Bitcoin Forum
November 13, 2024, 02:54:56 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Lavabit closes down  (Read 2955 times)
J603
Full Member
***
Offline Offline

Activity: 196
Merit: 100



View Profile
August 09, 2013, 01:47:06 PM
 #21

And Tormail taken down too:
http://www.wired.com/threatlevel/2013/08/freedom-hosting/
This is becoming crazy.

So the government went after a hosting service that hosts child porn? Oh no!

LOL, thats all i got to say.

Quote
Freedom Hosting has long been notorious for allowing child porn to live on its servers. In 2011, the hactivist collective Anonymous singled out Freedom Hosting for denial-of-service attacks after allegedly finding the firm hosted 95 percent of the child porn hidden services on the Tor network

That's from the article you posted.

Think it out.  What does this actually mean?  That Tor actually is effective in hiding the identity of the surfers?  Seems like otherwise, they would have wanted the site left open as a honeypot.

There's a story here, and it's not just a shrug and a laugh and....

So the government went after a hosting service that hosts child porn? Oh no!



It is a shrug and a laugh. I don't have to worry about my identity being compromised because I don't go to those kinds of sites... Yes, I suppose that now technically we are all at risk for our identities to be exposed. But the thing is, the government isn't doing one massive attack on every tor user. They're going after people associated with child porn, which is not something I disagree with. I don't have anything to worry about, so I am just going to shrug it off and laugh.
bernard75
Legendary
*
Offline Offline

Activity: 1316
Merit: 1003



View Profile
August 09, 2013, 01:49:16 PM
 #22

Ah one of those "I have nothing to hide".
Ive heard of your kind, you guys are very dangerous.
J603
Full Member
***
Offline Offline

Activity: 196
Merit: 100



View Profile
August 09, 2013, 01:54:53 PM
 #23

Ah one of those "I have nothing to hide".
Ive heard of your kind, you guys are very dangerous.

I don't have any child porn to hide. I use torbrower for other things.
cjp
Full Member
***
Offline Offline

Activity: 210
Merit: 124



View Profile WWW
August 10, 2013, 10:40:36 AM
 #24

The closest I'd be able to get to a site that meets your requirements is magnesium.net, which probably fits most of your requirements.  Unfortunately, I can't really recommend it because it hasn't really been reliable lately.  Most of the time it's up, but there are occasions when it's down for weeks at a time, so reliable it isn't.  

If you can afford it, the easiest way to get something like this is to host your own website, then you can have an email address that you control more than you would otherwise since it's hosted on your own domain.  I'm going to buy my own hosting eventually and would be happy to sell you an email address through it if you like, but I'm not planning on setting it up for a while so that doesn't really help you now.

Edited to add: Actually, I would be remiss if I didn't mention Hushmail here.  They're based in Canada and I think they meet all your requirements: PGP based email, good support, no advertisements.  I don't know how reliable they are, but I've heard good things about them, so that's what I'd go for if I were you.

Thanks for the advice. Hushmail looks good to me (even when taking into account the criticism they've received), except their free account has extremely little storage space and doesn't support POP/IMAP. For their paid accounts, they don't accept Bitcoin or other anonymous payment methods.

I already own a domain name, and I think I'm going to use it for the e-mail address I communicate to my (non-pseudonymous) contacts. Right now, my hosting account only supports redirecting, but I'll check whether it is possible to upgrade it to a POP/IMAP mail box.

I considered self-hosting on my home server, but since it has so many single points of failure (ISP, modem, server, power supply etc.) I don't think I can reach the reliability level I'm looking for without significant investments.

Does anyone have experience with the e-mail services that accept Bitcoin?

When it comes to privacy, I'm thinking in two categories of e-mail:

E-mail with peers who don't care enough about privacy to put effort in protecting it:
  • This is, unfortunately, the huge majority of peers
  • E-mail has to be sent/received as plaintext, so it can be wiretapped
  • Temporary plaintext storage at an e-mail provider (few days at most, until I move it to my own computer) probably makes little difference
  • That is, unless the provider spontaneously does freaky analysis stuff on the e-mail data (like gmail does)
  • Therefore, I want a good privacy statement for non-authority privacy, and don't expect much privacy protection against authorities
  • I need a secondary account if I don't want the other (non-authority) party to know who I am (for temporary contact I'll use mailinator).

E-mail with peers who care about privacy:
  • We'll use end-to-end encryption (e.g. PGP)
  • Might use the same account as other e-mail if I don't care that others know the 'meta-data' (who talks to who on what moments)
  • When I do care about the meta-data, I need a fully pseudonymous account, accessed with something like TOR.

