Slashdot Mirror
Elegant Email Encryption for Everyone?
"The problem is that in order to use public key encyrption, both parties (sender and receiver) must be using something like PGP. Most of the people I correspond with consider encryption either too complicated or too bothersom to use... with its key generation, signing, encrypting, decrypting, exchanging keys and such. There are always non-public-key systems, but that usually requires both parties to use the exact same software at each end. And then there is the issue of everyone using different operating systems (Windows, Solaris, Linux, etc.). And then there is cost involved for any commerical packages. Of course, there is always HushMail and its ilk, but I don't want to be tied to a web-based system.
For people like me and you, encryption is easy. But that's not the case for everyone else in the world. Why is it still difficult? And what is the best solution to date?"
http://www.spammimic.com/index.shtml
PGP Freeware for Windows ALREADY integrates itself with Outlook, Outlook Express, and Netscape! To encrypt something you just click the encrypt button then choose a recipient when you send. But to decrypt you need to perform the challenging task of clicking an icon in the system tray. Then you need to remember and enter your passphrase. Maybe the decrypting part is the problem.
Outlook Express & Communicator are good & full- featured??? They are bloatware and foist HTML and MS DOC format into emails. BTW, Outlook Express does have a PGP plug-in which makes email encryption a snap. Email is plain ASCII text, and for that nothing beats mutt or emacs.
I have been using The Bat for a couple of years also. It is by far the easiest to use, most flexible email client I have ever used. Especially when you have a lot of email accounts. It's intergration with PGP is nice, but it is still lacking support for PGP 7.0.X. As far as email clients in general though, I think it's by far the best. Customizable temples, good filtering system, etc.. Too bad it's not free.
Might as well use Hushmail then.
Yes I shouted that on purpose.
Phil Zimmermann has left Network Associates, citing "philosophical differences", and NAI PGP has just become closed source software. PGP without source is not PGP. Slashdot readers know why. Please boycott Network Associates PGP (especially version 7.x.x), and spread the word.
CKT PGP 6.5.8ckt Build 5, is compiled from the last released NAI PGP source code, with bug fixes and enhancements, full source online. These bug fixes include patching a very nasty remote exploit against Windows, the ascii armor parsing bug.
GPG is the wave of the future, but in the present, Windows support for strong crypto is very important. This support is only provided by the Cyber Knights Templar builds. Please publicise this (non commercial) address:
http://www.ipgpp.com/
There is no charge for CKT PGP, and BTW, I am not afilliated in any way with the CKT folks. View source to see my signature.
As for SSL, hushmail only uses SSL to transfer the applet. All communications are done over blowfish streams as to provide better security than the potential SSL-40.
they seem to have an excellent description at http://www.hushmail.com/about_hushmail/how_it_work s/tech_description.shtml , which can be validated by looking at the source code.
If email is encrypted then my mail server can't scan the attachments with central software that's updated four times daily. This is the ONLY thing that's saved us from every damn .vbs and Office Macro that's hit us since I turned it on.
When you have 6000 PCs in a metro area there is no POSSIBLE way you can keep the virus scan up-to-date consistently across all the desktops. Not with user login scripts, not with $$$ Tivoli... not at all.
Even when a virus slips past my mail server at first it gets quickly stopped when the vendor posts an update. Encrypt the mail and I can wash my hands of the whole thing and stop worrying about it. Let the entertainment (watching the helpdesks, technicians, and end-user desktop admins deal with a virus explosion) begin!
(Sorry for that. Virus attacks are a major pain in my ass and having the mail server scanning software has hidden the truth about our desktops from the powers-that-be. I'm tired of covering for the deficiencies of the end-user systems.)
And yes, you're right. Email users will click on anything, will answer "yes" to anything, type their password to anything. But you don't need to have encrypted mail to snatch a password; there's no reason at all a virus writer couldn't put up a form asking for their firewall/email/diallup password.
IMO, if you REALLY want to improve things with encrypted mail, you make it so you encrypt text ONLY. That way you gain the security of encryption and push businesses that want that security towards a non-feature-rich, non-proprietary, non-exploitable email format.
Humph. It'll never work. There's no way Microsoft can force endless upgrades on people with text-format mail.
The problem now is Network Associates - they are effectively killing PGP. Horrible service/tech support, they are charging $500 - $700 for the latest version (7.0.3), they require you adhere to the (now unfortunately common) BS licensing terms of no reviews or benchmark publishing without permission, etc., and they no longer publish the source code! I have been an vocal advocate and user of PGP for years, but I refuse to take this crap from NA. The non-commercial version of PGP is still available as freeware on the MIT server, but I need to encrypt work-related commercial stuff and would gladly pay a reasonable fee. Jethro is (was?) partially right that PGP used to integrate very well into both Outlook and Eudora, and at a cost that most could handle. About a year or two ago I purchased Eudora for a about $50 and PGP was included. A far cry from the $500-700 without Eudora (and no source code!, even after the recent ADK bug and bug fix - which should be held as definitive proof of the need for open source software). The Net very much needs a good strong encryption standard, that is widely available in a peer reviewed format, and that hooks seemlessly into the email applications used by many. I further contend that since the e-signature law passed last year, the market is ripe (and potentially huge) for secure correspondence that can be absolutely authenticated. A PGP based system could conceivably fit that niche, and Verisign has failed in IMHO. Phil Zimmerman please come back into the fold. I fear reasonably priced encrytion "for the masses" may soon be limited to ROT13 run through the jive language translator. This situation demands a solution, yesterday, it is already holding up ecommerce.
I'm pretty sure this is incorrect. You can encrypt a message to multiple recipiants at the same time, and each of their private keys will decrypt it. This makes it easy to send the same email to multiple people
gpg-encrypt -r Person1 Person2 Person3
should work for that.
I hate feeding the trolls.
The point was that gpg CAN encrypt to multiple people. I ran a simple test case using the command line. Mutt will also encrypt to all the recipiants. I'm assuming OE and Eudora have hooks to do the same thing.
So now: Emails can be encrypted to multiple recipiants via email clients, thus making it viable for group discussions.
Now, remove your head from your ass.
Thank you.
Sylpheed has been able to do GPG for a while, though I only got it going yesterday. I put some [S]RPMs up here
--
Which is good, but my boss uses communicator for email (and even likes it for some reason!).
Outlook and eudora are fine, but right now I'm stuck with x509 verisign certs (which only work on communicator under linux, no other clients) because pgp (which we wanted to go for) doens't work for netscape under linux or windows.
Anyone got a solution for this? Either
a) x509 support for a linux client that isn't netscape
b) pgp support for netscape under windows and linux
TIA
Compress it. Simple ZIP compression will defeat packet-sniffers looking for keywords or credit card numbers. And the braindead password protection in PK(and Win?)Zip will stop people going the extra step of simply opening attachments. Unzip software is pretty ubiquitous nowadays.
Outlook Express & Communicator are good & full-featured???
I prefer Outlook Express to all other email clients I've tried, including Communicator (Netscape or Moz), KMail, Pine, Mutt, Eudora, Mulberry, Sylpheed, Kiltdown and probably another half dozen which I've forgotten the names of.
Why do I prefer Outlook Express? It's ONE app for mail and news. It's straightforward, has pretty damn good filtering (No I don't need regexps, thanks for asking), multiple POP, IMAP and NNTP accounts, works with LDAP, doesn't barf on attachments or HTML mail (ewww...), I've never had it crash out on me and it is pretty damn fast unless there's a 10M attachment. NO OTHER EMAIL APP WORKS AS WELL FOR ME. Get it? Got it? Good.
Believe you me, I want an OE clone for Linux. I run Linux on my laptop but run Win4Lin so I can get OE, IE, Office and my Win32 dev tools. I don't use IE all that much (Opera and Konq rock my world) but there has been nothing which works as well for me as Outlook Express for email and news. And that's sad because I could do a lot of my work without booting Win4Lin if I could only get a decent email client.
Security? Yeah OE blows for security. I run qmail on my mail servers and the HTML-trap procmail script cleanses all my incoming messages. I've never seen an ILOVEYOU, autorun .vbs or Word macro virus. If I were running OE in a "wild" environment I'd be crazy but I have a nice firewall at work and a decent firewall at home. I'm not running "in the wild." OE works nice for me.
They are bloatware and foist HTML and MS DOC format into emails.
I've never had MS Word or .DOC emails come out of OE. And it certainly doesn't foist HTML email on me. One configuration switch and it's all plain text, baby. As far as bloatware goes, OE is actually pretty nice in that respect.
Oh well. You could do all that with emacs and have a real editor
Sure, call up the bloatware app of the open source world. Hell even Moz doesn't meet the bloat that emacs has.
And, you could be doing other, real work, instead of farting around pointing and clicking on menus when two or three commands on the keyboard would have the job done.
I am generally a keyboard kind of guy. Like the keyboard, however, mice have their place. In a multi-pane email app, the mouse wins out over the keyboard for quick selection. After that I use the keyboard to scroll up and down, selecting different messages, deleting, etc.
I will never, in all the time I'm on this earth, understand why people obsess with mousing around on menus. It is demonstrably NOT faster than using the keyboard to do the same job.
For most circumstances I would agree with you on the speed issue. Try calming a crying infant in one arm and read the latest CBC news with just a keyboard. The mouse is demonstratably faster in situations such as those. And it has also been demonstratably proven that the WIMP interface is more intuitave than [esc]:wq (Yes I use vi).
Like a lot of other people, I've used multiple clients and I have no doubt that the text-based clients are the fastest and easiest to use. You can't do anything with fatal OE that I can't do as well or better in emacs -- well, except produce HTML mail.
For me, OE is the best. I personally don't care what you use unless I haven't heard of it before and thus perhaps persuade me to try it. As far as emacs goes -- well I'm not going to open up that can of worms. I don't like it and that's all there is to say on that particular subject. It works for you and that's good; I'm happy you're happy. It won't do it for me, though.
And since when did this become a pissing match as to what the OS-that-thinks-its-an-editor and an app which has a specific defined purpose can do? I stated what I liked about OE and why because someone (possibly you) had said that OE was a bloated piece of shite. I feel I've proven my point.
Check it out!
The only people who have anything to fear from this are the child pornographers, pedophiles, child molesters, etc. in general anybody who would harm children
Then why do you lock your doors? The nice police will keep all the bad people away. Why do the feds have to get a warrant to wiretap your phone? You have nothing to fear, right? Why don't you live in a glass house?
I wish PGP would integrate better with Netscape, my chosen email client (maybe it does now, but I haven't looked in a year). Integration with Outlook was marginally better, but I'd rather not use that client, and besides, it only works with text-only messages (I guess I'm talking signing here, not encryption, which I didn't try).
Until there is seamless integration with email clients, signing and encryption will not be popular as the average person will deem it too much effort.
Wrong. I want to be able to send emails to my friends in the US without the NSA being able to build a profile of me that will be incorrect in 20 years. I want to be able to send email without some unscrupulous (sp?) company logging everything from their SMTP server and then selling my demographic information. Personally, I'm worried about the companies running the internet than the governments. I want to be able to express opinions today that I might not agree with in the future without worring about some arsehole company like Experian being able to build an incorrect profile about me - companies like Experian already have too much power over our lives.
It's possible that the NSA can crack PGP. But they probably can't do it easily. Right now most of the email you send get streamed all over the place in PLAIN TEXT. That means that the NSA can literally search everyone's email for interesting regular expressions. The sys admin at your ISP can do this with your mail as well (and probably not just the sys admin).
Even elementary encryption methods (like rot-13 or reversing the entire message) will defeat these types of random computerized searches. That means that in order to read your email someone at the NSA (or your ISP) would have to actually want to read your email in particular. Instead of being able to use a computer to sift through your private conversations they have to pay some human to do this.
PGP raises the bar another level. The NSA might be able to read your PGP encrypted email, but they probably can't do it easily or inexpensively. They would have to schedule time on their super computers, and it would probably take a considerable amount of time. In fact, it probably would be easier to simply drive down to your house and put a gun to your head and demand the passphrase.
After all, if the NSA really wants to read your mail, you are screwed.
Nope. Every answer I've seen here is looking at it from the wrong viewpoint. Anything that requires application support is doomed from the start. Sure, as soon as something gets into Outlook, it'll be adopted by the world as a whole, but only until the next version, when MS will replace it with something else that's completely incompatible.
The solution is not encrypted email. It lies in the use of opportunistic encryption at the network layer. That way, all traffic is encrypted, whether it contains an email message, a web page, a DNS lookup or anything else.
"The invisible and the non-existent look very much alike." -- Delos B. McKown
Forget about instantenously communicating securly with the entire rest of the world. Focus on what you can. Sign every message that you send. Put your key fingerprint in your signature, especially if you post to Usenet or mailing lists. (If someone decides to forge your key, they're going to have a hard time doing it if your original fingerprint is archived in hundreds of posts all across the net.) Post your key on your webpage and your Slashdot user identity. When you get a signed e-mail from someone, hunt down his or her key and add it to your ring. From then on, encrypt the e-mails you send to that person. You can't change the world today, but you can work to make it a better place tomorrow, one encrypted e-mail at a time..
Problem is that most of us (in the wild, wily commercial world) must communicate (preferrable securely) with people that can't spell to PGP, but whose IT-departments are willing to help them set up S/MIME. Kmail (and no other Open Source client that I know of) supports S/MIME (which today is the de-facto standard for the PHBs), which makes it very hard to propose an Open Source solution. When kmail (or exmh, tkrat, etc) supports S/MIME, we will have a better chance of penetrating the desktops of the corporate world. Roland B.
-- Roland Buresund MBA, MCMI, CISSP
...richie - It is a good day to code.
PinePGP provides Pine with "hooks" to GnuPG and various versions of PGP.
If I'm not mistaken, RedHat is bundling GnuPG hooks from PinePGP package in their Pine RPM package.
hany
...that it wasn't racist to begin with. It in no way discriminates against anyone.
Vermifax
Vermifax
Logout
>Also, if I understand it correctly, you can really only send an
>encrypted message to one person at a time, because you're
>encrypting it with their public key (so that their private key
>decrypts it). So PGP is not really a solution for, say, mailing
>lists.
Not so. You can encrypt a message to any number of public keys. Any one of them can decrypt it with her private key. If a recipient has the public keys of the others on her keyring, she will be able to see who else can read the message.
I always encrypt outgoing messages to the recipient's key and to one of my own. Sometimes it's nice to be able to review what you've written later.
I've always wondered myself why MTA-to-MTA encryption isn't more prevalent. It's not all that difficult; all you have to do is run SMTP over SSL. There's even a port number assigned for it (465/tcp).
Sending MTA's simply need to try port 465 first, and if they can get an SMTP-over-SSL connection, transmit the mail that way.
The only caveat is, when you trust your privacy to this paradigm, you are assuming that everything downstream from the mail server is secure. This is fine if The Enemy is government-sponsored wiretappers at the major Internet backbones, but if you are afraid that someone's snooping the in-house LAN, you'll have to use something that's integrated into your client program.
--
Tired of FB/Google censorship? Visit UNCENSORED!
Are you clearsigning your emails, or are you making a separate signature file? If you just clearsign, it shouldn't come through as an attachement.
Engineering and the Ultimate
Hence, I use A=65, B=66, C=67, etc...
I've called this encryption code "ASCII", which stands for "Absolutely Secret Code for Idiocy Interchange".
