Wired has the background on just what the fedspies did that prompted Ladar Levison to shut down the privacymail service, Lavabit.
It was a heck of a principled thing Levison did, and a gutsy one, shutting down a service with 400,000
paying (including about 10k paying; correction from Steve in comments) customers rather than betray those who trusted him.
We already knew that. What we didn’t know (among other things) was how he handled the fed demand when he was finally forced into a corner after a hard fight:
The judge also rejected Lavabit’s motion to unseal the record. “This is an ongoing criminal investigation, and there’s no leeway to disclose any information about it.”
In an interesting work-around, Levison complied the next day by turning over the private SSL keys as an 11 page printout in 4-point type. The government, not unreasonably, called the printout “illegible.”
“To make use of these keys, the FBI would have to manually input all 2,560 characters, and one incorrect keystroke in this laborious process would render the FBI collection system incapable of collecting decrypted data,” prosecutors wrote.
Carl Bussjaeger, who sent the Wired link, says, “Life imitates Art.”
From Carl’s novel Net Assets (Page 127. Scene: Feds have subpoenaed the Launcher Company’s financial records. The company complies, but in the interest of security, have encrypted the files.):
“Oh, yeah,” Neville said, once reminded of the encryption aspect of this charade. “You have that crypto key with you? Eventually, they’re bound t’ think of gettin’ an order for that. Might as well have it ready.”
Leroy slipped a large folded envelope from a rear pocket. “Here you go. Two hundred kilobit ASCII, printed out in 6 point Staccato font, bold face and italic, guaranteed OCR unreadable and to induce terminal eyestrain in the first ten people trying to enter it manually.”
I hope Levison can eventually reopen Lavabit in some freer country. Now, there’s a man who has earned the trust people gave him.