Lavabit

Lavabit Services

Listed are some of our main solutions, apply for free here.

Lavabit Cloud

Overview and Introduction

Store and share sensitive information on a need to know basis with full audit trail and compliance assurance. You can share the files you want, and give access to other members. Traffic is logged in real-time, so you can always follow the audit trail, and see if the files have changed.

Flexible and Scalable Solution

Our architecture allows for a flexible and scalable environment, which means we can handle any potential expansion of either data or workforce. To assure confidentiality over time, all of our products can easily change cryptographic algorithms and modes as needed, without putting current data at risk.

2FA

Two-factor authentication is supported, although not required, and is implemented via Google Authenticator.

Secure Centralized Storage

All your critical information is stored and encrypted in a central location. Each piece of information is available only to authorized individuals.

Centralized storage also makes it a lot easier for us to preform backups on all data. We do daily and weekly backups on all user-generated data and content.

Lavabit Mail

Overview and Introduction

Send and receive mail with Lavabit's Mail service, while also having access to an online calendar. Operating on all platforms, you will always have access to your mail on whichever device you prefer to use. We offer a clean UI, with customizable features at your disposal.

Client and Web Access

Access your personal mail on your own terms, using either a downloadable client, or via the web, with no features omitted.

Excellent Spam Detection

The spam detection we use is state-of-the-art, with many different definitions updated on a daily basis. Although not flawless, we boast a 99% detection rate! These scans also include virus scanning so you have one less thing to worry about.

Lavabit VPN

Overview and Introduction

A VPN allows you to browse the internet as if you were located at a different location, on a different connection. This is useful in a lot of ways, mainly for unlocking restricted content or for privacy reasons.

Protocols and Ciphers

We prioritize use of AES-256-CBC for our encryption algorithm where applicable, and SHA512 as an authentication digest. If that made no sense to you, be confident that your data is safe in transit. The ciphers and protocols we use are state-of-the-art, and will not be crackable for the foreseeable future.

Multi-factor Authentication

For our VPN service, we offer multi-factor authentication. Along with a password, you can also enable the use of SMS and client-side certificates.

No logging Policy

No one likes when other people have access to their data. This is why we enforce a no logging policy. Because we don't log any traffic, we wouldn't be able to comply with any court orders to release data, since we simply don't have any logs to hand over. We recommend that you check our warrant canary for any updates on this subject.

Lavabit Chat

In-browser Encrypted Chat

Chat with your friends and co-workers using this in-browser encrypted chat tool. This tool uses STUN to communicate, which means everything happens in real-time. When leaving the chat window, all data that has been exchanged will be erased upon exit.

All users are given pre-made usernames upon entering a chat room, so that all users are kept anonymous.

File Handling

If you don't have time to sign up for our cloud service, we also offer instant file sharing along with our in-browser chat service. As with normal chat, files will be erased when the session ends.

IP Address

VPN and NAT Traversal

The internet is accessed using protocols and services where encryption is an afterthought. Even today, a lot of sites haven't added support for encryption, which means people eavesdropping can see where you're accessing the internet from, and what websites you're accessing. Using a VPN or an HTTP Proxy to encrypt your data can keep you hidden, but there are technologies to circumvent this technology. NAT traversal can be used to break the end-to-end connectivity principal that NAT usually provides.

WebRTC

WebRTC is a set of protocols and APIs enabling real-time communication over peer-to-peer connections. When this script runs, it makes requests to our STUN servers that can log your visit. Although no logs are stored by Lavabit, this is a demonstration of how WebRTC can exploit NAT traversal to leak IP addresses behind a potential VPN or HTTP Proxy. WebRTC has to be enabled in your browser for this tool to function.

Additional Information

In-house Hosting

Although hosting in-house has some challenges, we believe it's the best option to achieve optimal security and absolute privacy. We host everything in-house, and in turn have full control of our entire network. Check out what makes Lavabit run right here.

Strong Encryption

We use some of the best protocols and ciphers available. Be sure to check out our score on SSL Labs for an accurate measurement.

Non-Profit Organization

We believe the internet should be safe and secure for everyone, so in turn all of our services are available for free. Some services require an approved application for eligibility.

Privacy

Concerns about online privacy is greater than ever before, but you can rest assured that Lavabit takes your privacy very seriously. Check our Warrant Canary and Privacy Policy to make sure everthing is in order.

Technical Specifications

Interested in some of the technical specifications that make Lavabit run? We have listed the important ones below.

  • 4096-bit RSA key sizes
  • 256-bit encryption
  • 150+TB RAID enabled multi-cluster storage
  • Multi-factor authentication
  • Redundancy --- 99.9% uptime
  • PowerVault T124 tape backup servers