Raising the Shields – Part 10: The Darkmail Inititative

Apart from video telephony, eMail is one of the services I have to use without encryption and is thus a thorn in my quest for having as much privacy as possible online and to protect myself from the doings of surveillance states. I tried my luck with the Thunderbird GnuPG plugin but in practice there are two many limitations for me (see here for the details). From my point of view the email system as we use it today is broken as far as confidentiality and privacy is concerned and there's no way to fix it. The only cure is a complete redesign with security and privacy in mind. This is where the Darkmail Initiative comes in.

Founded by Ladar Levinson, owner of 'Lavabit', a company that offered secure email storage and that recently had to shut down to prevent the US government from spying on their users after having to hand over their SSL encryption keys, Darkmail sets out to fix that particular problem by designing a new email system with built-in end-to-end encryption. This way, the user is in full control of encryption and services providers can no longer be forced to reveal SSL keys or other sensitive information.

This is the way it ought to be! Instead of just tapping and analyzing all data, surveillance of email will become more selective again as the only point where the email is decrypted is on a person's device. And while I don't support general surveillance of the Internet I very much support targeted tapping to keep us save, provided that a warrant has been obtained from a judge after providing evidence as to its necessity.

Here's a link to a video of an interview the Huffington post did with Lavar a couple of days ago. Apart from a general introduction he also briefly discusses the impact end-to-end encryption will have for online email services such as Google, Yahoo, Microsoft and others. Think targeted adds based on automated scanning of email content (which is no longer possible on the server side)…

End-to-end encryption is the only way to keep email private and confidential. As current methods are insufficient I fully welcome this initiative and decided to back it over at Kickstarter where Ladar is raising money to fund this open source project. Have a look perhaps that's something you'd like to support as well.

And yes, I assume the 'dark' in Darkmail refers to the connection going 'dark' (i.e. being encrypted and not breakable) rather than implying dark dealings 🙂