-- Faré @ TUNES.org
-- Faré @ TUNES.org
Reflection & Cybernet
MTA-to-MTA encryption protocol : STARTTLS. It doesn't specifically encrypt the body as does S/MIME and PGP/MIME, but it encrypts the entire MTA-to-MTA session. However, once the mail reaches another MTA that doesn't support STARTTLS (or doesn't have the SSL/TLS certs from the connecting server) the mail is in plaintext. There are a few RFCs for STARTTLS in IMAP and MTA if you want to look into that.
STARTTLS answers all of your requirements as stated. Sendmail 8.11+ in particular is very good with STARTTLS and notes whether one, several, or all of the MTA-MTA connections in a given message's route used STARTTLS successfully.
Side note: if you are concerned about performance and security in Sendmail, look no further than 8.12b10. I've heard it rips postfix to shreds and drops setuid entirely now.
Jubal
Microsoft has added encryption to Outlook, Outlook Express, etc., and they've had it for quite some time now. Get yourself a certificate from a root trusted authority (i.e. Thawte) and install it and there you go.
Personally I prefer PGP though.
Given that you're sending to the person, the issue is more that you need to have their public key. If they installed PGP and then right clicked on their key (in Key Manager) and picked "Send To" they can upload their public key to keyserver.pgp.com, among others. When you then try to send a encrypted message to it your client will, seeing that you don't have their public key, sends a query to the LDAP server (whichever one you requested) requesting the public key associated with that email address.
Organizations can achieve this internally (in a more "Trusted" manner) through the use of a PKI server.
The subject is a joke. Personally I am sick and tired of every half-wit commenting about how "Who needs encryption but people who have something to hide?". That's bullshit (and anyone who says that needs to be slapped around a bit).
Encryption isn't about hiding anything, but rather it's about not revealing what no one has the right to know. I use encryption for pretty much everything, and while a lot of the messages are business related (and hence critical that they remain private from opposing businesses and foreign governments), a lot are completely banal conversation type things, yet STILL I encrypt them. Using the standard analogy: I don't send my letters without envelopes, and I'm not going to send my emails without protection.
I am prone to believing that the only ones who abhore encryption are those who are too stupid to understand it and implement it so they fear that others using it makes them more vulnerable to being monitored. It's like those who scoff at crime prevention techniques because they feel that it makes them more attractive to criminals (because being too stupid &| lazy to implement crime prevention they are sitting ducks separated from the herd).
As mentioned by another poster PGP hooks into Outlook, Eudora, Pegasus, and Outlook Express. You can set it to decrypt on opening which makes it generally transparent, apart from entering your passphrase when your cache timeout expires.
Msft buys up PGP and integrates it into LookOut.
( Boo! Hiss! -5 BlameFait )
try { do() || do_not(); } catch (JediException err) { yoda(err); }
If you're desperate, use OpenSSL to set up your own CA. Then you can issue your own certificates!
Why do I prefer Outlook Express? It's ONE app for mail and news. It's straightforward, has pretty damn good filtering (No I don't need regexps, thanks for asking), multiple POP, IMAP and NNTP accounts, works with LDAP, doesn't barf on attachments or HTML mail (ewww...), I've never had it crash out on me and it is pretty damn fast unless there's a 10M attachment. NO OTHER EMAIL APP WORKS AS WELL FOR ME. Get it? Got it? Good.
Oh well. You could do all that with emacs and have a real editor to work with besides. And, you could be doing other, real work, instead of farting around pointing and clicking on menus when two or three commands on the keyboard would have the job done.
Everybody has their own favorite or non-favorite email app. I will never, in all the time I'm on this earth, understand why people obsess with mousing around on menus. It is demonstrably NOT faster than using the keyboard to do the same job.
Like a lot of other people, I've used multiple clients and I have no doubt that the text-based clients are the fastest and easiest to use. You can't do anything with fatal OE that I can't do as well or better in emacs -- well, except produce HTML mail.
mp
"The secret to strong security: less reliance on secrets." -- Whitfield Diffie
Are you clearsigning your emails, or are you making a separate signature file? If you just clearsign, it shouldn't come through as an attachement.
And I've explicitly stated that it's an attachment, so you've answered your own question, haven't you?
-
I think the best thing to do is just sign (not encrypt) all your email to your non-crypto using friends. That way they can still read your email, but they'll have to use a pgp aware mua to verify your sig.
I do this, and to date not a single person has switched email clients in order to be able to process my signatures.
The only responses I get that acknowledge it at all are:
1) Emails warning me my attachment was "corrupt" because they couldn't read it. I get these often.
2) Emails demanding I stop sending them "useless attachments". These are less frequent, but usually devolve into profanity when I say "no".
3) Bounce messages from AOL subscribers who are set to not accept messages with attachments. I get these every time I post to certain mailing lists.
4) One person who continually bitches that he won't read my emails because he fucked up notepad, and his MIME types are set to use notepad for text/plain attachments that Outlook deliberately mis-presents, and he's too lazy to fix notepad or change his MIME settings, so therefore I should be banned from all his favorite mailing lists until I stop persecuting him.
5) Another idiot who has Eudora automatically saving attachments, and refuses to install an automatic cleaner or turn off that setting, so therefore I should be banned from all his favorite mailing lists until I stop persecuting him.
Keep in mind that Microsoft's email products all deliberately mis-present a properly-signed PGP email (I.E., MIME-attached signature, as opposed to the inline kludge) as being a blank email with a notepad document attached, and be prepared to deal with this when you begin signing all your messages.
Interestingly, the folks using Hotmail, Yahoo, Excite, MailandNews.com, etc., don't bitch at all. Those services handle things properly (albeit not checking the signature), and their users thus don't have a problem. Of course, they don't have the option of verifying my signatures in any rational manner, either.
-
Mutt makes it about as easy as it gets. It has builtin pgp support. Red Hat 7.1 ships with that enabled in the RPMS, so I assume others do as well.
Add the line:
set pgp_autosign=yes
In your config file and it will automatically sign all your outgoing messages.
To encrypt a message, you just compose it and then before sending hit 'p' to go to the PGP menu then 'e' to encrypt, or b to sign and encrypt. It prompts you for your PGP passphase and off it goes. It also remembers the pass phase for the duration of the mutt session to save retyping it. If you want to tell it to forget the pass phrase during the session just hit ctrl-f.
This all great and wonderful, but you have to have installed mutt, installed pgp or gpg, have setup your PGP keyring, and it doesn't hurt to have registered with pgp.net so that everyone can find it. That's not hard to do if you have instructions, but it isn't clear and easy for most users.
LOL!
Unfortunately, it makes total sense to many pointy-haired bosses...
Not really an issue. Just encrypt to the mailing list server, which will then decrypt and encrypt to list recipients.
Of course, you wouldn't be certain of who the mailing list server is sending the message to, but if you were worried, why'd you send the message to an untrusted list?
...it's the TYPE.
I wouldn't be surprised if somewhere the government has systems that can decrypt any of the major encryption schemes - even with large keys - in relatively short order (and not that I really care if they are reading my email anyways - hope at least someone enjoys the spam). If the government wants to read your email, they will.
However, a computer can only crack encryptions it knows about. If you have an encrypted text and someone wants to crack it, they will run it through various algorithms to be cracked... and if it's identifiable as a specific encryption algorithm, so much the easier. However, if the person doesn't know the encryption and it ISN'T a standard, it's harder to break.
Hell, just XOR your text with some unknown poet's words, and as long as the interceptor doesn't know the method (and it isn't one of the off the shelf schemes), the key will be harder to aquire, and so will the content.
- MaineCoon
Hunt your preferred prey at Aliens vs Predator MUD. Join the war at avpmud.com port 4000
Actually, the Enigma machine was immune to frequency analysis because the key used to encrypt each letter was changed for each letter. This was the purpose of the three (and later more) rotating tumblers with 26 sets of wires on each side. Press a key, thunk, the first tumbler moves over one position and you have a different encryption. 'AAAA' could come out as 'CLXT'. After 26 keys, the second tumbler moves over. And so on.
The primary reason Enigma was breakable was that the germans used message keys for each message, which were encrypted using a pre-selected day-key. The message keys were broadcast twice at the beginning of each message, which led the hungarians to develop a method for cracking the key based upon chains of letters in at the beginning of the messages. Once the day key could be cracked, communications were transparent for the rest of the day. This is not frequency analysis.
Actually I've had the opposite experience with 'The Bat!'. My work has 10 licences for it, and we've been using it (small company) for internal email. I recently had a 500Mb mail file with only 7Mb of data because it wasn't compressed. On reading the (not very helpful) documentation I found that yes, I could 'compress all folders' from the client, or set specific folders to compress on exit - but couldn't set it as a global option.
'The Bat!' uses a binary custom mailbox format.
'The Bat!' only supports IMAP as a POP-alike download system - IMAP folders on the server are not supported.
The response I received from their tech support line about these issues was "we're planning to fix that in a few months" to every single question I asked. Vapourware'r'us.
I have decided that I don't have time to wait for a commercial company to solve the problems that other companies (Eudora Light 3.06 anyone) have solved years ago. It feels like they're working their way through all the same mistakes.
Absolutely.
I'm not so full of myself to think the FBI/CIA/NSA are out there looking for specific stuff I write. However, I _am_ sure that there's an echelon/carnivore out there gathering any and all information it can - SOME of which is mine.
True, there is so much data there that there's no way someone's reading it all. It's obviously some machine scanning for keywords.
But the point is, they CAN go in there and see the cutsie things I Email to my wife. A bored NSA employee CAN go in there and, bu accident, of course, find my secret tofu steak recipe. Someone CAN be reading stuff I write that, while not illegal in any way, shape or form, is still PRIVATE.
Thus it gets PGPed, and thus if I am ordered by a court of law to surrender my decription keys, it will NOT be a real problem.
--
In the land of the blind, the one-eyed man is kinky.
PGPDesktop and PGPFreeware for Windows do indeed hook into, at least, Outlook and Eudora. They make encryption and decription transparent - you have to click the little "Encrypt" thinggie on the toolbar and you're done. Unless it can't find the right keys, and then it'll ask you to choose them.
--
In the land of the blind, the one-eyed man is kinky.
That's a pretty interesting idea!
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
That's a pretty reasonable tradeoff for most people, though.
No. PGP encrypts the message with a symmetric session key, and then that one session key is sent several times encrypted with each reciever's public key. Thus, when I send a PGP message to Bob and Alice, the message includes these three things:
- The session key, RSA-encrypted with Alice's public key
- The session key, RSA-encrypted with Bob's key
- The message, IDEA-encrypted with the session key.
(s/RSA/DH/ & s/IDEA/3DES/ for newer versions of PGP and GPG, I think.)Not a bad idea at all. Adding more layers never hurts, especially since CPU is so cheap now.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
You've just gotta try to convince people to use better email clients that make PGP integration easy (mutt has a good rep among Unix guys, and I use SeriousVoodoo on my Amiga). And if they keep using crappy software, then there's just nothing you can do about it: your mail with those people will be insecure.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Exactly what nefarious and diabolical things is the government going to be able to do with a key repository? They could, um, replace your public key with their own version causing people to send encrypted email intended for you that they can read. Except people should be verifying key fingerprints out of band so this doesn't fly. Besides, they could do it anyway if they really wanted to. Er, other than that I'm kinda drawing a blank on what evil things the government could do. Perhaps the conspiracy theorists would care to elaborate?
Sadly not. PGP isn't going to get into Mozilla any time soon because the Mail/News team want a pluggable architecture written first. They are the only people capable of writing it and they don't have time.
So, the guy from PGP Inc., who has written the PGP support (which works now) has been told his patch is a hack and won't be accepted.
There's a bug on this, but I don't have the number - search Bugzilla.
Gerv
The point is not to try and convince millions of humans to change their behavior (buying a certificate and using an e-mail encryption program. Changing human behavior en masse is damn near impossible, and has been tried many times without much success.
If the goal here is to prevent snooping of mail-in-transit, which is probably what most people are interested in, then we should focus on securing the transit. We need to convince system administrators would setup POP3-over-SSL, IMAP-over-SSL and SMPT-over-SSL. If we did so, we could secure the information in transit which is at least half the battle. It is true that the payload of the message would be stored un-encrypted, but that's a minor problem (IMO) relative to the snoop-in-transit issue for most users.
End users would not have to modify their behavior at all really (except at the time of initial configuration of their cleint software). And they wouldn't have to be bothered by the complexities of key management, which is more complicated than most non-tech-savvy adults can handle.
This is the path we should be taking.
-jason
Assign a number to each letter of the alphabet in order. A=1, B=2, C=3, etc..
12345? I've got the same combination on my luggage! -- Spaceballs
KDE's mail program, kmail, integrates very well with PGP/GPG. Again, the problem is with PGPs widespread/crossplatform acceptance.
You could always encrypt your mail in perl..
.
Ah preyfahr to wraht mah mailings in a riduculous Frahnch haccent! :)
It doesn't mean much now, it's built for the future.
6857 2079 6f64 276e 2074 6f79 2075 756a 7473 6420 206f 6f73 656d 6874 6e69 2067 696c 656b 7420 6968 3f73
Accidents per takeoff/landing probably have more to do with the airline and pilot than the aircraft manufacturer. Aircraft failures for which the manufacturer is culpable (that is, not due to poor maintenance) tend to be caused by factors like vibration and metal fatigue, which are a function of operating time.
From whom did Microsoft purchase OE or NT? Microsoft hired DEC developers working on DEC's (canceled) Prism OS to create NT.
cpeterso
"Encrypting" something with your private key is of no use. Since your public key is well known, anyone can read your email. This is actually called signing. And most digital signatures don't actually munge the messagey body. They typically encrypt/sign a message digest (MD5 or SHA1) of the message and send the message in plaintext. That way mail reader can read the plaintext message, but a crypto-enabled mail reader can also verify the email's digital signature.
cpeterso
There's no way people would bother unencrypting messages I send them, my friends would say:
.. '
'wtf, just send it normally you paranoid freak'.
The people on my hockey team would say:
'what is this you are sending me?'
my co-workers and bosses would wonder:
'why is he encrypting all his e-mail? hmmm
There's just no way it will ever take off that much until there's a dramatic shift in culture and computer/privacy awareness, and it's not happening anytime soon.
BilldaCat
Oh, sorry it's text based. But it handles PGP signing and encryption in-line.
If you are sending email from work, you are probably violating your company's email policy if you encrypt your outgoing email. And, if you send encrypted email to someone at a company with a tyrant IT admin, expect to get them into trouble.
I don't think that the barrier-of-entry to email encryption has anything to do with how easy or widespread it is - I think it is almost completely because it is considered improper to use encryption on email. You are perceived as either a wrongdoer ("he must be covering up something") or a troublemaker ("she's corresponding with someone shady").
-TomK
This would be pretty useless because
- You send the encrypted text to the web server
- You (presumably) also send the key to the web server
- The web server returns the text unencrypted
If you use ssl or some other connection encryption, then you prevent man-in-the-middle/sniffer attacks, but you still hand your sensitive document over to whoever is running the web based decryption service.
Unless the "web based decoder" is really a Java applet that does not send any actual data back to the server.. but then you've gotta have Java, and you have to trust the downloaded applet. Which means, trusting the person who runs the web-based decryptor, again..
-TomK
These components that do not exist (to my knowledge) in isolation under Windows systems, instead being integrated into a single "e-mail client". Here's how the sequence generally works:
Obviously this is a complicated process to understand. It's a very good example of how newbies can feel that Linux gives them *too much choice*. However they'll get the most features and security if they use all the seperate components.
