Dark Mail, the brainchild of Ladar Levison of Lavabit and Jon Callas of Silent Circle, is an open-source system to allow end-to-end encryption in the emailing system, protecting confidential data from prying government eyes.
Lavabit had to face the US government in a legal battle, as the government wanted the company to hand over its email encryption keys. It is well-known that Lavabit services were used by Edward Snowden when he leaked sensitive government information to the media.
The project had become possible because of the duo, Ladar Levison and Stephen Watt. Both of them had their own conflicts with the government in different ways.
Levison had a rift with the government when his company, Lavabit, closed down its encrypted email business, instead of giving in to government demands of its private SSL keys. These keys would help the government decrypt the traffic passing between Lavabit customers, enabling the spies to read all the information. The government is already able to spy on regular email users (as disclosed by Edward Snowden).
Watt used to be a successful Wall Street software developer, coding for stock trading systems. He got into trouble when he created a packet-sniffing code for a friend, and discovered later that he was involved in a huge bank card heist. For that, he had to serve two years in a US prison.
After he was released in 2011, he couldn’t find a meaningful job, because he was barred from working in the securities industry.
He met Levison through a mutual friend on Facebook and Levison was looking for someone with the right skills, and this turned out to be a great opportunity for both of them.
Although Watt had a prison term is his past, it wasn’t much of a problem. Levison checked the legal case and found that Watt hadn’t done anything wrong; and since Lavabit had its own little history of a legal battle with the government, they made a perfect team.
The Workings of Dark Mail
Dark Mail follows the concept of Tor, the Onion Router. It has thousands of servers that are managed by volunteers across the world. These servers randomly bounce encrypted data packets from one node to another, until they reach their destination. Servers in Tor can identify the IP address of the sender and are aware of the next node, but not the final destination.
Dark Mail works with mainly two servers – the sender’s and the recipient’s domains.
The sender’s server is aware of the recipient’s domain, but it isn’t aware of the recipient. The server working on the recipient’s domain delivers the message to the right account by decrypting the “To:” field. It isn’t aware of the sender, just the sender’s domain.
NSA can monitor regular email traffic easily, but if they try to monitor Dark Mail, they will only get to know the sender’s or receiver’s domains, but not the actual sender or receiver.
Does this mean that Dark Main is completely immune to NSA snooping? Not exactly. NSA can obtain a subpoena and can have access to these domains. However, not all domains store the required data. Also, the process of Dark Mail makes snooping around very, very difficult if not entirely impossible.
The project hasn’t finished yet, and the Dark Mail protocol is still being tested for special conditions; for example, if both the sender and receiver belong to the same domain, their details need to be kept hidden from each other.
According to Levison, Dark Mail will act as a base, and other people will be able to build more secure options based on this technology. He also revealed that he had the idea of Dark Mail about five years ago, but at that time, it wasn’t something that would get popular. However, now that people know about the threat to their confidential data, there are many users who are willing to pay for such a system.
A lot of help from Kickstarter
The concept of Dark Mail was envisioned even before Lavabit had its legal battle with the government. But this concept would have little value back in those days, because people weren’t aware that the U.S. was spying on everyone in the world.
Levison has now gained the status of an Internet icon, and this has helped him raise more than $200,000 using a Kickstarter campaign. People have contributed to this mission, hoping for a better and safer email system. Dark Mail is the platform that can bring a next-Gen email system that is private and secure. This system will put an end to the decades-old email system that relies on vulnerable protocols.