Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday July 21 2014, @05:09PM   Printer-friendly [Skip to comment(s)]

Wired reports that Ladar Levison (of Lavabit fame) hired the convicted ex-hacker Stephen Watt to create DarkMail — a set of protocols and servers which apply a similar approach as onion routing to the email metadata (sender and recipients) and would still enable the existing email clients go "dark".

The internet is littered with burgeoning email encryption schemes aimed at thwarting NSA spying. Many of them are focused on solving the usability issues that have plagued complicated encryption schemes like PGP for years. But a new project called Dark Mail plans to go further: to hide your metadata.

The project has made for an interesting pairing between Texas technologist Ladar Levison and convicted hacker Stephen Watt, whom he's hired to help develop the code. Both have had previous battles with the government in very different ways.

The project is composed of several parts: an email client called Volcano; server software called Magma Classic and Magma Dark; and the Dark Mail, or Dmail, protocol, which they're designing to replace existing protocols for sending and retrieving email that don't hide metadata.

"If you trust your server, you can use Outlook and the server will handle everything for you," Levison says. "The preference would be that you use the Dark Mail client, but I understand that this is not even a possibility for some organizations."

Dark Mail is modeled loosely on TOR — The Onion Router... With Dark Mail, there are primarily two main servers involved in an email transaction: the sender's domain and the recipient's. And although the sender's server can identify the source from which the email was sent, it doesn't know the recipient, just the recipient's domain. The server at the recipient's domain decrypts the "to:" field to deliver the correspondence to the right account, but doesn't know who sent the email — just the domain from which it came.

Seems like in the today's society one need to rely on outlaws to claim back some freedom (as in: being an honest citizen is no longer enough to guarantee it).

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Funny) by Alfred on Monday July 21 2014, @05:16PM

    by Alfred (4006) on Monday July 21 2014, @05:16PM (#71894) Journal

    It is one thing to be a hacker, maker, inventor or whatever.

    But to be a convicted hacker is beyond awesome. I would hang the court documents on a wall like a degree.

    • (Score: 2) by Sir Garlon on Monday July 21 2014, @05:42PM

      by Sir Garlon (1264) on Monday July 21 2014, @05:42PM (#71903)

      I agree. Nothing says "trust me with you sensitive data" like prison tats!

      --
      [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
      • (Score: -1, Flamebait) by Anonymous Coward on Monday July 21 2014, @08:21PM

        by Anonymous Coward on Monday July 21 2014, @08:21PM (#71981)

        You forgot to add stretched ass hole.

    • (Score: -1, Flamebait) by Anonymous Coward on Monday July 21 2014, @06:24PM

      by Anonymous Coward on Monday July 21 2014, @06:24PM (#71923)

      This obsession with being a "badass" that young people have is sad. If people want to worship assholes, fine. But don't come crying to me when you life turns out shit because you tried to be a bad ass and got what you deserve. Try being a decent person and watch how things just fall into your lap. Good jobs, good friends, good wife. Remember that $500/hr drug dealing job is not so much when you add all the hours you spend in prison. More like $0.25/hr. You can make a difference in the tech world without being an asshole. Many of the OSS crowd are not and have not been in jail. They have changed the world. What have you done for the world? What will you do?

      Be Good! Be Cool! Be Decent!
       

      • (Score: 3, Funny) by Blackmoore on Monday July 21 2014, @07:09PM

        by Blackmoore (57) on Monday July 21 2014, @07:09PM (#71950) Journal

        i know i know.. don't feed the troll.

        I'm a nice guy. at least i hear that a lot. what does it get me? Friends, some sense of self worth; a identity i can live with.

        it does not get me money, or fame, or a "good job"

        it does not, and can not pay the bills.

        On the other hand I have a acquaintance who actually get's paid to insult people. who get's paid to swear a blue streak at an audience and get applause. who has 3 published novels and a god damn movie deal on one of them. and well..

        well he's not doing so hot for money either.. but at least he has royalties.

      • (Score: 2, Insightful) by Anonymous Coward on Monday July 21 2014, @07:18PM

        by Anonymous Coward on Monday July 21 2014, @07:18PM (#71954)

        Try being a decent person and watch how things just fall into your lap. Good jobs, good friends, good wife.

        So how many more years do I need to wait for those benefits to "just fall into [my] lap"? I've been waiting for quite a while now.

      • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @12:56PM

        by Anonymous Coward on Tuesday July 22 2014, @12:56PM (#72262)

        I have a friend like that, obsessed with being a "badass", a buddy from high school I somehow still keep in touch with. He has all these stupid gang-style tattoos. He babbles on about how he is going to kick some guy's ass because that guy "dis-respected" him. But my friend is actually a total pussy, always backs down with a bunch of stupid drama before any fight actually happens. I wish he would stop calling me, it is always the same BS like a broken record. It is like he is eternally 15 years old.

