Slashdot Mirror
Yahoo Offering Encrypted Email
James Salsman writes "Now that Yahoo delivers encrypted email,
I would sure like to know what the Slashdot fray thinks of
that, especially in light of Carnivore's vulnerability to
some forms of encryption (but not this one?)." michael adds: You might also want to check out Cyber-Rights.net, which is a UK civil liberties group offering encrypted email through a deal with Hushmail.
...like 'root' and 'postmaster' :)
I think they need to sort some issues out...
Kevin Mitnck made a lot of noise, too. It didn't get him out of jail much faster. Most people have very near zero sympathy for anyone accused of a computer crime. Uninterrupted access to eBay and yahoo is more important than constitutional principles these days.
0 1 - just my two bits
How about your printer?
That's right, your printer. My HP laserjet has a 68030 progessor and a meg of RAM. That's as much processing power and memory as a Mac LC. A simple firmware tweak and a wireless modem in the slot used for the JetDirect network card, and your printer could broadcast encrypted copies of everything you print. If you add a BIOS patch, the computer could slowly read all the data from the hard drive, send it to the printer, and have the printer encrypt and transmit it.
I think at this point computer security becomes a moot point, if the big bad G-men want to know the password to your pr0n collection so badly that they would bug your printer, BIOS, HDD controller, or the like, they would probably just arrest you, and "persuade" you to tell them what they want to know. Cat burglars and BIOS hackers are far more expensive than two goons and a baseball bat.
0 1 - just my two bits
"Well I'm sorry, Sir, but I seem to have forgotten my decryption pass phrase"
"That's too bad. Here, see if this contempt charge and year in jail helps jog your memory. If you remember the passphrase, we might let you out."
0 1 - just my two bits
...the average user (including yourself and I) have absolutely no need...
How do you know what needs I or anyone else for that matter may have? Sure I don't want people poring over my letters to my wife, neither do I want my wife accidentally finding out what I'm getting her for Christmas. Or someone sniffing my new Secret Recipe for Coka-Kola that I whipped up in my kitchen and am sending a friend to try out. Or any of dozens of other things that yes I damn well have a right to protect.
What's going to stop the FBI from peeking through the window
Um. closing the curtains, perhaps. Also a little thing called the law[0].
You are saying on the one hand that the little guy has no need for privacy and therefore deserves none. On the other you say that since we can't protect our privacy completely anyway, why bother trying? What's your argument here? If you don't want to use encryption, or protect your privacy, fine. But don't seek to prevent others from doing so.
No, there is no such thing as perfect privacy. However we should do all we can to protect what little we have, because once it's gone it'll be much harder to get back.
[0] - standard disclaimers apply.
Why is it that many people who claim to support standards have such atrocious spelling and grammar?
... is http://www.myrealbox.com.
It offers:
Secure IMAP
Secure SMTP
Secure Web Based
POP3
Forwarding
POP3 Collection
Auto Replying
No Ads--at all (it's run by Novell, they make their money showing off what their product can do, I think)
Pretty much everything. I've been using it's IMAP for several months now, and so far it's been teriffic.
And if you don't want to pay for a cert, Thawte offers their personal certs for free, complete with a web-of-trust program.
It would not have mattered if the Microsoft emails were encrypted. If the government can demand copies of the email, they can just as easily require that the key to decrypt those messages be given to them.
You are confusing the issue here. Covert interception of messages vs. Court-ordered handing-over of emails. Encryption has nothing to do with the second case.
domc
I quote: Yahoo's free encryption option handles outgoing email messages in a multi-step procedure that the portal warns is not foolproof.
"Not foolproof" is actually an euphemism for "absolutely useless".
Apparently you and most people fail to see that only HALF of the transmission is encrypted. That's equivalent to nothing in practical terms.
The fact you must trust the recipient doesn't even begin to be an argument against encryption.
Flavio
Also the hardware cannot recognize writing compiler for every possible platform. That requires significantly more AI in silicon than currently available hardware has.
That doesn't matter much, since 95% of the world uses one basic hardware platform, and the other 5% using 20 others... If you compromise the 95%, you've done an excellent job.
No one can ever guarentee "all" of something. It's an unreasonable expectation and just impossible. There's always a straggler here or there, etc... Convincing intel and via they should include some microcode in their chipsets is a very great place to start.
I agree. Alas (maybe I'm reading it wrong) it looks like this isn't encrypted email traffic; it looks like it's just encrypted storage at the mailbox. That's better than nothing, I guess, but still doesn't help much.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
"So they see my pictures of my dog, a letter to a girlfriend and some poetry I've written. Big freakin' deal"
And just for fun, they insert a back door which gives them remote access (BackOrifice, etc).
And then, since this is some "script kiddie" (your words), they get boored some day and decide to delete the hard drive.
Now do you still say "Big freakin' deal."? Because I don't. And I've seen it happen, so this is NOT a hypethetical example.
EVERYONE needs security.
If you said that we need an APPROPRIATE balance between security and other issues, then I would agree. And the balance is different for the president and for Joe User.
But in MY OPINION, Joe User should have encrypted email. It's easy (to implement), automatic (with the right tools), doesn't impose much CPU load (emails aren't very long and CPUs are fast these days), and requires no special knowledge on the part of Joe User. So there's hardly any downside. The ONLY reason it's not there is the lack of widely-distributed clients.
-- Michael Chermside
I missed the fact that the channel is secured.
Though, it is still possible to intercept through the connection from user to Yahoo! (unless SSL is used, of course)
The government still can tap into it, by tapping into the Yahoo server / SecureDelivery.com server.
It's still more problematic then it seems: people thought that it's safe when indeed there's a big loophole
A sig is redundant.
Did anyone here have a four-digit ID? Or maybe even three- or two-digit? I had one under 5000, which I was very proud of when there were millions of users. It's sad, I know.
--
"But I'm still like a little kid, see?
I just don't know when to quit."
- Rei
"But I'm still like a little kid, see?
I just don't know when to quit."
- Rei
you so crazy...
-- The Funk, The Whole Funk, And Nothing But The Funk
As currently slated by yahoo.com and securedelivery.com, its more media hype than actual security. After reading the article, the transport of the original email from the sender to Yahoo! is plaintext over TCP/IP, No SSL. And as we all know, the chain is only as strong as its weakest link.
Well ... It would probably be expensive, but it would give them a slight edge over the competition, or even just let them catch up with the competition ... Every Webmail service I use here has SSL encryption on both HTTP and POP ... Sure, they spent some money for some SSL equipment, but they also get the "good" press ...
...
...
If Yahoo was to offer SSL and _decent_ encryption, I think the slashdot crowd wouldn't bash it as much as it apparently does here
Horribly expensive is relative. Once it is avaiable everywhere else, they will have to switch, too. Not to do so would be more expensive in the long run since they'd loose customers
Comment removed based on user account deletion
Should'a hit preview <\grumble>
YDD
TeamOn.com has had an encrypted secure mail function for years now.
----
Wind and temp at my house
Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
In their settlement with the evil copyright-powers-that-be, the ILS agreed to implement this funny Java-based scheme such that when you look up the lyrics to a song, they pop up--one verse at a time (picture karaoke)--in this funny applet window from which you cannot copy-and-paste them. Lord knows why this better protects songwriters' ability to put their kids through college, but apparently it does.
