Keep up with the news by installing RT’s extension for . Never miss a story with this clean and simple app that delivers the latest headlines to you.

 

Mega to run ‘cutting-edge’ encrypted email after Lavabit’s ‘privacy seppuku’

Published time: August 11, 2013 16:56
Edited time: August 12, 2013 12:17
Screenshot from mega.co.nz

Screenshot from mega.co.nz

Kim Dotcom’s Mega.co.nz is working on a highly-secure email service to run on a non-US-based server. It comes as the US squeezes email providers that offer encryption and Mega’s CEO calls Lavabit’s shutdown an “honorable act of Privacy Seppuku.”

Mega’s Chief Executive Vikram Kumar, who is heading the development of the company’s own end-to-end encryption technology to protect the privacy of the future email’s users, has reacted to the Lavabit founder’s decision to suspend his service’s operations – an act, which was shortly followed by voluntary closing down of another secure email service, Silent Circle. 

Mega CEO Vikram Kumar (Photo from Vikram Kumar's LinkedIn profile)“These are acts of ‘Privacy Seppuku’ – honorably and publicly shutting down (“suicide”) rather than being forced to comply with laws and courts intent on violating people’s privacy,” Kumar said in his blog post.

The concept he was referring to was developed by secure service providers such as Cryptocloud, which made a ‘corporate seppuku’ pledge to oppose the mass surveillance and shield the privacy of their users’ data. The name for the move apparently derives from a Japanese ritual suicide, which was originally practiced by samurai to preserve honor.

According to Cryptocloud team’s board post cited by Kumar, “corporate seppuku” is “shutting down a company rather than agreeing to become an extension of the massive, ever-expanding, secretive global surveillance network organized by the US National Security Agency.”

This way, if the company receives a secret order from the NSA “to become a real-time participant in ongoing, blanket, secret surveillance of its customers,” it will not be forced into doing it. The pledge it made to its users will make it terminate itself instead, thus making the data mining impossible.

Such a policy manifests that “there is always a choice” for any company approached by the agents, while at the same time placing the users’ security in the highest priority.

Owner and operator of Lavabit.com Ladar Levison on Thursday wrote that his nine-year-old encrypted email service was shutting down in order to avoid becoming “complicit in crimes against the American people.”

“We see the writing the wall, and we have decided that it is best for us to shut down Silent Mail now,” Silent Circle founder Jon Callas then wrote in a blog post.

But as Cryptocloud urged all the companies to make an ultimate privacy-protecting pledge, NSA leaker Edward Snowden said in an email to The Guardian that the internet giants are unlikely to join such action – although it could yield much greater results. He called for Google and Facebook to question their current stance, calling Lavabit’s owner decision “inspiring.”

“Employees and leaders at Google, Facebook, Microsoft, Yahoo, Apple, and the rest of our internet titans must ask themselves why they aren’t fighting for our interests the same way small businesses are. The defense they have offered to this point is that they were compelled by laws they do not agree with, but one day of downtime for the coalition of their services could achieve what a hundred Lavabits could not,” Snowden said.

Mega doing ‘true crypto work for masses’

Meanwhile, Kumar has been involved in an email service project with what he says is exceptional level of encryption.

Mega has been doing an “exciting” but “very hard” and time-consuming job of developing both highly-secure and functional email service, Kumar told ZDNet.

“The biggest tech hurdle is providing email functionality that people expect, such as searching emails, that are trivial to provide if emails are stored in plain text (or available in plain text) on the server side. If all the server can see is encrypted text, as is the case with true end-to-end encryption, then all the functionality has to be built client side,” he explained, adding that even Silent Circle did not try to achieve such a feat.

“On this and other fronts, Mega is doing some hugely cutting-edge stuff. There is probably no one in the world who takes the Mega approach of making true crypto work for the masses, our core proposition,” Kumar said.

According to the company’s founder Dotcom, Mega doesn’t hold decryption keys to customer accounts and “never will”, thus making it impossible for it to read the emails. This also means that Mega by design cannot be forced to rat on its users by intelligence agencies.

However, Dotcom earlier told TorrentFreak that a new spy legislation being pushed by the US and its Five Eyes alliance partners – UK, Canada, Australia and New Zealand – may force Mega to relocate its servers to some country exempt from such jurisdictions, such as Iceland.

The New Zealand government is already “aggressively” eyeing legislation that will compel all internet service providers in the country to design a “secret decryption access” for the intelligence agencies, he said.

Comments (21)

 

Some Body 30.11.2013 02:55

Alexandra 12.08.2013 05:56

when you try to book a flight and you looked it up a few times on the same internet site, a lot of companies just increase their price.

  

Of course! I've noticed that a few times! Same with SNCF (French rail). Funny too how "last 2 seats available" lasts for weeks!

 

Some Body 30.11.2013 02:48

accah lumis 05.09.2013 15:39

The Mail1Click's company isn't from USA and they don't use american servers.

  

Yes, they're from Dubai. Hm.

 

Paolo Brandoli 20.09.2013 22:16

godzcheater 24.08.2013 17:27

Could someone explain how the keys get transmitted on encrypted email services? Surely if everything is being intercepted then that will be too, as the recipient will need the key locally?

  

The encryption is asymmetric: the key used to encrypt (public key) is different from the key used to decrypt (private key).
You distribute to anybody the public key (you can give it also to the NSA) and they can encrypt messages for you, but only you can decrypt them by using the private key

View all comments (21)
Add comment

Authorization required for adding comments

Register or

Name

Password

Show password

Register

or Register

Request a new password

Send

or Register

To complete a registration check
your Email:

OK

or Register

A password has been sent to your email address

Edit profile

X

Name

New password

Retype new password

Current password

Save

Cancel

Follow us

Follow us