When Lavabit — an email service that National Security Agency leaker Edward Snowden used — suspended service last week amid hints that it had received a government demand for information, a competing service called Silent Circle made a draconian decision: to obliterate all of its customers' stored email.

The episode pointed out two fundamental weaknesses in email. First, even if an email service encrypts messages for secrecy, as Lavabit and Silent Circle did, the email headers and routing protocols reveal who the senders and receivers are, and that information can be valuable in its own right. And second, the passcodes used as keys to decrypt messages can be requested by the government (if held by the email company) or simply stolen by sophisticated malware.

When email was created 40 years ago, security or anonymity wasn't part of the design. The routing and labeling protocols plainly state what computer sent it or forwarded it, what computer received it, and what time all this happened. "There are far too many leaks of information and metadata intrinsically in the email protocols themselves," says Mike Janke, CEO of Silent Circle, whose customers include people in companies and government agencies with secrets to protect. "It doesn't matter what you try to do with email, there are these inherent weaknesses. So we got rid of Silent Mail [the company's email service]. We deleted all of it, burned it and threw it in the ocean with locks and chains on it. People lost all their email, but the response went from 'Why would you do this?' to 'Thanks for doing this.'"

SEE ALSO: An App Keeps Spies Away from Your iPhone

Lavabit and Silent Circle and some other providers have offered a straightforward proposition: They will keep your email encrypted at all times, except when you are reading and writing it on your own computer. This is in contrast to services like Gmail, which encrypts email only for the trip over the network but stores the messages "in the clear" in its servers and mines that data to serve you ads.

Lavabit's founder, Ladar Levinson, says he suspended operations rather than be "complicit in crimes against the American people." Levinson could not be reached for comment but told The New York Times that he was under a gag order, implying that he received a National Security Letter, in which the FBI or NSA demands information for an investigation relevant to national security and requires the recipient to not reveal even having received the letter. In contrast to Silent Circle, the Lavabit data has not been deleted, he says.

Janke says that news triggered an emergency conversation with Phil Zimmermann, a Silent Circle founder who in 1991 created the email encryption protocol known as PGP for "pretty good privacy." "Once we saw what happened with Lavabit, we realized it wasn't days, it was hours that we had to make a decision," Janke says. But he adds that he never did receive a request.

The problem — besides the metadata that accompanies all email — was that 98% of Silent Mail customers opted to let Silent Circle hold the encryption keys, which made using the service much easier. When users manage their own keys, they have to log into a special system to exchange cryptographic keys with each person they want to email with. By possessing the keys to manage this process, the company could decrypt the messages if forced to. "If we got a legitimate request, we could in fact turn it over," Janke says.

Silent Circle remains in business, because fewer than 5% of its customers were using the now-deleted mail service. Most of them use other Silent Circle services that encrypt phone, text, and video content. This allows users to, for example, send an encrypted file via text message and even attach a time limit so that it will be deleted from both the sending and receiving devices after some period.

Yet these services also can be undermined by malware that can steal encryption keys stored on computers or grab data that has been decrypted by the user. "It is very difficult to be malware-protected," says Radu Sion, a computer scientist and security expert at Stony Brook University. "A highly determined adversary — I don't want to say the government here — will have access to any machine in the world."

Existing email services could become a little more private by encrypting header information. The techniques are well understood, but there is limited demand for them, Sion says. "The public is not asking for it since people don't care about privacy, really," he says. "And the cloud email providers make lots of money by mining your messages."

Meanwhile, Silent Circle is working on replacing its defunct email service with a system that doesn't rely on traditional email protocols and keeps no messages or metadata within the company's grasp. It is based on a protocol often used for instant messages and other applications. Janke says the goal is for this to not be email, but "for all intents and purposes it looks, feels, and acts like email."

Image: iStockphoto, vyort

This article originally published at MIT Technology Review here