Slashdot Mirror
Peer-To-Peer Encrypted E-mail
Markv writes: "CNET has an article about a peer-to-peer e-mail system called SafeMessage(TM) from AbsoluteFuture.com that could confound law enforcement. Not only is it peer-to-peer, the message is encrypted before it leaves the sender's computer, and the decoder key is destroyed. According to the article, AbsoluteFuture's SafeMessage system would potentially allow people to operate below the radar screen of the FBI's Carnivore program." So Carnivore may be good for something after all! Actually, though, how is this different (or less complicated) than, say, using PGP and an IRC client (with DCC) to effect the same sort of transfer?
Would you be content an ISP employee viewing this perfectly well encrypted message as it passes through their servers?
Lokmail.net has a free webmail service which is PGP enabled. I don't know about y'all, but I like interoperability in my Carnivore busting..
Anyway, since when is Carnivore busting such a big deal? I would suggest to anyone who can't use PGP directly for whatever reason to get a Lokmail account.
-- The Funk, The Whole Funk, And Nothing But The Funk
No, not necessarily.
What they mean is, usually e-mail is sent through a client-server relationship. First, your e-mail client connects to your ISP's mail server which then sends the mail to the reciever's ISP mail server, which the recepient then reads with his/her e-mail client.
In a server-client situation, the client always initiates the server to the connection. With a peer-to-peer relationship, either one can initiate the connection.
Using a peer-to-peer setup would make e-mail more secure since Carnivore intercepts mail on the ISPs mail server, and this eliminates that middleman.
Licq has done RSA encryption when talking to other Licq clients for a while now. Which is one reason why it is WAY better than AOL's ICQ client. Licq has had this long before this new company, since ICQ communication is peer-to-peer (unless you send offline messages).
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
If nothing else, this will give Joe Ordinary a way to use a tool that's becoming incresingly necessary in a world incresingly dominated by groups like the MPAA. I've used PGP, and the learning curve is a bit too steep for many of the people who truly need it. To have an important tool is one thing; to make it readily usable by the masses is quite another, and I believe encrytion tools have suffered from this for far too long. After long last, widespread encryption is becoming more of a reality.
"Feel a glory in so rolling / on the human heart a stone" --E. A. Poe, "The Bells"
Hushmail has had secure, encrypted email for a long time now. It uses a Java applet to do the encryption in your browser, without having to download and install any application. The Java source is available for everyone to check for security holes. Hushmail never actually sees your private key. It looks pretty secure, overall - it's been around for a couple of years and I haven't heard of any holes in it.
Bruce Schnier has even reviewed it. He has some problems with it, but there's no glaring security holes. Still, you're probably better off with GPG, storing your private key yourself.
So SafeMessage is nothing new. Of course, the more the merrier. Everyone should use encryption all the time, and competition is a good thing.
Torrey Hoffman (Azog)
Torrey Hoffman (Azog)
"HTML needs a rant tag" - Alan Cox
Power in the hands of ordinary citizens which balances the power held by the government, this is the cornerstone of democracy.
I can forsee a time when encryption becomes every bit as important as free speech or the right to bear arms are to holding the government in check.
With things like the DMCA, Carnivore and other moves being made by the powers that be to undermine the power of the people, it is easy to get angry and discouraged. But then I see something like this and it reminds me that there are people out there willing to fight back. That not everyone has forgotten that the government derives its power from the consent of the governed and not the other way around.
Lee
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
With PGP/GPG, you publish your public key and others use your public key to encrypt messages to you. The same key is used over and over again.
With this scheme, apparently they are using a one-time encryption method: I would presume a random key is created during message sending time, and after the timeout, the message and the key is destroyed. Now suppose a 3DES key is produced for *each* message. That's going to be *very* hard for people to listen in, 'cos after cracking the key for the first message, they've gotten nowhere with the other messages.
Of course, it's debatable whether this will actually increase the strength of the encryption in practice.
