Encrypt and Sign Gmail messages with FireGPG

Linux.com (Same owners as Slashdot) has a story up about FireGPG and says "Gmail may be an excellent Web-based email application, but there is no easy way to use it with privacy tools like GnuPG. The FireGPG extension for Firefox is designed to solve this problem. It integrates nicely into Gmail's interface and allows you...
Encrypt and sign Gmail messages with FireGPG

Nerds with something to hide

I don't understand this fascination with encryption. Why do people use it. Is it because you're hiding something illegal? It's kiddie porn isn't it? Be honest!

Re:Nerds with something to hide

[Stormx2]

Okay, who modded you funny? I find myself hoping heaven and hell do exist when I see comments like that; you'd inhabit the latter.

Re:Nerds with something to hide

[morgan_greywolf]

I don't understand this fascination with encryption. Why do people use it. Is it because you're hiding something illegal? It's kiddie porn isn't it? Be honest!

Nope. It's secret terrorist plots to overthrow the tyrannical American Government!

Oh, wait! I wasn't supposed to say that, was I?

Re:Nerds with something to hide

[fluch]

It is just that I don't want anybody to intrude my privacy. Do you close the envelope of a regular snail-mail letter? If so, do YOU have something to hide??

Re:Nerds with something to hide

[Kadin2048]

It is just that I don't want anybody to intrude my privacy. Do you close the envelope of a regular snail-mail letter? If so, do YOU have something to hide??

YHBT, I think ... (Though admittedly, it hasn't been moderated as such, yet.)

Re:Nerds with something to hide

[joe_cot]

I don't actually use it for encryption; I use it for verification.

Besides encryption, GPG also allows you to sign messages, ensuring that the message is indeed from you, and hasn't been modified after you've signed it. In the Ubuntu Community, this is important for a) verifying messages from developers are real, b) verifying that uploaded packages were created by trusted developers, c) verifying signatures (such as signing the code of conduct).

While FireGPG is useful, it's not so useful for signing messages; gmail auto-wordwraps messages after you send them, and FireGPG doesn't take that into account. Therefore, unless you wordwrap it yourself, gmail's going to add line breaks, and your signature will be invalid. When I need to sign messages, I either word wrap myself so that gmail doesn't, or send it through Thunderbird using Enigmail.

Re:Nerds with something to hide

[SCHecklerX]

You are forgetting about authentication. Email is trivial to spoof. If you *always* sign your messages, then when some asshat, say, decides to send an explicitly detailed nastygram to your boss from 'you', it is easy to prove otherwise...

Or maybe from your secret lover, etc. You get the picture.

Re:Nerds with something to hide

[kie]

It's not just about encrypting messages,

another use for this is for signing your messages
so that the receiver can be more certain that it was sent by you.

if you are using a local email client:
creating your keys and publishing them is as easy on linux as
$ gpg --gen-key
$ gpg --send-key XXXXXXXX

and don't forget a revocation key
$ gpg --output revoke.asc --gen-revoke XXXXXXXX

Re:Nerds with something to hide

[brunascle]

perhaps because i'd like to send an email from work to my GF with something like "hey wanna fuck tonight?" and i'm not particularly keen on the network guys reading that.

Re:Nerds with something to hide

[kevin_conaway]

Do you close the envelope of a regular snail-mail letter? If so, do YOU have something to hide??

I'm more concerned about the letter (or worse, a check) falling out.

Re:Nerds with something to hide

[daeg]

Clever. Hiding your kiddie porn encoded in anarchist rants! I'm onto you, buddy!

Re:Nerds with something to hide

A number of people have responded with the assertion that, more than encryption, signing is what they use GPG for. It begs the question of whether that might be a nice feature for google to include in gmail. Offer it as an option to sign all your emails. That shouldn't be a problem for the indexing aspect of their business that supports the free email since the message is still in clear text.

Re:Nerds with something to hide

[toleraen]

I generally close the envelope of snail mail so the mail doesn't fall out.

I use security envelopes to obscure the contents of my mail. You probably would want to use that as an analogy instead.

Re:Nerds with something to hide

So if you "always" sign your messages, then you can tell off anyone you want as long as you don't sign it. Brilliant!

Re:Nerds with something to hide

[aussie_a]

Do you close the envelope of a regular snail-mail letter? If so, do YOU have something to hide?? No, I simply want to ensure it goes to the correct receiver (which if it fell out, wouldn't happen). I would put it on a postcard but it was simply too long. Next straw man!

Re:Nerds with something to hide

[aussie_a]

Perhaps you should be working at work, instead of planning sex? I'm sorry, but that's simply the most ridiculous reason I've seen for encrypting mail. People are certainly welcome to do it without being accused of peddling in child pornography (something the OP doesn't understand), but that's a ridiculous reason to encrypt it.

Re:Nerds with something to hide

[99BottlesOfBeerInMyF]

No, I simply want to ensure it goes to the correct receiver (which if it fell out, wouldn't happen).

Here's a tip for you. Use a piece of tape to hold the pages of the letter shut. Write the address on the back, and add a stamp. You just saved the cost of an envelope.

Re:Nerds with something to hide

Hm. Wanting to overthrow the tyrannical American Government is not necessarily being against Government in general - "Anarchist" is a bit of a stretch (I know, way to kill the humour, but it annoyed me).

Re:Nerds with something to hide

Who exactly was worried about the cost of an envelope?

Re:Nerds with something to hide

[644bd346996]

Not all imperfect analogies are straw man attacks.

I highly doubt that, every time you mail something in an envelope, you consciously think about the possibility of the mail falling out if you didn't seal it. Also, with most envelopes, you can simply tuck the flap in and it will be secure enough that the contents won't fall out.

Re:Nerds with something to hide

[Rob+T+Firefly]

This is your boss. The network guys tell me you've just used the Company's network to write "hey wanna fuck tonight?" on a public website. You're fired.

Re:Nerds with something to hide

[iago-vL]

Or maybe from your secret lover, etc. You get the picture.

It's that Cathy, isn't it? She's always trying to break up Alice and Bob!

Re:Nerds with something to hide

[XrayCharlie]

I use FireGPG along with It's All Text! plugin, which I can edit a textfield with an external editor such as Vim. Vim handles wordwrap for me. The only problem I have is that Gmail automatically makes links for URLs or email addresses, which breaks the signature.

