Lavabit reopens for brief window to let users get at their data

Filed Under: Cryptography, Featured, Law & order

Lavabit logoLavabit, formerly the encrypted-email provider for NSA secret-leaker Edward Snowden, has reopened for a brief window of time to let its users get at their data.

Lavabit founder Ladar Levison on Monday posted a brief message saying that the first step would be to enable users to change their password during a 72-hour period that started on Monday at 7:00 pm Central time (Greenwich Mean Time [GMT] -5).

Lavabit said that the password-change step was created "due to recent events in the news that have lead people to believe that their account information may have been compromised."

Any users who are concerned that their account information has been compromised will be able to change their account password on a website with a newly secured SSL key.

(Note that the URL Lavabit provided, http://liberty.lavabit.com, doesn't work in some browsers, bringing up a blank page. This can be fixed by switching to HTTPS: https://liberty.lavabit.com.)

Following the 72-hour window to change passwords, starting on 17 October, the site will then enable users to access email archives and personal account data.

Lavabit abruptly shut down in August amidst legal wranglings that a gag order kept it from disclosing.

Levison said in a statement at the time that it had come down to a decision: either "become complicit in crimes against the American people" or "walk away from nearly ten years of hard work by shutting down Lavabit."

(As it turned out, Lavabit did, in fact, hand over its crypto keys to the US government - printed in a near-microscopic 4-point font.)

Sister encrypted email service Silent Circle quickly followed suit, silencing email in anticipation of the US government getting its hands on the metadata inevitably associated with email.

Lavabit now says that it's moving to open the data access window to its users because its abrupt closure - done to protect its users' privacy - left users without a way to access their sensitive data.

That includes the founder himself, who said in the message posted on Monday that he's feeling the same pain as his email-less users:

I'm in the same boat as them. I used my Lavabit email account for 10 years. It was my only email account.

, , , , ,

You might like

4 Responses to Lavabit reopens for brief window to let users get at their data

  1. Loop · 334 days ago

    Hmm...so the NSA has the keys and now they want the users of the system to come get their mail?

    • Machin Shin · 334 days ago

      I guess you missed the part where it said "on a website with a newly secured SSL key." The government has the old SSL key, that was revoked by the way, and so now they are using a new key that the government does not have.

      • Loop · 334 days ago

        I did read that. But the fact the NSA already has been in contact with Lavabit....I still would not trust it for that fact. How do we know they don't have the new SSL key? I was just thinking that others may have info they want to retrieve and the NSA is waiting for them to come for it....I may be way off base....just a paranoid thought!

        • Thomas · 334 days ago

          Paraphrasing an old saying:

          It's not paranoia when in fact, someone is trying to scoop up your emails.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.