Domain: enigmail.net
Stories and comments across the archive that link to enigmail.net.
Comments · 10
-
Re:Too hard to use (unfortunately)
It depends.
If you are using GnuPG's command line it is really hard..
But why?.
There are lots of easy to use mail client integrations:.
Enigmail for Thunderbird (https://www.enigmail.net/)
GPGTools for MAC(https://gpgtools.org/)
gpg4o for Outlook (https://www.giepa.de/produkte/gpg4o)
Just try it - it is not as hard as it is repeated on the web all the time. -
Re:Same error, repeated
I know quite a few people who have started using GPG via the Enigmail plug-in for Thunderbird lately.
There are several problems with this solution:
1. The "quick" start guide would be very difficult to follow for someone who isn't sufficiently motivated. The only people I know who use GPG are people who are buying illegal narcotics off of the darknets. I'm not saying that using GPG means that you're a criminal. I'm just saying that they are the ones who are motivated to learn GPG because their freedom depends on it!
2. It puts annoying shit in your email message. The PGP headers and footers, the signature, the attached public key. That's annoying for people to receive if they don't know what it is.
3. It breaks search. How can I do a server side IMAP search of all of my email if the emails are encrypted?
4. To be useful, you need to publish your public key. To publish you public key, you need to publish your email address. Welcome to spam city.
5. To be secure, you need a secure passphrase. To sign an email or read an email, you need to type in your passphrase. This is super tedious.
I'm on board that email should be more secure, but Enigmail is not the answer. It's just not. When I want to secure my web browsing in transit, I type "https". I can tell my mom to make sure the URL says "https". Most chat programs use encryption by default now, no effort required on the part of the user. Secure email needs to be as easy as secure web browsing or secure IMing. I should be able to tell my mom how to use it in less than 60 seconds--that's how we'll know we've arrived.
I'm actually liking the way the mailpile is solving this. It's not ready for mom yet, but it's a step in the right direction. Local webmail. Stores email unencrypted so search works, but it's really easy to access GPG sign/encrypt. I don't think IMAP search works, and I have no idea how it works with mobile. But anyway, it's less shitty than Enigmail/Thunderbird.
-
Re:Moxie's security advice to me:
For one, the operating systems and apps do not treat keys and sigs as first-class objects; they always end up looking like inlined ASCII barf,
Or you could install enigmail, which turns it into informative text.
Your use of "always" is fail, as usual
-
Re:Thunderbird?
Nevermind that there are hardly any universally good email clients..... None do encryption well
There are two very good e-mail clients, IMHO:
Thunderbird, which can handle gpg with Enigmail
https://www.enigmail.net/home/...
And Claws-mail, which has gpg and S/MIME support by default:
OSX users can just install gpgtools and keep on using Mail.
-
Re:So what ever became of public key escrows?
-
Re:More powe to them, but...
One thing that might help is a system that automatically knows when the recipient is encryption-capable, encrypts when it is
Enigmail with Thunderbird does this, if you have the recipient's public key associated with their email address, although it doesn't insert a warning for those who don't encrypt.
Enigmail is great, but try and convince friends or family to use it is like pulling teeth. Once installed and set up, it's a cinch to use. Why people are so resistant to encrypting their email, especially since the NSA leaks, is beyond me.
-
Enigmail for Thunderbird
To ease the GPG pain*. Enigmail does a great job but it's only half the battle. How you are going to reconfigure every Recipients client without causing sheer panic is going to be interesting. Please report back when you do.
-
How do they decrypt it?
If you're using GNUPG or Enigmail* Thunderbird plugin, just what do they expect to find in the gibberish metadata?
-
I blame the geeks
Geeks are to blame for most of the loss of human rights on the net.
We write so much software that other geeks use, but can't seem to get a handle on ease-of-use or taking action.
If Thunderbird incorporated the equivalent of Enigmail from the start, lots of people would be using it now. The extra security would be a selling point, causing other applications to compensate by becoming compatible. Over time, every E-mail client would have been secure, some committee would have come up with a standard, and that would be the end of it.
If linux had encryption built into the OS (what are the functions of an OS anyway, if not to manage such things?) so that secure sockets were trivially available, the same thing would happen for other protocols.
Instead, we leave it as an exercise for the user. The user has to know that they want security, then know where and how to get it, then learn how to use it, then convince other people how to do the same. We leave encryption as an exercise to the coder, an add-on to be implemented in every new application.
We have a "reply to all" button, why can't we have a "make private if the recipient has encryption" button?
This sort of mass surveillance can only happen when the surveillance is easy. Why don't we just make it hard?
Instead of wailing and gnashing of teeth, how about we actually solve the problem?
Nota Bene: Yes, there are issues to be resolved, none of which are very difficult. No, perfect security is not attainable, but "good enough" security will help a lot. And no, none of the problems that come to mind are insurmountable.
-
Re:Encrypt everything
You know something's wrong when your 'Quick start' guide has a table of contents:
http://www.enigmail.net/documentation/quickstart.phpEnabling encryption is going to have to become *much* easier for more people to do it.