[LINK] GCHQ Forced Secure Email Service PrivateSky to Shut Down

Kim Holburn kim at holburn.net
Sat Dec 14 09:16:43 AEDT 2013


http://www.ibtimes.co.uk/articles/529392/20131211/gchq-forced-privatesky-secure-email-service-offline.htm

> PrivateSky was shut down at the beginning of the year after introducing a web-based version in beta and for Outlook and had "tens of thousands of heavily active users".
> 
> Brian Spector, CEO of CertiVox, told IT Security Guru: "Towards the end of 2012, we heard from the National Technical Assistance Centre (NTAC), a division of GCHQ and a liaison with the Home Office, [that] they wanted the keys to decrypt the customer data. We did it before Lavabit and Silent Circle and it was before Snowden happened.
> 
> "It is the same in the USA with FISMA, and it is essentially a national security warrant. So in late 2012 we had the choice to make - either architect the world's most secure encryption system on the planet, so secure that CertiVox cannot see your data, or spend £500,000 building a backdoor into the system to mainline data to GCHQ so they can mainline it over to the NSA.
> 
> "It would be anti-ethical to the values and message we are selling our customers in the first place."
> 
> Catastrophic invasion of privacy
> 
> Spector added: "Whether or not you agree or disagree with the UK and US government, this is how it is and you have to comply with it. We still have PrivateSky and run it internally for own use but we don't allow anyone to access it."
> 
> He said that from the technology it has implemented a split of the root key in the M-Pin technology so it has one half and the user has the other.
> 
> "So as far as I know we are the first to do that so if the NSA or GCHQ says 'hand it over' we can comply as they cannot do anything with it until they have the other half, where the customer has control of it."
> 
> Lavabit and Silent Circle
> 
> Earlier this year, both Lavabit and Silent Circle closed their secure email services. Lavabit said it was not able to offer the same security for email as it did for phone, video and text services.  
> 
> Lavabit owner and operator Ladar Levison confirmed that its email service was being suspended after ties with NSA whistleblower Edward Snowden forced his hand into becoming "complicit in crimes against the American people or walk[ing] away from nearly 10 years of hard work by shutting down Lavabit".
> 
> Spector said: "The stock answer is that it is complicated. It was a smattering of businesses and consumers who used it and you don't have any recourse on it or let the subject know that you have been approached to monitor their communications, as that is also against the law.
> 
> "It was all too heavy, and all too cloak and dagger for what we wanted to do, and the worst thing was we could have built a backdoor in but we are selling out our customers and the security of the service.
> 
> "We are business people but we believe in privacy, internet freedom and responsible government."


-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 







More information about the Link mailing list