In any case, the idea behind it is, I suppose, that one can read the information once but not copy it for later use--something which I was guessing might be a potential aim of this ridiculous system of Yahoo!'s. I'm not sure why such a capability is of much use in either case, but it's certainly easy to defeat in both--through a comprimised JVM, taking screenshots, taking photographs of the screen, writing the text down, etc. My coining of the terms "copy-and-paste attack" and "screenshot attack" was just my sarcastic way of pointing out how useless an access control on text to be displayed on an insecure computer is.
Probably. I doubt I'm the only one who never heard of Zixit (NasdaqNM: ZIXI) before reading this article.
Hrmm. Reading their Yahoo! profile... they aren't doing much business -- $287k revenue 1/00-12/00, net op losses $36.9 million. Heck, their CEO's compensation consumes roughly 25% of their gross revenue (scaling the 9-mo figure for the latter linearly). Judging from the Investor Information page linked from zixit.com, however, they've been around since at least 1984. So they could definitely use some customers...
Only the dead have seen the end of war.
Personally, I use Yahoo e-mail to give out to any company under the sun (site registrations, etc). Basically, it is my repository for junk mail. Every now and then when I am bored, I'll go read through the advertisments.
Anyway, I really can't see a need for this kind of service. I'm sure that most people that use Yahoo probably don't care about security anyway. But, for those who do, I'm sure they would want a service that the can definately trust, and will probably pay for it or use PGP.
Yahoo should offer SSL connections to compose mail now. That would kinda top of the security issues and offer the user a truly secure service.
I guess even the most secure methods even have holes though.
Would you trust a key that someone you didn't know had generated for you? If you would, you're not paranoid enough.
"
/ \ ASCII ribbon against e-mail
\ / in HTML and M$ proprietary formats.
X
/ \
Time is Nature's way of keeping everything from happening at once... the bitch.
Indeed - what stops Yahoo using SSL on the initial connection between them and the sender?
I'm no crypto or security expert, but it seems like a glaring hole that could be easily fixed. Any technical reasons why they can't?
I doubt they're worried about "locking out" people who don't have SSL-capable browsers, since they're quite happy to let half of the Yahoo forums (fora?) and things use cookies, and several browsers (eg, IE for the Mac) *still* don't support them...
-- Hi, I'm a
Aside from the unethical attitude that gives "commoners" a false sense of security for the benefit of some supposed "elite", this is bad because the "elite" will still stand out by virtue of the format of their messages. Furthermore, such debilitated forms of delivery takes market share from those who would offer genuine security.
Seastead this.
When it first was announced, and was rather underwhelmed.
Far from defeating "Carnivore" (which would pick up the cleartext going to or from Yahoo!) (Ahem, sorry, Mr. G-man, I forgot, you promised you wouldn't DO that) this is useful only in limited situations.
This does have the ability - possibly - to turn more useful, in a way. For instance, Hushmail is by far the best, most secure email - but only on that system. This might establish a "standard" for other web-based and other email systems to use for common encryption and decryption.
But that then begs the question, why not just standardize on say, PGP?
Until at least SSL is supported (as many other free email systems support), this isn't that useful, and is still decryptable (as many above have detailed).
Total impact? Mostly meaningless. At least we can hope. Else we'll have a propriatary standard for encryption, one that's decryptable.
Addison
have you ever used hushmail?
all of the composition and encryption runs on the client through an embeded applet.
i'm assuming that yahoo! would do it the same way.
Microsoft (and other large companies) will still be vulnerable to this because they won't trust their employees with encrypted mail. Those large corporations like to be able to read their employees' mail, or at least have the threat of being able to.
Some large corporations ban encrypted traffic through the firewall, because they think it will keep employees from sharing or selling all their secretes. You have to jump up and down and beg and make a "special business case" to get the ssh port opened up for a specific machine. Some of the big defense contractors are alledged to have special versions of PGP for their employees, which keep keys where the company can access them.
It's a bit ironic, but the big corporations will keep themselves vulnerable. Otherwise, they will be hobbled by their own idealistic or disgruntled employees -- which may cost the bottom line more than the government does.
In general, it is rare that banning one type of weapon or another swings the balence of power very permenantly or very much. Banning the crossbow didn't stop the end of knights in armor, banning the saw-toothed bayonet didn't stop mutilating war injuries. The reason why the crimes of big corporations will usually eventually be discovered is a basic human rule: three men can keep a secrete if two of them are dead.
If you want to stop the types of abuses big companies often carry out, you have to change human culture and behaviour. It's harder and takes longer, but works.
Well, I tried to register on MailVault just before and I got a "Certificate expired warning.... Cert. valid until 11/11/2000"... 'Nuff said, I will try another one.
"Naughty, naughty, naughty, you filthy old soomka !"
Fortune favors the bold. -Virgil
The funny thing is that the ordinary ZixMail client that I played with a long time ago doesn't suffer from the same limits as the Yahoo version of Zix's technology. The encrytion occurs on the user's machine and the decryption occurs on the receiver's. That said the government still has a back door key no matter how you use Zix. My guess it that downloading a special client was found to be too much of a hinderence for most users. It seems that SSL works, just not with a web client.
As a side note Zix was started by David Cook who started BlockBuster video and who created the first electronic toll collection system. Zix and Visa were clashing in court over Visa's practices in trying to make SET the standard of choice for secure charging.
If you're going to go through that much trouble, why not just do it by hand?
It wouldn't be too terribly difficult if you used some sort of stream generator like Solitaire. I guess that your only problem, then would be to find a way to distribute the keys. But it would be a stap in the right direction for the truly paranoid.
--It burns! --It's loaded with wasabi.
So yahoo (and anyone working there) can read your email just like always. But now these new guys can read your email. Plus anyone sniffing your connection when your sending it. Plus anyone who can figure out how to appear to be the recipient. That sounds worse, not better to me. I'll stick to this: -----BEGIN PGP MESSAGE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org hQIOA3skEMHtFrktEAgAzdQ87bKLuCLrxJYP23Xl28zdohZPqM IL1xn9FtS/pU6F
SJT6YC/+XJcypBCSSEkgvZdgvWpILked9x0JLikPqbAmJl8Han DCJhoVjzpCQr7N
PeBS87DAARwlrgpOwjIMMxpX3J65UeW3tGFDHVkaB5j4sXZpno 20Wlbjitl2/r+N
PyiZjPADTenGwPLSMszo7jm7M17w50Di7TfqW7wnWkHBwL5Q9g JVLyFGsUbhKPkt
i2q6jLJ2E6MGW6eKMOjwY6/pjCa+wYH/oR0UpFvZ1NWhWseqd+ w/GEdZ+wPFKyr+
FSwmGhFfqTkxfMbaXsTyhe3DAVg3JaqTPK2wQ5Z1xQgAgapdJO F1DFr4EBoq6uVx
4++l7IY8BFuhvy0OVXCIsvvMFURaAnEaXTdWDnIcrVcu5izLQf glVsgXDrOtoxYH
qOfKohZSiA03nuVtHSQiTBpgcudXaHaOaFVK4lnriv/QN6PR26 LV9ndxPD8TJqR4
DEjjK5ztrasTM0L3i2mSOKmEcm6hwCKffaMPksjnNsyGjkgaZZ uKn4RJGygJBJPq
GpSKqnWxRq5DmfCFOx4f0NC71gVMC0MyBDF5/CY5uBS0ytkKxO 3xgzaxJhrdH4j4
23Ox/GZWLOPVuCmUUi4fE0/ggD/5hRR7HwnWCeu44sRa+kpqDO ejc4UNOimB94Mw /slbrrnwXwS9/NovkbntQn8z/Qo0ptsFFsPC9xc1G7g/1J5TjK 6w+IzTZLSLQcK7
6U+H98E3wL42wC7wY6AW6fkXduAmxJ2fHRVfotCVQmfZUxKBtP XWDjn826NbTw==
=daGY
-----END PGP MESSAGE-----
Surely it`d be fairly easy for a secure-email service/site to give you a public key when you get an account, then you encrypt your email at your end, before it leaves your pc, and they`d decrypt part of it, to extract the true destination, and send it on?