Donate to: 1KNgGhVJx4yKupWicMenyg6SLoS68nA6S8
http://cornwarecjp.github.io/amiko-pay/
cjp
Full Member
***
Offline Offline

Activity: 210
Merit: 124



View Profile WWW
August 10, 2013, 12:28:58 PM
 #25

You can use Chinese/Russian email services. Like qqmail and mail.ru
I considered it, but I'm afraid that the language is going to be a problem. mail.ru doesn't even offer alternative language choices for their home page!

Besides, I trust the Russians and Chinese even less than the U.S. government. The only good thing is that my own government is not a close ally of them.

Does anyone know whether this is worth its money?
https://www.trilightzone.org/securemail.html

Donate to: 1KNgGhVJx4yKupWicMenyg6SLoS68nA6S8
http://cornwarecjp.github.io/amiko-pay/
vm1990
Legendary
*
Offline Offline

Activity: 1540
Merit: 1002



View Profile
August 10, 2013, 12:48:09 PM
 #26

Ah one of those "I have nothing to hide".
Ive heard of your kind, you guys are very dangerous.

I don't have any child porn to hide. I use torbrower for other things.

id stop digging XD he could have been referring to drugs not just child porn

anyhow onto more important things if i could get the interest and a couple of coders together i might be open to hosting a private encrypted email service...
id also refuse any information requests from any LEA and probably host it on the Tor network

id like to start off with something super simple like Tormail and work up to something a bit more complex.. and id make sure emails dont have a tiny 3mb limit maybe something like 10mb to start with

favdesu
Legendary
*
Offline Offline

Activity: 1764
Merit: 1000



View Profile WWW
August 10, 2013, 01:00:13 PM
 #27

or just use bitmessage with pgp. Cheesy

bernard75
Legendary
*
Offline Offline

Activity: 1316
Merit: 1003



View Profile
August 10, 2013, 01:12:28 PM
 #28

or just use bitmessage with pgp. Cheesy
seems like the only thing left
grandinvestments
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
August 14, 2013, 03:04:18 AM
 #29

A word on hushmail:

https://en.wikipedia.org/wiki/Hushmail

Quote
However, developments in November 2007 led to doubts among security-conscious users about Hushmail's security and concern over a backdoor. Hushmail has turned over cleartext copies of private e-mail messages associated with several addresses at the request of law enforcement agencies under a Mutual Legal Assistance Treaty with the United States.
favdesu
Legendary
*
Offline Offline

Activity: 1764
Merit: 1000



View Profile WWW
August 14, 2013, 05:01:50 AM
 #30

A word on hushmail:

https://en.wikipedia.org/wiki/Hushmail

Quote
However, developments in November 2007 led to doubts among security-conscious users about Hushmail's security and concern over a backdoor. Hushmail has turned over cleartext copies of private e-mail messages associated with several addresses at the request of law enforcement agencies under a Mutual Legal Assistance Treaty with the United States.

yeah, safe money and open a gmail or yahoo. still better than a fake privacy mail service

bernard75
Legendary
*
Offline Offline

Activity: 1316
Merit: 1003



View Profile
August 14, 2013, 05:39:52 AM
 #31

There is still Riseup:
https://www.riseup.net/de/riseup-and-government-faq
Although they are US based they keep on fighting.
ccl
Full Member
***
Offline Offline

Activity: 175
Merit: 100



View Profile
August 14, 2013, 06:10:15 AM
 #32

soooo, I forgot my dropbox password great!  Embarrassed since I have my lavabit account tied to it I cannot reset it  Sad Hopefully dropbox support gives me a positive answer.....

BTC.sx - Leveraged Bitcoin Trading.
Get paid weekly for your signature.

1GTJ2DhqSPHBTEjG7GCjz6XLYZhU1hEz2a - thanks for donating Smiley
manfred
Legendary
*
Offline Offline

Activity: 966
Merit: 1001


Energy is Wealth


View Profile
August 14, 2013, 12:25:13 PM
 #33

There is still Riseup:
https://www.riseup.net/de/riseup-and-government-faq
Although they are US based they keep on fighting.

Also MEGA is setting up an encrypted email service, but it still several months before its finished.
http://www.zdnet.com/mega-to-fill-secure-email-gap-left-by-lavabit-7000019232/ or
http://www.techhive.com/article/2046445/kim-dotcoms-mega-vows-to-create-useable-encrypted-email-for-the-masses.html
.
cryptasm
Legendary
*
Offline Offline

Activity: 997
Merit: 1002


Gamdom.com


View Profile WWW
August 14, 2013, 01:19:41 PM
 #34

There's a decent list of alternatives here:

http://www.dailydot.com/lifestyle/tor-tormail-dark-web-communication-pgp/

Looking forward to when Tox.im is fully developed

Plus an interesting interview with Lavabit boss here:

https://www.youtube.com/watch?v=Ui3KpztUzVg
halfawake
Hero Member
*****
Offline Offline

Activity: 490
Merit: 500


View Profile
August 14, 2013, 10:47:45 PM
 #35

There was an article in our local newspaper today about a company called Privato which offers double encrypted email.  It's not free - the article says they charge $100 / year, but I just thought I'd throw it out there as an option.  Looks like they are geared more towards businesses than personal email, but I'd doubt they'd turn you down if you'd want to shell out the money.