Re:Nerds with something to hide

So if I'll sell you envelopes that stay closed by some mechanism that is easily, unnoticeably opened and re-closed at a price that is substantially lower than that of the adhesive-using ones, will you buy and use them?

Re:Nerds with something to hide

There's always http://www.rot13.com/ ;)

Re:Nerds with something to hide

Or maybe from your secret lover, etc. You get the picture. Not yet. Which of my accounts did you send it to?

Re:Nerds with something to hide

Unless "Rob T Firefly" is his (brunascle) boss, I don't think that comment should be moderated as "Informative".

Or maybe the moderator was just being funny.

Re:Nerds with something to hide

[ChrisMounce]

Anonymous Coward is hoping to make a fortune on Patent #53892647956403765437856348756438756487563, "Method for tucking the flap inside the envelope".

Re:Nerds with something to hide

The metamods'll get it.

Re:Nerds with something to hide

[Agelmar]

Not to be too nit-picky, but usually when talking about encryption, the parties are Alice and Bob (the two legitimate users), and Eve (the person who is either 'evil' or 'eavesdropping'). I don't think I've ever heard 'Cathy' used as one of the parties...

Re:Nerds with something to hide

[Critical+Facilities]

Methinks thou dost protest too much. In other words, you may want to calm down a bit, you're sounding a little anxious (or jealous?).

Re:Nerds with something to hide

[ndogg]

http://xkcd.com/c177.html

As always, XKCD is so relevent, it's not even funny, except it is, and so are chair dancing on the heads of penguins.

Re:Nerds with something to hide

[cr_nucleus]

You are forgetting about authentication. Email is trivial to spoof. If you *always* sign your messages, then when some asshat, say, decides to send an explicitly detailed nastygram to your boss from 'you', it is easy to prove otherwise...

The only thing signed mails will do is prove that you are the actual sender, it does NOT prove that you're not the sender of an unsigned message.

I don't think there's any way to prove you didn't send an email, except maybe if someone else signed it with a private key...

Re:Nerds with something to hide

[marimbaman]

The third participant in the conversation is usually Carol.

Re:Nerds with something to hide

[Tarquin+Sidebottom]

Unfortunately wrap, htmlization and all that marlaky is a general problem when it comes to signing via web interfaces, be it gmail or some generic php webforum. I came across the same issue when I made a few comments in relation to the now stillborn EnigWeb project.

Perhaps it's time for a GPG-wide standard for 'verification-lite', aimed at web-traffic. The idea being to trade a small amount of security for method robustness. Rather than signing a bit-for-bit copy, sign a version where anything other than the main visible characters are ignored. New lines, carriage returns, tabs, multiple consecutive spaces, rare symbols that might by mangled by php scripts: all are ignored. So rather singing:

The cat sat on
the mat.

, you sign instead: 'Thecatsatonthemat.'.

Obviously, greater minds than mine need to sit down and assess the pros, cons and risks (more freedom to try and create collisions), but it strikes me as an idea worth considering.

Re:Nerds with something to hide

[semiotec]

then just write the address and add the stamp on the letter/cheque itself, don't bother with the envelope. You can saves trees at the same time!

Re:Nerds with something to hide

I can assure you that there is no prior art for my envelope flap-tucking apparatus.

Re:Nerds with something to hide

Oh, and two more things... "Tuck the flap inside the envelope??? Brilliant!!!!" And say "flap-tucking" 5 times fast.

Re:Nerds with something to hide

[Kenyon]

http://begthequestion.info/

Re:Nerds with something to hide

[Iron+Condor]

You're trolling, but here's the answer to your question:

Nerds are boring. So boring that it brings tears to your eyes. They understand that. They know exactly how mind-bogglingly mundane they are. So they'd like to have "encryption" and "privacy" and all that because they don't want any outsiders to know just how boring they are.

For example the dude who posted the "example" of sending an email to his "girlfriend" -- of course he doesn't have a girlfriend; his private emails are to his nerd-friends and talking about the "mad D&D session" they're planning for the weekend but he thinks he can get away with pretending to have a girlfriend if he has occasional clandestine communication. Even if it's only with his own secondary email account.

Most guys wear pants for the same reason most chicks wear bras: not because they have anything worth mantioning to hide, but because they're ashamed of the fact that they don't.

Re:Nerds with something to hide

[fluch]

Actually in Germany we have very, very strict rules under which circumstances a letter may be opened and read. Recently we had a scandal cause the sanctity of mail was badly broken.

I for myself close the envelop -- beside the obvious reason to prevent things to fall out -- because it is a private message from me to the recipient. It is just plain as simple as this: the content of the letter is of no concern to the state and any authority. That is why I close the envelope and that is why the law (at least here in Germany) has very, very strict rules about breaking the sanctity of mail.

When I send a e-mail it is in principle also covered by the same law, but in practice it is much easier to get to it. If I encrypt my data it because I want it to be private. And that is a right I have.

Re:Nerds with something to hide

[Old+Benjamin]

Yeah, except when I'm sending money or something.

Re:Nerds with something to hide

[Ambush+Commander]

Basically, yes. Although I don't see why you'd tell off someone from your email address, I'd spoof my mortal enemy Bob's email.

Re:Nerds with something to hide

[Achromatic1978]

I'd think it's a sad commentary on your relationship that you have to plan sex in advance like that.

And do go making out like it'd be some big special occasion, all romantic and candlelit either, that might warrant foreplanning, after all, it was "wanna fuck", not some rose scented invitation.

Re:Nerds with something to hide

[cammoblammo]

The third participant in the conversation is usually Carol. That's what she wants you to think. If Carol signed her messages Cathy would find spoofing her address much harder.

Re:Nerds with something to hide

[Agelmar]

The third "good" participant is usually Carol, yes. However, the "attacker" is typically "Eve", even if there is no Carol or Dave. The grandparent was talking about a third person wanting to interfere with the affairs of Alice and Bob (split them up), hence this third person is an attacker and not a "good person", hence "Eve" is more appropriate than "Carol".

Suprisingly, Wikipedia actually has an article on Alice/Bob/Eve:

http://en.wikipedia.org/wiki/Alice_and_Bob

Re:Nerds with something to hide

[brunascle]

hey guess what? fuck you.

