Ultra-secure mail service GhostMail stops working with regular users

The company will cooperate only with corporate clients, because it does not want to take responsibility for the actions of criminals.

Secure email service GhostMail announced that from September 1, it will only cooperate with corporate clients. Normal users will not be able to work with this mail service. The management of the company made such a decision in order not to take responsibility for the possible actions of “bad people”. In other words, the creators of GhostMail fear that the service will work terrorists or criminals of another kind, who need to hide their correspondence from the authorities.



A message to users posted on the GhostMail main page states the following: “Since the launch of our project, the world has changed for the worse, and we don’t want to take responsibility for supporting bad people - it’s not worth the risk.”



“In general, we support the idea of ​​inviolability of private information, but we made a strategic decision to provide services only to corporate users. We hope that you understand our solution, and offer a free alternative - ProtonMail. Members of paid accounts will get their money back, they will be contacted personally. ”

')

GhostMail began work in 2014. The founders of the service claim that the files deleted by the user are really deleted, and not stored on the servers. The service description page says that the company is not American and it does not collect user data. All information is encrypted.



“We are not interested in identifying you or receiving your personal data. When working with GhostMail, you are protected, and the risks of stealing personal information are minimized, ”the site says.



So far, it is unclear whether the service is being closed for ordinary users due to the requirements of the authorities of any country or countries, or whether the management of the company has taken this decision independently, without pressure from outside.



GhostMail is not the first hacked email service that stops working (at least with regular users). A few years ago, the creator of a secure email service, Lavabit, had to liquidate the company under pressure from the US authorities. Then Levinson received a court order to issue TLS keys. He decided to close the company, and instead of issuing keys (according to him), he destroyed all data, including files and keys. Lavabit was a popular service. At the time of closing, he counted 410 thousand user accounts. He worked with Lavabit and Edward Snowden, who considered this mailer safer than others.



It all started with the fact that the FBI agents appeared to the founder of the service and demanded access to the equipment for installing tracking devices. The owner of the company had to agree, but after a while the FBI realized that the agents did not have access to the contents of the letters. In order to read the letter, you need a TLS-key. But the keys Ladar Levinson, the founder of Lavabit, refused to give out.



After that, legal proceedings began, and Levinson was threatened with imprisonment. After weighing all the pros and cons, he decided to close his company.



One of the most well-known secure email services is ProtonMail . It was created by several employees of the European Laboratory for Nuclear Research (CERN). This email service is one of the most secure in the world. For example, all information is encrypted on the client side, and all servers of the service are located in Switzerland. In this country it is very difficult, if not impossible, to gain access to private information.





Protonmail system architecture (2014)



For authorization user uses two-factor authentication, with two passwords. One password is required to log into your own account and receive your own data in encrypted form. The second password gives access to the encryption key, with which all information is presented in a readable form. The second password cannot be restored - the support service will not help if it is lost. However, in order to be able to work with all the functions of the service, it is also necessary that the interlocutor is a user of ProtonMail.



If you wish, you can send a secure message to a third-party service user. Encryption uses the AES-256 algorithm. To decode, you need a password that must be known to both the addressee and the sender. In the email received by the addressee, there is a link that sends to the ProtonMail server. In this case, the recipient will see a link to the letter, which can be read by entering a password.