Ladar Levison to design new military-grade email service
Share on Twitter.
Get the most reliable SMTP service for your business. You wished you got it sooner!
August 11, 2014
Lavabit founder Ladar Levison says he will soon design a military-grade email service from
the ashes of Ed Snowden's favourite email client.
As many of you will remember, Levison killed the service to prevent his clients' information from
getting in the hands of the U.S. Federal Bureau of Investigations.
The popular thorn in the side of the U.S. spy apparatus updated the 2,000-strong audience of security
hacks and privacy pundits on the Dark Mail project announced late last year.
Levison shot to fame in technology circles after he responded to a FBI demand for access to
the private SSL certificates used to encrypt all email traffic on Lavabit by printing the keys
on reams of paper in a 4-point font described by one prosecutor as largely illegible.
The move frustrated the FBI agents and Levison was subsequently slapped with a $5,000-a-day
fine until he provided the keys, which he did, shortly before shutting down his email service.
Dark Mail has since expanded to include the Magma email server and the Volcano Mozilla Thunderbird
desktop client, and has been re-branded as the Dark Internet Mail Environment (DIME).
To be sure, the platform broke up email headers encrypting each piece before it was sent so
that no single email service could hold all of the data-- a bid to shake off further Lavabit-style
requests from government spy agencies like the NSA.
It aimed to overcome user difficulty with encryption technology by adopting cryptographic
profiles, dubbed signets, that could be shared with trusted users to operate much like PGP (pretty good privacy).
It also adopted three escalating security levels-- trustful, cautious and paranoid.
Yet for all the effort put into the project by Levison and fellow security and crypto luminaries
Phil Zimmerman, Jon Callas and Mike Janke, Lavabit users could still be pawned by setting bad
"If your password is just 'love' or 'sex', nothing I can do will save you," Levison said at
the DEF CON presentation this week.
"I’m not upset that I got railroaded and I had to shut down my business. Instead, I am upset of the fact that
we need a military-specification cryptographic mail system for the entire planet just to be able to
talk to our friends and family without any kind of fear of government surveillance".
The new service was hoped to be ready in time for the Chaos Communications Congress in Germany held
a few days before New Year's Eve.
Dozens of software and services have already emerged to fight spying in the wake of the Edward Snowden
revelations in June 2013.
Overall, one of the more promising of these was the planned Invisible.IM chat platform which would
utilize the Tor network to distribute chatter wrapped in OTR encryption with disposable and quickly
In other IT news
Chinese officials are reportedly denying news stories that the country has banned the purchase
of Apple hardware for government IT projects for all of 2014 and 2015.
Reuters is suggesting that Apple computers and devices are not on its list of approved products, but
not because the Communist nation blacklisted Apple over security concerns.
Instead, the government claims, Apple had not applied to be on its list of approved hardware vendors.
However, companies and suppliers that have been approved for the list include Lenovo, Dell and HP.
But even without the approval, state officials are still allowed to acquire and run Apple
products, according to the report.
If the report is true, the statements are at odds with earlier claims that Apple was struck
from an official procurement list and, as such, employees of state-controlled agencies would no
longer be allowed to purchase and use iPads or MacBook hardware for official business.
Even if these latest reports prove accurate, all is not well between China and Apple. The iPhone and iPad maker
has had a rough time so far with Chinese officials as of late, facing criticism in China for security
concerns posed by the iPhone and the firm has been tied up in legal wrangling with the country's patent
office over its Siri service.
To be sure, Apple isn't the only American technology company at odds with the communist country.
Microsoft also faces antitrust proceedings as investigators are looking into whether the company illegally
bundled its products with copies of Windows.
In other IT news
These days, it can sometimes seem that almost everyone is a true expert when it comes to network
certification processes, and Cisco wants to change that. After all, Cisco has already help design and build about
80 percent of the internet's infrastructure.