Personally, I'd probably just stick with my Gmail account and encrypt the messages that I want to be secure.  The government would still be able to tell who I'm sending things to, but not what's actually in the message.  It's a shame more people don't use encryption - for me, that's the hard part about encryption, I know how to use it, but most people I'm communicating with don't use PGP / GPG.

BTC: 13kJEpqhkW5MnQhWLvum7N5v8LbTAhzeWj
MysteryMiner
Legendary
*
Offline Offline

Activity: 1512
Merit: 1049


Death to enemies!


View Profile
August 18, 2013, 09:20:10 PM
 #36

Don't use Russian or Chinese e-mail providers at all! mail.ru is just as bad as gmail the only difference is that it have direct link to FSB and Russian oligarchs instead of FBI/NSA.

Self-hosted server is great but it have many points of failure. Then comes mail servers hosted in Latin America or Africa.

bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
chipug
Full Member
***
Offline Offline

Activity: 165
Merit: 100


696B6111


View Profile
August 23, 2013, 10:21:09 AM
Last edit: August 23, 2013, 10:50:48 AM by chipug
 #37

https://bitcointalk.org/index.php?topic=279981.msg2991953#msg2991953
bernard75
Legendary
*
Offline Offline

Activity: 1316
Merit: 1003



View Profile
August 23, 2013, 02:10:20 PM
Last edit: August 23, 2013, 03:25:09 PM by bernard75
 #38

Lavabit, Silent Circle, Tormail and now Bitmessage:

It seems like all users received the following message today:

Quote
Bitmessage has several potential security issues including a broken proof of work function and potential private key leaks.

 Full details:
 http://secupost.net/*RefNumber/bitmessage-security

Somebody is collecting IPs, i wonder who? Wink
bernard75
Legendary
*
Offline Offline

Activity: 1316
Merit: 1003



View Profile
August 23, 2013, 03:34:57 PM
 #39

http://www.chronicles.no/2013/08/bitmessage-crackdown.html

Quote
Mr "Robert White" was behind the "attack" (message from secupost.net and Bitmessage):
-- -- --
This message is also available at http://secupost.net

Alright, the messages sent out a few days ago are starting to expire now. It's time for everyone to learn what the purpose of secupost.net is.

As many of you guessed, this is indeed a Bitmessage address to IP address mapper. Yes, the only thing that webserver would send was a 500 message.

It did alright too, gathering nearly 500 bitmessage users information after sending 15000 messages. Double what I expected.

I've included both a log of each address detected and the first thing to hit it including IP, reverse DNS and useragent as well as raw logs for every valid request. If you need to confirm this signature so you can verify messages from me when bitmessage is down, please see the bitmessage general chan for a copy from my bitmessage address.

So, future lessons:
- - - Yes, all bitmessage addresses are public and can be read from your messages.dat file using a small script.
- - - Don't click links. Even if it looks like a security-related site and uses some technical terms. I am not a nice person, I will publish any information I can gather about you and I don't care if you get lit on fire by terrorists because of it.
- - - Bitmessage does _not_ scale. It took me around 3.5 hours to send ~15k messages but it took the bitmessage network over 18 hours to fully propogate them.

Some of you were smart enough to use tor or VPN providers, but many of these are direct home or server IPs. The information below is more than enough for any government to come after you or any script kiddie to DDoS you. Be more careful next time.

Some of you tried to use scripts to claim addresses which weren't yours and skew the data, of course, you didn't even change your user-agent.

Even without accouting for that your attacks were ineffective because the IDs were generated in a non-linear fashion using a cropped HMAC-SHA256. To find your id:

def gen_mac(addr):
mac = hmac.new("fuck you", addr, hashlib.sha256).digest()
return unpack('>I', mac[0:4])[0]

This simple deterministic method means that you would have had to try... (2^32/15000)/2 = 143165 times on average just to get a single collision. Thanks for playing, but no luck this time.

This service has been operated completely anonymously thanks to Tor and Bitcoin. I hope you enjoy the result.

Robert White (BM-2D8yr4fzoMzwndqPwLMVyzUcdfK9LWZXjY)
Akka
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001



View Profile
October 31, 2013, 10:10:41 PM
 #40

It's coming back. Better than before (?): http://silentcircle.wordpress.com/2013/10/30/announcing-the-dark-mail-alliance-founded-by-silent-circle-lavabit/

All previous versions of currency will no longer be supported as of this update
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!