According to TechDirt:
It's beginning to look like a US-based encrypted communications platform may be headed for a Lavabit-esque future. As we're well aware, agencies like the FBI and NSA are firmly opposed to encrypted communications, which is something Surespot -- a text-messaging service -- offers.
Surespot has been in the news lately, thanks to terrorist groups utilizing encrypted services to keep their communications secret. UK's Channel Four looked into Surespot and found that 115 "ISIS-linked" people "appear" to have used the service in the "past six months." Because UK 4 wasn't able to get this information from Surespot directly (because Surespot doesn't store personally identifiable information or users' communications), it has only been able to infer this from messages on social media services that refer to Surespot.
What this means in terms of terrorists "flocking" to encrypted apps is still very vague, but there's no doubt any additional layers of secrecy are welcomed by those wishing to hide their communications. What 115 ISIS-linked users means in terms of an installed user base of at least 100,000 is also open for discussion, but it's quite obvious there are plenty of non-terrorists using the service as well.
[..]
George Maschke of Antipolygraph.org has been periodically sending emails to Surespot, unofficially acting as the service's warrant canary. For several months, his questions have been answered. But as of May 25th, he has still received no response to his canned questions.
There's good reason to believe this is true. A recent plea agreement by a 17-year-old Virginia native charged with providing material support to ISIS (via instructions on how to use Bitcoin to provide anonymous donations) specifically mentions Surespot.
(Score: 2, Insightful) by Zal42 on Monday June 15 2015, @04:15PM
It's impossible without severely compromising security (thus rendering the system pointless).
In the first place, you'd have to define "bad people". That's not nearly as straightforward as it may seem. But assuming that you can manage to do this, you'd have to keep a list of the "bad people" who are to be refused service. But for that kind of scheme to work, you have to be able to determine the identity of people and keep those identities in a database.
Once you're doing that, then your service is no longer trustable.