Or are there systems to do this already?
Yeah, but i imagine that its the 5% of people who DONT use windows-on-a-pc that are often interesting to "them" (decss on linux, people who are into net-security in general, etc).
Dont mistake this post for a `whats wrong with Carnivore, i`m not doing anything wrong`, but if the people you are talking about ARENT doing anything `wrong`, and they arent `card carrying members of the ACLU` or whatever, then any extra effort faffing about with encryption, non-standard icq software etc will, for them, be a complete and utter waste of time!
I have two friends (ex-co-workers) who caught their wives cheating by sniffing out their wives yahoo passwords.
What about workers reading yahoo mail from work?
I know one person got fired at my clients company for reading p0rn from a mail account at yahoo.com.
I think this great, but what do corporations feel? It sounds like more work for me with the adding insult of snooping on co-workers.
"Only one thing, is impossible for god: to find any sense in any copyright law on the planet." Mark Twain
I agree. :) The Jargon File was better a few years back when I didn't know who Eric Raymond was.
Refrag
I have a website. It's about Macs.
$ crontab -e
33 * * * * dd if=/dev/urandom | elm -s "Flight of the Buzzard" whatever@whatever
*giggle*
I have a wonderful bridge to sell you, the people of London don't need it anymore.
Well, I am not sure how much I want to trust the UK site either. Its a nice sentiment on their part. But with UK laws is that really wise? Last I recall, UK government had the right to shut down your website because of a complaint. And if you refused to give up the keys, you could go to jail for up to two years.
Anonymity is only one aspect of security. Yahoo is advertising encrypted email, not anonymous email. It should do two things: hide the content of the message and preserve the integrity of the message. The web interface kind of kills the first goal and endangers the second goal.
I agree that it's not much more secure than regular email, but it has little to do with anonymity.
Way to go yahoo! This should really get all those idoits out there on the net super paranoid! I can hear it now" Well if Yahoo offers it then is must be serious, even though I have no idea what it means."
www.droppingdimes.com
Considering how Yahoo has caved in in the past in areas like subpoenas for the identities of stock chat board posters, I wouldn't trust them with anything that I really really didn't want other parties to be able to read. At the moment, my preference would be for ZeroKnowledge Freedom. It's designed not only to encrypt, but routes traffic thru multiple servers and doesn't retain records, making tracing extremely difficult (I suspect that if you're under surveillance by the NSA and the incentive was high enough, they'd find a way, but not many people would warant that level of effort).
Now you make me feel stupid, because I can't figure out why Zixmail is paying Yahoo! for this. Seems to me that Zixmail is giving Yahoo! a more rich, albeit flawed, repertoire.
--why?
So they see my pictures of my dog, a letter to a girlfriend and some poetry I've written.
And your bank account details in a finance program, your business plan, and when you're going to be on holiday so your house, who's address they've also found, will be empty.
You might say, "then don't store these things on your computer", but you're talking about Joe User, who does store this kind of stuff.
Again, the only people who need absolute security are those who have something to hide. Namely drug cartels, terroist groups and kiddie porners.
Or businesses, or doctors, or people paying for things etc. Do you honestly believe that things like industrial espionage don't happen?
Actually, they send your e-mail to SecureDelivery.com via a secure connection. It's the link from your computer to Yahoo that's insecure. This could, of course be remedied by just using SSL, which I'd prefer anyway (if I used Yahoo). It doesn't take away the danger of Yahoo getting hacked, but it's a start (and it provides covering fire for other encrypted e-mail, as mentioned previously).
Anyone know how long e-mail cleartext is stored on Yahoo servers and why?
Perhaps they should concentrate on getting their other pages to work first. I've been trying all morning to get into Egroups, as well as several other Yahoo! sites, but they're all timing out.
Because the Antarctic is a lonely place for Penguins. The Linux Pimp
--It's Pimptastic!--
As a long time PGP user, I've tried to get friends, family and coworkers to use decent encryption for their email. All the arguments fall on deaf ears... the usual reasons are 'I dont have anything to to hide', 'who would want to read my email anyway', 'its too hard', ad infinitum. This is a flawed implementation. No SSL from client to yahoo, having to use yahoo's key, etc. However, if it gets joe average to understand the need for encryption its a good thing. We just have to be there to tell him why he wants something else.
You don't need to write compiler in binary yourself. It may be sufficient to audit first stage of gcc compilation (first stage - compile gcc with your existing compiler, second stage - compile gcc with compiler from first stage). You have got sources, so disassemble object files and check whether the binary modules do what they are supposed to do. And don't forget to check the linker, whether it doesn't insert something into your executable.
Also the hardware cannot recognize writing compiler for every possible platform. That requires significantly more AI in silicon than currently available hardware has.
It is not difficult to write disassembler, if you need one. It is much harder to hack disassembler so it would agree with your hex viewer wrt section offsets and sizes, exported symbols etc. You can also use 'gcc -S' feature.
It depends what your job is. If you want to compromise most computers, this is excellent job. If you want to compromise all computers, it is failure that leaves possibility to have uncompromised compilers even for compromised platforms.
Yes and soon they will upgrade all the servers to win2k and it will be even more secure. :-)
Oh wait, that's hotmail.
--------
Of course, IMHO, you are incredibly naive and unqualified for nefarious activities if you entrust incriminating or high security risk details to any service beyond your own control. Just ask Rosemary Woods or Linda Tripp.
--
A feeling of having made the same mistake before: Deja Foobar
Well, we know they will cave if it's the french courts...
--
A feeling of having made the same mistake before: Deja Foobar
The ordinary user just doesn't seem to care, they click and forget. I would hazard to guess that 85% - 90% or people haven't even heard of carnivore.
I love the smell of Karma in the morning
I love the smell of Karma in the morning
But what if the disassembler has been hacked to show the compiler as working fine when in reality it is not.
"Homo sum: humani nil a me alienum puto"
(I am a man: nothing human is alien to me)
My only political goal is to see to it that no political party achieves its goals.
"Homo sum: humani nil a me alienum puto"
(I am a man: nothing human is alien to me)
My only political goal is to see to it that no political party achieves its goals.
WRONG!
To quote Terry Pratchett "The statement that innocents have nothing to fear is guaranteed to, strike fear into the hearts of innocents everywhere."
I do not encrypt, mainly because I use a networked University computer over which I have little control. If I had the choice I would encrypt everything, firstly because of the reason given by the other answer to this foolish reply but mainly because I don't like any form of government (or other) interference in what I do.
Ad exemplum: I am a firearms user. Setting aside the gun/antigun issues for a moment, I wish to discuss firearms related stuff with a friend and not have it looked over by any jerk with a packet sniffer who can get access to my address etc... where I store my firearm. See? Nothing illegal or shady, just prudence.
Do you trust your government? I don't trust mine anymore (or yours assuming you're a merkin) on the grounds that they seem to think that they know what is right for 'oi polloi and not that they are the executors of the people's will.