The Fascination with Encryption

[Ian+McBeth]

For me, I just like to use it, to make people think I am doing something.
Keeps the snoops on their toes.

Re:The Fascination with Encryption

[Bromskloss]

For me, I just like to use it, to make people think I am doing something. Keeps the snoops on their toes.

I keep them on their toes by acting completely normal, having them looking for steganography.

Re:The Fascination with Encryption

[jimstapleton]

I only use one-time use pads when sending my emails. It keeps them busy and unable to decrypt the emails!

Re:The Fascination with Encryption

[ch-chuck]

The old joke is about a scanner buff, his small town police department started scrambling their voice transmissions, using a simple frequency inversion scheme. Now he was really intriqued so he bought a descrambler to listen in. The first thing he heard on the scrambled channel was, "Yeah Lenny, make mine a ham and swiss on rye, no mayo. And don't forget the doughnuts".

Re:The Fascination with Encryption

[Alzheimers]

The only problem being is that with a carefully formed seed, they can make your encrypted message "Decrypt" into anything they want.

Re:The Fascination with Encryption

[Bromskloss]

Well, have you found the hidden message in the parent post yet?

Re:The Fascination with Encryption

[Pippinjack]

No...

Re:The Fascination with Encryption

[UbuntuDupe]

Actually, I heard that one old prank was to send postcards back and forth between major cities with simple, but cryptic sounding statements. For example:

"The birds rise at sundown. Where are the minnows?"
"All is well, north of the river."

Supposedly, the government would see them and get suspicious, thinking they were coded messages.

I've also wondered: why doesn't someone test whether the government is reading emails? For example, have some guys plot an imaginary terrorist attack via unencrypted email and see if they get questioned. Leave physical corroborating evidence in case they follow up. (Make sure to document with several third parties first, so you can prove it's an experiment.)

Re:The Fascination with Encryption

[u8i9o0]

I keep them on their toes by acting completely normal, having them looking for steganography.

Well, have you found the hidden message in the parent post yet?

Sorry, there is no hidden message.
1. You noted that you use encryption when acting normal.
2. However, you were posting on /. which has been established (quite conclusively) as abnormal behavior.
3. Since you were not "acting completely normal", it is obvious that you were not employing any encryption scheme.
4. :)
5. Profit!

Re:The Fascination with Encryption

[clem]

How about a hint -- does it have anything to do with that strange illegible text in your sig?

Re:The Fascination with Encryption

[canajin56]

Here is why you don't do that: Because why wouldn't a terrorist leave corroborating evidence lying around proving it was all just a test to psych the government out, so they can be let go? While they are interviewing your "third parties" you are being beaten half to death, electrocuted, water boarded, and raped. IF, and its a huge, colossally massive if, they ever EVER believe you that you were just kidding about bombing NY with a dirty bomb, they will testify that you cannot be released since after your brutal torture you probably are now a terrorist even through you weren't before. Plus you can't exactly be let go since the torture techniques are classified information and you might leak them. Just like Jose Padilla. First he HAD a dirty bomb, then he was building one, then he was thinking about it, then he knew somebody who was thinking about it, then nothing...but they have ruled he can NEVER face trial, and can NEVER be released. Their reasoning is their "interrogation techniques" have irreversibly damaged him mentally, so he's too unstable to stand trial. But these "interrogation techniques" are highly classified matters of national security, so he can never ever be allowed to talk to anybody in case he tells them what they did to him (especially not a lawyer). And that would be you. Now remember, he _WAS_ a citizen, and there was no evidence against him. Still tortured and given a life sentence without the possibility of a trial. What fucking chance do you think you have if there IS evidence against you? Well you might have white skin so you just may have some kind of chance.

Re:The Fascination with Encryption

[MyOtherUIDis3digits]

Man, I miss the days when a post like that would have made me laugh and I would have called you a loon...

Re:The Fascination with Encryption

[Warg!+The+Orcs!!]

My wife uses one-time pads but I wouldn't send them in the mail.

Re:The Fascination with Encryption

[Magic+Fingers]

Steganography is the key to success, even Osama bin Laden uses it http://www.wired.com/politics/law/news/2001/02/416 58

Re:The Fascination with Encryption

[FutureDomain]

If you have Emacs, the "spook" program will insert a block of text with "suspicious" words in the bottom of your document. The idea is to make the government flag you email and have some government official read your entire boring email to make sure that you're not a terrorist. The benefit of it is that it's obviously a joke and you don't have to spend a few years in jail over it.

Re:The Fascination with Encryption

I use one time pads when I'm menstruating.

Re:The Fascination with Encryption

[alexo]

Source?

Re:The Fascination with Encryption

I've also wondered: why doesn't someone test whether the government is reading emails?

I work for a regional ISP and I have no need to test, I installed the box myself. And, yes, it is a black box with just a lock on the front, two power cords and three network cables. (Pass-through and access?)

Re:The Fascination with Encryption

An old Arab man lived alone in Idaho . He wanted to spade his potato garden, but it was very hard
work. His only son, Abdul, who used to help him, was being held by the FBI for aiding and abetting
terrorists. The old man wrote a letter to his son and described his predicament.

  Dear Abdul,

  I am feeling pretty bad because it looks like I won't able able to plant my potato garden this
year. I'm just getting too old to be digging up a garden plot. If you were here, all my troubles
would be over. I know you would dig the plot for me.

  Your Dad,
Mohammad.

  A few days later he received a letter from his son.

  Dear Dad,
For heaven's sake, don't dig up that garden, that's where I buried the biological weapons.

  Love,
Abdul.

  At 4 a.m. the next morning, F.B.I. agents and local police showed up and dug up the entire area
without finding any weapons. They apologized to the old man and left. That same day the old man
received another letter from his son.

  Dear Dad,
Go ahead and plant the potatoes now. That's the best I could do under the circumstances.

  Love Abdul.

Re:The Fascination with Encryption

[swillden]

It should be noted that Jose Padilla is being tried before a federal court, and that the findings of mental incompetence were made by two psychiatrists hired by the defense. The situation is an utter travesty, but it doesn't help to exaggerate it.

