingy that encrypts incoming email with
the silent circle users public key, and presumably sends out cleartext
possibly SSL SMTP where available, for non silent-circle recipients. 
Clearly therefore anyone tampering with the SSL (and often those mail
transport systems are not that smart about SSL as there is no security UI)
or just getting the NSA camel's nose inside the silent circle SSL
termination point prior to encrytion.

As they didnt think that would end well they decided to close it down. 
Alternatively they might have considered disabling the mail-in and mail-out
features.

Its less clear what lavabit were talking about.  Perhaps something similar
in terms of an SMTP interoperability encryption gap, or alternatively about
being pressured to modify code (which people seem to assume, but I didnt see
explicitly stated).

There were some hushmail rumors about code modification some years back -
does anyone know what actually at hushmail?

Adam

On Fri, Aug 09, 2013 at 08:46:57PM -0400, Jeffrey Walton wrote:
>On Fri, Aug 9, 2013 at 2:43 PM, Jeffrey Goldberg <Jeffrey@goldmark.org> wrote:
>> On Aug 9, 2013, at 11:45 AM, Jeffrey Walton <noloader@gmail.com> wrote:
>>
>>> I'd be interested in hearing more with respect to Silent Circle
>>> complicity in crimes against the American people if they supplied
>>> secure email.
>>
>> I think you may have missed the point in the Lavabit wording of this announcement.
>>
>> It looks like they were saying that complying with law enforcement requests (handing
>> over data or putting a back door in their systems) would be "complicity in crimes
>> against the American people.”
>>
>Thanks Jeffrey. I thought it might have been that, but the word
>"crime" removed the possibility in my mind's eye. I guess I would have
>worded it differently.