Elgon
Yahoo could stay up. They're down almost as much as they're up. They're impossible to rely on as a primary mailbox because not only are they always down or inaccessible, but they don't notify their customers when they are/were down. If they could handle their own servers properly, then Yahoo would be a great mail service, and the encryption would make it only better.
ZixMail used to be called CustomTracks. One of its founders was a big wig at the CIA. No kidding. They got FULL EXPORT PERMISSION long before the crypto rules were weakened. Why ? Because their products do key escrow. Its bad enough that Yahoo is basicaly using a crap protocol with them. Its just really disturbing that Yahoo would work with these guys. It means that for most people it dosent matter that the crypto walls have come down. Because the non-technical people will be given toy, escrowed cryptography.
Support the organizations that make up the Global Internet Liberty Campaign http://www.gilc.org/
So?
With *ANY* public key system you *TRUST THE RECIPIENT* - if he is incompetent, or has been hacked, then all is lost anyway. So why the fuss?
Just be pleased they've chosen S/MIME rather than shitty old pgp
Gary
"Making linux GPL was the best thing I ever did" - Torvalds. I'd hate to see the worst thing...
Only an open source encryption package running on your own machine has some chance of being safe. Even that, under Microsoft Windows and their never ending series of loopholes (as if someone is putting them in on purpose), isn't 100 percent safe. Any proprietary encryption, api or stand alone package, from the big guys is almost certainly compromised.
In general you are right. The more encrypted traffic you have the harder it is for an intruder to find the packet which has to be decrypted. But Carnivore spoils exactly this. In an encrypted email the header is _not_ encrypted. Carnivore stores all mails coming from of going to a certain person.
This enables the FBI to check with whom someone is talking.
This small amount of encrypted stuff can be decrypted more easily.
Therefore I assume Carnivore is disinged to avoid the "lost in to much encrypted material" situation.
One way to exchange mail which is not read by Carnivore is: Both parties have an email account on the same free mail server in a country which does not allow programs like Carnivore. If this server allows web access with SSL only the people at the mail server company can read the mail (is its body is not encrypted).
I've been looking for a way to encrypt my "10 Reasons Why Sex is Better Than Chocolate" and "Bill Gates is giving away $10 to everyone who gets this beta test message" forwards.
-p4
(c) All Rights Released.
All the more reason to use an anon. remailer or six. See http://www.publius.net/n.a.n.help.html for example.
It's just like saying you believe in free speech, but tell those goddamn KKK people to shut up!
Freedom of speech is NOT unlimited. Speech that is harmful to others is not protected (Yelling fire in a crowded theatre, yadda yadda).
Some of the most harmful speech we have right now are the lies that Microsoft has told consumers. How do you think they became a monopoly? The government has a responsibility to protect regular citizens from the lies of corporatism.
--
--
From each according to his ability, to each according to his needs.
If the email had been encrypted, the court could have required them to provide the key then, with legal penalties for refusing to comply.
You don't get it. Now Microsoft and other corporate bloodsuckers have learned not to leave an electronic trail, and be much more careful. The only way to bring down these people is to monitor their communications before they can destroy them. If Microsoft (and others of the industrial complex) have unbreakable encryption, then it will be much more difficult to bring them down.
--
--
From each according to his ability, to each according to his needs.
You can always use SafeWeb.com to encrypt any Web based email.
Blah Blah Tacos
It still in the beta trail period
but check it out www.halalserve.com
the webmail is at
www.halalserve.com/cgi-bin/webmail
Unfortuniatly, Yahoo's offering with Secure delivery would not increase encrypted email traffic at all even if all Yahoo users ALWAYS sent their email using the new service. I think that most people would define email traffic as the communication from one SMTP server to the other. With this system there is NO encrypted SMTP traffic. If you use the service you will notice that SMTP is only used to send a notification (containing an unsecure link) to the recipient of a secure email. The recipient has to click on the link to discern the contents of the secure email. Thus, the ONLY encryption that the user will ever be able to discern is ssl.
Notice also that copies of SENT messages are stored in the clear in your out box. This service does little to secure content.
Look, all of this talk about encryption is nice... but what will reall make a difference here is the really big deal is the fact that you can send e-mail messages that expire!! How many times have you wanted to do that! Assuming that they aren't archived permanantly, you could send e-mail without fear of having them dug up later by the recipient.
after reading the article (and follow ups) on yahoo's pray for encrypted mail i can only laugh.
yahoo is routing mail through a third party to get encryption? i think Big Brother (namely carnivore) will love this one. HTML based mail CANNOT be encrypted properly, dot. Even Hushmail with all the SUPER_JAVA thing they created cannot protect emails.
you want privacy on emails? encrypt them with good old strong crypto programs, and even better, write the mail in a ascii text editor, encrypt it's contents and then copy and paste (too windoze huh?) the encrypted text into the html based mail. you can use PGP or several other GOOD programs running aroung in the net. If you want i have a program that i wrote that uses Twofish, it is a normal text editor with encryption capabilities, the plaintext never touches the hardisk or the clipboard. So far i have only a windoze copy but i almost finished a linux version also. email me to frahg@linuxfreemail.comif you want a copy.
cheers
-- Always Encrypt. If it's probably secure, it's probably not... (Lars Knudsen on block ciphers)
finally, someone with some brain left! just read what this guy wrote, it makes sense, if you want privacy don't go to yahoo, or hotmail or any of those crapy html based systems
-- Always Encrypt. If it's probably secure, it's probably not... (Lars Knudsen on block ciphers)
while you might be right when you talk about normal email client being better that http based email for handling encrypted mail you have to nuts if you use microcrap outlook. Please tell me you are NOT using it.... what virus do you want to have today?
-- Always Encrypt. If it's probably secure, it's probably not... (Lars Knudsen on block ciphers)
no one will tell you because "security by secrecy" is the best. dah!!!!! theyu won't tell you because then you'll be able to see how crapy their implementations are and how unsecure their encryption is!
-- Always Encrypt. If it's probably secure, it's probably not... (Lars Knudsen on block ciphers)
i agree with you. you cannot trust yahoo on good crypto because they are a commercial dot com, the thing is they have huge databases with your data on it and they are willing to give it away for a few dollars, that's how all the spammers in the world send their carp to yahoo, now imagine how they store you keys!!! oh man, super storage!!!
-- Always Encrypt. If it's probably secure, it's probably not... (Lars Knudsen on block ciphers)
It's snake oil, pure & simple. The more popular this becomes, the worse for the future of digital communications.
Sure, but why bother with the half-assed attempt? This sounds very much like a salesdroid idea. "Tell them that using encrypted mail will make them secure!"
/no/ one sure way to be secure, but there are ways to be /more/ secure. Security is a process and all that.
Sorry, no dice. There is
In a way they are lying to customers as well. What happens when random-megacorp decides to do all their email through yahoo now, sends all sorts of stuff that should be private, only it's sniffed or stolen from yahoo. Or something like that.
The end result is they say that it's encrypted but in fact it's unencrypted on the server, and in the transaction on upload.
I'd like to use encryption all the time w/ my email from the client, just as a matter of principle, but the sad fact is that 99% of the people I communicate with don't have encryption on their side, and they don't see any good reason to install it: hence the ease of communication that is the basis of email is lost. What I'd like to see is all email clients that folks use - let's say the major ones in commercial settings - have encryption built in so that I can opt to encrypt everything I send out, and if the recipient isn't running encryption "on top" as it were, his or her client would accept my email, tell the recipient that this is an encrypted email form me, their great a good friend, and offer to unencrypt it for their reading pleasure. Am I being totally fscked up thinking this way or what? In other words, what would be the major problems having this as an embedded feature in all email clients? The feds, agreeing on a standard, actual coding, or something else?