  • (Score: 1) by doublerot13 on Monday July 21 2014, @05:24PM

    by doublerot13 (4497) on Monday July 21 2014, @05:24PM (#71898)

    This may obscure some of the transaction on the wire. Unfortunately, knowing the recipient domain is more than enough info for the APT that is GO's. Especially, given the level of access they have to the major domains[gmail,outlook.com, yahoo, etc.] via NSL/Prism/etc.

    PGP has been and continues to be your only safe bet. It really doesn't matter if the sender address and recipient address are known. It's the contents that must be opaque.

    If PGP is too hard then run your own server/domain and give your contacts accounts on your box. You can encrypt everything on it. They can use VPNs/Tor(which maintains their IP anonymity) and just use their account on your box to send you mail on the same domain. It will never even have to leave the box.

    • (Score: 4, Interesting) by frojack on Monday July 21 2014, @05:35PM

      by frojack (1554) Subscriber Badge on Monday July 21 2014, @05:35PM (#71899) Journal

      TFS wasn't too specific, but it seems quite possible you would want to include PGP for your text body.

      This mechanism is all about obscuring the the headers and metadata, so that none of the handlers can actually see both where it came from and where its going, and only the first and last servers have the knowledge to determine the final recipient.

      Sort of like PGP for headers. Your client need only know/fetch the public key of the receiver's domain.
      Still each server along the route (and presumably direct routes would be selected AGAINST, in favor of TOR, as you mention), needs only to know about the target domain, and couldn't decrypt any of the rest of the routing information, or the payload.

      The most a spy agency could determine was that there were X number of messages destined for Location Y, but only if they managed to insert themselves into the chain.

      --
      No, you are mistaken. I've always had this sig.
    • (Score: 3, Insightful) by CRCulver on Monday July 21 2014, @06:03PM

      by CRCulver (4390) on Monday July 21 2014, @06:03PM (#71907) Homepage

      It really doesn't matter if the sender address and recipient address are known. It's the contents that must be opaque.

      That's a very pre-Snowden perspective. Metadata alone is capable of revealing things people would rather keep private, and it can drag innocent people into a dragnet. I'd highly recommend reading Schneier's post Metadata Equals Surveillance [schneier.com]. Under current snooping guidelines, someone determined to be one or two "hops" away from a target, by things like e-mail communication or social networking lists, can then have all of his online activity recorded.

      Not only is your perspective pre-Snowden, it might even be called a 1990s one. Already by the turn of the millennium, crypto idealists were starting to ponder technologies that would obscure links between individuals, because crypto alone just isn't enough.

      • (Score: 2) by emg on Monday July 21 2014, @08:48PM

        by emg (3464) on Monday July 21 2014, @08:48PM (#71998)

        "Already by the turn of the millennium, crypto idealists were starting to ponder technologies that would obscure links between individuals, because crypto alone just isn't enough."

        Anonymous remailers were commonplace in the early 90s. In some cases, they just dumped the final message onto Usenet, where the recipient would pick it up when it arrived at their local machine.

    • (Score: 2) by egcagrac0 on Monday July 21 2014, @06:16PM

      by egcagrac0 (2705) on Monday July 21 2014, @06:16PM (#71916)

      the major domains[gmail,outlook.com, yahoo, etc.]

      I don't think that the major domains are going to adopt DarkMail (soon).

      This is for setting up a replacement for the current email system.

      It really doesn't matter if the sender address and recipient address are known.

      If PGP is too hard then run your own server/domain and give your contacts accounts on your box. ... It will never even have to leave the box.

      Single-box email isn't realistic. Once you remotely access it, it's left the box. Administering foreign users becomes a big hassle, and a big social engineering backdoor into the system. ("I forgot my password, can you reset me?" - and then attacker can get all the data they weren't supposed to get.)

      The whole idea of this is that I can set up my DarkMail server and do my own user authentication, and you can set up your server and do your own user authentication, and our two userbases can intercommunicate with a reasonable degree of security and obscurity. There's nothing that says we can't generate a new keypair monthly/weekly/daily/hourly (as appropriate to threat level) to deter realtime or near-realtime traffic analysis - the remote server just needs to be able to request & authenticate the public key at time of interchange (mostly trivial now, not much harder to work private CA's into the mix).

      Connecting to more DarkMail servers should be a minor incremental amount of work, although given the system goals, it's probably reasonable to make that be a manual process (like a key-signing party), rather than an automatic process (like the current SMTP-to-any-server system).

  • (Score: 3, Interesting) by DECbot on Monday July 21 2014, @08:47PM

    by DECbot (832) on Monday July 21 2014, @08:47PM (#71995) Journal

    One: How does one address spam? With the sender address blocked, the only way to implement a spam filter is to block an entire domain from the server or to run the filter from the client's software. Likely you'll have to run it on the client anyway as the message is going to be encrypted on the server.