Re:The Fascination with Encryption

I've spent years developing an immunity to Iocaine powder!

Re:The Fascination with Encryption

If you aren't in the USA there isn't really much that your idiotic government could do.

And for the chat

[DrYak]

And if want PGP encryption for chat (Gmail's associated GTalk or any other protocol like MSN, etc.) there is Pidgin (formely Gaim) with plugins :

• Etiher Pidgin Encrypt (formely Gaim Encryption)
• Or OTR

Re:And for the chat

[stinerman]

Note that OTR is "better". From the OTR site:

How is this different from the gaim-encryption plugin?
        The gaim-encryption plugin provides encryption and authentication, but not deniability or perfect forward secrecy. If an attacker or a virus gets access to your machine, all of your past gaim-encryption conversations are retroactively compromised. Further, since all of the messages are digitally signed, there is difficult-to-deny proof that you said what you did: not what we want for a supposedly private conversation!

Re:And for the chat

[kestasjk]

Deniability? Isn't this one of the main things encryption is supposed to make difficult?

Re:And for the chat

Well in traditional crypto/signature schemes, having a provable relation between a specific message and specific sender is a desired attribute. While there are certainly situations where you would like to verify the identity of the person to which you are chatting (wife/girlfriend/boss/etc), it appears that is not one of the wanted 'features' of this encryption protocol. Forward and backward secrecy would certainly be something most would consider useful, however.

Re:And for the chat

[I.+C.+Wiener]

Note however that pidgin-otr saves messages it receives through an OTR-secured channel in clear by default!

Re:And for the chat

[Threni]

> Deniability? Isn't this one of the main things encryption is supposed to make difficult?

No. You're thinking of `downloading` - one of the main things any source-forge style system is supposed to make difficult. Under NO circumstances should you offer a link which you click once to receive and executable. You MUST have to register with your email address and agree to terms and conditions and then try and find the executable - not the source, resource files, the forum etc - but the program you just signed up for the sole reason of downloading.

Deniability is handy for denying that what the pigs have found on your computer is an encrypted file. It's supposed to look like any piece of random data used by encryption systems.

Re:And for the chat

[Kjella]

No. You're thinking of `downloading` - one of the main things any source-forge style system is supposed to make difficult. Under NO circumstances should you offer a link which you click once to receive and executable. You MUST have to register with your email address and agree to terms and conditions and then try and find the executable - not the source, resource files, the forum etc - but the program you just signed up for the sole reason of downloading.

Well, that qualifies for a -1, troll since I've never signed up to download anything from SF.

Deniability is handy for denying that what the pigs have found on your computer is an encrypted file. It's supposed to look like any piece of random data used by encryption systems.

And this one I can't tell is clueless or trolling again. What this is about is that the other plugin doesn't negotiate a throw-away session key, so that the session can't be replayed later. You're thinking of steganography - hiding encrypted data. However, in this case there's no reason to store anything, unless you're storing an encrypted log. There's two separate issues here: If you are a party to the conversation, you want non-deniability about what the other party said. But both want deniability to third parties on what was said or not, unless they choose to keep a record of it.

Re:And for the chat

[cnj]

The problem with GAIM and its encryption plug-ins are that they pretty-much only work with GAIM, and then only if you're using the same plug-in.

While the GAIM developers indicated a desire to work with Trillian when it was the only major encrypted-im game in town, I don't know why "they" don't implement a standard now, either de jure (JEP-0116, which admittedly isn't finalized) or more realistically at this point in time, de facto (as referenced in this message and used by several Jabber clients--e.g. Psi, Tkabber; even multi-protocol centericq and Kopete).

I haven't been following Pidgin development, so I don't know how easy it is to have a plug-in work for just one protocol, but the GAIM-only encryption methods seem counter-productive.

Re:And for the chat

[fwr]

It's called nonrepudiation, and yes it is usually a desired if not required feature of public key encryption. There have been some recent issues with in-the-clear messages that are signed with a private key in that the hash algorithm used (MD5 and/or SHA-128) have particular known weaknesses. If you sign a message/file like a PDF that can contain comments that are usually not shown in a viewer then someone could possible add in comments with the appropriate "garbage" text that would make a modified message produce the same hash key. However, for encrypted messages this has not been shown to be as big of a deal, that I'm aware of, because you'd not only have to decrypt the message in order to edit it you'd also have to be able to re-encrypt the message with the necessary added junk bytes required in order to produce the same hash.

In any case, NIST sent out a notice and request for comments for the development and/or selection of a new, more secure, hash. You'll probably see it out in products in 5 years or so, as most hardware-acceleration gear out there is specifically designed for MD5/SHA-128. Just as a lot of people had to replace crypto hardware when AES was developled as the replacement of DES, you will likely see a similar upgrade required in the future for a new hash algorithm.

For normal encryption protocols to work correctly nonrepudiation is required. Otherwise it would be easy to launch man-in-the-middle attacks. This particular protocol, from what I gather from other posts, has things confused. They seem to desire the ability to identify the other end, and supposedly encrypt the sessions, yet have no mechanism for nonrepudiation. So the only comparison I could make would be sending a "signed" message in the clear without the critical hash of the plaintext message. So you'd send the message and attach your signature but anyone could modify the message en-route.

I think people are confusing the encryption protocol with the application program. I'd hazard to guess that there is nonrepudiation in the actual encryption protocol being used. However, it sounds like the application program stores logs of the unencrypted messages in plaintext on the hard drive. The messages are, at that point, out of the scope of an encryption protocol. How messages are handled may be part of an encryption standard, but not really a single encryption protocol. If unencrypted messages are stored in plaintext someone could steal or break into your computer and put all kinds of incriminating material in your logs. Since they are not signed there is no way you could repudiate the contents, which you would want to be able to do if they were faked. I could also edit the stored messages myself and make it look like you sent me anything I desired, even something that would incriminate you and shift the blame from me, which you would certainly want to repudiate.

For a proper encryption standard, something which encompasses more than just the transmission of messages between two endpoints and may address other issues such as message storage, the messages should be stored in encrypted format, and/or at least including the sender's original hash signed with their private key. This way someone that sent you a message would not be able to deny the contents of that message, which you would want if say you were sent a threatening message or something similar.