"shop smart:shop s-mart" ash
If you really think someone is intercepting your mail, they are going to do it between you and yahoo.
But what if I think that someone is intercepting my friend's mail?
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
Sure, but why bother with the half-assed attempt? This sounds very much like a salesdroid idea.
You've answered your own question. It's a sales ploy, and it's relying on the fact that by definition, half the population is of below-average intelligence.
-
It would probably be expensive, but it would give them a slight edge over the competition, or even just let them catch up with the competition ...
Yahoo makes more money than all the webmail services that allow SSL combined. If they "caught up", they'd be making far less profit. Their shareholders would probably sue them.
They have 125 million registered users. How many do you honestly think they'd gain by offering SSL? How many do places like MailandNews.com have combined? A few thousand? A million?
-
Right. It's strange that they're not providing a SSL secured page in which to COMPOSE your message.
This service is SSL-based. So, the transmission is secure, but it's plaintext on their servers. not only are all the trails there, your unencrypted email is sitting on their servers, waiting to be read.
There's a reason Zixmail's paying yahoo to offer this service, not vice-versa.
Returned Peace Corps IT Volunteer
Its a shame you went though all that effort and then someone just read your monitor becuase you forgot to shield against TEMPEST technologies...
DrLunch.com The site that tells you what's for lunch!
This gives you hardly any security at all. Your message is NOT encrypting by anything but 'their' key. And I doubt that the emails are encrypted at all on their servers. Besides, yahoo could encrypt them with their public key, if they wanted to.
This scheme is very good for protecting your mails from coworkers scanning tools - as would POP over SSL. On the other hand, almost every mail sent to that server is bound to be 'interesting'. If you don't encrypt by default, to the recipient, you'll only be sending sensitive information that way.
A good first step towards protecting emails around the world would be SMTP delivery through SSL (or SSH or IPSec or...), that way intermediate hosts cannot sniff effectively anymore. The next good thing would be SSL connections to POP/IMAP services.
That would definitely annoy most government listening services. The only Bad-Thing about SSL is the server certificates, which everybody whould then need to have. If we drop server authentication, we run the risk of man-in-middle attacks by governments. Which would be very costly indeed, because of the CPUs needed to do that.
Just my 0.02 EUR
I agree. Why not simply have the form send an https e-mail directly to the third party e-mailer? (I'm sure clever people here can think of a better solution) That would be offering the best possible protection on the internet.
-Ben
If the encryption isn't interoperable with
other email encryption standards, it's not
going to do a lot of good, and it's going
to be annying to receive messages from these
people. I think Yahoo would love to send out
messages all over the place saying "you have an
encrypted email from a Yahoo! user. Please visit
Yahoo to retrieve it, and look at a bunch of ads while you're there".. That's what this boils down to for me..
-- The Funk, The Whole Funk, And Nothing But The Funk
enter lokmail!
-- The Funk, The Whole Funk, And Nothing But The Funk
They aren't.
They're using Zyx, or whatever it's spelled as.
It's a server-side encryption.
Yahoo holds the keys..
-- The Funk, The Whole Funk, And Nothing But The Funk
While not an email client, I have often thought that icq with encryption would be a good idea, and Licq goes an implements (what looks like) point to point ssl encrypted icq messages. Very nice. I can actually think of uses for this. Too bad I've become a gnomeicu junky ;)
-- Who is the bigger fool? The fool or the fool who follows him? --
So a script kiddie... breaks into my system with a well-documented hole that I haven't plugged up yet.... Big freakin' deal.
Well, yeah, it would be a big deal if they erased your hard drive, as Mike pointed out. But if you take into account how many people "the average user" accounts for, then what happens when they are all used as part of a DDOS? It's a big deal, especially if you are on the recieving end.
A more general solution is to encrypt both the header and body. The to: field would have to have salt added so that you could have several messages addressed to you without this being apparent.
The real difficulty is retrieving only your messages securely. The brute force method of retrieving all headers pending on the server and asking for the bodies of those you understand seems... wrong.
Ah: if the salt were generated in some known way (minutes past 1970, or something) I could send the mail server a set of ids (from when I last read mail or the oldest mail still on the server, whichever is later) that could feasably be me. The server then send me all headers from all matches, and I ask for all that really are me.
Because of salting, it is possible that some I will be sent headers that are not adressed to me; these I'll be unable to decrypt, thus won't ask for the message body.
As far as I can tell, this leaks no information.
Can anyone tell me if mixmaster does something similar?
This solution only encrypts the mail while it is on the wire - the cleartext is stored on Yahoo's servers and is capturable on either client.
Sure, encrypting your transmission en-route is better than sending it in the clear, but given how frequently Yahoo is taken down by skr1pt k1dd13s, I would say the server is the greater vulnerability.
If you are sincerely interested in encryption, only a client-side solution provides adequate protection.
-konstant
Yes! We are all individuals! I'm not!
-konstant
Yes! We are all individuals! I'm not!
What you're doing with Yahoo here is more closely similar to tossing your letter in your outbox. Then it sits there in plain sight for a little while before your secretary picks it up and puts it in an envalope for you and then mails it. Certianly more secure than sending a postcard (at least it's in an envalope on the receiving end), but not as secure as sealing an envalope yourself. One of the big uses that I've found for crypto e-mail is sending a heads-up the the receiver that the content of the message may not be suitable for reading when a roommate is looking over your shoulder. This yahoo scheme is certianly going to be effective for that purpose.
_____________
I don't want free as in beer. I just want free beer.
Wait a minute, folks, it's written right there in the Yahoo blurb: ... blah, blah, blah.
1. Email user writes email.
2. Email user sends email to Yahoo *over an insecure channel*
3. Yahoo sends email to
In short: if I can get your (unencrypted) email before it gets to Yahoo, I can know whatever it was that required encryption in the first place.
P. Zimmermann had a name for that kind of solution. He called it 'snake oil'. 'Nuff said.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Unfortunately, that is similar to the view taken by government, "What if terrorists use encryption..." yada yada.
The question then becomes: *who* do you want to have more power over you - gov't or coporations?
"Don't mind me cutting myself on Occam's Razor"
If you want encrypted, secure email, why on Earth would you use Hotmail?
That's like setting out to get a Formula 1 caar and coming home with a Le Car...
"They" have always been able to listen in on us once they have their eyes on us. Unencrypted mail suddenly gave "them" the power to listen in on *everything* a priori suspicious or not.
All opinions are my own - until criticized
Hushmail, at www.hushmail.com, has 128 bit SSL uploads and downloads of both text and MIME parts. The Hushmail computers are located in Canada and the company is based in Trinidad, I believe, so they would be far less susceptible to an FBI search than Yahoo would. When you send e-mail to another Hushmail account, it is kept in encrypted form. It's really pretty slick. If you want to try it out, send me e-mail at beulah@hushmail.com, preferably from another hushmail account.
I am not a lawyer.
Let me see...Carnivore sits at your ISP and intercepts everything you send; someone else could packet sniff your connection, your sysadmin might have proxies in place...
Now, Yahoo recieves your email in cleartext, from you, through your ISP and only then encrypts it, to be sent on, and is collected by the recipient via SSL.
Why not go the whole hog and provide SSL from you to the Yahoo servers?
Call me crazy, but I see little benefit to these partially secured systems.