And, as somebody else has said, there's nothing to stop the recipient from making copies of the decoding key and the message indefinitely. I presume the timeout is implemented in whatever client program they're selling -- but as we all know, any rules enforced by software (including timeout rules) are easily bypassed.
So I'd say, the timeout factor isn't going to make too much of a difference, though the idea of using a different key for every message *might* make the encryption system stronger.
---
mikre he sophia he tou Mikrosophou.
I'd just like to say. I'm an international terrorists and i am VERY dissappointed in the US government for this whole carnivore deal.
First off, i feel that my right to send plain-text email to my friends (such as mkhadafi@libya.com or carlos_the_jackal@internationalterrorism.co.uk) have been infringed by this "carnivore" program. Being that we have absolutely no other means of secure communications, like a phone session or even speaking face to face, my particular terrorist cell has been using email for quite some time now.
Another problem that arizes with this email snooping stuff is our new-found inability to transfer bomb making instructions to one another. Obviously there is no other way to find out about how to make bombs, or even a nuclear weapon....it must be done by email.
I guess i am angry, but i must congratulate the US...with carnivore it is obvious that the FBI has successfully eliminated any possibility of my compatriates and I actively engaging in anti-US terrorism.
damn.
FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network
"It is seldom that liberty of any kind is lost all at once." -David Hume
Since when is PGP via email less secure then over DCC or ICQ or FTP or any other 3 letter protocol?
Carnivore doesn't brute-force PGP, does it? That would take a lot of work for the random chance of finding a keyword like "blow up the pentagon" or "al gore is an erectilly dysfunctional motherfucker".
Seriously, folks, PGP is secure enough for now. Pretty Good Privacy. And lots of people use it. Good nuff for me and maybe later I'll use something else, but it will probably just be public/private key like with longer keys.
It's secure instant messaging, whether they realize it or not. It has all the draw backs and benefits of instant messaging as well (inefficient use of resources, instant delivery notification, doesn't work when they're off-line, etc.)
The stupid thing though is the implication that just because this isn't going through an intermediary server it's more secure than PGP. What a crock! It's still going through a ton of routers, any of which could be copying the contents for analysis. Indeed, the way Carnivore, from what I know, doesn't so much scan the mail store as scan mail traffic. Heck, there are going to be roughly 10 copies of the message made before it gets read!
sigs are a waste of space
Not only is PGP or GPG good enough, but this new service really doesn't offer anything useful. Here are a few points to consider:
First of all, peer-to-peer over the Internet isn't really peer-to-peer at all. It's very vulnerable to man-in-the-middle exploits, since by definition any packets going out over the Internet aren't headed straight for the recipient, they have to travel over an untrusted network first. At any point along this network, a third party could insinuate himself between you and the recipient--particularly if that third party is a law enforcement or intelligence agency, since companies which own the Internet infrastructure are legally required to help such organizations. Since the data is encrypted, this may or may not be a threat depending on the strength of the implementation and upon the ability of the sender and recipient not to be socially engineered into giving out compromising information. If the third party can trick you into thinking that he's your intended recipient, you're absolutely screwed. In the case of PKI, for instance, if the man-in-the-middle can get your trust and say something like, "Sorry, John, I had a hard disk crash last week, and the old floppy I had my backup keyring on is corrupted. I needed to make a new key pair, you'll have to use that to send messages from now on," then either you'll be communicating with the third party in readable fashion from now on, or you'll have to stop communicating anything confidential at all. Since a passphrase has to be suitably complex to be useful, the same attack is useful against shared-key crypto. I don't see how this new system could overcome this flaw at all.
Secondly, the biggest security flaw in communicating via the Net is usually whether you should trust the person at the other end or not. Many of the people we correspond or transact with over the Net are people we've never met IRL, and therein lies the problem. We have no way of knowing if the person we just started communicating with is really a fellow subversive who'll come and help with the demonstrations against the IMF we're planning, or whether he's LEA. Peer-to-peer messaging is therefore useless in real-life applications.