    Two: if you're running a spam filter, what's ensuring that it isn't dialing the NSA and passing along the meta data that the server/client is sending to it?

    One can avoid these issues by not filtering out SPAM, but then we're back to the inboxes of the 90's. And sure, you can manually sort spam, but I have enough issues sorting the thousand or so unread, non-spam messages in my inbox.

    --
    cats~$ sudo chown -R us /home/base
    • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @02:36AM

      by Anonymous Coward on Tuesday July 22 2014, @02:36AM (#72112)

      > One: How does one address spam?

      Cryptographically signed mail. Since the sender is verifiable, mail from fakes is directly shit-canned and mail from previously unknown senders gets evaluated for spammy content like many of the rules that spamassassin applies.

      > if you're running a spam filter, what's ensuring that it isn't dialing the NSA and passing along the meta data that the server/client is sending to it?

      Because YOU are running it. You might as well be asking how we can trust that our email clients aren't phoning the NSA either.

      • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @06:15AM

        by Anonymous Coward on Tuesday July 22 2014, @06:15AM (#72163)

        > You might as well be asking how we can trust that our email clients aren't phoning the NSA either.

        It's a shame the iOS leak story hasn't been posted here yet; there's evidence that iOS logs your keystrokes and can dump everything to the NSA. I wonder if that includes the SMIME keys too.

        It's not the client that you have to worry about; it's the whole OS if it's closed-source.

  • (Score: 2, Interesting) by Anonymous Coward on Monday July 21 2014, @09:18PM

    by Anonymous Coward on Monday July 21 2014, @09:18PM (#72022)

    The issues I have identified so far:

    1) If you have a central server, it can be subpenaed. So a decentralized system (like Twister) would be preferable.
    2) Tor is susceptible to timing attacks, so to keep NSA from recreating the entire onion route, you would want the nodes to delay relaying the message to the next node after receipt by a random amount.
    3) These things would make the sending of a message only probabilistically guaranteed at best, so there should be a way to track when your messages to an inbox were received by that inbox so that you could keep sending the message until it got through.
    4) Spam, with no central system, and with no way for a central system to read contents, all spam must be removed at the inbox. This also makes construction of a spam database to use at the inbox difficult (perhaps a 'mark as spam' button that would send the message to a spam email/message board, which does reduce privacy some).

    • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @03:25AM

      by Anonymous Coward on Tuesday July 22 2014, @03:25AM (#72126)

      these things would make the sending of a message only probabilistically guaranteed at best, so there should be a way to track when your messages to an inbox were received by that inbox so that you could keep sending the message until it got through.

      There is no guarantee of delivery with SMTP either. Bounces are nice but not guaranteed.

  • (Score: 1) by rumata on Tuesday July 22 2014, @06:37AM

    by rumata (2034) on Tuesday July 22 2014, @06:37AM (#72168)

    TFA is somewhat light on details, but it sounds like what they are after is basically a type III anonymous remailer http://en.wikipedia.org/wiki/Mixminion [wikipedia.org]. Am I missing something here?

    Cheers,
    Michael

  • (Score: 2, Interesting) by Anonymous Coward on Tuesday July 22 2014, @06:48AM

    by Anonymous Coward on Tuesday July 22 2014, @06:48AM (#72171)

    By now people should know that t0r is "port agnostic".
    sure, mostly tor is used to go to websites on port 80 (http) and 443 (https).
    but t0r can do more.
    FTP works and so does SMTP etc. (samba anyone?)

    with regular e-mail you need all the DNS magic too.
    regular e-mail and DNS are very much intertwined. domains are not free (and subject to monitoring?)
    sure you can send a email to [5eyes@23.209.100.226] (no domain look-up required).

    but for a home user with a ever changing IP address (dynamic and free)) it becomes difficult to always figure out
    the new IP address to reply to.

    with t0r you can get *onion domain for free (hidden service) and you can intercept/tunnel outgoing SMTP traffic (like as in "e-mail") perfectly fine thru t0r network to a SMTP server on a hidden service domain:
    so right now! and today! you can send a email to "hacker@123456789abcd.onion" with open-source (linux) software.

    bonus point is that you don't even have to "encrypt" your email before sending. once the SMTP email hits the intercepting/tunneling t0r server it continues encrypted from there.

    if you are interested it this (really?) try setting up a "hidden webserver" then a "FTP server" and finally maybe postfix : )

    • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @07:25AM

      by Anonymous Coward on Tuesday July 22 2014, @07:25AM (#72181)

      here's a how-to: http://pastebin.com/jGfuVm9C [pastebin.com]
      there a typo.
      replace
      "mynetworkstyle = host"
      with
      "mynetwork_style = host"

    • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @03:43PM

      by Anonymous Coward on Tuesday July 22 2014, @03:43PM (#72313)

      Thanks for the info. :)