For those thinking of privacy and dissidents, etc, nonrepudiation would also be something that people would want. Say you were part of a secret organization that was working to overthrow some fictional evil government. If you had a mole in your group you wouldn't want them to be able to deny that they sent particular messages to their contact. Or, you wouldn't want them to deny that they received particular messages, saying that you just planted them there yourself because you are the mole.

Re:And for the chat

And if you want PGP for HTTP, there is Enigform

Re:And for the chat

[cayenne8]

"Well in traditional crypto/signature schemes, having a provable relation between a specific message and specific sender is a desired attribute. While there are certainly situations where you would like to verify the identity of the person to which you are chatting (wife/girlfriend/boss/etc), it appears that is not one of the wanted 'features' of this encryption protocol. Forward and backward secrecy would certainly be something most would consider useful, however."

Well, you want to make sure it IS from the person you think it is, but, that doesn't mean you have to know who the person IS in real life.

It would be cool if these email plugins would help make it easy to register and use the nym servers. This way you could set up an email address on each end. PGP sigs can be used, but, there is plausible denyability as to who really is at each end of the email.

Of course if you're really worried about tracability, then set up a nym account to send out on, but, on return messages...just have it post encrypted to one of many USENET groups. You then really have a disconnect 'cause there's no good way to monitor around the world who gets what messages of USENET.

Re:And for the chat

[Threni]

> You're thinking of steganography - hiding encrypted data.

No, because the fact that something is hidden doesn't mean you can deny its existance once discovered. If you had a stream of random numbers and you use them to hide a message using a one time pad, it's utterly deniable because you cannot prove there's a message there - you can recover any `message` you like from it, given the appropriate `random` data to xor it with.

Re:And for the chat

Actually, OTR provides nonrepudiation while the conversation is ongoing. It uses a little crypto trick to verify the identity of the other person when the session is started and the session keys are negotiated, but then it doesn't sign the messages with a specific person's private key. They are still hashed and encrypted in a way that would make MitM attacks infeasible, but either party could have written them. It's a bit like IPSec in that the asymmetric, person-specific keys are used to negotiate symmetric keys for the actual data exchange.

The way PGP and such provide nonrepudiation is by performing a whole new asymmetric key exchange for each and every message. It's entirely unidirectional and self-contained. Sort of like TCP versus UDP. IPSec and OTR require a handshake before you can talk. PGP doesn't.

Re:And for the chat

[kayditty]

I like neither Pidgin Encrypt nor Pidgin OTR. Both are messy and limiting. You can't send large bodies of text with OTR, for instance. Out of band communication is best -- just run a VPN or ssh tunnel between you and whomever you wish to talk; it's better that way.

I wouldn't think google would like this

[kentmartin]

I thought their business model worked on the idea that they could datamine all your email and (among other things) offer you targeted email based on the content therein... this'll screw with that idea...

"BUY jjhHDJEy6786ERLKLXhdfeprERIOUPewoenOIhgshgrgeyrew now for a low price on Ebay.co.uk"

Re:I wouldn't think google would like this

[mulvane]

Google is in bed with NSA and has tools to decrypt all these emails on the fly. Might surprise you when you get child porn adverts when all your child porn email was encrypted to I bet.

Re:I wouldn't think google would like this

[morgan_greywolf]

Nah, they'll just start sending 'Soldier of Fortune Magazine'-type ads at you.

Re:I wouldn't think google would like this

[CreatureComfort]

So... you are saying that the NSA has the ability and desire to break every ElGamel 2048-bit length encrypted message it captures with Echelon? I've seen too much of government from the inside to think that any agency operates as well as the NSA FUD would have us believe. Especially when you realize it is far easier and cheaper to make your enemies believe you have super powers than it is to actually develop those super powers, completely in-house with no outside knowledge or help.

Re:I wouldn't think google would like this

[mulvane]

Damn, I knew I forgot something in my post... Really need a comment type selector where one can choose "sarcasm" as a post category. :-)

Re:I wouldn't think google would like this

[blueZhift]

Interesting question, because datamining email to target ads is exactly what Google said they wanted to do when gmail got started. Since encrypted mail would make this impossible, I wonder if they'll take actions to stop the use of encryption tools with gmail. On the other hand, as it stands, unless they offer such tools themselves, I don't see most users encrypting their gmail anytime soon. So the losses may be acceptable to Google.

Re:I wouldn't think google would like this

[morgan_greywolf]

Gmail supports retrieval of mail via POP3 for free. So there's nothing to stop someone from using GPG and similar support already included in or available for a wide variety of e-mail clients such as Outlook, Thunderbird, Evolution, Eudora, etc.

Re:I wouldn't think google would like this

[Threni]

> I've seen too much of government from the inside to think that any agency operates as well as the NSA FUD would have us believe.

You can read either of James Bamford's books about the NSA if you want to know how much money they get, and how powerful their computers are - Puzzle Palace and Body Of Secrets.

If you live in the US or a country aligned to the US they'll get your passwords and just soak up your encrypted emails as and when they see fit.

Altered for slashdot

[LiquidCoooled]

-----BEGIN PGP MESSAGE-----
Version: GNUPG v0.4.0 (GNU/Linux)
Comment: Wonderful
ewurnfi3u834j9few4jf9oewfqvi7y&H*&HAwr8hw78er7hfw8 f7hh4839h47f7e
wf8943f89jw3r8j9fesajaejro5gvl;rhyklyfp[ult0h43jg8 394g84953jgf84
fnw98efj89324rtuerjgeiorgtjerilgtjireogniregunreng erniguiregt980
werj
-----END PGP MESSAGE-----

I have nothing more to add

Re:Altered for slashdot

[kypper]

You want me to do what with hot grits?

Re:Altered for slashdot

[iago-vL]

What? How dare you!? My mother was a saint!

But seriously, is it a bad thing that I can identify something as not being actual base64 the instant you look at it?

Re:Altered for slashdot

[ady1]

eitheryourencryptionhasbeencomrpmisedorisuddenlybe engrantedtheabilitytodecryptmessagesinsidemyhead

Re:Altered for slashdot

[MyOtherUIDis3digits]

But seriously, is it a bad thing that I can identify something as not being actual base64 the instant you look at it?

If you can tell that the instant I look at it, that's pretting fscking amazing!

