Lavabit’s Stance For Privacy

There was an article today in the New Yorker that covers why the owner of Lavabit was shutdown instead of turning over the encryption keys to the FBI. If you are not familiar with Lavabit, it was the email service that Edward Snowden used to invite human rights lawyers and activist to the Moscow airport.

The appeals court that has taken Ladar Levison’s case against the US Government recently released some documents to the public and Levision is now talking in an attempt to raise some money for his legal defense and raise the awareness for the Police State that we are headed towards.

I’m going to quote some of the points that hit me the hardest.

He refused to provide real-time access to Lavabit data; he refused to go to court unless the government paid for his travel; and he refused to work with the F.B.I.’s technology unless the government paid him for “developmental time and equipment.” He instead offered to write an intercept code for the account’s metadata—for thirty-five hundred dollars. He asked Judge Hilton whether there could be “some sort of external audit” to make sure that the government did not take additional data….

Most important, he refused to turn over the S.S.L. encryption keys that scrambled the messages of Lavabit’s customers, and which prevent third parties from reading them even if they obtain the messages.

Good for him. He refused to turn over the encryption keys.

It was the government’s insistence on collecting the S.S.L. keys that most deeply disturbed Levison, and led to the shutdown of Lavabit. He believes that not only would the F.B.I. have had unfettered, secret access to the communications of his four hundred thousand customers—without being required to give Levison a log of what it accessed—but putting his encryption keys in the hands of the government would have opened Lavabit to a more profound exploitation of his service’s communications. Levison worried that if he turned the keys over to the F.B.I., the N.S.A. would have been able to obtain them without his knowledge through a Foreign Intelligence Surveillance Act court order.

Is that not like inviting a vampire in and giving him the key to your house (and every other house in the neighborhood)?

Ultimately, the court ordered Levison to turn over the encryption key within twenty-four hours. Had the government taken Levison up on his offer, he may have provided it with Snowden’s data. Instead, by demanding the keys that unlocked all of Lavabit, the government provoked Levison to make a last stand. According to the U.S. Attorney MacBride’s motion for sanctions,

At approximately 1:30 p.m. CDT on August 2, 2013, Mr. Levison gave the F.B.I. a printout of what he represented to be the encryption keys needed to operate the pen register. This printout, in what appears to be four-point type, consists of eleven pages of largely illegible characters. To make use of these keys, the F.B.I. would have to manually input all two thousand five hundred and sixty characters, and one incorrect keystroke in this laborious process would render the F.B.I. collection system incapable of collecting decrypted data.

If this doesn’t scare the shit out of you of how online service operators are being pressured into giving up blanket accesses into their systems. The fact that he gave them eleven pages of keys on paper that they had to type in by hand was awesome.

I respect the hell out of Levision and wish him the best in his legal battle. No matter the outcome, it will impact everyone that uses the internet that has any desire for privacy.

You can help support Levision’s Legal Defense funds here —> https://rally.org/lavabit
You can read the entire article here —> Original Article.