SoylentNews is people
SoylentNews
Wired reports that Ladar Levison (of Lavabit fame) hired the convicted ex-hacker Stephen Watt to create DarkMail — a set of protocols and servers which apply a similar approach as onion routing to the email metadata (sender and recipients) and would still enable the existing email clients go "dark".
The internet is littered with burgeoning email encryption schemes aimed at thwarting NSA spying. Many of them are focused on solving the usability issues that have plagued complicated encryption schemes like PGP for years. But a new project called Dark Mail plans to go further: to hide your metadata.
The project has made for an interesting pairing between Texas technologist Ladar Levison and convicted hacker Stephen Watt, whom he's hired to help develop the code. Both have had previous battles with the government in very different ways.
The project is composed of several parts: an email client called Volcano; server software called Magma Classic and Magma Dark; and the Dark Mail, or Dmail, protocol, which they're designing to replace existing protocols for sending and retrieving email that don't hide metadata.
"If you trust your server, you can use Outlook and the server will handle everything for you," Levison says. "The preference would be that you use the Dark Mail client, but I understand that this is not even a possibility for some organizations."
Dark Mail is modeled loosely on TOR — The Onion Router... With Dark Mail, there are primarily two main servers involved in an email transaction: the sender's domain and the recipient's. And although the sender's server can identify the source from which the email was sent, it doesn't know the recipient, just the recipient's domain. The server at the recipient's domain decrypts the "to:" field to deliver the correspondence to the right account, but doesn't know who sent the email — just the domain from which it came.Seems like in the today's society one need to rely on outlaws to claim back some freedom (as in: being an honest citizen is no longer enough to guarantee it).
(Score: 2, Interesting) by Anonymous Coward on Tuesday July 22 2014, @06:48AM
By now people should know that t0r is "port agnostic".
sure, mostly tor is used to go to websites on port 80 (http) and 443 (https).
but t0r can do more.
FTP works and so does SMTP etc. (samba anyone?)
with regular e-mail you need all the DNS magic too.
regular e-mail and DNS are very much intertwined. domains are not free (and subject to monitoring?)
sure you can send a email to [5eyes@23.209.100.226] (no domain look-up required).
but for a home user with a ever changing IP address (dynamic and free)) it becomes difficult to always figure out
the new IP address to reply to.
with t0r you can get *onion domain for free (hidden service) and you can intercept/tunnel outgoing SMTP traffic (like as in "e-mail") perfectly fine thru t0r network to a SMTP server on a hidden service domain:
so right now! and today! you can send a email to "hacker@123456789abcd.onion" with open-source (linux) software.
bonus point is that you don't even have to "encrypt" your email before sending. once the SMTP email hits the intercepting/tunneling t0r server it continues encrypted from there.
if you are interested it this (really?) try setting up a "hidden webserver" then a "FTP server" and finally maybe postfix : )
(Score: 0) by Anonymous Coward on Tuesday July 22 2014, @07:25AM
here's a how-to: http://pastebin.com/jGfuVm9C [pastebin.com]
there a typo.
replace
"mynetworkstyle = host"
with
"mynetwork_style = host"
(Score: 0) by Anonymous Coward on Tuesday July 22 2014, @03:43PM
Thanks for the info. :)