Does not this break GMAIL's business model?

[mi]

I thought, their ability to automatically parse the messages — so as to show users the relevant advertisements, was the reason, I am getting an unlimited mailbox with nice interface for free.

If all/most of my messages are encrypted, how will they know, what to peddle to me? Can't do much on Subjects alone... Or can they?

Re:Does not this break GMAIL's business model?

[$RANDOMLUSER]

If all/most of my messages are encrypted, how will they know, what to peddle to me?

Aluminum foil. Survival equipment. Wellbutrin.

Re:Does not this break GMAIL's business model?

show users the relevant advertisements, was the reason, Show advertisements, among other things which generate revenue. However, even restricted to just the advertisement segment, I doubt the business model will be disrupted by showing slightly less relevant ads (which are merely based on associative data of the non-GPG'ed communications of your identified social network) to less than 1% of users who might possibly use GPG all the time.

Lesson? You are not the center of the universe, but float in a sea of fools.

Re:Does not this break GMAIL's business model?

[Ronin+SpoilSpot]

I read all my gmail accounts using POP/SMTP in a real mail program, so I don't see any advertising anyway. Won't make a difference. Except if they try to figure out trends by actually keeping statistics on the content of e-mails going through their system.
Hmm, maybe that's the reason I need to start using encryption.
That, and to annoy the NSA of course. /RS 'M-x spook'

Re:Does not this break GMAIL's business model?

[Threni]

> I thought, their ability to automatically parse the messages -- so as to show users the relevant advertisements, was the reason, I
> am getting an unlimited mailbox with nice interface for free.

Yeah, just wait until Google discover some people are using the POP3 access to Gmail to access their Gmail via POP3...

Re:Does not this break GMAIL's business model?

Aluminum foil.

You need tin foil to make the hats - mind control rays pass right through aluminum!!! Don't you ever wonder why everyone still talks about "tin foil" even though all you can buy on store shelves nowadays is aluminum? It's because They don't want you to notice the switch!!!

Survival equipment.

Sure, if you want a compass that's got the New World Order's tracking devices already installed. I make my own survival equipment.

Wellbutrin.

You see how well my encryption has kept me under your radar? Don't you feel foolish trying to sell me anti-depressants, when I'm in my MANIC phase right now!?! Ha ha ha!

Re:Does not this break GMAIL's business model?

[ephedream]

they could probably infer based on the sender at least what kind of correspondence it is (ebay, facebook, a company, a friend... etc.)

Re:Does not this break GMAIL's business model?

They use the folder name to target ads - every time I look in the SPAM folder I get ads for recipes using SPAM potted meat product.

Or you can use an actual mail client

[Magus2501]

I use the pop3 support in gmail and have Thunderbird handle everything (via enigmail extension). Also works with Kmail (which integrates spamassassin and clamav nicely). Besides, I usually use Konqueror or Lynx.

Re:Or you can use an actual mail client

[Enoxice]

Psh, Lynx. Get with the times, man, everyone is using links2 (perhaps links2 -g if they want to be on the bleeding edge).

Re:Or you can use an actual mail client

[Magus2501]

I always considered the two equivalent, but it seems I was wrong. Thanks for the heads-up!

Signing has issues still

FireGPG still has issues with signed messages via GMail at the moment -- GMail's formatter likes to strip off or replace certain types of whitespace, regardless of if you're in plaintext or HTML mode; the authors know about it and there are several threads on their forums relating to this issue, but it doesn't look like there's an easy fix for it.

Point & Click Encryption?

[RubberChainsaw]

This extension seems very cool, and I plan to try it out when I get home. When I first read the summary I thought to myself, "A firefox extension and gmail, how much simpler could it get!" But, unfortunately this is not point & click encryption. It requires an additional external program (GnuPG) to function. Even this small, relatively trivial step is too much for beginning to average computer users. Encrypted email is great and all, but I can only send it to other people with encryption-enabled email clients.

Where is the it-just-works email encrytion for dummies?

Re:Point & Click Encryption?

[LiquidCoooled]

When I want to totally encrypt an email I just plug in my DVORAK keyboard, put on a blindfold and type as usual.

Re:Point & Click Encryption?

[UbuntuDupe]

Where is the it-just-works email encrytion for dummies?

I don't know, but it seems really ... odd to me that:

1) Geeks really want such encryption to take off.
2) It shouldn't be that hard to implement.
3) Governments really, really, really don't want this to happen. (i.e. that everyone can efforlessly encrypt this well)

Is 3) or 1) working against 2)?

Re:Point & Click Encryption?

[Kadin2048]

Where is the it-just-works email encrytion for dummies?

AFAICT, it doesn't exist. At least not outside of corporate environments. There are lots of companies that have their encryption set up so that it's transparent to non-technical employees, but it's a lot of work for the people who actually make it run. Lotus Notes, for instance, will do public-key cryptography, using company-wide keyservers -- although it's a proprietary algorithm, or was last time I checked. Once you have the infrastructure in place, the users don't have to think much about it, besides clicking 'encrypt and sign' on the emails they want secured.

I've also heard that within Apple, they use Apple Mail with S/MIME to great effect ... but if you're just a regular user, getting that feature working is a real PITA. (Though admittedly, most of the trouble is because of the certificate authorities.)

I think the problem with the free encryption tools is that they're still very much a 'hacker's product,' being designed by fairly advanced users, for other advanced users -- or at least, for users who don't have a problem installing extra software in order to communicate securely. This, IMO, is a mistake; in order for an encryption system to be useful, it has to be widely used. And that means getting it into the hands of people who might not even think, in advance, that they want it. There are lots of people who aren't going to go out and download/install encryption software, but if the feature was there, and working, all the time, they'd probably find themselves clicking the 'Encrypt' button quite a bit.

There's no real reason why encryption can't be built in. It's just that it tends to get viewed as a peripheral, rather than core, feature, in everything except some corporate packages. However, I think that if it was incorporated more widely, it would quickly become a core feature; but getting over that 'chicken and egg' hump is hard.

Re:Point & Click Encryption?

[grassy_knoll]

Encrypted email is great and all, but I can only send it to other people with encryption-enabled email clients.

Where is the it-just-works email encrytion for dummies?

Well, there's one problem. You'd have to have a consistent standard.