I believe one thing that's missing is a generalised E-mail HOWTO. Sure there are HOWTOs about lots of specific topics, but someone who just managed to make it through their Mandrake install will still feel a bit lost. Topics that need to be covered include:
In particular, the only way newbies can evaluate the difference between Netscape, Balsa, and mutt is to look at screenshots (assuming they don't just choose whichever appears first in their menus). More handholding is needed!
Aside: And if everyone agrees that mutt is wonderful except for its lack of GUI, why hasn't someone written a front-end?!
Start by signing your emai. That way the people who know what it is will ask for your public key, and the people who don?t will ask.
Unfortunately, Mozilla doesn't support this (yet), but it might get support faster if you vote for this bug: http://bugzilla.mozilla.org/show_bug.cgi?id=60377
Mozilla is a graphical email client. And it is cross-platform. And it is open-source. Any other graphical, cross-platform, open source mail clients out there?
Currently, a PGP plugin interface is being added to Mozilla. It should show up in the next release or the one after that. It will allow PGP to be used almost transparently.
Hopefully, this will bring PGP a little closer to the mainstream.
One problem is that, currently, PGP keys require a password in order to use them for signing or encrypting email. People don't consider having to type in a password "easy to use." However, if you create a MUA that remembers the password, you've reduced the security, because now whoever can get at the machine can get at the key. This is the same old tradeoff between security and ease-of-use.
Maybe the MUA could use biometrics for identification: One way is to use face recognition software and a webcam. That should be better than no security, but it's not foolproof. A better way would be to encode the user's private keys into a smartcard. The user just removes the smartcard and keeps it with him, giving about the same security that car & house keys give. That should be good enough, we're talking about ordinary people who usually don't have too much sensitive stuff going over the net, not state secrets. The downside is that the user needs to buy a smartcard and a smartcard reader.
Meldroc, Waster of Electrons
It's lacking in PGP 7 support because NAI has yet to release the SDK headers.
There is not much The Bat can do about this.
"One problem is that, currently, PGP keys require a password in order to use them for signing or encrypting email"
Sorry, don't think so!
You only need your passphrase to sign. NOT encrypt only. Try it and see.
I would be more worried about bored sysadmins and I'm sure we ALL remember the original BOFH stories. I doubt the NSA is going to snoop my email to discover that I've been offered a fantastic deal on printer toner.
Whoa??? You obviously don't know much about freenet. Obviously you'd need to set it up a bit different so that old keys don't get lost. But I digress
Use an MTA that supports the SMTP STARTTLS command, such as Sendmail or Exchange, and then configure it.
People who disagree with you are not automatically evil, greedy, or stupid.
Yeah, and only a criminal needs a gun....Why else would you ever need one unless you are a cop or criminal?
This train of thought really pisses me off. Just because one kid can't behave at recess, should all the kids be kept inside, away from the swingset?
Oh gee, we aren't kids, are we. This isn't a swingset that we are talking about, but the Liberty of a self-directed adult. I guess I can always hope that you are just a Troll.
If it ain't a Model M, it's a piece of crap.
Eudora has all that.
Eudora PRO has all that except for the OE security holes.
Instead of having a central depository for public keys, why not make a P2P public depository. It may periodically require you to republish your key, but the server would never disappear.
Sorry, dude, I've lived in Virginia most of my life. :)
You are in a maze of twisty little passages, all alike.
So what. It's a way of speaking. Does the fact that it is primarily associated with blacks somehow make it sacrosanct? Would you feel that talking about any of the following accents being racist?
Southern Drahwl, y'all!
Noo Yawk
Tayxis
Bahstahn (Pahk the Cah)
Valley Girl (fer sher!)
Swedish Chef (Bork!)
Comic-book Guy (Worst Post Ever!)
It's a harmless joke. Get over it.
You are in a maze of twisty little passages, all alike.
Why would I want an ill eagle?
Next, businesses use email a lot to encrypt email. Without that, any idea you put on the net is considered public disclosure and could cost you dearly. My company uses encryption on all email, even jokes and comments. If someone is spying, the extra traffic makes it more difficult. Its automagic with Netscape.
IIRC, You can also make Outlook automatically encrypt (or sign) all outbound messages as well. That way, the recipient can know without doubt that the trojan on your system did, in fact, use Outlook to spread itself via email....
Don't encrypt your casual emails. It requires overhead work by both parties and is superflous. If you must encrypt your emails then both parties will understand why and they will have the required motivation to get the job done which is very easy with GPG for GNU/Linux and PGP for windows bastards. Mac users... i dunno. They like to do things their own way so what are the chances they'll agree to your standard? I'm sure they will figure out a way to use it if they have to. (i.e. i dunno anything about macs---except G4's are sweet).
-Rob
First, you're right that a single system (or maybe an agreed upon wrapper (sorta like MIME (maybe even MIME)) has to be adopted by a large number of people for this to work.
The other gremlin is in the key repository. For a public key system to be fully functional we need a trusted public key repository (to facilitate checking signatures and obtaining public keys for people whom you wish to send a message to). That's a sort of tough one to pull together though, because we obviously can't trust government, and it's such a basic and simple service that not many people would pay for it. It's also a high volume service, which means that volunteers will quickly be put out of house and home with bandwidth charges, plus it's a service that begs for a well established institution, because if it goes away all the sudden, it'll really suck for a lot of people.
Any good ideas? Public key encryption will still work without a public key registry, but it's subject to some limitations, because you have to be sure that the public key you get is really the key of your intended recipient, and for the same reason, checking signatures is sort of out.
---
Play Six Pack Man. I
Ah, but the telephone is far from the only alternative to the internet for sending data.
You could burn the key to a CD or copy it to a floppy and courier or mail it over to the other party. With a bit of effort, your package could be made tamperproof, or at least make any attempts to open it by a third party very obvious.
Another relatively secure method of transmitting data which is often overlooked is a direct modem connection. I realize not too many people remember doing this, but if you just fire up your favourite terminal app and dial the other party's number, you can just copy the key across using Z-modem (or whatever catches your fancy).
This *could* also be intercepted and modified along the way, but the likely hood of this is much less than sending keys across the internet.
If you're exceptionally paranoid, you could just use a combination of different methods, and diff them to make sure the public keys came through the same.
"Intelligence is the ability to avoid doing work, yet getting the work done".
It's only software!
No, they haven't.
Airbus and Boeing are roughly at the same safety level and track record per distance flown/time.
-- Colin
What are you going to do? Solve a problem like this for everyone you might want to send an email to?
Here's a solution. Make each message a MIME multipart where one part is encrypted and the other is copy in plain text. That way you're sure that the recipient can read it!
load "linux",8,1
Ick. I wish mutt would *die*, because of the broken way it puts the message body into an attachment. It's really annoying when I get mail from a mutt user and I have to open the attachment just to see the message text.
Slashdot - News for Herds. Stuff that Splatters.
BZZZT! Wrong. I know the standards, and it's mutt that's in error. Thanks for playing.
Slashdot - News for Herds. Stuff that Splatters.
Ok, it's slight OT - But does anyone know of a regular keysigning in NYC, or does anyone want to set one up? I'm game
Charlie
-- 73 de KG2V For the Children - RKBA! "You are what you do when it counts" - the Masso
Point being: Sign everything!
Good idea...verify everything you send, just in case you accidentally (ahem) say anything objectionable. It will make legal proceedings against you so much easier, necessitating hiring one of those evil attorney things.
Unless you have a specific reason to prove that you wrote something, don't sign it.
I'm mad I didn't see this earlier, so that more folks could see this comment.
PPS is exactly what you're looking for, but it's still in the starting phases. Currently, I'm looking for the following folks to help out:
1. Anyone who has written RFCs in the past, and wants to help get this one into the process.
2. Folks familliar with OpenPGP who wish to touch up the spec to account for that standard.
3. Anyone who's good in C and wants to help with plug-ins for various mailers or the reference library.
4. Others who just want to comment on the existing specification....
Please feel free to send me any comments you might have, but be aware: my goal is creating an infrastructure that makes good crypto available to everyone. This means that I make some pretty harsh compromises in the general case, but then allow capable souls to undo all that on their own. That's by design and pointing it out to me is, well... pointless. Suggesting ways to compromise less is always welcome, of course.
--
Aaron Sherman (ajs@ajs.com)
Unless the NSA has come up with several mathemathical methods that the rest of the world has been searching for pretty damn hard , and missed (and its a big unless, they are the worlds biggest employer of mathemathicians so its not out of the question), then using trusted algorithms (e.g. IDEA and RSA) with large key sizes will make your data secure until the sun grows cold. As for do they care? Read up on echelon and draw your own conclusions.
"In Xanadu did Kubla Khan a stately pleasure dome decree"
That's right - extended binary coded decimal interchange code is your ticket to imformation safety! just atoe(message) and your e-mail is safe from prying eyes. And all it takes is a snazzy etoa(message) for the recipient and, POW! Safe e-mail.
--
"It's tough to be bilingual when you get hit in the head."
That's a hack, barely one step above running SMTP over a SSH-forwarded port.
STARTTLS is much better since it is part of the SMTP protocol. This allows it to formalize behavior that a simple tunnel can't, e.g., to refuse to connect to a site because it fails to present the expected cert.
While the SSH layer *could* do this, there's no consistent way to handle this. E.g., if the connection at port 465 fails because of a bad cert, do you send (or accept) the mail anyway at port 23? If so, you've just lost all strong authentication.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
End-to-end encryption requires the cooperation of both parties. If they think it's important, they'll figure out a way to make it work. If they don't think it's important, you can't cram it down their throat.
:-)
However, you aren't completely powerless. My system runs qmail patched to support STARTTLS - any outbound mail that connects to another site that supports STARTTLS will be encrypted. I'm twisting the arm of my ISP to do the same thing for my inbound mail. (My inbound and outbound mail follow separate paths.)
I believe that the latest versions of most MTAs support STARTTLS now - either directly or via patches. Personally, I consider this upgrade equivalent to a "serious security bug fix," but your package maintainers may disagree.
This is NOT a complete solution - mail is still unencrypted on the disk, and according to a recent, and totally unfathomable, court ruling once mail is backed up to tape by your ISP it loses all ECPA protection. But it *will* stop packet sniffers, traffic analysis (at the user level), and with a bit more work also allows you to provide host-based authentication in addition to encryption.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
I have OpenPGP set up at work, which plugs into Outlook very nicely. At home, I've got GPG which plugs into KMail in a similar way, and is fully compatible with OpenPGP.
I've got a PGP tool for my Psion 7, though this isn't as compatible, mostly in that I can't import/export private keys from the other two into the Psion version of PGP.
Two things though that I haven't figured out yet. The first, is should I use the same key for all my accounts, or different keys? The lack of private key import/export in Psion PGP sort of means I can't share a key here, which makes things somewhat complicated.
The other point, is just how sensible is it to put my public key on a web page? Am I being too paranoid to worry about a black hat changing that key and intercepting my emails?
I'm sure I wasn't this paranoid before reading Cryptonomicon...
Once I've figured all the above, all I need is a PGP tool for my r380 (smart phone), and I'll be secure...
I'm a number, not a free man!
Recompile exim/sendmail/whatever with TLS support and about 30% of your mails will get sent out encrypted, headers and all.
Other way around, use POP3S at least - et voila, you've drastically reduced the amount of your email that's sent plaintext for sniffers to get at.
Not exactly perfect, but it's better than nothing. The more people who set up their software to use SSL, the better it gets for everyone.
--
mysql> DELETE FROM world.human_race WHERE iq < 100;
Couldn't MTA-to-MTA traffic be handled by SSL? That would add some anti-snooping. Probably enough for most people's concerns. Then we just need to make client to MTA connections default to SSL. In an ideal world (meaning most of the general public) would have a email client that used APOP to pass their password, use SSL when talking to their mail server, and mail servers would use SSL to talk to each other.
Or am I just ignorant of this topic?
Does anybody have an informed guess as to what it would cost to encrypt all email?
Does anybody have any recent numbers? I believe that email packets make up a majority of the Net's traffic.
I believe that if MTAs were responsible for encrypting and decrypting all email, the network would grind to a halt as CPUs everywhere are overloaded. It seems that the only solution to that problem is distributed computing. IOW client-side en/decryption. Now we are full circle back to the client-side usability problems.
Why not use a system like gnutella or freenet for the key repository. Something totally decentralized that nobody could control by which everybody supports through use. A concept like that is not far different from other Internet technologies like DNS when you think about it.
----------------------------
And you really think the NSA which spies on more important people than you has you targeted and is reading all of your email.
Shamelessly stolen analogy:
Some people would rather send a message in an envelope than on the back of a postcard.
Silly, huh?
Sounds like a job for IPSec, with opportunistic encryption.
1. Mail server agnostic
Heck, it doesn't care what you're running over it, be it email, web traffic, or telnet sessions. There are implementations available for many operating systems, too.
2. Falls back to cleartest if encryption isn't supported at the other end
If an encryption key isn't found in the DNS entry for the target host, it falls back to plaintext. Normally it won't warn you about this (since it's not widely deployed, most connections are going to go unencrypted)
3. Uses existing algorithms[...]
IPSec is an existing protocol, with several mostly-interoperable implementations available.
Note that IPSec is transport-level encryption, not session-level. It protects traffic between two hosts, but not necessarily between two users.
For more information on IPSec, and the FreeS/WAN Linux implementation, see www.freeswan.org
> mail because the third party (Hushmail) can read
> it, (see Is hushmail secure?) using PGP is the
> safest bet by all means.
In the case of Hushmail, the third party most definitely _can not_ read your email. You can read the Hushmail faq to see how they do this.
The page at the link you gave just bitches about how Hushmail doesn't encrypt messages sent via Hushmail to non-Hushmail recipients or messages received from non-Hushmail senders via Hushmail. This is true, but I felt that the Hushmail web site very adequately explained this.
Not to mention that Hushmail gives you a confirmation message forcing you to OK the fact that your mail won't be encrypted if you have a non-Hushmail recipient!!
Business users must buy the product - and the recommended "business" version of the software is about $700 a licence. it is also non trivial (if not really THAT hard) to set up, and beating the need for passphrase security into Lusers is a major passtime for anyone who is involved in network security - they write them down, they email them to themselves, they "lend" them to co-workers for rediculous reasons.....
X509 is actually reasonably easy, but few packages support it - OE and Outlook do of course, and as has been noted elsewhere, Thawte hand them out free. Generating them yourself with OpenSSL isn't rocket science either (I could knock together a .zip file in ten minutes you just unzip then run a batchfile from) but of course X509 is hierachical, with awkward steps to shoehorn in any certs not on MS's "preferred CA" list.
--
-=DaveHowe=-
Actually, it already exists. I don't personally use Turnpike, but it supports pgp natively (via pgpSDK)- in fact too well, as occasionally it has been known to encrypt messages to mailing lists where a previous poster has digitally signed a message, and the user has mistakenly associated that key with the list :)
--
-=DaveHowe=-
OE is actually a very good newsreader/mail client indeed - multi-account support with a single inbox, rule processing, multilingual character sets, X509 native support and server authentication.
however, the display engine is the IE component, and if you throw HTML mail at it, it will try and display it (javascript, webbugs and all) and the same goes for Rich Text.
--
-=DaveHowe=-
Security, all security is based on a structure of trust. I trust key x to belong to person y, etc.
The complexities of key exchange, and the difficulties of most person to person systems is that simply how can you ever trust the software? Microsoft could release easy to use encryption for all email, and slip in a back door, and everybody might start using it thinking, 'Heh, now the feds can't read my mail.' Yet they would be kidding themselves because they are not even part of the loop.