A system is only as secure as it's weakest link - and in this case there is a point where cleartext messages are transmitted by the system.
Is this truely the great innovation it's supposed to be? Yes, it will open up crypographic email to many people, but these are probably the same people that do not appreiciate the issues involved, and might blindly trust a system with what appear to be obvious shortfalls.
I personally am a fanboy of this service, which can be found at http://www.hushmail.com, so you may want to take my comments with a grain of salt. However, I must say that I have found Hushmail to be a superior email service.
1. The service is free, unlike some solutions that offer encryted mail.
2. You can choose a user name, and supply a very small amount of personal information (mainly first and last name), OR you can create an anon######@hushmail.com account and supply NO personal information.
3. You check your mail through a java applet that encrypts traffic to and from their servers.
4. You can select a passphrase of arbitrary length. I think mine is 40 or 50 characters.
5. Your inbox on their servers is encrypted. If your inbox is ever subject to subpoena, Hushmail will happily supply the legal authorities with unintelligible, heavily encrypted junk. Drawback: if you forget your passphrase, there is no way to recover your account.
6. If you send an email to another Hushmail user, your message is never converted into plain text; it goes encrypted straight from your Java applet to their inbox.
The one issue I feel Hushmail still needs to address is PGP integration. If you receive a PGP encrypted message in your Hushmail, you have to copy the text and paste it into Notepad to decrypt it, and if you send a message to a user that is not on Hushmail, there is no choice but to send it in plaintext. However, this issue has been acknowledged, and will be addressed in a future service upgrade.
All around I'm happy with Hushmail, and I wouldn't hesitate to recommend it to the Slashdot community.
-inq
It's also one of the few dot-coms currently making a profit.
from the securedelivery website: The encryption of these messages is normally done with public-key encryption.
What is a normal condition?
What is the encryption algorithm?
Does anyone else see a problem here? One of the more widely used email services using shoddy encryption?
"My mother never saw the irony in calling me a son-of-a-bitch." - Jack Nicholson
For more on this, see The Code Book, by Simon Singh.
I watch the sea.
I saw it on TV.
No, Thursday's out. How about never - is never good for you?
Interesting point about the balance issue. I would agree with that.
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
I've always argued that the general geek/Open Source community it very paranoid when it comes to things like encryption. If we're talking national security, yes, I think the president should have strong encryption. The average user has no need, and the only thing that encryption does to that user is make him look suspicious.
And if you're going to argue that "everyone has a right to privacy"... give me a break. So I, Joe User, encrypt my email on my home machine. What's going to stop the FBI from peeking through the window and looking at the screen. Or monitoring the disk transactions while they are plaintext. Or, for the paranoid, monitoring my keystrokes. There is no such thing as perfect privacy people... get over it. If I truly wanted to get a person's writing, I can.
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
Secondly, what would they care if you store a firearm in a particular place (I can just as easily overhear you by listening over your shoulder in a supermarket)?
Thirdly, if you were concerned (which would be ludicrous) why would you send the information to a friend over email anyway? Why not talk to him directly?
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
So a script kiddie (or even an elite government hacker) breaks into my system with a well-documented hole that I haven't plugged up yet. So they see my pictures of my dog, a letter to a girlfriend and some poetry I've written. Big freakin' deal.
Again, the only people who need absolute security are those who have something to hide. Namely drug cartels, terroist groups and kiddie porners.
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
The smoking gun that caught Microsoft was the e-mails that they sent.
I fear that corporatism will continue to grow more and more powerful if they are able hide their stealing with encryption that the government can't crack. It will make it even more possible to take advantage of the people.
I worry about corporatism also, but the current system would have been more than adequate for your Microsoft/DOJ example. The DOJ used open legal proceedings to obtain access to Microsoft's email. They didn't snoop through their mail before deciding to bring charges against them - they didn't need to.
If the email had been encrypted, the court could have required them to provide the key then, with legal penalties for refusing to comply.
I have no problem with the authorities demanding access to encrypted materials if they do it in a legal, open, above-board manner. I have a major problem when they want to be able to read anything at a whim, just in case they find something they might want to prosecute for.
Innocent until proven guilty, due process, etc. etc.
Besides, do you think the government will use any law enforcement tool to attack corporatism, given how much corporations pay to put their people in charge of the government? You're dreaming if you think the government works for us against big biz.
-- Sigs are for losers
I use Yahoo! as my main mail client right now since I've had some instability in all my other addresses. I like it, for the most part. I hope it's going to be a -free- service. And I hope they have SSL support for the browser-to-server transactions.
;)
Please note that Yahoo! isn't really an "evil corporation" - corporation, yes - but what do they do? Provide free service and information, lead the way (or at least make considerable progress) in the field of network-portal services and office apps, and offer the whole thing for free to anybody? Provide a wide variety of free community-building communication services?
Sorry. Hadda get my rant on.
- I sure as heck wouldn't send anything that needed to be encrypted via a webmailer in the first place.
- Yeah, I'm gonna trust third party, non-opensource encryption schema on a site that I have no access to, and no control over my keys.
- If I desire the privacy of encrypted mail, I'll use PGP or GnuPGP where I have control over the encryption/decryption process.
Sheesh.Don't forget another really common problem. Trojans. Since the majority of people using Yahoo! email would be using windows 95/98/ME they would be succeptible to those stupid email attachments and such. I would imagine that the majority of these people are not even doing something as simple as running ZoneAlarm and do not have an Antivirus program so their machines are wide open. I would think that the client is the least secure part of the puzzle. Hushmail definitely works much better, providing the people sending and receiving the messages have not had their computers compromised.
Also, to answer your questions, they technically do use SSL according to the article:
Yahoo's new system works like this: Once a message is composed, it travels, unencrypted, to Yahoo, which sends it through a secure connection to SecureDelivery.com. There, the message and any attachments are scrambled. SecureDelivery then sends the recipient the address to a Web page, secured by Secure Sockets Layer ( SSL) and hosted by SecureDelivery.com, where the message can be picked up and descrambled for up to seven days.
So they use SSL in a somewhat half-assed way.
Mas vale cholo, que mal acompañado.
Under the terms of the deal, Zixit will pay Yahoo at least $5.7 million during the next two years. On top of that, Zixit will give Yahoo a cut of revenues "associated with Yahoo users."
I find it kind of strange that Yahoo! is the one who is getting paid in this deal. It seems to me that Yahoo! should be paying Zixit to use their service. Can anyone explain why? Just exposure?
Do not meddle in the affairs of dragons,
Do not meddle in the affairs of dragons,
for you are crunchy, and taste good with ketchup.
The more encrypted traffic the better.
if theres only a few encrypted mails theres more chance they will look suspicious.
no sig.
Freedom of speech is NOT unlimited. Speech that is harmful to others is not protected (Yelling fire in a crowded theatre, yadda yadda).
Are you trying to say that Microsoft's emails talking about their tactics is harmful, and therefore not protected speech?!
Some of the most harmful speech we have right now are the lies that Microsoft has told consumers.
Uhhh, please. It's not harmful in the same way as someone yelling fire in a crowded theatre. (Possibly the stupidest example of unprotected speech.)
How do you think they became a monopoly?
I can assure you, not by merely TALKING about it via email!
The government has a responsibility to protect regular citizens from the lies of corporatism.
Where is that in the Constitution?
You voted for Nader, didn't you?
-thomas
"Extraordinary claims require extraordinary evidence."
"And like that
It is sent via SSL to securedelivery.com.
"Extraordinary claims require extraordinary evidence."
