Phil Zimmerman and PGP at CNN.com

rick_campbell writes "CNN is carrying an article about Phil Zimmerman and the fact that Network Associates is dropping support for the commercial version of Pretty Good Privacy. The article includes a little bit of Phil's take on the situation, a little history and some discussion of why this happened and what alternatives exist."

PGP can be saved

[lw54]

PGP inventor Phil Zimmermann says PGP can be saved, and has outlined how in this interviw.

"Anyone interested in helping should contact me," he added.

All these interviews and headlines

[joshtimmons]

Can't we just give the poor guy a little privacy?

That's all he wants.

Cool information on article

[fabiolrs]

"But so far, PGP is limited primarily to niche markets, like human rights and organized crime -- authorities say mob suspect Nicodemo S. Scarfo Jr. used it to encode gambling records."

Nice, nice! :)) I never knew they were SO organized!!

As someone who should know better,

[cbensinger]

I looked at PGP a while back and actually installed it. Unfortunately -- and perhaps because of my own carelessness -- it started causing issue(s) with my network connection and I ended up removing it. As the person responsible for the web/email servers where I work I know first hand how unsecure and public email is; yet I've not found a solution that I'm comfortable using. PGP seemed (at least to my knowledge) to be the most widespread, but even at that I couldn't name 3 people who I regularly exchange emails with who use it -- in fact I'm not sure if I could name anyone other than my wife who did. The only way I could ever see something like this widespread were if it were integrated into Outlook/Outlook Express/AOL/etc. and I don't see that happening. :(

Re:As someone who should know better,

[cduffy]

That would be an issue with the IPsec adapter included with NAI's product. It's a separate and disablable component -- and GnuPG has nothing like it, so you need not fear any problems stemming from use of the latter product.

Plugins exist for Outlook integration, FYI.

The End User Still Doesn't Care

[Greyfox]

The biggest problem is the end user just doesn't care about E-mail security. You'd think with corporate privacy concerns and all that crap that they'd at least look into the technology.

I was talking to a company about orders the other day and one of the ways you could place an order with them was to E-Mail them your credit card number. I told them I wasn't sending my credit card number over the open internet and asked if they had a PGP key I could encrypt to. They had no idea what I was talking about. After that I wasn't particularly willing to entrust my credit card number to them at all...

The old US Crypto regulations did a pretty good job of stunting crpto-enabled mailers in the US, too. Since you couldn't export encryption or even an "Encryption enabling API" there wasn't a lot of integration work going on. Sure you could get a set of scripts to use PGP or GPG with Pine, Mutt or XEmacs, but most of the people using those mailers didn't even go to the effort. We won't even go into the happy fun GUI mailers that Joe Average User wants to use. PGP did do a good job of integrating into Outlook, at least.

The upshot of all that is I think it'll be a long while before encrypted E-mail is the norm.

Re:The End User Still Doesn't Care

[Lumpy]

GPG integrates to Outlook, Slypheed(linux GTK email client that BLOWS AWAY KDE mail) and I believe there's even a pegasusmail plugin now.

It makes signing and encrypting AND decrypting email pretty darn easy. If a user cant figure it out today they need to be beaten over the head with the keyboard... the HARDEST thing about GPG is creating your own private key.

Re:The End User Still Doesn't Care

[-tji]

No, the problem is that it is still too difficult to use secure e-mail.

If they select a check box to "Secure E-Mail" when sending e-mail to someone, and the details of how it happened were hidden, people would do it.

But, if it requires you to exchange keys with someone & manually manage the process, only the techies will do it.

It's a tough nut to crack.. To do it right, you need a trusted authority to manage identities & keys. I don't see any sign of this happening.

Re:The End User Still Doesn't Care

[no_l0gic]

"They had no idea what I was talking about. After that I wasn't particularly willing to entrust my credit card number to them at all..."

I used to carry the same sentiment, complaining if a merchant provided no "secure" means of credit card information transfer.

The problem is that although email may be a much less secure method of transfer than other commonly accepted means, the generally accepted methods are almost as insecure.

e.g. - when you patronize the local drive through, realize you don't have enough cash on hand to cover your embarrassingly large order and are subsequently forced to pay with your credit card, do you know what goes on behind the window once you hand your card over? What number of pimply-faced purveyors of fast-food goodness are given the chance to jot down your card number, just as if they were to brows through the inbox of your unsecured merchant?

Likewise, when you make a purchase at a store such as CompUSA, where they take an imprint of your credit card for their records - how do you know that the storage of the receipt is anything approaching secure; that they shred the receipt sufficiently after its use is fulfilled???

