Secure Webmail Providers?

← Back to Stories (view on slashdot.org)

Posted by Cliff on Monday December 2, 2002 @06:06AM from the a-little-paranoia-is-a-healthy-thing dept.

Rainier Wolfecastle asks: "I am looking for information on any webmail providers that support PGP/GnuPG encryption. Up until now I have been using Lok Technology's excellent service, but it appears that they have gone out of business, since their site has been unreachable for over two weeks now. I am aware of Hushmail, but that doesn't work well under Linux. I am considering using Name.Space's LokMail service (based on Lok Technology's..er...technology) but I was wondering if anyone out there has any other suggestions. Free email is coming to an end, and if I'm going to pay for it (which I don't mind at all) then I want a decent product."

23 of 56 comments (clear)

Min score:

Reason:

Sort:

Hushmail? by penguin_punk · 2002-12-02 06:18 · Score: 4, Informative

Hushmail was the first and obvious choice when I read the headline, but you mentioned that it doesn't work well under linux??? What's up with that? I believe it uses java. (to lazy to check) Do you not know how to install the java plugin under mozilla/netscape/konqueror?

--
HURD - Hurd's Under Research & Development
Re:What's the point... by crow · 2002-12-02 06:28 · Score: 5, Informative

The server-to-server communication is not in plaintext if you use PGP or GPG. Of course, the headers are, so an observer can see who you're talking to, just not what they're saying.
Hushmail in linux by rocketfairy · 2002-12-02 06:37 · Score: 5, Informative

Hushmail works fine for me in linux; it runs on java, so you need a browser (Mozilla works swimmingly) and a working virtual machine. Grab the latest one from Sun, make sure there's a link to it in the mox plugins dir. If it keeps breaking, try making the account on a windoze machine, and then accessing it in linux -- that worked for me the 1st time when my jvm was crashy.

Oh, and remember -- hush security is only as good as your passphrase. Diceware!
Problems with Encrypted Webmail by pete-classic · 2002-12-02 07:16 · Score: 5, Interesting

Encrypted webmail is a tricky issue. In the final analysis you basically have to use a passphrase that is so good that you don't mind having your (encrypted) private key publicly available.

Consider that the webserver admin(s) will have access to the encrypted private key. Also consider that the webserver (process) has read access to the key. The upshot is that if anyone gets root access to the box, gets a shell under the webserver's UID, or convinces the webserver to serve up a file that it is supposed to have read access to, the only thing between your private key and an attacker is your passphrase.

I find all this unsettling to the point of believing that it can't be safely done.

If anyone knows any better, please fill me in.

-Peter
1. Re:Problems with Encrypted Webmail by ehetzner · 2002-12-02 07:43 · Score: 2, Interesting
  
  You're correct, but I don't think that it necessarily has to be that much of a problem, if it is made clear that the passphrase for your key is far more important than most others. You would have to ask people to remember a long, randomly choosen passphrase. Do not give them a choice. If you get 128 bits of random data, turn it into radix 64, thats a 22 letter passphrase (upper & lowercase, plus 2 other characters). Now, perhaps not everybody could memorize that, but even if it were written down & kept secure, it would keep most people's key reasonably secure.
  
  Another solution could be to have 128 bit (22 character) key that is again encrypted by a memorized passpharse. The user could write down the key, but even if this were compromised, it would still be at least secure for long enough to generate anohter key (not public/private key) & passphrase.
2. Re:Problems with Encrypted Webmail by pete-classic · 2002-12-02 08:36 · Score: 3, Interesting
  
  Are you serious?
  
  I can barely remember my phone number. It is only 10 digits, and the first three are a gimme. I'm supposed to remember "iDclyWnIxwaJcSOWNLcj" or some junk?
  
  And this has no real impact on the trust issue. What prevents the webserver admin from having the webmail software log all incoming passphrases?
  
  I harp on this becasue if I can trust my mail admin (and you trust yours) half the battle is already won.
  
  -Peter
3. Re:Problems with Encrypted Webmail by photon317 · 2002-12-02 08:51 · Score: 4, Insightful
  
  It's worse than that. If they root the webmail server (or a little more difficult if they just get the webserver UID), they can read the SSL traffic, including your passphrase. In short the only way to have securely encrypted email is to store the private key on your own private local machine - a webmail service simply cannot gaurantee you jack.
  