"And like that
Encryption should be regulated by the government. The smoking gun that caught Microsoft was the e-mails that they sent. Imagine if they had been all encrypted. Microsoft would be even more powerful right now.
It's just like saying you believe in free speech, but tell those goddamn KKK people to shut up!
Freedom goes both ways. Love it or leave it.
-thomas
"Extraordinary claims require extraordinary evidence."
"And like that
Penguin better have my money! The Linux Pimp
--It's Pimptastic!--
A Java applet with well-known source code might begin to give you that kind of trust (if you trust your Java application). A C or Perl program, small enough to be reviewed, might as well.
A web browser with SSL just doesn't do the right thing since the mail arrives in cleartext on the web server, and a closed source client like Outlook simply can't be trusted to be free of backdoors or other problems at all.
-
Hi,
My own ISP, XS4ALL in The Netherlands, has some nice security-services:
- Maximum privacy guaranties. In the pas even some courtorders didn't make xs4all give away userdetails.
- They've never removed content that would imply a violation to the freedom of speech
- Encrypted webmail.
- Free registered versions of Mcafee Antivirus and PGP-suites. (all platforms)
- static IP, subdomain and bSMTP for a small fee
All for just about 12,- a month. check www.xs4all.nl
(I don't own stock of these guys, nobody does. This ISP doesn't do it just for the cash)
Paul K
Carnivore is a traffic analysis program, designed to figure out who is talking to whom, be that http, smtp, etc.
The Feds want to know who is talking to _INSERT SUSPECT HERE_, and to whom _INSERT SUSPECT HERE_ is talking. Encrypting doesn't thwart that analysis.
That's an oxymoron. They'll encrypt it until they're asked by the LEA to decrypt them. Do you really think they won't comply with Carnivore?
Have you read my journal today?
Does anybody have any idea why they are not using SSL to upload the original message? It seems silly not to...
To do so on their scale would be horribly expensive.
Handling a non-SSL web transaction doesn't require a fraction of the CPU power that an SSL transaction requires.
Even with dedicated-SSL hardware, they'd have to increase their number of servers.
-
There are several blatant flaws here that make the system practically useless if you want security:
1. Your data travels unencrypted to Yahoo, including your passphrase.
2. There's no guarantee they'll decrypt it if asked, but I'm assuming YES, they will.
3. What's exactly "encryption" here?
So there.
Flavio
Except for the fact that the average user... have absolutely no need for high-encryption in everyday email transfers.
The average user has no need, and the only thing that encryption does to that user is make him look suspicious.
That's one of the main reasons for widespread, everyday email encryption. So that when you do need to encrypt something, it doesn't stick out like a sore thumb.
I've always argued that the general geek/Open Source community it very paranoid when it comes to things like encryption.
Paranoia is necessary if you are to consider anything secure. Otherwise, it's just 'obscure something and keep your fingers crossed'.
So I, Joe User, encrypt my email on my home machine. What's going to stop the FBI from peeking through the window and looking at the screen...
Can they do that for every person in the country at the same time?
How it works:
/unread/ emails past 7 days, but what about regular emails? Will I have to have a folder filed with obscure links pointing to SecureDelivery in order to get these messages at a later date? It seems like a good idea on the surface, but there are still some things to be worked out (imho).
Send an email to a person via SecureDelivery.com and the recipient gets an email saying "You've got a secure email, click here to view it"
After creating a passphrase you can go back and click the link _again_ to view the email. However, SecureDelivery doesn't save any
In Soviet Russia...michael would be rotting in Siberia!
Yahoo's new system works like this: Once a message is composed, it travels, unencrypted, to Yahoo, which sends it through a secure connection to SecureDelivery.com. There, the message and any attachments are scrambled.
Unencrypted between end-user and Yahoo! ? So a sniffer either at the local network (the norm, I'd think, at many institutions) or a crack at Yahoo! would still work?
Strange decision.
Only the dead have seen the end of war.
About three weeks ago I contaced Zix through a series of e-mails asking for detailed information on their protocol and algorithms. They, impressively, sent me back a marketingese "white paper" (I only put it in quotes because it was more brochure than real technology white paper) within two hours. They started out on good footing, customer service has a quick turnaround.
Upon examination of this "white paper" I sent back a few more questions looking at glaring holes in thge paper - what hash algorithm they use for signing all of the data going back and forth from securewhatever.com while establishing the session key for the Triple-DES encrypted message (running on memory of their protocol here as I threw out their white paper at the end of this).
Anyway, I shot that (easiest answer) and a couple others (the plaintext over http as many people have pointed out) questions back figuring I misunderstood something, and they again replied right away.
They sent me yet another copy of their marketing "white paper" and didn't answer any questions. I replied once more, stating in clear terms my questions were not answered in that white paper, and were vaild questions to ask before entrusting my data to their service. No reply that time.
It downright scares me when they won't tell you what algorithm they use for anything other than their primary body encryption (triple-des). It seems their protocol can be attacked fairly easily to spoof messages, and in fact relying on the one server (though a standard pki solution as well) that is under their control and, er, not that I would ever test this, but have "heard" from people, looks to have some unpatched holes in certain daemons allowing for buffer overflow attacks, and probably is quite suscepable to DDoS attacks, well. Anyway.
On a completely different note - why anyone would bother with a fancy, fallible, protocol in order to support a session based key for symmetric encryption is beyond me when the encryption decryption process instead of using something like ElGamal (now free! woot!) and using private/public key authentification is beyond me. Their clients are not going to be major corporations sending large documents, but rather many many individuals sending small documents. Message size (plaintext*2) and encrypt decrypt speed (*(10..100) depending on implementation) are still not enough hassle for e-mail sized documents that it seems silly to me. Ah well. It just leaves the door open for when i finally put SecureJMail up on sourceforge.
Frums
The short answer is we're talking about Yahoo here.
The slightly longer answer is that we're talking about a site that, when you select a secure login for e-mail, switches to SSL just long enough to give you the page where you enter your user-id and password, only to immediatly redirect you back to regular, unencrypted pages. I wouldn't trust these people to protect a piece of pocket lint.
When Yahoo! can manage to keep their email system from being hacked by fourteen-year-olds for more than six months, maybe I'll trust them to handle my encryption.
...And just for the record: I know what you're thinking, Hotmail, and that goes doubly for you.
crib
Please don't read my journal
Every once in a while, I imagine myself writing a script to automatically generate pseudo-encrypted appearing emails. I imagine sending said non-sensical non-meaningful messages to large corporation mailers. I expect on occasion, I would receive e-mails asking not to send them any more messages, and then I would reply - "Message received - the owl hoots at midnight..."
Government organizations are also another good target for said messages!
And then I imagine either lawyers or Authority knocking on my door, seizing my equipment, and getting locked up for nuisance reasons...
Until then: "Sdfd wersl. Jdibg aty qpolacvcc!"
I donate all spillover Karma to the charity of my choice... Ada was still a babe despite what people may say...
Do You #!jdfsi87?
It's not secure at all - you could easily trace illegal emails by a court order taken out on Yahoo!.
Hushmail or no-id's anonymous remailer, preferably accessed via anonymous proxy server is better
Free Anne Tomlinson!!
This is not a good thing. For one thing, Yahoo has a history of folding every time user information, etc is demanded of them. This does not at ALL give me confidence in them as an "encrypted" e-mail provider.
Furthermore, the fact that it IS encrypted will fool many of the less technical users into thinking that it's safe. It isn't.