In fact, peer-to-peer messaging is perhaps actively dangerous. It provides a direct record that a given IP address communicated with this other given IP address at a particular time. Therefore, if your recipient is really an enemy, he now has a record of your IP communicating with him. Even though the message under this system is supposedly encrypted all the time and destroyed after a set period, this means nothing: your recipient's eyes have to see it at some point, so he can just as easily do a screen grab or if that's not possible take photographs of the text. Yes, IPs can be spoofed of course, but it's harder to do in peer-to-peer communications, and you'll still probably leave a trail of logs.
Contrast this with anonymizing forms of communication. Properly anonymized through use of remailers or remailers in combination with m2n gateways, or through services such as ZKS Freedom (if it can be trusted--who knows?), it doesn't matter if there's a man-in-the-middle, nor does it matter if your recipient is trusted or untrusted. If you leave no trail, you're safe, untraceable therefore untouchable. Peer-to-peer is the opposite of this, and very useless in the real world. PGP your message and send it via Freedom or a remailer chain, and you're golden. Of course, the best way to assure your protection is to run a public remailer yourself--that way you can be sure that at least one remailer in your chain will forward no previous headers and keep no logs. Then, you have absolute deniability even if traffic analysis hints at your involvement with the message in question--aside from which, remailers often pad messages, send out bogus messages, and use delays between receipt and sending of messages to thwart traffic analysis.
The ultimate way to communicate privately is to use the above suggestions and also divorce recipient e-mail messages from the game entirely once communications have been established. Use a m2n gateway at the end of your remailer chain, to post the PGP'd message to USENET. Either use alt.anonymous.messages with a predetermined heading, or use an empty or spam group. By using a nym with the reply block pointed to a given news group, you can allow people to communicate with you just as if they were e-mailing a real e-mail address, which eases first contacts with people not used to security.
In other words, peer-to-peer isn't a step forward, it's a step back. It's inherently insecure. The only secure communication is insulated communication, with several layers between sender and recipient. Personally, I'd love to see a company or group of hackers put together easy-to-use software to allow for this sort of anonymous communication, rather than the false security of direct peer-to-peer. Imagine if everyone with a cable or DSL connection (it takes some bandwidth and uptime to be a remailer) who wanted secure communications could just download a simple piece of software which sends anonymous messages for them and also acts as a remailer itself. Imagine a Gnutella-like network for remailing anonymous PGP'd messages and possibly posting them through news gateways to a group like alt.PGPtella.messages. If you made it easy to use, we could have truly private and secure communications in the hands of the people, and Carnivore and other spyware would be useless. For my ideas on how to make a network such as this work, read my musings about what Gnutella should have done and how to replace Napster here. The concept in that post which I think is applicable here is the idea about "regional servers," only in a remailer-type system instead of a file sharing system the "regional servers" would be mostly for finding IPs of connected machines to route through and for establishing initial connections to the network, although you could make this user0definable in case you know a trusted party on the network. All messages in such a system would be PGPd from each hop to the next, with "regional servers" promoted by the software itself based on uptime and other factors, and unlike with the current remailer system you needn't manually choose each hop along the route--the software could be let to do that, and if the next hop along the route that has been chosen has gone offline, the remailer stuck with the message would forward it to a random hop which is online. Currently, the remailer system is sometimes unreliable, but a new system like this could solve reliability issues. And, as I said, since every user of the system would be a remailer as well as a potential sender, there's absolute deniability: "Sorry, Secret Service guy, you may have traced the message back this far but I'm afraid my machine doesn't keep logs after a day. No, the logs aren't recoverable because they're securely overwritten after the specified period, with no possibility for recovery. I didn't send it and I don't know who did; feel free to look at the computer running the software." All your personal info can be encrypted with something like Scramdisk or the Encrypted File System, just in case the men-in-black do decide to take a look at your box(es).
Anyway, I think I've adequately described my distaste for direct peer-to-peer communications like this product.
"The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*