While I agree that online merchants with decent security policies on buyer CC information may make me fell more secure, it is really only semantics... For all I know, the person receiving my encrypted CC info just decrypts it, jots it down on a sticky note, and sticks it on his monitor for anybody to see so that he remembers to complete my order in the morning. (Very unlikely, yes - but very possible as far as I can tell...)

Re:The End User Still Doesn't Care

[wishus]

There is also a Windows Eudora plugin, though it's still a little buggy. I'm working on it, give me time... ;)

However, with email encryption, there is still the problem of validating keys. Most people don't understand why they have to check fingerprints and sign keys, and they get lost when you try to explain a "man in the middle" attack.

Tech support going the way of the dodo

[Fastball]

A lot of vendors we deal with have significantly raised pricing for their support services, and a few others have quit supporting their software altogether. Struggling to stay in the black, a lot of companies are no longer developing and supporting software for the small shops and home office folks and are instead steering their efforts towards the big corporate money.

To which I say fine. Alternatives for most of the stuff we use here, messaging systems, web based stuff, etc. can be found in open source projects or written in house. This is just another golden opportunity for open source software. Maybe my boss will hear my pleas now.

Curiosity...

[L-Wave]

Do many people truly use this technology? I understand many "geeks" use it, just for the cool factor, but I have yet to send email to someone who refuses to read/accept it because it was not PGP encrypted. I understand the use is for encrypting email and validating that it is, in fact, from the person who sent it...but really, does anyone use this for anything more than sending thier friends email that doesnt really need to be encrypted?

Re:Curiosity...

[thrillbert]

I have yet to send email to someone who refuses to read/accept it because it was not PGP encrypted.

Then you have never attempted to submit a vulnerability or links to fixed software to CERT.

I believe their approach is "if we make it hard for them to email us, we won't have to work so hard!"

---
I'm not an expert, but I play one at work.

Uhhh PKI?

[Conare]

Encryption is difficult for average users to grasp, - It's like a secret code.
products aren't all that easy to use - Most email encryption I have seen is implemented as simply depressing a toolbar icon. Is that really that difficult?
and the threats of not protecting e-mail from prying eyes aren't all that easy to explain, Hill said - Hill can't be serious. How about two words? Intellectual property. or how about these two: National Security. Or how about these two: Excessive litigation
Also in an article that supposedly discusses alternatives for encrypting email, PKI isn't even mentioned. What a terrible article.

Re:Uhhh PKI?

[Xylantiel]

Exactly!!

For those who don't know, PKI=Public Key Infrastructure. It's how you know that a public key you have for someone is actually the right one. Having a working (i.e. secure) PKI is what makes "using" encryption difficult. Everyone always assumes that explaining PKI to anybody is too difficult, so reporters like the one who wrote this article say things like "products aren't easy to use" when really they are and all the difficulty is in having a secure PKI.

It is probably telling that most widespread PKI, used for web certificates is pretty much completely broken in practice. Do YOU look at the company name listed on the certificate before you send you submit your credit card info? I've never seen a browser that by default gets you to at least verify that the company name on the cert is right. This makes man-in-the middle attacks almost easy.

Another great idea dies

[blankmange]

It seems that NA had a great concept/product on their hands and through whatever passes for sense,let it go. How many applications has this happened to? An individual or small startup has a great idea, or maybe even the elusive 'killer app' and then is quickly bought up or out by a larger corporation. The application is quickly diluted, sent through several revisions that only seem to add complexity/bugs, and then the company drops it, but keeps the 'trademarked' name.... Now we can still get copies of and continue to use PGP, but now we will have to call it something else. Here's to Zimmerman; stick to your guns!

Re:No privacy at all

[jayant_techguy]

Do you know the biggest problem is the end user just doesn't care about E-mail security or won't know how to handle it.
If you are really concerned, there still exist free s/w while do pretty decent job with RSA encryption algorithm. Though mind you they might not integrate into Outlook etc. as PGP did.
The crux is it'll be a long while before encrypted E-mail is the norm of every human. I have to handle mails from 100 different people professionally daily, some containing sensitive information of the sender, but they don't care to encrypt it using PGP or any other tool, and send me their sensitive info. like anything.

Health Care Regulations and Encryption

[stoolpigeon]

HIPPA is some legislation that has portions going into effect now and in the next few years. It requires those who handle medical information electronically to do so in a secure manner.

I work for a collection agency and since we collect for hospitals sometimes we have been looking at this. We were going to use PGP as clients have specifically mentioned that they require it. Now I am not sure what we will do. Much of what is available out there has restrictions on being used for business.

The movement towards being more secure information delivery seems slow but it is moving forward.