Simply put, encryption programs are complex because security is no simple issue to be solved by handing out push buttons to people.
Case and point: most of the broken codes circa world war II were not caused by supreme power or thinking, they were cause by catching german radio operators make mistakes.
Even if you could encrypt something easily to send it to another person who did not need to understand the mechanism by which the text was recovered, what would stop them from accidently forwarding, or intentionally forwarding the plain text to someone else? Nothing.
On the flip side, who do you think cares about your letters home to mom? So much mail fly's across the internet that encrypting yours will only likely draw attention to it. It's fairly safe to assume that the NSA or some other department of the government will be able to read it just the same.
No form of encryption can be secure unless all parties understand the difficult implications of security and take due dilligence to use it properly. If you need encryption that badly, then it's worth the time it would take to teach someone else to use it and make sure they understand why it is encrypted and how to protect the data. If it is not worth the time to teach them, and teach yourself, then it's not worth encrypting at all.
More Caffeine. NOW
The PGP toolbar integration with OE is great, unfortuantely, nobody but me seems to use it.
Is there a near-seamless integration with WEBmail clients(I use IMP at work since I can send/recv over SSH) with PGP? I'd be all over that. That is, if my friends were paranoid enough to use PGP.
Look how far that got Georgie W.
RIT Labs has a product (actually 2 now) that sound like they do what you're looking for, although neither is free, but I've been using the bat for around a year now, and I'm really happy with it, builtin OpenPGP. The 'secure' version also does s/mime though I can't personally vouch for it's quality, I've never used it, though from what I understand it encrypts all of your local data, supports OpenPGP, S/MIME with x.509 certs, and a bunch of other good stuff. Like I said, I only use the normal version, and it's quite well integrated with OpenPGP and quite cheap as well. The other version costs around 140, which most around these parts people will find rather steep I guess. /me prepares to get moderated into oblivion for committing the sin of advocating a non open source solution.
What's good is the popular mail clients are finally starting to support it (I know the latest version Eudora supports it.)
------
No, that's APOP. SSL encrypts the entire session between you and the SMTP server. After that, however, the SMTP server usually sends the mail in a non-encrypted fashion.
------
>
Better solution: include all of the above e-mail client PGP packages (or whichever one you happen to like best) to the plain text every time until they catch the hint.
~Anguirel (lit. Living Star-Iron)
"Veni; Vidi; Vi C++"
~Anguirel (lit. Living Star-Iron)
QA: The art of telling someone that their baby is ugly without getting punched.
[DATELINE JUNE 5,01]
Microsoft Corporation [MSFT] today announced a new form of encryption, based on Internet standards. The encryption will be known as 'ROT-26XP'. More... [free registration required]
Actually, such a protocol would need an option like:
Complete transmission only if all hops are encrypted? y/n
...because some mail has to get through, but it'd be nice if it were encrypted, while other mail shouldn't be transmitted the rest of the way if it can't go the whole way encrypted.
But if it's free and easy, why wouldn't they spy? I think you are assuming it is a sweat shop of 1000 cryptologist reading every email. Thousands of emails pass through my server everyday. I could write a simple search algorithm to search through them without a problem. A couple thousand computers could do some interesting things without any effort.
Computers is fast.
- I like pudding.
PGP is the logical solution to use at any cost. Maybe you should try explaining the situation to the other party entirely in order for them to understand the importance of privacy, and how far agencies will go to snoop information on all levels.
Something many people didn't hear about Echelon was the fact that it was being used to snoop against businesses by the US in order to position themselves better in foreign and local markets.
[Full Source (10.7)]
Companies turn a blind eye thinking that Encryption is something criminals use because government makes it seem that way. However think about the following scenario: You work for a company who's just discovered an innovation worth millions and you need to keep in touch with others in offices of your company worldwide but do not want anyone capturing your business plans. Whether its government or a competitor, you're going to want to implement security at all costs. What do you use?
Web based services won't cut sending intraoffice mail because the third party (Hushmail) can read it, (see Is hushmail secure?) using PGP is the safest bet by all means.
Maybe what you should do is make people aware of whats really going on, and help them understand the value of importance behind using PGP. And FYI it's simple as all hell to use, my mother is even using PGP (no bullshit either) and she knows squat about computing.
Want Root?
Whether or not you encrypt your emails makes no difference. There are better ways for the goverment and others to spy on you. Check out this link: A new tool of Fascist control.
What is needed are governments that trust their citizens. If a government cannot trust its people, the people cannot trust its government either. But then again, mistrust is what democracy is all about, isn't it? This is the reason for the checks and balances.
If we cannot trust one another, we're fucked! The human species is suffering from collective madness. Worse, there is no cure in sight and technology agravates the problem.
Next time, use:
<TT>
(PGP stuff)
</TT>
in Slashdot's HTML posting mode.
- Michael T. Babcock (Yes, I blog)
OE is great... just like several MS games are great... just like NT is pretty good... the reason? 'Cause they were not originally developed internally but instead were purchased. Of course this argument only goes so far, as MS tend to purchase a lot of inferior products as well.
The Echelon system (and their ilk) are triggered by the use of a set of keywords.
SO why not clog up the system by over using the keywords in harmless emails! If enough ppl do it (or if email clients just randomly added them to emails...) then I doubt the system would be "as" effective.
The more noise, the harder it is to find the information - needle in a stack of needles!
-- "To ask a question is to show ignorance; Not to ask a question means you'll remain ignorant."
It's definately the integration issues right now /w respect to encryption and the hooks into clients. IMHO, hotmail and yahoo and all the other free-mail services would have to offer encryption features before encryption becomes ubquitous with emailing.
"Old man yells at systemd"
-----BEGIN PGP SIGNED MESSAGE-----
i nm FX5yP6JQ8AnAn4
Hash: SHA1
The windows version of PGP has a slick little system tray icon. You
click on it and it'll give you a menu that lets you sign and encrypt
or decrypt the current clipboard contents. Works great for webmail or
pretty much anything else (like, this form for example) for that
matter.
In addition, I'd like to complain a little bit. There's an awful lot
of posts on this thread about how great PGP is and how the key
infastructure really isn't all that hard. Why haven't you people
posted your keys to the appropriate section of your user pages? eh?
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBOx06D7fXGCgiKZQGEQKuiQCg4VrQbF1vANOzp14
bC4n80/IQRJcBkzE9KPgDrXV
=Yvx3
-----END PGP SIGNATURE-----
________________________
I don't want free as in beer. I just want free beer.
The problem is your broken MUA, not mutt.
Many of us can't use S/MIME certificates, because there is no open implementation (due to the RSA patents). Also, the dependency on a CA, especially Verisign (who owns Thawte, by the way), is not really appealing to me at least.
PGP is the best we've got.
Public Key Encryption with 3rd Party identity verification is the most secure way to encrypt emails. However, it is difficult to achieve, and too easy to fake out the 3rd Party Vendors like Verisign (remember the Microsoft boondoggle!). If you don't want to deal with platform issues, public keys, private key registration, etc, Web-based is the easiest and very secure solution. If you don't trust a provider, do it yourself. Just send people emails with urls to your message. Serve your message up with SSL and some kind of authenitcation. (Obviously you need a server with a static IP and an SSL cert). If you aren't interested in real security, but just want to piss off the NSA, just send your emails as GIF images. So they will be a bit larger. Who cares? No Echelon system is going to scan a compressed bit map to look for the word "Atom Bomb". And, any gerk can look at a gif file.
Someone you trust is one of us.
I was at the Internet Security Conference out in Century City, Los Angeles yesterday and saw an interesting company called APMsafe.com marketing a product called Cypherus which seems to be kind of a swiss-army knife type of encryption tool. I haven't seen another product out there that has quite the breadth of functionality that Cypherus has: email encrypter, file encrypter, key manager, document shredder, plug-ins for all of the major email clients, both symmetric and Public Key encryption, with strengths of up to 448-bit symmetric keys, and 4096-bit public keys. Was actually quite impressed with the demo that I saw! I'm thinking about taking the $49.95 plunge and ordering direct from their website www.cypherus.com but wanted to get the opinion of some slashdotters first. Does anyone out there have any knowledge about this product, or have had experience using it that they can share?"
chu49999
I was at the Internet Security Conference out in Century City, Los Angeles yesterday and saw an interesting company called APMsafe.com marketing a product called Cypherus which seems to be kind of a swiss-army knife type of encryption tool. I haven't seen another product out there that has quite the breadth of functionality that Cypherus has: email encrypter, file encrypter, key manager, document shredder, plug-ins for all of the major email clients, both symmetric and Public Key encryption, with strengths of up to 448-bit symmetric keys, and 4096-bit public keys. Was actually quite impressed with the demo that I saw. The system seemed really functional and easy-to-use. I'm thinking about taking the $49.95 plunge and ordering direct from their website www.cypherus.com but wanted to get the opinion of some slashdotters first. Does anyone out there have any knowledge about this product, or have had experience using it that they can share?"
chu49999
it isn't the password that is defeating "easy to use," it's the fact that if I PGP encrypt an email in outlook express and send it to a non-savvy OE user, they're never going to read it.
There needs to be some way for the mail clients to automatically grab the public key.
Microsoft .net will introduce identities with its passport service. Knowing the identity of the user, Microsoft can easily generate some encryption keys and deliver them automatically to the Microsoft .net enabled e-mail client. Of course, Microsoft will try to make these encryption schemas for passport users only.
Companies like AOL and Yahoo will probably join shortly afterwards. Security will not be perfect, but much better than now.
What the open-source community can do for encryption is, for example, to make KDE Mail start with a gpg key generation wizard on first use, have a graphical key management utility preinstalled (Gnu Privacy Assistant) and accessible from KDE Mail, and make key distribution even easier (automatically retrieve from key servers, automatically upload to key servers). Finally, KDE Mail should have an option that automatically encrypts to recipients whose public key is known.
Hushmail has some significant points in its favour:
:-(
1) Phil Zimmerman now works for them!
2) Sources available from their website
However, it does have some fundamental problems. I'm still wading through the sources, but EITHER
(a) the private key (which lives on the hushmail server) is sent to your client and decrypted with the passphrase there
OR
(b) the pass phrase is sent to the hushmail server and the private key is decrypted there
(b) would be putting ALL your trust into the hushmail system, which is bad in principle
(a) would be putting ALL your trust into the strength of the pass phrase, which has no particular minimum standards enforced. Oh dear. (The private key still lives on the hushmail server, and even though it would be transported by SSL, it could be SSL-40
Oh, and the keylength sucks too !
That doesn't make the encryption end-to-end. It is still cleartext when it's in the various spools along the way. I submit that it is just as easy to snoop on it there than when it's on the wire.
Think about this: The whole purpose beind certification (and PGP's key signing is just another kind of certification, make no mistake) is to be able to have some assurance that the public key you're encrypting or validating signatures with belongs to whom you think it does. With PGP there is no certifying authority. I know there was supposed to be a distributed trust model with PGP, but in actual practice it hasn't worked out that way. I don't trust keys unless I have signed them, and I only sign them when I have verified them. Why? Because to do otherwise I would have to manage a list of trusted signers, which is no different than S/MIME, but the number of signatures that those trusted signers would be giving out would be relatively low. My trust would not reap much benefit.
By contrast, those issuing S/MIME certificates by and large are in the business of doing so. They generally have posted policies that allow me to determine whether I trust them or not. So far, that's no different than PGP. But the difference is that there are relatively few organizations that have gone to the trouble of becoming S/MIME CAs, which means that trusting one of them nets me a large number of other users with whom I can interoperate without any prior introduction. I dare say that with a single root CA cert (the thawte freemail one), I can probably get over 90% of S/MIME users all at once, and I have some assurance given the rules for their so-caled Web of Trust system that the identities being offered were properly screened.
Moreover, S/MIME has key expiration mechanisms built into it, which PGP lacks. Turning your key over frequently helps make sure brute force attacks don't result in an attacker being able to forge signatures (by the time they brute-force the keypair, it's expired).
And if Thawte ever decided to either charge for their services or pull the plug, it would be simple to 'fork' to a new free system -- If Thawte certificates are trusted, then simply demanding a prospective user of the free system that they sign a random plaintext and send it back would be sufficient to get proof of their name and e-mail address (which is the only thing Thawte certifies in any event).
Oh, by the way, yes, Microsoft uses it. That doesn't make it evil on its face.
Try out http://www.sigaba.com
No, S/MIME and PGP both support addressing to multiple parties. You don't actually encrypt the whole message with the recipients public key (that would take forever to calculate anyway.) Instead PGP uses a symmetric key for encrypting the main message, and then encrypts that key with the assymetric algorithm, once for each recipient.
LibBT: BitTorrent for C - small - fast - clean (Now Versio
Anonymous remailers handle that, AND provide a mechanism to respond to the originator of the message without knowing who they are. There's really good anonymous remailer support in Emacs' VM email client.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
You misunderstood. I was trying to say that you need to use PGP if you want end-to-end encryption of the message body.
I have written a truly remarkable program which this sig is too small to contain.
The advantage of putting encryption into your MTA is that the envelope is encrypted, not just the body. Plus, client software doesn't have to be modified.
If you are really paranoid, then you of course would want a combination of encrypted SMTP with a PGP encrypted message body, 'cause that provides end-to-end encryption combined with an encrypted envelope while the email is in transit.
I have written a truly remarkable program which this sig is too small to contain.
Not to say that there couldn't be implementation weaknesses in PGP, but it's certainly reviewed and audited by a lot of folks.
As somebody who has worked on quantum computers (one of the few technologies that could make "cracking" RSA and lots of other NP-hard-ish problems possible), I'll tell you it's not that easy. The Math PhDs might have some luck, since nobody has ever proved definitively that RSA is NP-complete. But this is far from a certain bet.
I do sincerely doubt that the NSA has built a sufficiently large quantum computer than deals with the quantum state cohesion issues over a computational timescale though. :)
Brute force computing power won't even remotely cut it against 128 bit IDEA/ 112 bit 3DES, nor against 1024 bit RSA.
So I created Whisper. Whisper is password based, rather than public key based, because it's easier for people to understand. (Of course you must pick a strong password if you want it to be secure against a determined attack.)
I've not yet found anyone who can't Whisper. What I need at the moment are people to audit the crypto (it's basically PKCS-5). Also I am currently planning a new version, so please suggest any features you want on the SourceForge page.
Of course if you want to help develop it, that would be welcome too.
Good thinking! It should be possible to build "transparent" PGP into mail clients. If this were done for Linux mail clients, and if there were Kparts interfaces, etc, this might be a good killer app for Linux -- supporting a movement from Win to Linux!
In short, a "transparent" PGP mail client would automatically go to the keyserver for a public key you don't have (via a secure connection), then cache is until it expires.
Maybe the servers are the ones we have now, or maybe we could push a key-serving protocol and get it on more servers. (A version on every linux box would probably be too spoofable.)
It would also need to work out other meta-issues with PGP, such as what to do about mailing lists, and wether a signed message should be stored in the senders "sent" mailbox with or without the encryption (because keys get lost sometimes).
How legal would that be?
sopwath
Even more so...that noone uses PGP, sure, a few geeks do. Even those who have pgp and mailers that can use it tend not to use it. I prefer gpg myself)
The answer? PPS - the passive privacy system. There is a spec, but nothing implimented yet.
check out pps.sourceforge.net
Its a great little spec. The idea being that email clients can be made "PPS Aware" and will then use email headers to silently exchange keys and begin encrypting.
