Slashdot Mirror
Ciphire, A Transparent, Easy PGP Alternative
mixter writes "Hi. I'd like to point your attention to Ciphire, a fully free and soon-to-be-audited-OpenSource 'Global PKI' project I've been working on for the last three years. As the first three or four thousand geeks started using Ciphire and seem happy, with some tech articles written, I guess the /. community might find this interesting, too. Ciphire hopes to have solved the problems that prevented PGP from a broader deployment, with even higher security standards - as already confirmed by crypto experts Housley & Ferguson. More useful information, e.g. in Wired or in the Nerd^H^H^H^Hexperts FAQ."
From their pages: "Ciphire Mail will always be free for private users, non-profit organizations, educational institutions, and the press".
Its actually pretty simple. I figured it out just reading the "automatically" but I'll break it down for you. Directly from their website:
"The Ciphire Mail client resides on the user's computer between the email client and the email server, intercepting, encrypting, decrypting, signing, and authenticating email communication. During normal operation, all operations are performed in the background, making it very easy to use even for non-technical users."
I shouldn't have to explain it any further than that here on Slashdot. Thats in the first paragraph of the Technical Explanation of how it works. Later on it lists:
"The Ciphire Mail client consists of three parts: the core client, a graphical configuration interface, and mail connector modules (redirector). Supported email protocols include SMTP, POP3, and IMAP4. The STARTTLS and direct SSL/TLS variants of these protocols are supported as well."
For anyone that didn't get the gist - it basically redirects your mail to its own "server process" sitting on your computer then sends it out to the normal SMTP server. This is using the same technology that the current Mail virus scanners use (Think Symantec), not new technology, just used in a different way.
On the reverse end, the "server" checks the mail and hands it to the email client making everything secure in between.
Pretty simple way of getting Jane and Jon Doe with OE to use it if you ask me. Granted, it needs to be installed by Admin on proper machines, but that shouldn't be too much of an issue for any company that would like to secure their email - especially if you explain and show your network admins that email is USUALLY a plain text security nightmare.
http://www.ietf.org/rfc/rfc2440.txt
Now before I get modded down, I be to remind whoever might read this that what I am saying is FACT. - bogaboga
2. LICENSE GRANT
(a) Subject to all of the terms and conditions set forth in this Agreement, Licensor grants to Licensee a non-exclusive, personal, non-transferable, non-sublicensable right, during the term of this Agreement, to use the Software, and the Services solely for Licensee's own Personal Use and in accordance with the applicable documentation and instructions made available by Licensor.
(b) In no event shall Licensee distribute, display, or otherwise make available to any third party, the Software (including any copy, portion, extract, or derivative thereof).
(c) Licensee shall not, and shall not assist, enable or otherwise permit or allow any third party to, (i) alter, adapt, modify, translate, create derivative works of, (ii) except to the extent expressly permitted by mandatory applicable law notwithstanding an agreement to the contrary, decompile, disassemble or otherwise reverse engineer or attempt to derive the source code of, or any technical data, know-how, trade secrets, processes, techniques, specifications, protocols, Key and data-formats, methods, algorithms, interfaces, ideas, solutions, structures or other information embedded or used in, (iii) rent, lend, loan, lease, sell, distribute or sublicense, or (iv) remove, alter or obscure any proprietary or restrictive notices affixed to or contained in, the Software or any copy, portion, extract or derivative thereof. In addition, Licensee shall not provide, disclose or otherwise make available the Software or any copy, portion, extract or derivative thereof, or permit use of any of the foregoing by or for the benefit of any third party (including, without limitation, on a hosting, service-bureau, time-sharing or subscription service basis).
(d) The Software is licensed as a single product package and Licensee shall not, and shall not assist, enable or otherwise permit or allow any third party to, separate the Software, or use any component parts thereof other than as part of the Software as and in the form provided by Licensor.
(e) Licensee shall not use the Software other than in connection with the Key-Data and the Services provided by Licensor under this Agreement.
https://www.ciphirebeta.com/about/eula.html
"Getting GPG to work on windows requires Cygwin, which is a pain in the ass. If it doesn't work *transparently* on Windows, there'll never be a critical mass of people using it."
This is patently untrue. I downloaded the windows binaries from gnupg.org and followed the directions on enigmail.mozdev.org and had my dad encrypting email in about 15 mins. No cygwin required.
The biggest problem we encountered was his windows clock wasn't sync'd to a time server, and I had to wait to import his key because it had been created in "the future".
Well, according to their cryptographic functions page, they are using SHA-256 and Whirlpool-512 hashing.