Anyone using Safari or IE apparently isn't getting a forward secure connection to https://Lavabit.com . They end up with TLS_RSA_WITH_AES_256_CBC_SHA according to SSLLabs[0].
Since things escalated to the point where Lavabit had to hand over it's key rather than the data on one account the FBI obtained an initial court order for [1], anyone with a transcript of those sessions and access to the key can read them.
The resulting cipher suites:
IE 6 / XP No FS * SSL 3 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) No FS 168
IE 7 / Vista TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
IE 8 / XP No FS * TLS 1.0 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) No FS 168
Since things escalated to the point where Lavabit had to hand over it's key rather than the data on one account the FBI obtained an initial court order for [1], anyone with a transcript of those sessions and access to the key can read them.
The resulting cipher suites:
IE 6 / XP No FS * SSL 3 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) No FS 168
IE 7 / Vista TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
IE 8 / XP No FS * TLS 1.0 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) No FS 168
IE 8-10 / Win 7 TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
IE 11 / Win 8.1 TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
Safari 5.1.9 / OS X 10.6.8 TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
Safari 6 / iOS 6.0.1 TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
Safari 6.0.4 / OS X 10.8.4 TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
Safari 7 / OS X 10.9 TLS 1.0 TLS_RSA_WITH_AES_256_CBC_SHA (0x35) No FS 256
[0]https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2... [1]http://www.wired.com/threatlevel/2013/10/lavabit_unsealed/