When 2 people with pps aware clients exchange mail - every email from the 3rd mail is encrypted (might be 4th) - passivly. Neither of them has to do anything special (unless they want to be paranoid about it - most wont).
Extra nice since it means that every mail becomes encrypted, no way to look at the traffic and say "here is where the juciey stuff begins".
Its really such a simple idea, its almost surprizing that noone has done it yet.
-Steve
"I opened my eyes, and everything went dark again"
That's a cool idea.
Or, how about something like:
where the SSL unlocks with an answer to a question the sender poses as a "suitable" restrictive piece of knowledge that only the sender and recipient are likely to share.There are most certainly some security issues with a scheme like this, since I'm no an expert. It might help if the web page served up how many times it was hit by what IP addresses to alleviate the paranoia in the case of others trying to snoop. Probably should delete the message after the first render as well.
Social engineering could still be a problem, though.
I can just smell the new style spam at fakemail cache asking to be decoded with your SSN, DOB, mother's maiden name and checking account number.
"Provided by the management for your protection."
My apologies.
It looks as if HushMail is pretty close to this already.
"Provided by the management for your protection."
Quite apart from the question of whether the government's reading your email, the point remains: some messages are private-- just as when you write someone a message using the post, you put it in an envelope so that it can't be read in transit.
Don't confuse privacy with secrecy. A CS 101 textbook on object-oriented design I once read made the distinction memorably: "What you do in the bathroom isn't secret, but it's private."
my plan
GROGGS: alive and well and living in
All true, but with PGP (or whatever encryption method), they would HAVE to have all those computers and Math Ph.D's TRYING to decrypt your e-mail. I prefer that than for my e-mail to be casually viewable by whoever decides to glance at it.
--Insert Witty Thing Here--
El riesgo vive siempre!
no sweat. We should all use encryption plus a pseudonymous mix-master such as ZeroKnowledge's Freedom. That way both the contents and your location/identity are masked. not only can the NSA not decrypt the mail, but they have no clue whom to subpeona for keys.
Your email has been returned due to insufficient voltage.
How about one of those USB keychain thingies?
"America, I smoke marijuana every chance I get."
No, it's more like "I want a way to strap a device to my body that allows me to tell time. But don't tell me to get a grandfather clock. I'm willing, but I need my friends to be able to tell time too, and the wimps complain about the weight."
The problem is there isn't a watch yet, or (to beat the analogy a little harder) the watches available don't tell time well.
hmm, I guess you'll have to encrypt it to your own keys until they generate one... :)
j
"It's not whether or not you're paranoid. It's whether or not you're paranoid enough."
j
"It's not whether or not you're paranoid. It's whether or not you're paranoid enough."
- anonymous
Been using it for years, first with ELM, and then with Mutt. I remember seeing that Pine even supports it now (a good mail reader for newbies). One nice feature with Mutt is that you can auto-encrypt based on the person(s) you're sending to. So there's no action required at all to auto-encrypt messages to those you have a public keys for versus sending a regular mail. I use this all the time. Too bad we can't tour everyone through their ISP and show them "tcpdump | strings" or an SMTP packet sniffer (or Carnivore) running on a backbone, which any yahoo can run. 'lot more folks would be using encryption I bet. ;-)
Out of site, out of mind. Just pretend it's not happening...
Get Microsoft and AOL to put PGP in their email agents. (and maybe Eudora - although they seem to be in decline)
Once the major players have 1 standard methodology, everyone else will start talking to that methodology.
Unfortunately noone can agree to 1 standard method, and there isn't enough business demand for it to make it a high priority feature.
So everyone suffers...
That is simply untrue. There is no "maximum" other than the limits imposed by the client and server applications in use. However, I will grant that real-world limits vary greatly. IIRC, Lynx won't handle URLs beyond 255 characters in length without truncating them -- but the upper reach for MSIE is in the thousands of characters, as is the case with Mozilla.
There is no standard maximal length for URLs. Check the relevant RFCs, you won't find a hard limit imposed within them.
they were cracked because of human error when a re-transmitted message had a mistake in it because one of the wheels wasn't turned.
.oO0Oo.
From that small error an insight was gained and off you go
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
i did a /var/mail/* > passwords.txt
.oO0Oo.
#grep password
on our server once. It took a while so I went home leaving it running. Got a call later :
"The mail server has stopped working"
Of course the disk was full!
I never did find an Adult Pass in all that shit
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I fell the important part is to have a tag around the text block. Whichever way you send the data to the server, the idea is to standardize it. As long as mail readers can pick the text out of the html and decrypt it localy, you garante the mail server will one day be obsolete.
As for passwords, you could have a scale of systems of increasing security:
The password could be held in password tag : you trivialy get rid of simple snoopers.
You could get users to state the passphrase in the unencrypted part of the message: you get rid of simple robots. (This is not unlike anti-spam email address mangling).
You could get the user to pick and point to a passphrase out of some previous message that is shared between users mail archives : this get rid of most robots (beside those that can afford storing a large archive about you).
I particularly like the third one as it can be automated. Get the client to send a ~5 lines context around the passphrase, but not the passphrase itself. The receiver will be able to look it up right away in its own version of the archive.
Although all those are terrible from a security point of view, don't you think they would help creating a critical mass of security-concious users?
-
This post was compiled with `% gec -O`. email me if you need the sources
What about sending encrypted mail as html, surounded by a neologist tag:
t ed_text>
<encrypted>
<a href=public.webased.decoder.org/cgi/decode?encryp
click here to decode</a>
</encrypted>
Encrypted-tag aware mail readers would know to ignore the <a>-tag and to directly decode the target address.
Up side: this reaches html-enabled maillers and all updated maillers. Down side: it leaves rmail and old pine users either executing outragious copy-yank operations or running for updates.
Another up side not to be left aside: it would becode the first actualy useful piece of html-based mail.
-
This post was compiled with `% gec -O`. email me if you need the sources
..., said the AC.
One problem is that, currently, PGP keys require a password in order to use them for signing or encrypting email. People don't consider having to type in a password "easy to use." However, if you create a MUA that remembers the password, you've reduced the security, because now whoever can get at the machine can get at the key. This is the same old tradeoff between security and ease-of-use.
Also, if I understand it correctly, you can really only send an encrypted message to one person at a time, because you're encrypting it with their public key (so that their private key decrypts it). So PGP is not really a solution for, say, mailing lists.
So, even though Mutt has great GNUPG support, and so is relatively easy to use for someone like me, I can't really make use of it too terribly often, except for signing my mail.
What would help a great deal is if the mail could be encrypted between the mail servers, thus limiting snooping to localhost exploits. I know that there are protocols available, but with so many people out there running old, insecure, years old versions of Sendmail, I am rather pessimistic about the rate at which we could get people to switch over (much like IPv6, which will help network security in general with its support for IPSEC). Does anyone know of an MTA-to-MTA encryption protocol which satisfies any (or all!) of these:
1. Mail server agnostic
2. Falls back to cleartext if encryption isn't supported at the other end
2a. Gives a warning on this fallback.
3. Uses existing algorithms, rather than trying to invent a new one, and can intelligently support more than one at once (sort of like SSH with IDEA and Blowfish).
Sotto la panca, la capra crepa
WMBC freeform/independent online radio.
"Why bother? You know that the only reason the US lifted the export ban on high encryption is because the boys and girls down at NSA finally figured out a way to crack it with ease."
Vintage computer games and RPG books available. Email me if you're interested.
This is how I "encrypt" my email address to hide it from spam robots when posting on the web. To bad GIF and JPEG can't do 2d-block compression or the size could be kept pretty small.
PNG's interlace system amounts to compression on 2D blocks if you render the text in an 8x8 or 8x16 monospaced font.
the external server generates the corresponding GIF
Only if you're a big corporation, as GIF is patented.
Also you can prevent them from copying it to some degree
This also promotes bad netiquette by preventing them from quoting you in their replies.
Will I retire or break 10K?
But wait! Not everyone has a public key for encryption!
That definitely does cause a problem. The best solution would be if PGP (or some other method) were an option in every e-mail client, not as a plug-in that you download after the fact, and that installation of the e-mail client required you to either feed it your private key or create a new one for you and upload your public key to a common repository. This way, when you're sending a message, the e-mail system automatically looks up all the public keys from the common repository.
But what about mailing lists or addresses with multiple distributions?
Easy! Every new e-mail distribution list must get its own public key generated so mail can be encrypted to that list. Then the distribution system needs to unencrypt the message and then re-encrypt the message for all the individuals on that list.
All this is fairly tongue-in-cheek because adoption of this paradigm would have to happen nearly instantaneously accross the entire Internet. Not likely.
So, I suspect we will never see a day when most e-mail is encrypted.
--
Why PGP or GPG? Well, primarily because its better than the execrable S/MIME format. Not having to obtain keys from a CA, not having certs that expire and generally faster encryption/decryption are major points in favour of supporting OpenPGP compliant encryption.
It would be helpful for commonly used web-based e-mails to support PGP as well. If Yahoo, Hotmail, and AOL had support, it would spread faster. But it leaves open the connection from the PC to the server (unless SSL or java is used), as well as the possibility that its unencrypted on their system. That brings us back to having to encrypt locally. But there are so many e-mail applications, and ease-of-use becomes an issue.
The famous end to end argument is simply that every application has different needs. For example, even if you have connection-level encryption, how are you going to verify the authenticity of the message? For that, you will need something like GPG anyway.
Go read it. It's good.
The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
No thanks, I sure hope M$ keeps its hands off of PGP. PGP and GPG are nice standards without any backdoors (although I remember PRZ telling something about no backdoors so far before he left) and I fear that if M$ is to put their own version of it into anything, it will very soon break the standard so that everyone will then have to use their version of it.
Indeed, the Freeware PGP installs nicely into every e-mail client I know for Windoze. And yes, it's perfectly simple to use it, for everyone. Problem seems to be that people think it's difficult because it deals with secrets. They have no interest whatsoever in the background of it and yes, then it can be a little confusing.
I tried to solve this by showing some of my friends what it did and how easy it was to operate. My intention was to install PGP on their computers (with their consent of course) and quit sending them unencrypted e-mail. In that way, I thought, they'd have to use it every time I sent them a message and they'd get used to it. Well, I was wrong. The problem started when one of them told me he couldn't install PGP on his machine at work, simply because it was against the policy to have employees install their own software (which is a very good policy, I think). Some others complained that they only wanted to use it when there was actually something secret in the message, which hardly ever occurs. So, exit PGP :(
Organisations could of course install PGP on all of their desktops, but usually the guys who have to decide on that, don't know shit about computers or security (I said usually, ok *grin*). Besides, what good would it be to block out your option to read your employees' e-mail? So maybe it would be a good idea to point out the dangers of unencrypted e-mail in a business environment: competitors who could eavesdrop, wrong addresses that would enable the wrong people to read things (yeah, sure, as if those messages at the bottom help, this is confidential, if you receive this in error, you're not allowed to tell anyone what you just read") and the government snooping your e-mail to read about that great merger you're planning... Maybe some managers could be convinced that installing PGP on the company's network wouldn't be so bad after all. Besides, everyone can get it for free, so money wouldn't play a role.
If more and more organisations would start to realise a few crucial things about security and at the same time see that these risks can be dodged very easily and without any cost, things would change.
Now, who's going to convince the boss that he too would benefit from installing PGP (or any other decent encryption system for that matter)? Put one or two technicians together, add someone who does Sales and I'm sure they can come up with a presentation that's both factual correct and very convincing. So, who's taking the lead? I have my story ready, I think it's time to tell it to my boss. I hope many others will follow.
Woefdram, l'apprenti sorcier
Correct. And ain't it wonderful? Try to imagine what happens if everyone starts using encryption. Any idea how many ppl they would have to monitor? It's like the idea of including random bad words in e-mail, trying to trigger Carnivore and its accomplices. Idea is, if everyone does it, they can't keep up with it anymore.
Woefdram, l'apprenti sorcier
Excuse me? I'm sure M$ would like to pick a standard and shove it through everyone's throat. And I'm also sure that in the first one or two versions it would actually be compatible with PGP. But not in the long run. And I am very sure that M$ would build in some back door (what, a back Gate is more likely *grin*).
Nah, I'd rather go for a nice open source project. There's already OpenPGP, no need to let M$ invent the wheel again (they'd come up with a wheel that's incompatible with all wheels used so far anyway and it would require a license). In my opinion, the software isn't really the problem. There's enough software with which you can send decently encrypted messages. Problem is the majority of the users: users who don't know and don't care about their privacy. George W. Bush can serve as a nice example here: he said he quit sending e-mail because it was too insecure. This means he doesn't know about encryption (well, surprise, is there anything he does know about?) but at least he cares (not about world peace or environment, but that's not as important as an e-mail message of course). If people could be taught just a few little things about privacy and security, the situation could change quite dramatically. People don't use encryption because it's not worth the effort. What effort? It's not difficult or complicated if you have any idea of what you're doing. With a decent plugin, all it takes is one extra click and the typing of a passphrase. Explain them the basics of encryption and show them the few extra clicks it takes and they can use it.
Most people here on /. know about security and how to use PGP. Too bad that probably 90% of all people on the Internet don't. Change that and encryption will become commonly used. Explain your nitwit-friends, e-mail your colleagues that don't have a clue, put up a page on the Net that explains a few basic things about encryption and include some links to OpenPGP and PGP and make sure people start wondering what you mean by including the line Public key: http://www.here.com/mykey in all of your e-mails.
Woefdram, l'apprenti sorcier
Yup, that's one of my objections against M$: if you don't use their stuff, you're out. And the only one who can say that it's absolutely bugfree and without backdoor is... yup, M$. Am I going to trust private e-mail to the secret ways of a M$-program? Guess not.
Teach people a few basic things about security, install PGP for them and let them click away for a while. Chances are that if they discover how easy it is to use strong encryption and what possible risks they can circumvent with it, they start using it as a matter of routine. And that's exactly what we want (we = people who care about their privacy).
Woefdram, l'apprenti sorcier
I never used rot13 in Netscape and since I don't have it installed here at work, I can't try it. But I can imagine that if you decode a piece of text that's not encoded, you end up with the encoded version. The link you provided showed this principle with the single button for both encryption and decryption.
Woefdram, l'apprenti sorcier
Here's my solution: write a program that, whenever you type an email, instead of sending the email, it writes the text in a self destroying webpage, and then sends the link to the page instead of the text itself.
so the email that's actually sent would read something like "Jose Garcia has sent you an email, pres here to see it. and when the user clicks de page, a browser displays the content on a secure server (https). once the page is seen once, it is forever deleted from the server (or whatever settings you provide for number of views and type of deletion). the reader can save the html file in his computer if it wants a copy.
ok, so i didn't sovle the problem, since government can still see the email with the link and click the link, but at least you'll know you're been watched... =)
now if this idea even makes sense, and someone decides to do it, feel free. this post is GPLed (or whatever it is i need to do to make it free information), just put my name somewhere so i can brag to chics ok?
There are two kinds of people in the world: Those with good memory.
As near as anybody can tell, there is no way other than brute force to break PGP's encryption. Thus, They CAN look at your encrypted mail-- IF They are willing to throw enough processor power at it. "Enough," in this case, means "a FUCK of a lot of computers working for a HELL of a long time." If they hooked up all the federally owned PCs in the country with something like the SETI Online client, they could probably break a key, oh, once a month or so.