  --
  11*43+456^2
4. Re:Problems with Encrypted Webmail by anthony_dipierro · 2002-12-02 09:26 · Score: 2, Interesting
  
  Not if the passphrase is only given to the java applet. Of course that's only useful if the java signing key is on a separate computer, and you've code reviewed the source code of the applet yourself before signing it.
5. Re:Problems with Encrypted Webmail by ehetzner · 2002-12-02 10:03 · Score: 2, Interesting
  
  Yes, I'm serious. Have a java applet which does enccryption on the client computer. This is what hushmail does.
  
  If you read my post, you'd realize that I suggested that a person could write down their key. I myself don't consider this much of a problem if you keep it secure on your person. Or if the key one writes down is encrypted with a passphrase which could be memorized.
6. Re:Problems with Encrypted Webmail by photon317 · 2002-12-03 03:28 · Score: 2
  
  Fucktard spelling nazi. Websters recognizes "guarantee" as well as "guaranty", which means in my typing haste I swapped the initual "ua" to "au", not a bad mistake at all, especially seeing as I don't give a shit about small grammar and spelling mistakes (see my journal). It has been my experience that the "ee" ending is used more commonly in the US. And don't bitch at me for being US-centric either, there's a US-centric population here, get used to it.
  
  --
  11*43+456^2
Web mail with i18n support - any? by bertilow · 2002-12-02 07:47 · Score: 2, Interesting

Going slightly off-topic here:

Has anyone found any web mail service that handles texts in various character encodings - notably Unicode - correctly (or at all)?

I'm really amazed how badly Hotmail et.al. handle i18n. Any message is treated as if it's in "iso-8859-1" (Latin 1, Western), and all information about the actual character encoding is just stripped off.

Correctly would of course also mean "without using HTML in e-mail messages".
1. Re:Web mail with i18n support - any? by pete-classic · 2002-12-02 08:55 · Score: 5, Informative
  
  SquirrelMail has handled this for years.
  
  It is totally paranoid about HTML email.
  
  Even comes with a bunch of translations.
  
  So, either set up your own mailserver (like a real man!) or find a provider that uses SquirrelMail. I use Fairplay Communications here in Colorado. They rock, and provide SquirrelMail. (And the only affiliation I have with them is that I am a paying customer.)
  
  SquirrelMail is where it's at. (But I am a little biased ;-)
  
  -Peter
2. Re:Web mail with i18n support - any? by pete-classic · 2002-12-02 09:48 · Score: 2
  
  Hrm. The encoding in SM works. I don't know what "brand" the wiki is, but I'll report that page on the list . . .
  
  Have no fear about SM itself, though. I believe that well over half of the SM installations out there are non-english. XS4All.nl was the "biggest" user for a long time, probably still is.
  
  -Peter
3. Re:Web mail with i18n support - any? by pete-classic · 2002-12-02 10:39 · Score: 2
  
  Bear in mind that it is a wiki . . .
  
  I don't know all the subtleties of using non-US character sets . . . but there has been a "i18n guy" making SM work with all sorts of languages for a long time.
  
  The only thing that was outstanding when I last checked (which was a while ago) was multi-byte character sets. I don't know what the status is on those.
  
  So, does it work with UTF-8? I'm not completely sure, because I'm not completely sure I'd recognize UTF-8 if I saw him on the street. But it does work with all sorts of extended western character sets, Cyrillic, and several single-byte Asian sets, whatever that means.
  
  Subscribe to the mailing list, or even go out on a limb and install it!
  
  -Peter
Re:What's the point... by Twirlip+of+the+Mists · 2002-12-02 08:08 · Score: 4, Insightful

Hey... how can the parent comment be "overrated" if it hasn't been moderated by anybody else?

Because while you can moderate up for being informative or insightful, you can't (at present) moderate down for being dumb or wrong. As long as the down-mod options are limited to troll, off-topic, flamebait, and overrated, expect to see comments that are just plain stupid moderated "overrated."