Of course, there is no such thing as a totally secure communications system. But, the most secure that can be used by most of us is to use PGP yourself on your own machine. Then it doesn't matter WHICH e-mail service you use.
Of course, the safest possible way is to run your own Sendmail server on your Linux box (possible if you have DSL/Cable/ISDN), that way you defeat Carnivore and the UK's RIP law.
Remember though, your "secure" e-mail is also only as secure as the recepient treats it.
Offering encrypted e-mail service is a good idea. But I'd think that a company that had policies refusing to use Carnivore, and deleted their logs every half-hour would inspire more confidence.
=== The price of freedom is eternal vigilance
I know this isn't going to be a popular opinion around here, but encryption should be regulated by the government. The smoking gun that caught Microsoft was the e-mails that they sent. Imagine if they had been all encrypted. Microsoft would be even more powerful right now.
I fear that corporatism will continue to grow more and more powerful if they are able hide their stealing with encryption that the government can't crack. It will make it even more possible to take advantage of the people.
--
--
From each according to his ability, to each according to his needs.
They have to send your email unencrpted to SecureDelivery.com first to get it encrpted. If someone wants to intercept, they can intercept in this process easily. So the government is still possible to monitor.
It's more problematic then it seems: people thought that it's safe when indeed there's a big loophole.
A sig is redundant.
MailVault.com also does PGP over 128bit SSL and plans to open source the whole thing.
Sig
Appended to the end of comments you post. 120 chars
...But rather encryption to restrict the recipient's ability to access the data after a certain period of time (a week). In truth, it does both very badly.
First it is clear that this cannot be a serious attempt at the "traditional" problem of encryption--for the reason pointed out in many posts (unsecure channel between sender and Yahoo!) as well as a deeper one--this system requires you to give full trust to both Yahoo! and Zixit, as there is no proof whatsoever that they will even bother to encrypt your email when passing it between themselves. (And if you would trust a potentially life-and-death secret to two companies named "Yahoo!" and "Zixit" then you deserve what's coming to you.) Finally, there is a huge problem with verification: the recipient merely needs to "verify" that they actually hold the email address the sender specified. And how, pray tell, do they do that? Likely they instead need only temporary access to that account to recieve a (plaintext??) email giving them a temporary password. Good lord.
Instead it appears to implement an access control restriction--your recipient can only access the email for 7 days before it is gone forever. Of course, this fails for the same reason all access controls fail--the message must finally be displayed in plaintext on an untrusted machine, namely the recipient's. Assuming "Zixit" has implemented some (hackable) fix to the "copy-and-paste attack" (ala the International Lyrics Server), there is still the ever pernicious "screenshot attack". And as always, even if the recipient's machine could somehow be entirely trusted, there is the final undoing of any access control restriction--the digital-to-analog conversion. Just as I can always tape-record the SDMI music coming out of my speakers, and videotape that DVD playing on my TV, this scheme falls rather easily to a pen-and-paper.
Meanwhile, it doesn't even do the trick of "increasing the amount of encrypted emails the FBI has to look through", because all this traffic is presumably just SSL, and there's a whole bunch of that around. Besides, chances are the FBI/CIA/NSA/KGB/alien invaders would rather just install a keyboard sniffer or run a TEMPEST analysis on your computer than have to solve the FACTORIZATION problem or build huge special-purpose number seives and spend several times the lifetime of the universe waiting around to read your email or invent a quantum computer. (Maybe the aliens would rather do the latter.) Or just bring a warrant to Yahoo!/Zixit, who *both* have full plaintext access to your "encrypted" email and will likely be very happy to comply with the FBI. (Or aliens pretending to be the FBI--has no one noticed how unsecure and spoofable search warrants are?)
Um, I think what I'm saying is, this appears pretty lame. The only "useful" thing I can think of that this does is destroy the message if it is not accessed within 7 days. Of course, trusting this means trusting that 1)Zixit actually destroys the message; 2) Yahoo! destroys their copy of it; 3) no one intercepted it when it was passed in plaintext from the sender to Yahoo!; 4) any logs or copies of it as it propogated (in plaintext) across the Internet between the sender and Yahoo! were destroyed; 5) it was actually encrypted between Yahoo! and Zixit...
Does anybody have any idea why they are not using SSL to upload the original message? It seems silly not to...
Somebody mentioned that the message will still be stored in plain-text on Yahoo's servcers. I have never used Yahoo mail, but don't they have an option NOT to store a local copy? Most mail clients have this, and I guess you can always CC yourself to get access to a (more) secure copy of your own mail on the SecureDelivery encryption server.
Hi!
Step 1:
Get 'large dot.com' company that people know of with fun and well known name to 'use' your product, no matter how flawed their implementation is.
Step 2:
'Mainstream' online news service (*cough* CNet, ZDnet etc *cough*) latch on to the story that 'large dot.com' is using your product, and that the use of this product is vital to stop the 'evil internet hackers' from doing evil things with your children and credit card numbers.
Step 3:
Due to 'informed' userbase, people begin to demand your service for large dot.com's competitors services. Other companies require what the service you provide. Providing service equals more coverate.
Step 4:
IPO you well known service.
Step 5:
Get out before bubble bursts (well, if it hasn't all ready)
Internet 'Profits'. Fun huh?
------
I just send my e-mail in a special Pidgin Pig Latin Esperanto dialect I and some friends developed, then save it to file with WordPerfect 3.0. Then I send the file via e-mail. Don't even need PGP. Sometimes I can't read my own stuff, let the FBI do it's worst.
www.matthewmiller.net
"Live Free or Die." Don't like it? Then keep out of the USA
lokmail
is the only webmail service that actually
uses good old fashioned PGP encryption over
an SSL link. I think promoting PGP use
and not a new proprietary encryption system is
a better way to fly. You can get a free
PGP webmail account at lokmail right now.
Ignore Yahoo.
-- The Funk, The Whole Funk, And Nothing But The Funk
This is great! Now, the Feds won't be able to read the "private" e-mails I get from women who want to know if they'd make good porn stars, or want to invite me to watch the wild action at their party house, or the people offering me unaccredited University diplomas!
Take that, Mr. Fed!
--
Feminism is the wild notion that women are human beings.
...because it gives the user a false sense of security.
The actual encryption algorithm itself here may be fine; I don't know, I can't get the Securedelivery.com site to load. (Not a good sign.) But, as Bruce Schneider is fond of pointing out, it's not just the algorithm, but how it's used. Others here have already noted two problems: one, it's Yahoo's key, so you have to trust them to keep it secure. Two, the message already travels unencrypted to Yahoo, and even Yahoo agrees it's not end-to-end encryption.
So what, you say. It's more encrypted than Yahoo mail was before, so why not use it? The danger is that the public, who, together with politicans, have demonstrated a startling ability not to understand technology and encryption issues, may start touting this as the solution. A real solution (to the technological aspects, anwyay) is to have end to end encryption, with open source tools that at least in principle can be verified to have no back doors, and with your own personal keys you make yourself. Naturally, this makes the folks who run Carnivore unhappy, becuase they can't just go to Yahoo and demand keys. So, probably having given up the battle to competely outlaw encryption, they stand to benefit greatly from systems such as Yahoo's. The public might potentially be convinced that this is as good as encrypting your mail yourself. Indeed, many seem to have trust in huge companies (as is evidenced by the fact that the FUD attacks against Linux ("who will you sue?") took so long to go away), and may think that having Yahoo do it all for you is better.
I'd rather see it done right than implemented poorly in a way that might catch on.
-Rob