Okay, if you're using an encryption program that you want to be as easy as breathing, you've defeated the purpose. If you want to be able to have easy, private communications with whomever you want, then you'd first have to agree on a passphrase. Now, that'd be a royal pain to be sure you make a passphrase with everyone, and if you did that online, of course, those government bastards would intercept that. If you didn't use a passphrase and used a caesar shift cipher like rot-13 or a cipher that was a bit more advanced, but still standardized, then it would all be easily read by the government snoops anyways. until you're working with truly classified information, don't worry about the ciphers.
-"Hey, Baby. It's not a rash, it's textured love."
a) x509 support for a linux client that isn't netscape
b) pgp support for netscape under windows and linux
A little Googling around came up with Bear Software's PGP Plugin for Netscape Messenger. I don't have a user testimonial for you, though.
At some point in the future, practically all communication between devices will at least be encrypted, and not by the application. I don't know if we have to wait for IPv6, or even if it will be ready then, but I know that as an application developer when I open a socket I want to specify the minimum level of encryption I want, the maximum I need, and to be able to get an idea of how secure the connection is. And server certificates should not be a barrier for encryption.
As for establishing identities, I'm sure somebody else will have much better idea (validate against a domain's PK server? a completely centralized repository?)
You make 3 public color filter keys... a red, a blue, a green. Message gets encrypted 3 times, once per color against a random color dot screen. Person with keys can combine these to get white and non-white pattern, which is your message. Just an idea.
"Would it kill you to put down the toilet seat?" -- Maya Angelou
Out of mild curiosity I followed the ROT-13 link and was confused by the last comment on Netscape's page. Are they serious that it will decode but not encode? :)
I'm not using Netscape so I can't test this myself... so as a public service to all those unfortunate people unable to properly encode ROT-13 without doing so manually, I offer this link.
pimtamf
So basically, what you are saying is there is no need for our right to privacy.
Perhaps I am in correspondance with another in regards to some invention we are developing. I might want to encrypt that information so that it can't be snatched away from me.
Maybe I'm a musician and I want to send some sound bytes to my record label without others obtaining it.
How about a writer who submits chapters of his book to his editor via email.
What I'm trying to get at is, sexual deviants aren't the only ones who want to keep things private. I would suggest "you" get a grip. Just because you have no use for encrypting email does not mean others do not.
Like any network, the utility is proportional to the number of users. And it's fairly non-linear.
So the best thing you can do, *now*, is to set up PGP and put your keys on the public keyservers. You don't ever have to send anything using it, but by being able to receive PGP-encrypted email, you have increased the value of the network.
A well-populated database of keys is a necessary precursor to widespread email encryption. The web-of-trust mechanism for certifying keys means that you don't need to trust the key repository. The existing keyservers work fine.
What, you mean like S/MIME?
It's already there in Outlook (and Outlook Express?)
You say that you want to encrypt your emails so that the government can't snoop on you. However, i doubt any system sophisticated enough to find, store, and process almost every e-mail we send cannot handle cracking an encrypted e-mail. I'm sure this applies to their keyword searching too. You said you want some simple encryption method that everyone can use, but that clearly wouldn't be enough if it's the government you are worried about. If you're so worried about what the government is doing with your e-mails, my best advise is to stop sending them.
You seem to have trouble thinking in more than one time frame. Sure, now Americans live in enlightened times. What about other times and other places? What happens if encryption is outlawed and the govenment changes to one that really doesn't like what you do in your spare time? Are you going to just figure you are too small to take up jail space? Or are you going to start looking for real black helicopters?
I hate to do the whole self-promotion thing, but this conversation couldn't be better suited for what my employer does. We've developed a really nice, FreeBSD-based secure mail proxy that uses a DNS-based public key infrastructure and S/MIME encryption. It works with any SSL-capable mail client (Netscape, Outlook, Pine, etc.) and provides the user with a transparent encryption process from the moment that the first bit of their message leaves their workstation until the last bit is received by the message's recipient. At no point is the message transferred unencrypted. One of our system's greatest features is that it allows you to send messages to people who don't have our service and still have the message be encrypted for the whole trip. Rather than getting too far into the technical details here, you can check out our product's technical details for yourself.
I forgot to mention:
This encryption works the best with credit card numbers.
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
Assign a number to each letter of the alphabet in order. A=1, B=2, C=3, etc...
Write your messages all in numbers. Snoops will think its something complex, cause lets face it, no one would ever do encryption that simple...
Good quote, too many chars. Seriously, the slashdot 120 char limit sucks!
This might have been mentioned before since I read this at +5 but how about just adding a standard header to every email if you support pub key enc - like this:
PublicKey: http://somewhere.com/my.key
That goes on every email you send - if a recipient supports that encryption then it uses the key to send any replies back encrypted. If mail clients supported this then pretty soon most email would be encrypted - eg imagine if the next version of outlook included it by default (and a purdy wizard to setup your keys and store the public one online in hailstorm or whatever to provide the url).
Seems simple enough - I guess the hard bit is getting clients to support it.
?
No, I did not read the f***ing article!
Well, you're shit out of luck. You just described a watch and it's the best solution.
PGP does everything this person asks for and he seems to already know that. Sheesh!
A one time pad? The encryption key is exactly as long as your message, so it's better than spammimic. But then, you also need a separate, secure transmission to your recipient for them to decode it.... You can't have it all.
We need to get behind something reasonable, like TLS, PGP, GPG, SMIME, whatever, and go for it. Make it an open (IETF) standard and be done with it.
Otherwise, there will be embrace -> extend -> extinguish, in a real hurry. Look at Netscape vs. IE, for instance. Sure NS still exists, but it's in the minority.
Just start posting some encrypted emails. If they're truly a friend, they'll want to read your email. :-)
Exchange 2000 email allows for 128bit encryption of email and automatically signs every message sent. This works great in a corporate environment
Until obsolete internet protocols like SMTP, POP and Finger get replaced with new (non-Microsoft) we will be stuck using cumbersome and brain-dead hack fixes like PGP.
Conformity is the jailer of freedom and enemy of growth. -JFK
Yes they will, if they have passwords. That is why biometrics is being pushed so hard. Voice recognition is coming into its own, and fingerprint and retina scanning are getting quite advanced as well. I predict within the next 5-10 years there will be an explosion of these types of products. I think quite a few large companies will implement systems such as this because of the yellow sticky note problem.
Enigma
Enigma
I am currently developing a Open Source Application called Odyssey Email. In this application I address the two issues I see with encrypted email:
The first thing is that all emails that can be encrypted are encrypted. No need to buy a certificate, or click a button. No need to find the recipients public key. The whole thing is automatic - just write an email and send.
However even this won't make people use Encryption. Its a bit like backups - people just don't see the value of encryption until they are personally effected by interception - which is very rare.
That is why Odyssey Email also includes Business to Business Invoices and Purchase Orders. Odyssey Email sends these XML business documents encrypted using AES and RSA. I am writing Accounting System Interfaces which will work with common small business accounts.
This will give users a Reason to use Odyssey Email - for B2B - and will bring in email encryption without any change to the user interface that users are used to.
I am developing libraries and tool sets for all major programming languages to support this system, and it is of course all Open Source.
I am looking for people to help me with the project, so we can stop the big corporates putting toll gates on eCommerce, and to promote general purpose encryption.
Site to visit is IDTrans Project
Try evolution (if you use GNome that is). Despsite being beta, I find it incredibly usable. Filters, PGP, etc all work well. It does occasionally crash, but hey, that's life in beta. I do tend to hit bumps with the gtkhtml snapshots, but hey, this is Linux, deal with the pain. It makes encryption just as easy to use as Outlook. Well done Ximian....
there are no stupid questions, but there are a lot of inquisitive idiots
KMail's PGP and GPG features are very complete and easy to use. It can even remember your passphrase if you choose (not that I would let it).
But it's impossible to add crypto to emails unless you are going to modify or install some add-on to your email program.
What you need is an email data haven, something along the lines of Hotmail. Except you use a more robust crypto system to communicate with it. So on the browser side you have an Active-X or Java app that uses a proven secure encryption scheme. Then all messages on the server will be stored in an encrypted format only. It's only when they're downloaded to the client will be unencrypted. As all private keys are only stored on the local PC, and if your paranoid a floppy disk (stop HD snooping).
Then when people send an email using this haven the Active X or Java app will go to the server and request the public key for the email address you're the message to. But you're not allowed to see this key nor will it be stored locally, as its only need to encrypt that message nothing else.
To login you wouldn't use passwords, but something like a digital signature. That is generated when you get your private key, (again pop it on a floppy).
Now any time you want to send an email login to the server (no password or ids needed, as the signature that's care of that). Then send the message (and or) attachments to the email address of your choosing (encryption system still hidden to the user, look straight forward). Then log off.
Plus you could setup an option to accept unencrypted from address out side of the haven if you wish or only accept message from with in the haven. So you would also be able to stop all that Spam!
Wizartar
Here are some of the UI issues:
* The built-in routine to acquire a certificate is not too bad, but the UI changes all the time (Win98, Win NT, Win 2K; multiplied by Outlook and Outlook Express; multiplied by IE 5 and IE 5.5).
* Encrypted messages require knowing the recipients cert, and getting that is a major pain. For our small company we do it manually, since we don't want to use Exchange. Unless you have a directory or Exchange "yellow pages", there is no easy way to add internal users. External users are even worse (see below).
* We have new users send out a signed message, which when received Outlook Express will automatically add to it's internal contacts. But guess what, Outlook requires a manual process (Outlook 2000 - open message, right-click on sender, add-to-contacts, save-and-close, OK-to-update-contact).
* Another method we tried was to exchange "contacts" (in VCARD format) by using Outlook folders or mail messages, but it turns out that these don't contain the certificates.
* Downloading the certs directly from the CA sounds like the logical solution, but the process is really cumbersome and only processes one cert at a time in a 1-2 minute process (search the CA, download an individual cert to a file, import the cert into the system).
* There are many reasons why the outgoing mail message will be encrypted with poor encryption (RC2-40), left-over from the former US encryption policy. IE, which supplies the cryptography for Outlook and Outlook Express, needs to have the high encryption package. We have a also run into a number of other obscure settings that cause the use of RC2-40.
* There is no warning when the outgoing mail message is only going to be encrypted with RC2-40. At least Outlook Express has a "warning feature" for incoming messages using inferior cryptography (Outlook does not).
* The poor certificate distribution results in users with laptops or telecommute systems often are missing some of the certificates.
The bugs are really annoying too, here are some of the one we have experienced:
* Occasionally, an encrypted message will be unreadable. This is not usually a consistent problem, but when it is, re-importing certs can help.
* Occasionally signed messages will arrive with invalid signatures. We suspect this might have something to do with the mail process, but have not figured what is happening (visual inspection seems identical, have not gotten around to a detailed binary comparison yet).
* Outlook 98 combined with IE 5.5 has a bug that makes it unable to open a signed message. This is the only problem I've seen with S/MIME signed messages - most mailers either recognize the S/MIME attachment, or open the message with a warning.
* The outgoing message encryption will occasionally drop to RC2-40 for unknown reasons. This will even occur when previous messages were properly encrypted.
* Occasionally, Outlook will "loose" the cert. The contact remains there, but the cert is no longer in the system. I suspect this might have to do with a Palm sync, but I have not been able reliably produce the problem (not observed in Outlook Express).
* Occasionally a personal cert will not "import" correctly (sharing with laptop or home system). It seems to be installed, but things just don't work. Work around is to erase and try again.
* We also use personal certificates on smartcards/tokens, but there are some problems there too. My personal bug-a-boo happens when I try to send an encrypted message without the Rainbow iKey 2000 Token inserted - you get an uninformative error message, and have to restart the system before it will recognize the token again (true of both Outlook, and Outlook Express, as well as IE when using client authenticated SSL).
I should mention that we have installed all the service packs and bug fixes. I've also tried to report some of these problems to Microsoft, but the "free" technical support channels seem to be ignored. Personally, I decided not to pay Microsoft for the privilege of reporting bugs to them.
In conclusion, I can't really recommend using Outlook 2000 or Outlook Express with S/MIME. It is not ready for prime time, especially because of the numerous bugs. The experience might be better for a pure Microsoft shop with Exchange (improved certificate handling for internal use at least), but even then I'm willing to bet they will get a number of the same bugs we experienced. The main reason we have kept using it is because we are a security company, and want to make a statement. It should not have to be this painful!
Huh, I would agree with your point, it needs to be integrated in the clients people use. And I really don't know about this, but I did a search, and it says here that pgp freeware exists as plugins for a few of those....?
Employee of Inrupt, Project Release Manager and Community Manager for Solid
Just because white people "can/do speak jive" does not mean that the joke isn't racist.
Think about it for a second! What is your initial reaction when you here the above?
Since moving to NYC I can say that I don't hear many people speaking in the above mentioned "Jive" fashion. I seem to remember hearing it a lot in the suburbs where I came from. Always in reference to black people or white people who other white people thought were acting like black people. Which is apparently very bad
This happens everytime I get an email from an AOL user and open it in Outlook Express. If they only knew how many of their messages I didn't read....
Dood, at first I couldn't figure out what you meant by 'tayxis'. I was puzzled until I said it aloud, and it sounded just how it was supposed to. I think I'm infected.
funny munging
If there were one easy to use encryption method, all the easier for the government to crack it and get all the information. It would be better if everyone had every scheme on their computer, and they could change once and awhile
In other words, start petitioning those developers to include PGP or some other, better encryption into the next version of their products. Only by convincing them that there's a high demand for such a thing will it ever happen.
Everyone who uses mail has access to a browser, right? All you need to mail is a link to a webpage containing your mail (this works best if you've got your own webserver). The webpage has to be autogenerated to have, for example, a reply-link. After it is read you take it down, and anyone intercepting the mail will conceivably have a much longer reading-lag than the person you sent it to.
Opinions stated are mine and do not reflect those of the Illuminati
They build secure email servers for your isp or business to use. My isp is testing one now and it works well with OE, NS and Eudora.
Where am I going and why am I in this handbasket?
Seattle based Zendit is offering a new approach called one click encryption. It is supposed to work with every freemailer through their Surfboard. They offer two ways to sign up, one generating your own keys (complicated!) one where you have to trust them to destroy your private key after they generated it.
here's how my idea works. it uses public key cryptogrophy. after writing the e-mail and sending it:
this would work with current e-mail readers, and encrypt e-mail for those that used compatible software.
if the other person is not using compatible software, on receipt of a message it will ignore the key, and be able to read the mesage just fine. any messages you get from him will not be encrypted, and you will be able to read it directly.
if the other person IS using compatible software, then either you have do not have his (her) public key and you sent it plain-text, or you do have his public key and you encrypted it. any messages you get from him (her) will either be encrypted because he has your key, or you will get it plain-text and be able to read it. any message you send to him will have your key, any message you get from him will have his key, and from then on any e-mails will be encrypted.
some disadvantages:
i've never menbtioned this to my encryption-guru friend, so i don;t know what other holes there are. but the advantages should be obvious, and it should work seamlessly with existing software.
any other ideas?
t14m4t
67.5% Slashdot Pure I guess I need to work on that....
It's not just the NSA/CSIS/ that people are worried about. It could be as simple as the network admin at your office snooping in your mail.
Besides... If we don't encrypt everything, then when we do encrypt something, it will be looked at closer.
-- [ta]
How about Hushmail? Or another source--ZipLip?
Onorio Catenacci
--
"And that's the world in a nutshell -- an appropriate receptacle."
