Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday July 21 2014, @05:09PM   Printer-friendly

Wired reports that Ladar Levison (of Lavabit fame) hired the convicted ex-hacker Stephen Watt to create DarkMail — a set of protocols and servers which apply a similar approach as onion routing to the email metadata (sender and recipients) and would still enable the existing email clients go "dark".

The internet is littered with burgeoning email encryption schemes aimed at thwarting NSA spying. Many of them are focused on solving the usability issues that have plagued complicated encryption schemes like PGP for years. But a new project called Dark Mail plans to go further: to hide your metadata.

The project has made for an interesting pairing between Texas technologist Ladar Levison and convicted hacker Stephen Watt, whom he's hired to help develop the code. Both have had previous battles with the government in very different ways.

The project is composed of several parts: an email client called Volcano; server software called Magma Classic and Magma Dark; and the Dark Mail, or Dmail, protocol, which they're designing to replace existing protocols for sending and retrieving email that don't hide metadata.

"If you trust your server, you can use Outlook and the server will handle everything for you," Levison says. "The preference would be that you use the Dark Mail client, but I understand that this is not even a possibility for some organizations."

Dark Mail is modeled loosely on TOR — The Onion Router... With Dark Mail, there are primarily two main servers involved in an email transaction: the sender's domain and the recipient's. And although the sender's server can identify the source from which the email was sent, it doesn't know the recipient, just the recipient's domain. The server at the recipient's domain decrypts the "to:" field to deliver the correspondence to the right account, but doesn't know who sent the email — just the domain from which it came.

Seems like in the today's society one need to rely on outlaws to claim back some freedom (as in: being an honest citizen is no longer enough to guarantee it).

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @02:36AM

    by Anonymous Coward on Tuesday July 22 2014, @02:36AM (#72112)

    > One: How does one address spam?

    Cryptographically signed mail. Since the sender is verifiable, mail from fakes is directly shit-canned and mail from previously unknown senders gets evaluated for spammy content like many of the rules that spamassassin applies.

    > if you're running a spam filter, what's ensuring that it isn't dialing the NSA and passing along the meta data that the server/client is sending to it?

    Because YOU are running it. You might as well be asking how we can trust that our email clients aren't phoning the NSA either.

  • (Score: 0) by Anonymous Coward on Tuesday July 22 2014, @06:15AM

    by Anonymous Coward on Tuesday July 22 2014, @06:15AM (#72163)

    > You might as well be asking how we can trust that our email clients aren't phoning the NSA either.

    It's a shame the iOS leak story hasn't been posted here yet; there's evidence that iOS logs your keystrokes and can dump everything to the NSA. I wonder if that includes the SMIME keys too.

    It's not the client that you have to worry about; it's the whole OS if it's closed-source.