I am just real interested in seeing what kind of alternatives surface for businesses like ours.

.

Actually works in XP

[MasterBlaster]

PGP actually is compatable with XP. Well... compatabile enough anyway. I had a relative install 6.5.8ckt on XP WITHOUT the e-mail plugins and without PGP Net and it works fine.
It is very easy to click on the tray icon and encrypt or decrypt the "current window".
From what I understand, 6.5.8ckt works better with XP than any other PGP version. I undersatnd the plugins and possibly PGP Net causes issues in XP.

Encrypted email alternatives

[Beryllium+Sphere(tm)]

Hushmail (http://www.hushmail.com) is web-based OpenPGP mail. I'm a customer and sent Crypt-o-Gram a review, but have no other connection.

The closest thing to the dream of "just press a button" is the S/MIME in Outlook. That still requires users to get a certificate ("a what?!", they will ask). And S/MIME has drawbacks.

Pushbutton encryption is a delusion anyway. The details of key management are indispensable to security and require out-of-band verification. Unless you've checked a key fingerprint, or totally trust a key signer, you can be attacked by feeding you a fake public key and all the crypto wizardry is irrelevant.

Re:Encrypted email alternatives

[seaan]

The closest thing to the dream of "just press a button" is the S/MIME in Outlook. That still requires users to get a certificate ("a what?!", they will ask). And S/MIME has drawbacks.

Working for a security firm, we decided to use Outlook and S/MIME. We had a policy that we would sign all messages by default, and use encryption where possible. After over a year of problems, we have stopped the default signing. We still use encryption, but not as much. The problems included:

* People not being able to read a S/MIME signed email - includes Hotmail and certain combinations of Outlook/IE (since Outlook gets most of it's crypto libraries from IE, the version of IE is important). Sending people messages that can't be read is a serious barrier!

* Random false-negatives for signed messages. Once in a while, a message would indicate it had an invalid signature, but we could discern no change from the proper message. It does not build confidence to tell people, ignore the error message saying the email has been tampered with!

* Outlook is really lousy when it comes to acquiring and managing certificates. I'm guessing they designed it with Exchange in mind (assuming some corporation puts certificates in Exchange for a closed system). Initializing and managing certificates was a real pain, even for those who knew precisely what they were doing.

* Outlook did not have a "use encryption only if person has certificate" option, which meant that you had to manually select encrypted email every time you wanted to use it. Also, there is no good way to send a single message with encryption to people who have the certificate and ability to read it, and no encryption for people who don't.

* Occasionally we could not read encrypted mail because of a variety of errors. The most common was obscure certificate issues (actually bugs, since most of these errors should not have been transient).

* The level of S/MIME encryption would vary, according to obscure and undocumented reasons (probably bugs too). I always selected 3DES, but more than half of my messages went out with some other form of encryption. Even worse, Outlook does not give you any warning that your message is going out with weak encryption!

Not all of these are S/MIME problems, but as you can see, we are still very far from "just press a button".

Doesn't anyone use S/MIME?

[Brazzo]

It's easy. I go to VeriSign's site (or Thawte, or any of the other root CAs that offer S/MIME certificates - hell, Thawte even offers a limited, free S/MIME certification program, and a network of virtual notaries... but, I digress) and install an S/MIME certificate.

Then, I go to Outlook, or Outlook Express, or Netscape Communicator, or Mozilla, and I install the certificate. Then, I click the "Digitally sign this email" checkbox to automagically send my certificate to sign the email, and additionally click the "Encrypt this email" once I receive a certificate from an end-user to encrypt the email.

Sure, there are scalability issues, but any good PKI implementation can take care of those for corporate use. And, with a Network of Trust like Thawte is creating, you get the PGP-like ease-of-use with the PKI-class trust-level of a real PKI. All for the home user.

And no, I don't work for VeriSign or Thawte. I did work for a company that used certificates. A lot...

Re:No privacy at all

[blibbleblobble]

there still exist free s/w while do pretty decent job
I've found GPG to be very difficult to use, even as someone who uses the command line a lot, I've neither got the Windows nor the Linux version to encrypt anything yet.

they might not integrate into Outlook
Does anyone know a decent Windows email client (i.e. not Pegasus or Outlook) which does handle PGP messages?

Getting to encrypted email from here

[iabervon]

Encrypted email will probably go through essentially the same stages as HTTPS.

First, it will get integrated into mail clients, for those users who insist on it, in a half-hearted way. Then mail clients will pop up a warning when you send something unencrypted, which most people will just click through for most messages, but people might notice when they're sending a message which they wouldn't send by plaintext HTTP. Then it will become normal for sites with HTTPS servers to have PGP keys for email. It probably won't get much beyond that any time soon, though.