--
"And that's the world in a nutshell -- an appropriate receptacle."
-- Stan Dunn
Why bother, no one really has the time or inclination to monitor what you might say anyway.
My other sig is extremely clever...
Just add something like
keyserver wwwkeys.eu.pgp.net
to your ~/.gnupg/options and mutt does *all* the work of verifying/decrypting emails.
Yeah it sucks. More people should use software like mutt. It makes dealing with pgp-signed/encrypted messages so easy. (I hear gnus is really good too, but mutt was much easier for me to learn)
I think the best thing to do is just sign (not encrypt) all your email to your non-crypto using friends. That way they can still read your email, but they'll have to use a pgp aware mua to verify your sig. Hopefully, your friend will eventually be encouraged to use decent software to get this function. Then you're 99% of the way there and you can start exchanging encrypted emails.
Point being: Sign everything!
approximately 100 million americans on the internet. Millions more internationally. And you really think the NSA which spies on more important people than you has you targeted and is reading all of your email. Now where did those black helicopters fly of to?
1/ Email is not encrypted on the client side, but all the "tubes" that transmit information (email client -> smtp server -> smtp server/pop server -> email client) are encrypted. I don't think it's the good way because if one part of the tube is hacked or listened by the governement, the concept is down.
2/ Encrypt messages directly - for instance with PGP. With this method, the "tubes" don't have to be encrypted because the message itself is encrypted. This leads to the problem that the sender's client has to know how to encrypt the message intended to the receivers'client. That means that the sender has to know the receiver publick key before sending the message (correct me if I'm wrong).
So if the free-software community could show the example and imagine a standard common implementation for all the email clients, that would be great and at the same time, that wouldn't be too difficult to implement. We can imagine a very simple protocol that includes users' public keys at the very end of every message, under a standard format for everybody. For instange, somthing like " . Or better (because public keys are generally very long): maybe just an URL to the public key could. Or we can also have a standard that understands all the "fashions" of including the a public key.
So if everybody uses that (through non-encrypted emails at the beginning of the process), the email clients can maintain a list of all the email addresses for which they know a public key = for which they can send encrypted messages. Then, by default the clients can encrypt the messages without any human interaction :-)
Now imagine that Kmail/Evolution/Mozilla-mail/Emacs-mail/Mutt... decide to use that system, beginning to Day D. At date D + a few hours (or a few days for those who don't use much email!), most of the open-source community would communicate through encrypted emails and we could claim "Hey Microsoft users! everybody can read clearly your emails because you use Eudora or Outlook, but inside the free-software community, we communicate with strong encryption!".
Wouldn't be that good? Wouldn't be a demonstration that the entire Free-Software community can impose new concepts, new ways of living the Net?
At it happens, I've recently been working on this very problem. I've devised the Herbivore Protocol to solve it, and am currently coding a prototype version (Herbline).
This example illustrates how Herbivore will work:
Ever tried: www.mail.steganos.com ? so easy, you won't believe it. Happy numbercrunching: Ted
Hell, you could even just use a password-protected zip file for simple stuff. As long as the person you are sending to knows the key, they can decrypt the message.
Try https://www.steganos.com/world/mail/web/encryptEN. php3 or http://www.spammimic.com/.
I found these very user friendly and quite nice for encrypting.
Note: these sites use SSL.
Outlook Express is nice, much nicer than the bloated full version of Outlook, but it doesn't allow me to turn OFF html. I don't like html e-mail, and I don't like security risks in something so basic as an e-mail manager. Can't turn off my html, and if I want help on the issue, I have to wade through MS BS. I use it, but at gunpoint only.
information is immaterial
Well, if you feel ROT-13 isn't secure enough, then double encrypt it. :-)
I used to work in a company that uses Lotus Notes for email (among other uses). It's not all that great as a mail reader, but it did have a nice little feature build-in. It had encryption and signing. It was totally transparent to the user. Everyone that had an id in the system (it was a centralized system) had a public/private key. You could use this to sign and/or encrypt your email.
I don't know how this would have stood up to a decent cracking attempt, but it was fun.
room101 -- how much can you stand before they break you?
(they always break you eventually)
If every email client had encryption software (such as PGP or GPG) built-in or plugged-in, it would be easy to encrypt all email. The console-based email users are smart enough to figure this out on their own, but the GUI users just don't seem to be jumping on the bandwagon. So, what we need here is a really good virus: A virus that automatically fetches, installs, and activates email encryption on every GUI-based email client it touches. For good measure, the 'patch' for blocking this virus should be --you guessed it!-- an email encryption plug-in. In no time at all, the whole world could be using point to point encryption.
Sometimes I worry that I'll develop Alzheimer's disease, but no one will notice.
Almost every pop3 client I'd care to use has pretty much seamless support for digital certificates and S/MIME encoding of email.
The problem isn't the encryption, the problem isn't the software, the problem is telling people why they should acquire certificates and protect their privacy!
-=Chris -- Stop feeding microsoft. DON'T USE HOTMAIL! ---HUSHMAIL---
Hushmail works quite well. It's web-based, which is either a positive or a negative depending on what you want. http://www.hushmail.com/about_hushmail/
...and Thomas Jefferson, George Washington, John Adams, ...Woodward, Berstein...
Get a clue.
When VPNs are outlawed, only outlaws have VPNs.
This is the first idea I've seen to really solve the actual problem: how do you securely send an email when the receiver does not want to deal with decrypting or having a public key. You could go even further and limit what ip's have permission to see messages. And even if you didn't know the receivers ip you could atleast keep a record of the ip of who viewed the message. Only thing I dislike is if the receiver is paranoid s/he might not like the fact that this gives you the ability to tell when and where he read the email. Of course if the receiver is paranoid as well you can just both use pgp.
Shoot I was a moderator yesterday.
Hi! This is the Sig, blatantly attached to the end of this comment.
Hi! This is the Sig, blatantly attached to the end of this comment.
cest la guerre
Hi! This is the Sig, blatantly attached to the end of this comment.
Hi! This is the Sig, blatantly attached to the end of this comment.
anyone notice that the netscape page linked to says communicator can decode rot13 but not encode it? How can that be? If I select text and 'decode' it, are they saying it wont get rot-13'ed?
-
___
The way to see by faith is to shut the eye of reason. --Ben Franklin
Sure, outlook gets the job done. I use it everyday for my work email (my personal email is thru pine, naturally). However, my work comp is a mac. The windoze version simply cannot be considered decent software due to the horrible security issues.
-
___
The way to see by faith is to shut the eye of reason. --Ben Franklin
"Encryption that everybody I send emails to can and will use"??? Even if they have no or don't use any common decryption software???
You'll have to make it then. A little Java or JavaScript programm that uses a simple repetetive-key algorithm should do just fine. It would have to work in the only-alphanum range and you would need to send each of your penpals a copy of it.
They would copy and paste the cyphertext into the programm, enter the specific key you gave them to be able to read it. Anybody could and would use that. It would be plattformindependant too.
Just don't expect it to stand longer than 5 minutes against serious cryptoanalysis.
BTW: I'm working on an uncrackable one-time-pad crypto programm also adressing the very same issue - only that it will require me to hand out true-random-snow-key CD-Rs too everyone that I wish to exchange cryptomail with. With the advantage that - unlike asymetric crypto (read: PGP) - it will be ABSOLUTELY uncrackable. Taking in account that it's meant for email only, a CD-R one-time-pad could last a lifetime - or a very long period of time at least.
We suffer more in our imagination than in reality. - Seneca
Current e-mail encryption is putting an additional load on the user. The user has to care about security at all, the user has to care about key management and trust settings, the user has to remember cryptography every time it is used.
If encryption ought to be used by mom and dad, and aunt Lucy, it has to be as easy to use as unencrypted e-mail. No additional mouse click, no additional message, no additional thinking. The sender's e-mail software determines whether the recipient is capable of receiving encrypted e-mail, retrieves keys if necessary, and encrypts messages whenever possible. If encryption is not possible, the message is sent in clear automatically. All this has to work without any specific setup phase right out of the box.
Given those side conditions it will be really hard to provide even a basic level of security. Encryption invisible to the user is prone to all kinds of attacks cryptographers hope to be prevented by sufficiently paranoid users. But the general user is neither paranoid nor an educated cryptographer, and won't be able to make the right decision either. Mom and dad don't know about certificates, man-in-the-middle-attacks and stuff like that. They never will.
When bringing cryptography to the masses we have to leave the ideal world of Alice, Bob and Mallory. We have to sacrifice perfect security for usability, and focus on solutions which are good enough instead of provably secure. We may also exchange security for detectability to a certain degree, like suggested in another message around here. Where we cannot prevent them from snooping, we could at least try to make them make noise when snooping.
Before you start your protest: How many web sites "just know you" because your identity is stored in a cookie or in a bookmark? If the answer is none, how do you handle all those user names passwords? How many well-chosen distinguished passwords do you use? On how many sites? How often are they changed? Did you ever use the Please e-mail me my password again function on any site? Did you ever write down a password?
In other words: Are you, the software developer, the perfectly secure person you suppose the average user to be?
http://erichsieht.wordpress.com/category/english/
Hooks are no problem, just change your SMTP and POP3 to localhost, and make a PGP encrypted email forwarder/reader. You can even scan the TO: line and see if it's on the list of people who can recieve encrypted email, and scan incoming email for X-ENCRYPT-ENABLED: fields and add them to your lists automatically.
On the windows platform, Network Associates did a pretty good job with their PGP implementation for Outlook/Netscape Communicator/Eudora.... I think it's really easy to use so there shouldn't be a reason for not using it. I think the only problem is that most people are unaware of things like php. I think there are two solutions for the problem:
...) need to publish clear articles about it with an easy step-by-step guide so anyone knows about it!
1. Huge software gigants (Microsoft, AOL, Yahoo) need to put PGP in their e-mail clients AND their webmail programs.
2. Popular news sources (computer magazines, business magazines,
(I still think nr.1 is the most important)
And while on the subject, why is it that so many people precede any mention of encryption with little "it's not like I have anything to hide, 'cuz I don't" comments? Ugh.
I think this is the biggest issue most people have with encryption. I see a usefulness for it, but I see no need to use it. My emails aren't important. If someone intercepted them, they would most likely just be getting an email to abuse@ complaining about some spam. If I have nothing important to bother encrypting, what is the purpose of going through the hassle of encrypting, then making sure the other party has the correct key?
"The guide is definitive, reality is frequently inaccurate."
I prefer Outlook Express to all other email clients I've tried. . .
I know it's uncool to say so here, but Microsoft gets things right every now and then, and OE is one of them. It's clean, fast, versatile, and free. So far, I haven't been able to find anything I like better. Now, if someone wanted to argue that Outlook is bloatware, I definitely won't argue there. For standard Internet email though, OE does a great job.
Another program Microsoft did right is Money 99. The 2000 and 2K1 versions are getting pretty bloated, but 99 is very nice. I've yet to find a program that does as good a job at handling multiple accounts, and the reports it generates are suberb.
"The guide is definitive, reality is frequently inaccurate."
~ejunkie~ [Step outside and look at that huge yellow thing in the sky!]
At least one reason ...
... ;-)
E-Mailing company phone list to trusted person.
The company I work at is very particular about who knows these numbers
gus
.. if only.
Was looking at this the other day:
http://www.vision25.demon.co.uk/oss/herbivore/intr o.html
Sheesh, why does slashdot put a space in the link?
Ideal what we probably need, is a really good, full-featured, e-mail client with the capabilities of Communicator or Outlook Express, and PGP built-in.
As long as people have to run PGP as a separate program, and then try to hook it in with their favorite mail-reader, it will never catch on.
Everyone should use certificates. Certificates are used in browser apps. By using certificates, we can verify we are ourselves as we connect to a website. Any decent email system supports certificates. You can get a free e-mail certificate from www.thawte.com (which is part of verisign). These can be used not just to encrypt your message but also to sign it (to verify it is from you). According to Versign, Digital Certificates are the only way to electronically sign something (just like your ink signature on a check). You also have the ability to declare multiple e-mail addresses. Since it is handled by a CA, you can revoke your digital certificate at any time, and you do not need to send your public key to everyone who wants to use it (as you would with PGP). Typically, if your receiver has a digital certificate, you can encrypt the data to them (outlook does this, I know off hand) and then sign it with your key, just like in PGP. This is all done automatically through the CA, as opposed to e-mailing someone and requesting their public key.
Besides all of this, it's just a good method. The encryption isn't as powerful as PGP, but for most secure communications it's excellent (how many of us do banking with 128bit encryption daily?)
Anyway, my two cents.
I think you need to flash your brain's firmware.
I suspect it will all be a part of .NET - micro$oft will be the key granting authority and the key distributor, and since they have access to both the public and private keys (all hosted on their servers) *that* is when the NSA key in your windows registry will come in handy...
What me paranoid?
*** Where are we going? And what's with this handbasket?
Except for the "just one app for mail and news", the next version of KMail will do this. (Or just try KDE2.2alpha2, it is quite stable despite being "Alpha" (at least on my machine ;-))
And I've heard that KMail and KNode will be merged in the future, too.
Roland
Consider AOL and ICQ. Adding some encryption and automatic key exchange to ICQ would have been sooo easy. Tons of people have asked for it. It doesn't happen. The only explanation is: AOL does not want it to.
Without any recourse to conspiracy theories, this is easy to explain. Encrypted nessaging and email makes it easier and safer to swap copyrighted content. AOL is not about to help you with this, as you can see from their stance on gnutella and aimster.
The same goes for MS, only more so. MS will not openly resist email encryption, that would look bad and is not even necessary. But they won't do anything to make it easier, either.
PGP is wonderful software for people who exchange sensitive information. They can make a little effort to install it properly, exchange keys in a safe way and type in their passphrase before reading a mail.
PGP is totally unsuitable for Joe AOL-user who likes his privacy but neither knows nor wants to know anything about the difference between a key and a passphrase.
The simple people need a mechanism that never asks any questions and is generally invisible. So, what the crypto people ought to think about is not "how can we make it as totally safe as possible" but "what is the best we can do without requiring any help from users".
One simple solution is that the email program automatically generates a key pair and appends the public key to every outgoing mail. It also collects public keys from incoming mails and automatically encrypts all outgoing mails for which it knows a key.
Such a simple scheme is open to certain attacks. But it would be much, much better than no encryption at all, which is what a vast majority of email and IM users have today.
Do you really think someone reads the e-mails by hand? Lets say it takes 30 seconds to read an e-mail. As a *VERY* conservative estimate, let's say 100 million e-mails are sent every day. That works out to 833333 manhours per day. That's 34722 CONTINUOUS workers, or 104166 daily 8 hour shifts, with NO breaks and working at PERFECT efficieny. That's mean they'd have to employ about 0.1% of Americas work force. Do you really think they can do that? Let's say these poor SOBs have an annual salary of $50,000. That works out to $5,280,300,000 a year. 5.2 BILLION dollars. I doubt they could hide quite that much away. That's not even counting technical expenses! On the other hand, whatever system you use is going to be a royal pain in the arse to your recipients. Is it REALLY worth it? On balance, I'd say no.
TODO: Something witty here...
Most people will say similar things "Oh, I have nothing important" and yet, deep down there *is* an expectation of privacy. Why? Because you do not see the people reading your e-mail! Out of sight, out of mind type syndrome. But put another person in front of their computer and tell them to check out their In/Outboxes from top to bottom and you'll most definitely see the owner jumping right in "What the hell are you doing reading my mail?!!"