Seems to me that if there's a "+1, Informative," there ought to be a "-1, Misinformative."

--

I write in my journal
No, that would be stupid... by anthony_dipierro · 2002-12-02 08:48 · Score: 4, Informative

Webmail is for roaming. If you're roaming, then you don't trust the client. PGP is useless if you don't trust the client.

And don't say signed java applets 'cause (1) if you trust the provider's signature then just use https (I'll give you an account at inbox.org) and (2) if you don't trust the computer then you can't store your private key.
Re:What's the point... by anthony_dipierro · 2002-12-02 09:21 · Score: 2

It's a bug in the Slashdot code. CmdrTaco has said so in a Journal entry, but I can't find it.
Not just that by 0x0d0a · 2002-12-02 11:12 · Score: 2

But inexplicably, "overrated" and "underrated" are apparently immune to metamoderation (according to a friend who *hasn't* had their moderation and metamoderation privs stripped from them by Taco's bloodthirsty cabal).

I strongly agree with "Misinformative", though I think I'd change it to "Incorrect", since "Misinformative" implies an attempt to deliberately spread misinformation (like the insidious Professor Collins, for instance). "Misinformative" has a time and a place, but perhaps not serving the place of a term that simply means "wrong".

--
May we never see th
1. Re:Not just that by Twirlip+of+the+Mists · 2002-12-02 12:22 · Score: 2
  
  immune to metamoderation
  
  I wouldn't know. I haven't been asked to metamoderate since I started using this new account. I posted under a previous account for a few years, but grew sick of the user name and haven't been invited to participate in either form of moderation since. I have no idea if I'm deliberately being excluded, or if I'm just still in that "new user" phase. Don't know if there's any way to find out, either.
  
  I strongly agree with "Misinformative", though I think I'd change it to "Incorrect", since "Misinformative" implies an attempt to deliberately spread misinformation
  
  Yeah, you've got a point, but I'm not sure "incorrect" covers it either. I'd like a moderation that I could assign (in theory, if I ever were to get mod points again) to posts that are (1) wrong or (b) moot. Because sometimes a post can be technically correct, but wrong anyway because it doesn't apply to the situation at hand. The post that spawned this thread qualifies thus: it's true (transport-layer encryption [such as SSL] is less useful if other segments of the message path are unencrypted), but it doesn't apply to this discussion (we're not talking about transport-layer encryption, but rather message-layer encryption).
  
  I don't know what the right answer is, but I do know that Troll, Offtopic, Redundant, and Flamebait don't apply.
  
  --
  
  I write in my journal
Re:Replying to my own question by anthony_dipierro · 2002-12-02 12:31 · Score: 2

The reason I stated that I don't want to use Hushmail is precisely because of the need for Java. The reason I want webmail is so that I can access it from anywhere, and I don't want to have to rely on the presence of Java on the machine I happen to be using.

If you don't use java then you have to provide your webmail provider with your private key. That's not a smart idea.
IMP by Etyenne · 2002-12-02 14:24 · Score: 2

It's a software, not a service but just in case you would be interested in running your own server, I would mention that IMP have PGP/GPG support (at least, the CVS HEAD does).

--
:wq
Novell to the rescue... by rainmanjag · 2002-12-02 15:30 · Score: 2

Granted all of the problems stated with PGP over webmail, I'll pitch Novell's webmail service myrealbox.com... they're running a free implementation of their latest directory service to test and debug in a production like environment... no banner ads... web access over SSL... IMAP, POP, and SMTP access over SSL... so I use Evolution as my local client on my desktop... and when I'm away from my desktop, I read (and only in an emergency respond) to my email using the web interface...

Only downside is occasional downage for software and hardware upgrades...

-jag

--
http://starboard.flowtheory.net/
Hushmail doesn't work in Linux? by petard · 2002-12-02 18:42 · Score: 2
It may be your setup... I've had no problems at all using hushmail under Linux. My setup:
- Mozilla 1.0.1
- Sun JDK 1.4.1_01
- Red Hat 8.0
It also worked with the same Mozilla and JRE under Red Hat 7.2. It did not work under Mac OS X, but I didn't have time to see what the problem was.
--
.sig: file not found