As far as implementation, I anticipate PGP and similar software dying out, in favor of PGP-like crypto functionality being supported in OpenSSL. Why OpenSSL? Because it has become the standard security library implementation. OpenSSH uses OpenSSL, even though SSH competes directly with telnet-over-SSL. OpenSSL also has all the cryptographic functions, it's BSD-licensed, and a lot of security-conscious projects beat on it. Once OpenSSL has support for PGP-formatted stuff, it will be easy for email clients to integrate it. Also, since many email clients are integrated with browsers, which need SSL support (and so use OpenSSL already), it's simply a matter of calling the decrypt function when you get an encrypted message, storing public keys in the address book, and encrypting messages to anyone who has a public key in the address book.

It is no longer necessary to have a separate program for encryption. Writing crypto code is hard, but OpenSSL does or will do almost all of it, so you're left with managing the user's private keys (just like managing client certificates), managing other people's public keys (just like managing site certificates), and distributing the user's public key (just like business-card attachments). The only tricky thing is in signing other people's keys, but if you're not worried about active attacks with people who you don't talk to out-of-band and who don't aren't corporate sites, you don't need to bother.

Marketing encryption

[MAXOMENOS]

Disclaimer: IANIM (I am not in marketing)

As I see it, there are two barriers to widespread adoption of PGP (or GnuPG). The first is usability; the second, more important one, is demand. People do not see the necessity of encryption, and in fact, many associate encryption with criminal activity.

The first problem can be solved through the proper use of technology: create user-friendly interfaces for key generation, key management, etc. The goal should be to make PGP/GPG as easy to use as a word processor, spreadsheet, or video game.

The second problem can be solved by promoting digital signatures as opposed to encrypted email. Most people don't care that their email is as open as a postcard. In addition, a significant chunk of the population associate encrypted email with organized crime and terrorism. These are the factors we have to work against in promoting encryption as a way to keep email private.

Digital signatures are a different matter. There is no social prejudice against digital signatures per se, and the need for digital signatures is easy to demonstrate, as detailed below.

Most people believe the From: headers on their emails without question. Unfortunately, it doesn't take much technical skill to fabricate an email with a fabricated From: header. (Below is a Python script that does just this). It's therefore trivial for a malicious person to send all kinds of forgeries to you, your friends, your co-workers, etc. The social damage can be catastrophic.

Digital signatures solve this problem neatly: if you have any doubts about who actually sent the email, or the actual contents of the email, the digital signature gives you near mathematical certainty that the message and sender are authentic.

In my experience, it only takes a couple of humorous demonstrations to get the point across to your intended audience; after which, they become motivated to learn and use PGP/GPG to sign and verify the signatures of emails. Using PGP/GPG for encryption is a logical next step.

By the way, if you do try to demonstrate the forged From: header trick, please make absolutely sure that your audience is prepared ahead of time, and that you are legally authorized to do this, before you make your demonstration. Otherwise you could unnecessarily end up in a heap of trouble.

It should be noted that PGP and GPG have an advantage in meeting the demand for digital signatures, since they're both relatively mature technologies. The danger is that the government could push hard for their own scheme, with built-in back doors and/or mandatory key-escrow. Selling secure, non-escrowed encryption is going to be much harder in the present political climate than it was before.

Hope this helps.

#!/usr/bin/python
#NB: some of this code comes from _Python Standard
#Library_ by Frank Lundh. Buy a copy!
#
# Please note: this is for demonstration purposes only. I utterly
# condemn any use of this code for illegal purposes.
#

import smtplib
import strings

fakemail = string.join((
"From: foo@bar.org",
"To: bar@foo.org",
"Subject: IMPORTANT",
"X-FakeMail-Notice: This mail is FAKE!",
"",
"I like to pour hot grits down my pants. Thank you.",
"",
"This mail is FAKE!"), "\r\n")

server = smtplib.SMTP("localhost")
server.sendmail("foo@ba r.org", ["bar@foo.org"], fakemail)
server.quit()

Try The Bat!

[marm]

Does anyone know a decent Windows email client (i.e. not Pegasus or Outlook) which does handle PGP messages?

Might I suggest The Bat!?

Funny name, yes, but it's rapidly become my second-favourite MUA (after KMail) and certainly my favourite on Windows. It has support for both PGP and S/MIME encryption and signing (although it uses its own built-in PGP implementation which I'm not entirely happy about). It's not free in any sense of the word either (it's 30-day trial shareware), but hey, this is Windows we're talking about.