Also, how would you handle key exchange? For "it-just-works", you'd likely not even ask the user if they want to get a particular senders public key, which makes a man in the middle attack very feasable ( because no one has ever spoofed email headers... ).

Where would one get a public key from a particular sender, anyhow? From the sender? A central repository? If the sender, how do you trust them if you've never met them? If a central repository you've still got the trust issue, but also who'd manage it?

For the "it just works" crowd, you'd also have to explain why encryption is necessary. The people I've tried that with usually respond with something like "I'm not a secret agent! LOLLZ" or some such.

Re:Point & Click Encryption?

[metamatic]

Where is the it-just-works email encrytion for dummies?

S/MIME, which is built in to Thunderbird, Apple Mail, Outlook, and every other major e-mail client. You just need to get yourself a certificate and install it.

http://www.dartmouth.edu/~pkilab/pages/Using_SMIME _e-mail.html

Re:Point & Click Encryption?

[TheLink]

The last I heard, the US Gov will have access to X bits of the Lotus Notes keys (some of the keys bits are taken and encrypted to the US Gov key), so that they get a significant help to cracking stuff if they need to. Something like it's 40bit crypto for the US Gov, and 64 bit crypto for everyone else (other than the intended recipients).

Re:Point & Click Encryption?

[Threni]

> It requires an additional external program (GnuPG) to function.

And you have to register somewhere to get it. That's after you've allowed Firefox to download the extension. Seamless.

I wonder if you can use mailinator.com email addresses...

Re:Point & Click Encryption?

[ThosLives]

Where is the it-just-works email encrytion for dummies?

I think it's the same as all true forms of message validation: delivery in person.

* grin *

Re:Point & Click Encryption?

[EdelFactor19]

Thats horrible but comical encryption. Pure usage of a Substitution cipher is "next to" useless. Even a vignere, or the infamous "enigma machine" can be cracked pretty quickly these days. interesting idea tho... to make it one step easier, don't grab the dvorak keyboard. Just go to control panel (on windows, onlinux its in system prefs somewhere if you're in a gui) and change the keyboard layout to dvorak. You can map the keyboard change to a key such as left shift alt and switch back and forth at ease. Then yuo don't have to blindfold yourself which is nice. plus its a lot easier for the other person to do if they dont have a dvorak keyboard. they just type in your message as they see it.

Re:Point & Click Encryption?

> > It requires an additional external program (GnuPG) to function.
> And you have to register somewhere to get it.

Huh?

And next you're going to demand the source code too? Gezz, so demanding.

Re:Point & Click Encryption?

> That's after you've allowed Firefox to download the extension. Seamless.

What's the big deal? How else do you suggest this be handled?

Ohhh no... extensions are bad. Go back to IE.

Re:Point & Click Encryption?

[MadJo]

frg m.ab srm.ydcbi nct. ydcoZ

Re:Point & Click Encryption?

[AeroIllini]

It's not just that not all commonly used products include encryption, it's that there's no standard infrastructure for key exchange.

In a standard GPG encryption scheme, each user creates a private key and a public key. Anyone who wishes to send them a message must request their public key in order to do the encryption, and then the private key is used to do the decryption. (Sometimes to save computation time the message is actually encrypted with a symmetrical key, and then the key--which is shorter than the message--is encrypted with the public key. But that's mainly an implementation detail, and the need for key exchange still stands.)

However, if I'm reading my mail in Thunderbird on a personal SMTP server hosted on my own DSL connection, and I want to send an encrypted email to you at your GMail address, I first need to request your public key for encryption. As it stands, there is no standard method for my server, when I click the "encrypt" button, to submit a request to Google's server and then receive in response a public key for encryption. Currently only integrated solutions, such as Microsoft Exchange or Lotus, where all the email is being routed through a single server that can hand out keys, can have this approach.

It would require either a call-and-response system, where Server A could send a specially formatted email to Server B which would then send another specially formated email back to Server A containing the public key, or a registry lookup system, where each user would register their public key with a public keyserver which would act like a DNS, translating email addresses into public keys for systems that request them. Both types of systems have the requirement that everyone you send email to be able to use the same system. If I'm sending an email from my home SMTP server to your GMail account, either my SMTP server has to be able to communicate with GMail in a meaningful way, or both servers (mine and GMail's) need to be set up to talk to the same system of keyservers. I imagine a workable system would include both, just like TCP/IP and DNS.

Only when such a system is used by the majority of email systems will encryption ever be universally available.

Re:Point & Click Encryption?

[cayenne8]

"...or a registry lookup system, where each user would register their public key with a public keyserver ..."

It has been a long time since I played with PGP, and anonymous remailers, but, I recall back in the day, they DID have public key servers where all could register your public keys for easy retrieval.

I'd guess those are still around?

Re:Point & Click Encryption?

[AeroIllini]

It's possible they are. But my point was that until GMail, Hotmail, Yahoo Mail, Mail.com, Exchange, Lotus, and Outlook all support these keyservers, encryption between different mail systems will not be widespread.

Re:Point & Click Encryption?

They are. They're also 100% easier to forge than the actual email itself! Key exchange only works if you can trust the key you're getting, and public key servers are useless for that.

Say 'no' to gaim-encryption, use OTR

[Kadin2048]

OTR is miles better than the gaim-encryption/pidgin-encrypt. Honestly, I don't understand why they won't just kill it and move to OTR for good; it's a fundamentally better security model for something transient like instant messages.

Particularly since having two mutually-incompatible encryption packages is a pretty crummy state of affairs; it just means that the few users who do use encryption, are going to be fragmented between incompatible systems.

OTR probably has the greatest market penetration of any IM-encryption system, outside of corporate clients (Sametime, I think, uses encryption by default, although I don't think it's end-to-end, only client-server, because there they want the ability to intercept on the server), because it's built into the fairly popular OS X Adium client. So there's already quite a few users out there who have software that supports it. If only some of the other IM clients would start building it in by default, rather than making it an optional addon, I think it would quickly gain traction as a de facto standard. (And that would be a good thing, since it's a good system and open source.)

Re:Say 'no' to gaim-encryption, use OTR

[99BottlesOfBeerInMyF]

Particularly since having two mutually-incompatible encryption packages is a pretty crummy state of affairs; it just means that the few users who do use encryption, are going to be fragmented between incompatible systems.

