Dark Mail Alliance 'Not Logical' or 'Commercially Feasible'
The CEO of Certivox has branded the collaboration between Lavabit and Silent Circle to provide widespread end-to-end email encryption as illogical.
The proposed Dark Mail Alliance has been described as having "no logic" and having no business for providers to adopt.
Speaking to IT Security Guru, Brian Spector, CEO of CertiVox said that the proposed secure email protocol would not be used by big service providers as "it is just not commercially feasible for large scale ISPs to do so."
The Dark Mail Alliance emerged in October from the ashes of two encrypted email services which had to be shuttered earlier in the year after both discovered their customers could be vulnerable to surveillance in the wake of the Edward Snowden leaks.
The two companies teamed up to create Dark Mail Alliance which plans to offer an open-source tool to create peer-to-peer, end-to-end encryption as an add-on for any email service. The problem is to make it work they will need to convince the big email providers (Google, Yahoo, Microsoft) to adopt the new system.
This, according to Spector, is just not going to happen:
"What they are trying to do is get more ISPs to adopt it, there is no way the big internet service providers will use it. You can implement a technology like we did which ties your hands technically, but you are still a hosted service provider. The government doesn't care, you're still the guy hosting the data.
No logic
"The big service providers will never adopt it, maybe small providers in Iceland who run these services and if money were no object I would probably set up my own Dark Mail, and I don't think it is going to get adopted but it is just not commercially feasible for large scale ISPs to do so. There is no upside to doing that as an actual sustainable business.
"If you cannot comply, then the stress just shot up and for what, because I am an internet freedom fighter? There is no logic behind why folks do it."
Mike Janke, CEO of Silent Circle and one of the founders of Dark Mail Alliance, said one of the problems is people don't understand that what it is doing with the email architecture is "peer-to-peer" and utilises the unique architecture that the team has developed.
"It is not intended to 'completely replace all email architecture', but rather to become an alternative option," he said.
"With Dark Mail there are no keys on a server. The email provider has nothing to turn over. At this point, we have overwhelming interest from ISP from around the world. We don't need the Google's, Yahoo's and Microsoft's to adopt it or replace their systems with ours, there are hundreds of small and medium providers who are going to and will adopt it. Many are adopting it and will provide it as an optional service for those who care about security and privacy. Many are going to just offer the Dark Mail architecture service."
Responding to comments made by Spector that big service providers will never adopt it as it is "not commercially feasible for large scale ISPs to do so" Janke said that the Dark Mail Alliance does not need to have every provider in the world to adopt it, as with over 50 worldwide email providers from 30+ countries adopting it and offering it as a service, they are effectively giving the world a new option.
"Citizens around the world can select from 50, 100 or 200 various email providers and have secure end-to-end email. We don't just our success by whether Yahoo adopts it, because people and businesses that care to have secure communications can find 50+ providers to choose from," he said.
"There will always be a segment of the population and teenagers that don't care about security or don't realise the implications. We judge success by the fact that Dark Mail will become a major option for citizens and businesses of the world and that is happening by small and medium providers implementing and offering it."
Dan Raywood is editor of IT Security Guru
© Copyright IBTimes 2024. All rights reserved.