Hacker News new | ask | show | jobs
by Rami114 4606 days ago
Not having had a need for this kind of secure email I didn't hear much of Lavabit until it went under. That being said, didn't it raise alarm bells with any of its users when the security model is essentially a black box (as Moxie points out) and the message in transit is only secured using SSL (turned out to be suboptimal there too).

What's the demographic for people who actually needed this service, and why didn't they spot those glaring errors earlier? Is it for lack of other services?

Just seems strange to me it took someone experienced like Moxie to be the first to finger this (and that's in hindsight).
1 comments
tedunangst 4605 days ago
People believe what they want to believe. If you're in the market for totally secure email, you're going to find something you believe is totally secure email.
link
Rami114 4605 days ago
Or, you're going to use something rock solid to encrypt your message and use some sensible approach to obscure your signals.

Not an expert here, but if you don't want to give out signals by the mere fact that you're sending an email with encrypted content, set something up to send encrypted messages regularly, at scheduled intervals, and allow a real message drop in on the queue. As long as your encryption method reveals nothing about the cleartext you can put something in the cleartext to notify your recipient this one is real. I say this in the hope nobody who needs these things for life and death situations will look at HN for advice.

link
Rami114 4605 days ago
The previous reply wasn't to hack on your comment, just wanted to make that clear.

It seems to me a lot of people want totally secure email... in a pretty box handed to them. I don't see how you can achieve end to end security while relying on a middleman. Even if you control the middleman, it shouldn't be able to tell anything about your message (it has no reason to, so it shouldn't).

So you have to do the work yourself. Making that easier to do would be great as long as it doesn't add obscurity to the process.

Tl;dr I don't see totally secure email services provided by an external entity as a feasible thing.

link