So apparently, Edward Snowden uses security-focused email service Lavabit

Lavabit is your best bet and its why I'm using them. They are not a target and people don't question your use of their accounts. There servers are very reliable, and you can encrypt all your emails. Your emails are pretty secure on their service and its the best you will get without making yourself a target.

 

The "emails are encrypted on the server" thing sounds interesting, but then I ran across this at cotse.net:

"......[FONT=Arial, Helvetica]Even if they claim their servers drive is encrypted, that is no protection. The running server has the encryption already opened, it has to for things to read and write. Crack that server and that encryption means nothing because it is already open. There are many ways into a machine when you have physical access. Plus, if it's boot level encryption then the local datacenter has to have the password if the server crashes.[/FONT][FONT=arial,verdana,helvetica,sans-serif][SIZE=-1] [FONT=Arial, Helvetica]If not boot level encryption and only file encryption, the key resides on the server so that it comes back up if it crashes. Even if it was set up without the key being on the server, just reboot it and wait, the owner will have to log in and enter the password to the encryption for the server to come fully back up....." https://www.cotse.net/logging.html[/FONT]


[FONT=Arial, Helvetica][SIZE=-1]If tr[SIZE=-1]ue, th[SIZE=-1]e encryption is wo[SIZE=-1]rthless, and nothing more than marketing.[/SIZE][/SIZE][/SIZE][/SIZE][/FONT]


[FONT=Arial, Helvetica][SIZE=-1][SIZE=-1][SIZE=-1][SIZE=-1][/SIZE][/SIZE][/SIZE][/SIZE]
[/FONT]
[/SIZE][/FONT]

 

While I don't know exactly how LB does it, COTSE isn't exactly 100% correct, IMO. It appears to be written about running an email server on a TrueCrypt volume, or FDE computer...in which case COTSE is correct. BUT, Countermail does it differently...decryption (and even the private key if you want) occurs solely on your computer. All email is encrypted to your public key, as soon as it arrives. The only way to obtain plain text, is to supply the pass-phrase to the private key.

PD

 

Hi PaulyDefran,

What is Countermail? Got a Link?

-- Tom

 

Tom,

http://lmgtfy.com/?q=countermail

Just kidding with you! I didn't know that site was still around. Still funny.

 

Tom,

Here: -https://countermail.com/-

They are also members here. I'm just a customer.

PD

 

Here's an interesting take on why NOT to use lavabit:
https://github.com/nylira/prism-break/issues/284

 

Have fun finding email that does not log, and is not on every blacklist. Email companies have to log to begin with to offer a good service due to spam.

 

Hopefully there is a leaker at lavabit who will release all of Snowden's email logs for the internet community to read. No doubt the Russians are reading them right now. It seems only fair. I read that Snowden covered his laptop with his hoodie when he used his laptop while in the transit lounge in Moscow. LOL.

 

Are you serious? Are you really equating government misconduct exposed through whistle-blowing to an individual's right to privacy? It would be appalling if someone at Lavabit did what you are suggesting.

 

What do you mean by this? Where they raided by Government authorities? Sorry for the late reply.

 

They had a shared server seized last year that was running an anonymous remailer.

 

Thanks! That does not surprise me.

 

Lavabit Encrypted Email Service Shuts Down, Can’t Say Why

https://www.eff.org/deeplinks/2013/08/lavabit-encrypted-email-service-shuts-down-cant-say-why

 

Already Posted:

https://www.wilderssecurity.com/showthread.php?t=351668