Unsealed docs show what really happened with Lavabit

Unsealed docs show what really happened with Lavabit

Summary: Now that the court documents have been unsealed, there's no need to guess whether Lavabit shut down because of Edward Snowden.


In August, Lavabit, a secure email provider that happened to have whistleblower Edward Snowden as a customer, shut down in a cryptic manner. The company's owner and operator Ladar Levison bid the internet goodbye, saying that he had made the decision because it would otherwise mean becoming "complicit in crimes against the American people".

At the time, Levison said he wished that he could "legally share with you the events that led to my decision", but could not.

Many people, including ZDNet's Ed Bott, speculated that rather than allowing the US government to read Snowden's email, and thus compromise his business, Levison chose to shut it down.

Documents unsealed in Lavabit's appeal process against the US show that this was essentially the case, as the US government had ordered Lavabit to hand over its SSL keys.

The formerly sealed court order states: "The court determines that there is reason to believe that notification of the existence of this order will seriously jeopardize the ongoing investigation, including by giving targets an opportunity to flee or continue flight from prosecution, destroy, or tamper with evidence, change patterns of behavior, or notify confederates.

"It is further ordered that Lavabit LLC shall not disclose the existence of the application of the United States, or the existence of this order of the court ... to any other person, unless and until otherwise authorized to do so by the court."

Wired has the complete document set on its website, the first of which is dated June 10, 2013.

The documents show that the US government sought to force Lavabit to install a "pen register and the use of a trap and trace device" on a particular email account. The address is redacted in the documents, but it is believed to belong to Edward Snowden.

They also show that the FBI, which Levison was meant to assist, repeatedly visited him at his home. Levison did attempt to fight back in what little way he could, stating that he would refuse to turn up to court unless the government paid for his travel expenses. It did.

Levison later attempted to delay the process, stating that he could comply with the installation of the pen register, but only after 60 days and only if the government paid him $2,000 for "developmental time and equipment" and an additional $1,500 if the government wanted data more frequently than 60 days. He claimed that the cost of reissuing SSL certificates would be $2,000.

The SSL certificates are key to making any information useful. Levison appears to be aware of this, even conceding to the installation of the pen register device if he can get some of the documents unsealed and in front of the the public eye.

Levison's defence against handing over the SSL keys was that all of his customers' privacy will be affected if he did. The US government counter-argued that its collection of data is limited specifically to the email account in question due to the Wiretap Act and the Pen-Trap act.

The documents draw a parallel to an apartment building:

"Compelling the owner of an apartment building to unlock the building's front door so that agents can search one apartment is not a 'general search' of the entire apartment building — even if the building owner imagines that undisciplined agents will illegally kick down the doors to apartments not described in the warrant."

Though this may legally be the case, it would technically have enough information to examine any account.

Understanding that the US government is not taking no for an answer, Levison offered an alternative: Redeveloping his platform so that individual users are protected, even if he gives up his SSL keys, thus providing information on one account. He estimated that it will take 20 to 40 hours to do so.

This arrangement was refused by the US government, its legal counsel stating that "he's had every opportunity to propose solutions to come up with ways to address his concerns and he simply hasn't".

In a last-ditch effort, Levison gave the FBI a print-out of the encryption keys that it needed, but printed out over 11 pages in 4-point type, described by the court as "largely illegible". When this was not accepted, Levison was ordered to provide the keys on a CD and face fines of $5,000 per day.

Lavabit shut down two days later.

Topics: Security, Government, Government US, Privacy

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • one has to wonder

    Why would the US government (FBI, NSA etc) ever want the actual web site SSL keys. With the abysmal way SSL PKI is working, they could go to any well known CA and order them to issue an SSL certificate for lavabit.com. Then they can simply set up a man in the middle site that will re-relay the data back to the original site.

    Nothing of this is new. We already demonstrated how to do it and why solutions like DNSSEC and DANE are better than the absurd "secure" SSL PKI we have today.

    One has to wonder, whether those law enforcement guys are just clueless, or this is just a noise to keep the public busy and distracted.
    • They want it to decode past communications.

      No other reason.
      • Past communications

        It might be faster to actually crack the SSL session. If they have enough data (and they likely do), with the computing power at NSAs disposal, this is trivial. There is enough well known plaintext to run the decipher.

        If it doesn't have to happen in real time, that is. For me, this all is a show.
        And the shutting down of the site does not mean they haven't got the SSL keys. In fact, they did get the key printed on paper -- so there was essentially no point in shutting down the service.
        • It might be slower.

          "It might be faster to actually crack the SSL session."

          It might be slower. Keep in mind that more recent forms of SSL allow for stronger forms of encryption. Even if the NSA has the technology to crack older forms of SSL, they might not have the technology to crack more recent forms of SSL/TLS.

          Most evidence points to the idea that "cracking SSL" is done by attacking areas outside of SSL (by installing trojans on endpoints or asking for SSL keys), rather than by attacking the math itself.

          "with the computing power at NSAs disposal, this is trivial."

          Proof? Do you actually have evidence that the technology is out there to actually completely crack the math, in particular the math behind some of the stronger algorithms, such as the AES algorithms?

          Last I checked, a paper written by Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger in 2011 came up with an attck that takes 3.8*10^76 operations to crack an AES 256 key. Can you show me a computer than can process 3800000000000000000000000000000000000000000000000000000000000000000000000000 trials in a reasonable amount of time?
    • Well..

      He was being a dick about providing log data that any newbie linux kid could provide. The Metadata. The same metadata that's replicated on every other server in the world. For some reason that was going to cost the government thousands of dollars to procure from Lavabit.

      The government wanted the SSL keys, because at that point, he'd already dicked them around too much for them to even trust him anymore.
      • Oh and...

        Initially only the metadata was requested - To/From/TimeDate - for a single account. There is no good reason to withhold that information. Government entities aren't going to go through the trouble requesting that info just because they're bored.
    • Er.. I think clueless

      It's well known in gossip circles that the really good encryption tech guys just don't want to be associated with the gov't anymore.. their bad behavior is getting them substandard coders. So, they probably didn't know this at all until they read your comment!
      Not to worry , they probably didn't understand it anyways ;-)
      Nick Ettema
  • Ladar Levison...

    is my new hero!!