Cisco has created a new method for people to prove their expertise in the form of a new Cisco
Industrial Networking Specialist (INS) certification.
The new certification is for information technology and operational technology professionals in
the manufacturing, process control, and oil and gas industries who install, maintain, and troubleshoot
industrial network systems.
Cisco says the new certification is needed because IoT networks and the various devices on them aren't your
grandfather's networks or devices, so the new designation is needed.
“There are literally hundreds of different protocols used by these devices,” Cisco says. “They may
have very specific needs in terms of speed and frequency of connectivity. Many of them are very susceptible
to changes in delay and latency, some of them connect intermittently, while others just come in range
from time to time. Many operate 24x7 under the harshest conditions, and a lot of them where designed to
operate in hierarchical and closed loop networks,” Cisco said.
All of which adds up to the need for a new certification. To score the cert, applicants will need to take
a course called “Managing Industrial Networks with Cisco Networking Technologies”.
No such course appears on Cisco's Global Learning Locator at the time of writing, so this is a new entry
on what some say could be a new trend at the networking giant.
Once the course is completed, applicants will be tested on knowledge of the OSI layers of IP networks,
as well as networking devices like routers and switches, and cabling approaches. Specific industrial
devices such as drives, PLCs, sensors, and substation equipment will also be covered, as well as relevant
industrial standards and models such as TIA, the Purdue model, and environmental standards.
Also covered will be various safety protocols important in an industrial zone, Cisco said.
In other IT news
The long-awaited HTTP 2.0 standard has inched a step further towards completion, with the
IETF issuing a last call on the two key documents of the new specification.
The comments are to end on September 1st, and time is rapidly running out. The project is
advancing, but at a snail's pace.
The two drafts in question are the core HTTP 2.0 document, and the HPACK header compression
It's been a very long road, and full of obstacles to get to HTTP 2.0. Last year, we reported on the various plans for interoperability testing, and that was followed in November
by a more vigorous debate over the proposal that the new internet specification make encryption
The latter proposal ultimately survived, even though it could pose some issues for some system operators.
As F5's Lori MacVittie writes, the new protocol will pose challenges for data centre operators.
By mandating SSL or TLS, a lot of traffic traversing data centres will become much harder to
see, and therefore to monitor and analyse.
And of course, there's also been the usual complaints that big interests have inhibited the development of a
In May, FreeBSD developer Poul-Henning Kamp complained that Google's SPDY protocol (for accelerating
Web traffic) was disrupting HTTP 2.0 so much that the project should be abandoned.
Mark Nottingham, the project chair, criticized Kamp and asked him as well as his working
group to either indicate their support, cease and desist.
In other IT news
IBM said this morning that it has upgraded its FlashSystem array capacity to an effective 1.6 PB
by integrating some SVC/Storwize features, including real-time data compression.
Overall, IBM's new FlashSystem V-840 release 1.2 is designed from three 2U rackmount units, an
AE-1 storage enclosure and two active AC-1 control enclosures.
The new storage system can hold 12 SSDs with 1 TB, 2 TB or 4 TB capacity, bringing raw storage up to 48
TB and configurable capacity to 40 TB.
There can be up to 8 of these in a FlashSystem configuration, making maximum configurable capacity
to 320 TB, which is lifted to 1.6 PB by achieving 80 percent compression of data stored in the new implementation.
A single FlashSystem V-840 building block has two control enclosures and four of these can be grouped
together using dedicated internal 8 Gbit/s Fibre Channel switching, providing 160 TB of configurable
The overall system can have an additional four storage enclosures, giving us the 320 TB configurable
A single V840 can have up to 5 storage enclosures, providing 200 TB of configurable capacity. A
group of four V840s can have, effectively, two storage enclosures each for a maximum of eight (40 TB)
storage servers and the 320 TB capacity limit.
Source: Ladar Levison.
Get the most dependable SMTP server for your company. You will congratulate yourself!
Share on Twitter.