:-)
That's the problem...a perceived sense of security and privacy that seems to resist all rationale.
It's the same with other spooky figures...yes, everyone knows, there are bad guys and burglars out there, but most people will continue to assume, that it hit's only *others* (the Susie B.'s from the newspaper), not them.
I propose checkmail.org, where a few thousand random mail messages are captured and put up for general amusement. Then people will get pissed, because, after all, e-mail is private!
Rather than encryption ... consider steganography (or "data hiding").
That is, embedding a message within seemingly harmless text or data. If you send encrypted data, you are immediately attracting attention to yourself, especially since (as you point out) almost no one encrypts email -- if you're not sending plain text, clearly you must have something to hide. And there are ways to get at encrypted data, not necessarily by brute-force decryption, but (for example) by hacking into your desktop and stealing your unencrypted mail files or your private key. Using encryption makes you an inviting target for such techniques.
There are a number of ways in which steganography is done. You can use spammimic, which converts a short sentence into a lengthy document that reads like spam (and has the advantage of being web-based, so anyone can use it). Or you can try embedding messages into images or sound files by changing the LSB of each pixel/sample, which doesn't affect the output. And so on.
If this strategy is employed, you can also encrypt the message prior to hiding, which is your insurance against someone breaking the hiding strategy.
Toronto-area transit rider? Rate your ride.
Unfortunately, key distribution is one of the Really Hard Problems. SMTP (and other proxy routable protocols like SIP) are even worse because there is a hopwise problem (between your mta and the relay) and an end to end problem. While the hopwise problem is readily solveable using things like IPsec and TLS, the end to end problem is much more difficult. The reason is that unless you have some direct knowledge of the sender (their [public] key, say), you have to rely on third parties who vouch for you. This works adequately when the scaling can be confined within a limited set of trust relationships (limited PKI's, limited x-realm Kerberos, etc), but breaks down when you start positing the mythical global PKI.
Mail, web browsing and other many-to-many kinds of problems (and most likely telephony too, depending on how it is deployed) require mutually agreed upon roots of trust, and those are hard (maybe impossible) to come by. Worse: even if they did exist, it is not entirely clear that that would be a Good Thing. As Jeff Schiller pointed out at IETF50 (in reference to the global PKI implications of mobile IPv6's binding updates), Global xxx's breed reptiles, and having, oh say, ICAAN in charge of global PKI's for IP prefixes, rfc822 names, DNS, etc, etc is not an especially comforting thought.
Setting our sites smaller at this point in time is probably the best that can be hoped for. That means doing the hopwise crypto, and using strong authentication e2e within the realms you either control, or can work out agreements with. PKCross with Kerberos is another angle that might allow for larger and larger trust aggregates (since you get a centralized online policy engines in the form of KDC's), but that may be a pipe dream too.
Mike
Come on, it's easy! Use a PKI certificate. Sure, PKI still has a ways to go, but it works great for encrypting e-mail. You and your friends can get free certificates here.
Netscape (on all platforms) and Outlook/outlook express already support PKI certificates for e-mail signing/encryption.
No special software, and it's easy to use for e-mail encryption!!!And while on the subject, why is it that so many people precede any mention of encryption with little "it's not like I have anything to hide, 'cuz I don't" comments? Ugh.
--
I have seen / played with a program called ZixMail, which actually does embedded encryption inside of the mailer. If the recipient has the software also installed, it automatically un-encrypts the message and the reciever can read it, no problems at all. Also, if the sender send to someone without the software installed, it relays a different message to the reciever, pointing them to a web site where they can securely read the message over https. Two problems, though. One, you have to register yourself with the server, because the messages are cached on their machines, and that lets them control how the different formats (direct vs. html) of messages are handled. Second, and especially sucky, the only mailer that I know it ties into as of this point is Outlook.
Well, really, the easiest way is if we all scramble our phone lines.
There is no idiot-proof way to encrypt data. The idiots will always leave their passwords on yellow stickies on the monitor.
You need a shrink, man.
I am not on crack, damnit.
No one is going to read all the e-mails by hand (eye?), but possibly they'll all be searched for key words, sush as assassination, jihad, revolution, etc.
So overload their systems by changing your pretenious sig for a list of key words.
All your e-mails, even the boring ones to your wife asking her top pick up stuff from the store, will be forwarded to the MIB, hopefully making the task of searching for revolutionaries harder.
This time I could be arsed.
Thawte offers S/MIME X.509 certs for free. All you have to do is enroll in the Personal Cert system here:. ex e
http://www.thawte.com/cgi/enroll/personal/step1
Once you have done that you can request a Cert. You may also want to get involved in the Web Of Trust which enables people to get their names in their Certs by getting their identity assessed!
With so many countries releasing e-signature acts, I reken it'd be a good thing to get a Cert.
And it's sooo easy!
I think it's not that hard to use this PGP-version
and for me -- well, tkrat is really great :)
I don't really think that the proper place for **EVERYDAY** encryption is in the e-mail message itself. I mean sure if you have a really sensitive message that is for your eyes only to the recipient then sure.
Sendmail supports oppourtunistic encryption between SMTP MTA's, POP/IMAP/LDAP/SMTP from the client can all be SSL'd or TLS'd. Even tween MTA's you can use ESMTP TLS. Notes and Exchange both support encrypted client server and serverserver communication. All of this exists now and I think even those aren't the way it should be handled.
Linux FreeS/WAN support will soon have oppourtunistic encryption via IPSEC. IPv6 requires IPSEC to be compliant. So I think that the answer is that encryption take place at a lower layer than the application. This solves the problem for ALL applications rather than just e-mail. Also this still allows virus scanners and content filters and mail filters and SPAM protection and banner rippers and such to work the way they are supposed too. It allows standard encryption acceleration hardware to be used for all your network traffic.
-Ben.
-----BEGIN PGP MESSAGE----- Version: PGPfreeware 7.0.3 for non-commercial use qANQR1DBwU4DeWuYVIUPTy4QCACe8SyHBZo+3Ag+CZJuS2OBTk vvHViazNX8zQc/
0Tv8Yg+zPyorvxl9eSMEpfiEeuwPyb7sV71XJuFxtWuZ8yGENu iGq8ZjVikXUiog
EHP4YU7BNazufrbZGmDzbMvascbKhCeB9s445vlPK3k2muSxoY fujNVE1t8nxBiI
u1kpNUaPQwIt09HUUdDiKeATc+t2+9jLd2xQemQwsvCwR7S2n0 fDwG1M9ya/eRsH
1dfPRIZTPeIVD168IdFUiNOcnstny9xh+FV9imYiBLSJI3wfY8 UuwCd4r5HbV+Z1
PjhuQNa1LgmhesET0hxLd9jHnjiGtb1uUrhnlhubRhoi3bmhCA DgKwklYvo8mzv/
yIYkX5wfCSjffEYHfM5NvB6L64+y8QdXTbYtrwVYawNdLhr1uI uO8Gt6TycXu2lO
priyr5aIGBCN5atYuIVjUbDkxuHURqlZsAF8txuEs9FLHpaI+B sI+a+jBwt/oCam
pisu7akhIwSoB1OGMFvJjALjqEY2MceqfS5smaOUR6wzeSDA65 TVfmyjjaqJahxH
bZB7bS4ypCbGfIOiNPxEZdveU5BV3MxX0g7qSViHhLBCJhYvRb I0pyO/truj6kky
KS3No+NISoyCu6fGQuBc3DAuuBYI7O1PHeyRHdMfuCETrXU3EZ VGaF0UtJ8bdWlj
ngmOjwNlyTDLUc2ydrH1GZpnbFlBLhAA47WVITQkD31oOohFkE IA7WNm0ZC90tGs
xYd0bM2BbYI=
=STWx
-----END PGP MESSAGE-----
Fhngjty, fingwysag alrbey fh bspuwy hqwcdsdu. Daohd dajhds saytds fas fdsifufd fsdkhjf adi woie qweue twqe Klwqyuwe. Hkjdaodi asoidus asdhud! Kdksaj lasdjsdhd asdgsvda iaugdsd.
Lknhr
---
"i was saying gnu-rd"
Microsoft adds e-mail encryption to Microsoft Outlook. Then encryption will be standard enough for the everyday user to use.
Of course that probably won't happen because the NSA has Microsoft in their pocket.
Check out http://www.hushmail.com...it's a webmail client that has really good encryption support. If you send email to another hushmail account, it's automatically encrypted... =)
"Quoting famous computer scientists out of context is the root of all evil (or at least most of it) in programming." - K
I use ziplip.com. It's a free web-based email service that lets you send encrypted messages. The beauty is that your recipients don't have to be ZipLip users or have special software. The system emails them a link that allows them to pick up their secure message (think e-cards).
HushMail requires that both parties have a HushMail account. With ZipLip, only the sender needs a ZipLip account.
You can either communicate the password to the recipient out-of-band or provide a password hint that only the recipient knows ("What's the name of the restaurant we ate at least week?").
Well I just created my 1st Slashdot user account, because I hope this post will get read and moderated up.
Phil Zimmermann has left Network Associates, citing "philosophical differences", and NAI PGP has just become closed source software. PGP without source is not PGP. Slashdot readers know why. Please avoid Network Associates PGP version 7.x.x, and spread the word.
Cyber Knights Templar PGP 6.5.8 is open source PGP for Windows users, and includes a security patch for a very nasty remote exploit against "official" NAI PGP 6.5.8., the ascii armor parsing bug.
GPG is the wave of the future, but in the present, user friendly Windows support for strong crypto is still important. This support is provided by the Cyber Knights Templar builds, which also include the AES cipher (Rijndael 256) and large key support.
Please publicise this address, where Win32 binaries and full source code are posted for download:
http://www.ipgpp.com/
There is no charge for CKT PGP, and BTW, I am not afilliated in any way with the CKT folks.
99 buckets of bits on the wall...
99 buckets of bits on the wall...
take one down and pass it around, 99 buckets of bits on the wall
It seems that a lot of people worry about keys being stolen/snooped. What about hardware-based encryption? Imagine this: your key is only stored in a usb device (it can provide power, and can be swapped easily). When your e-mail program wants to sign or decrypt, it sends the message to the device, which, with its dedicated processor, does all the work and then returns the output. They key never gets into the computer, and it can only be programmed with a new key by flipping a hardware switch. It is small enough to carry around and lock up (I'm thinking cuecat size). It is widely available and overclockable (hey, we need to have fun with it too). It comes in neon colors for all those mac users out there. It gets you dates. Well, maybe not that one, but you never know. Make it and you have at least one sure buyer. Or you could do the same with a laptop/PDA and transfer the data in a non-snoopable way, like floppies, but that's not as nifty.
Thawte issues free personal X.509 certificates for use with S/MIME. The previous poster was correct: the facility you want already exists, and it's already present in some of the most commonly-used clients - Netscape, Outlook and Outlook Express at the very least.
Once you have one of these go off to www.thawte.com and get your self a nice new certificate.
All you need to do then is send an e-mail to someone and they automatically learn your public key. They can then send you email encrypted with your public key that only you can decrypt with your secret private key.
PGP is a little more painful as you have to install PGP on everyones machine, and get this working with your mail client (Netacape 4.7 doesn't support PGP at all).
Brian
ln -s
Use my SuperLameEncryption page at http://users.interact.net.au/~cblj/slen.htm
I still have to make the site look nice and explain how you use it, but
basically it goes like this.
You want to send email to your friends and/but your work has a filter
blocking messages with keywords, or your boss might be intercepting your
mails for whatever reason, or you just think it would be cool to encrypt
your mails. Well, what you do is this:
1. Utilise SuperLame key creation/distribution. Get together with your
friend in the park and agree on a key-phrase that you will both use to
encipher and decipher your communications. In our example, we'll pretend
that we have agreed on the key-prhase "toomanysecrets".
2. The sender points their browser at http://users.interact.net.au/~cblj/
enters the key-phrase in the 'key-phrase' field, then enters their plaintext
message in the 'plaintext/ciphertext' field, and hits the 'encipher' button.
3. The sender then copies the entire ciphertext which is now in the
'plaintext/ciphertext' field as a result of step 2, pastes it into their
email, and sends the message -- too easy.
4. The recipient points their browser at
http://users.interact.net.au/~cblj/, copies the ciphertext message into the
'plaintext/ciphertext' field, enters the key-phrase agreed upon in step 1
into the 'key-phrase' field, and hits the 'decipher' button -- revealing
the original plaintext message.
The encryption algorithm used means that it would be pretty easy for anyone
with a little crypto knowledge to decipher ciphertexts generated by it
(hence the 'SuperLame' component of my product name). The longer the
keyphrase the harder the decipherment, and the more often you change keys
the more difficult you make life for eavesdroppers.
Obviously bearing this stuff in mind, I don't recommend using it for
critical communications. Can you imagine the news headlines like "CIA
Arrests Terrorists after decoding their SuperLameENcrypted Communications"?
On the plus side however, it will get your emails past key word filters, and
it would make your boss go to a lot of trouble to read your communications.
Maybe one day I'll use a stronger encryption algorithm like Rijndael.
Notes:
Because the SuperLameENcryption application is executed using clientside
scripting technologies there is no transmission of plaintext data to a
webserver, and thus no possibility of interception there. Also, the page
could be copied and run locally without any problems, negating the need to
connect to the website to process messages.
Obviously you can't encrypt email attachments with this tool.
another PGP for Windows option is Zendit, I met them last year at an EFF program and PRZ has been advising them for about 2 years. It looks like they have a good philosophy, are using a CSP that PRZ is working closely with (NOT NAI) and I heard they have had their system working on GNUPG for 6 months but couldn't release do to the GPL but still plan to release their Gnug APIs for Windows. They just released a beta, I'm testing with my hotmail. So far it looks to be an interesting PGP for Windows alternative. http://wwww.zendit.com
Try Zendit. They say they work with about 30 web-based emails including Hotmail and Yahoo...(and maybe even Ziplip and Hushmail so you can encrypt with 2 systems....hmmm) and you don't have to change your email address to use it. You control your private key.
The problem with many of these web based email encryption services is that the encryption is done on their servers, so you have to trust that the encryption is done before any of your email is stored or logged anywhere (this is unlikely given the proxies and caches between your browser and their encryptor). Worst still, they have to hold your private key on their servers. A much better solution is to encrypt BEFORE sending your email and as far as I am aware, of the encryption services I have tried (eg ZixIt, ZipLip, HushMail etc.), only ZendIt encrypts solely before sending anything over the network (for web email or outlook), and even your local copies of your emails are stored encrypted. You could also use the PGP software from NetAssoc, but you can only email people whose keys you have in advance, and it's not exactly 'granny-friendly'. Web based services are the easiest way to sign up your friends and colleagues. BTW: Not that I encourage paranoia, but I understand that the contents of emails on hotmail etc can be legally read and used by the provider of the service, read the fine-print. I recommend trying some of these services out and choosing the one you feel most secure with. cheers u
Well, if we take a parallel to web, we see that people have to have SSL-enabled browsers and SSL-enabled servers to browse securely. By that same token, why not crypto-enabled mail servers? Your mailer connects to the SMTP server, indicates the target mail address, and the mail server looks up whether that user is capable of accepting encrypted mail. At that point your mailer could default to sending it unencrypted, or perhaps stop and query the sender. Alternately, we could have mail servers that do the decryption. This isn't a final solution (because it's not encrypted end-to-end) but perhaps it would get people used to being able to send encrypted emails, and those that care could start using crypto-enabled mailers.