14 DAY TRIAL // There are still ways to securely send emails nowadays, even if the NSA is trying to keep an eye on everything. Lavabit, a safe email service supposedly used by Edward Snowden, closed down after pressure from the American authorities, but Lavaboom is alive and well.
In fact, this is a new email service based in Germany that will enter private beta this week.
Although the names of the two services are pretty similar and they’re both meant to deliver emails, the Lavaboom is meant to be a tribute to its predecessor.
Unlike Lavabit, which required people to pay for the service, Lavaboom is free and offers a 500 MB mailbox wrapped in tight security. Additional storage space is open for those who want it. The company accepts Paypal, Bitcoin or even cash. The first option is good for safety, while the Bitcoin option is great for anonymity. Euros can be sent by post to Lavaboom’s office with detailed instructions and account info.
On the one hand, it offers end-to-end encryption, zero-knowledge privacy and three-way authentication. Basically, Lavaboom wants to make encryption something extremely simple that doesn’t require users to go through loops to make their communications safe.
As mentioned, the service doesn’t just offer two-step authentication like most email systems, but rather implements a different one.
“In addition to your key-pair and password we can either send you a randomly generated code or you can use the OTP-feature of a YubiKey. Or even both. We strongly recommend using YubiKey,” the site reads.
On the other hand, Lavaboom doesn’t guarantee that your messages will be encrypted. If they’re not, it’s basically all your fault. “Don’t worry, we want to provide secure email for everyone, so there are clear how-to guides for beginners. We’ve made sure that every part of the service is clearly explained,” the site reassures everyone.
They also recommend that users submit their public keys to a key-server, despite there being some risks involved. “We only use trusted, Open-Source key-servers such as the SKS-Pool and the MIT-Pool. These services are used for public key submission as well as public-key retrieval. You can add your key to a key-server or exchange public key hashes and then manually import them into Lavaboom,” they advise.
Given the fact that Lavaboom was founded in Germany, chances are that it will be safe from NSA interference. At the very least, they won’t be able to demand that the company reveal its SSL keys.