[guardian-dev] Lavabit, then Silent Mail shuts down

Nathan of Guardian nathan at guardianproject.info
Fri Aug 9 12:36:09 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/09/2013 12:29 PM, Dominik Schürmann wrote:
> When no keys are stored on their servers there would be no need to
> shut it down like this. The same goes for Silent Circle's Mail
> system, as it seems to use PGP.

There could be a Hushmail-like vulnerability where there is a small
window to intercept the user's passphrase, and thus, unlock their key.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSBRp5AAoJEKgBGD5ps3qpKnMQAJ4UygTiRCEKL2Y7lGRwghM7
oOo69mPF/GofUxz7vLQ9J9W0tOsz+eV5A25u86f8Uv0ohKSU3MMGefq+UKxWPTpM
XFXA9ZmfB0dwDVSK2xNUkRgdAHhsEmppRRUaijMQJ3lcRLNIToTv+RLoiAG3i4o/
58jZfP0jmZyu15MOhEAUR43hBcbvMDfbswVifW8l+qSEhnIOHUehQBQh0KdrW3lO
ngEKT80PTjdJj+rH0OUrbK7yzz+2L1GZBL8tk8TDkAtsSEIdCHc7rqY7110t4KU+
+nrFL7LVzxo9FkTCM6g+XMbcqNPRp4DNAv3cPMx2Nvc55ZPLGKgHYNdcOCFYRVhG
/W9NN66IN272E34LIjfQoqsYAw9aHMVUaTybvuPDq5ZlNaFwpiowwTQm6I5hgLfr
vH+SIxQTTvcwmXDIDTv3CxrW4jNhfadYzgaTPNLnCNN7mzQcMvIjVaccKXdLR7sq
42V2AHSja9+i3q6+5UEioLngzBaEeJNkWp4fxs0F1o+RV8DCRGcKE9OVNuTAc5q2
exARrzNVLsyFe+B6jT7eCKgdH6VPuRK360rN5g0AxNPNOSqLLvissKevmliSKlyp
CUgHzsj+cvxMCwKntae4SuFN4+4DQ4pd+Q2UeYJEFHZbYB4sM/UZ6Vc+x4wT/esf
wuLNUGnBfX0cvyxZm8H4
=ZkKw
-----END PGP SIGNATURE-----


More information about the Guardian-dev mailing list