This is what standards are for. We need a standard for IM encryption, possibly as part of a larger encryption framework. I have no problem advocating a standard, which I think is a lot better idea than advocating a given program/library.

If only some of the other IM clients would start building it in by default, rather than making it an optional addon, I think it would quickly gain traction as a de facto standard.

OTR is licensed as GPL/LGPL. As such, I'm not sure a lot of major software makers will be all that keen about implementing it. Take a look at iChat or Yahoo Messenger. They're not going to open source their application just to add an encryption format that is still pretty rare and where there is not a lot of demand. This is one of those rare instances where a BSD licensed implementation would be a whole lot more likely to solidify the de-facto standard. Realistically, I doubt that the major players are going to go open source for their clients, and as such I doubt there will be adoption of OTR unless it is submitted as a real, well documented standard and/or a BSD reference implementation is made available. We're a lot more likely to see Microsoft or AOL take over this space with a proprietary encryption scheme, which will be reverse engineered and pseudo-supported on other platforms/clients simply because people will need to communicate with the majority.

Re:Say 'no' to gaim-encryption, use OTR

[Alphager]

OTR is licensed as GPL/LGPL. As such, I'm not sure a lot of major software makers will be all that keen about implementing it. Take a look at iChat or Yahoo Messenger. They're not going to open source their application just to add an encryption format that is still pretty rare and where there is not a lot of demand.

Which is why they use the LGPL, which allows usage without forcing openness.

Re:Say 'no' to gaim-encryption, use OTR

[99BottlesOfBeerInMyF]

Which is why they use the LGPL, which allows usage without forcing openness.

I'm familiar with the LGPL license, but while it is great for "tivoization" type uses, it is usually a no-no for software inclusion. Most corporate lawyers I know don't want employees including LGPL code in distributed software, because the cost of making sure it is compliant and making sure the developers understand what they do and don't have to resubmit, and the cost of documenting the linkages, is too onerous, especially for this small of a chunk of code. It is easier to simply write their own code that does things differently and since there is not a documented standard, that will probably not be compliant with OTR's.

This is why basic building blocks like the TCP stack are often BSD licensed. It is a lot more motivation to adopt a standard, when you can incorporate a free, reference implementation without maintaining all the tracking for the licensing the LGPL brings with it. I just don't see Microsoft pulling LGPL code into default Windows applications so that Messenger, or whatever it called now, can interoperate with then tiny number of OTR users. I can see them grabbing some BSD code and embedding it for a quick bullet point.

Re:Say 'no' to gaim-encryption, use OTR

[drinkypoo]

Most corporate lawyers I know don't want employees including LGPL code in distributed software, because the cost of making sure it is compliant and making sure the developers understand what they do and don't have to resubmit, and the cost of documenting the linkages, is too onerous, especially for this small of a chunk of code.

Is it really this hard to just keep all of the LGPL code in its own files, and only add code to them that needs to be there?

Re:Say 'no' to gaim-encryption, use OTR

[99BottlesOfBeerInMyF]

Is it really this hard to just keep all of the LGPL code in its own files, and only add code to them that needs to be there?

For a lot of companies, I think so. We manage a fair number of LGPL and GPL software packages here. Then again, we ship servers preloaded with it, just like Tivo does. The LGPL requires not only changes to the LGPL library, but also all the linkable object files used to glue it to your code base. This means you have to track it all and educate users. Here, most of the developers have a good handle on OSS licensing and we already have to track GPL software we also include on our boxes, making it not a huge deal to manage LGPL code. Other places, however, that do not already manage LGPL and/or GPL libraries have a lot more risk and pain involved. They might do it to get something vital, but there is not really all that much about OTR that makes it better than something that could be written in house or contracted elsewhere. The only real advantages are time to market (not much demand yet so not a big motivator), cost (cost of tracking over a few years may well exceed cost of contracting this), and compatibility with the existing OTR user base, which is pretty tiny compared to the IM market. If any major player (AOL, MS, Yahoo, Google, or Apple were to standardize on something else and pre-install it, they would automatically have a bigger chunk of the encrypted IM market than OTR does).

Re:Say 'no' to gaim-encryption, use OTR

[Ben+Hutchings]

The LGPL requires not only changes to the LGPL library, but also all the linkable object files used to glue it to your code base.

You can satisfy this simply by compiling the LGPL library as a dynamic library. Just like you do with the GNU C library (except that you don't distribute that).

There goes some of Slashdot's quality.

[Paperweight]

Where are the editors? It looks like firehose-type blurbs are starting to make it to the front page...

Oh wait, it's CmdrTaco. Never mind.

javascript RSA cryptography demo

[brunascle]

in my travels i can across this javascript-based RSA cryptography demo. if you want to use it, hit Generate, then send the first two numbers (Modulus and Public Exponent) to whoever you want to talk to. they have to do the same. you enter their modulus and exponent into another window to encrypt.

the code is BSD-licensed. i've been meaning to write a larger javascript app to hold your keys and everyone elses' in a single window, and with a click of a button create a block of XML that you can copy+paste to a file to store the keys, but i havent got around to it.

Re:javascript RSA cryptography demo

[mbarulli]

If you are interested in browser based cryptography try the Clipperz Crypto Library, a JavaScript library to provide web developers with an extensive and efficient set of cryptographic functions. The library presently includes:

• SRP authentication protocol
• SHA2 hash functions
• AES symmetric encryption
• Fortuna PRNG

The library is relesead under a BSD license and it's derived from the code behind Clipperz password manager.

Ehm...

[Colin+Smith]

You know you can use POP and SMTP with Gmail? GPG and S/MIME work just fine as far as I've found.

GMail S/MIME plugin for firefox

[emj]

I've been using the S/MIME plugin for Firefox. and it's great. I'm not sure I like the way you have to apply for a certificate from Thawte, but it works and it's very painless.

This is not painless and easy, and IMHO S/MIME is alot nicer implemented than PGP signatures.

Only Gmail?

[Rob+T+Firefly]

While the site says only Gmail is supported, could this be made to work with other web apps? It'd be neat to have something like this for webmail on my own domains, forum-based messages, and so on.

Re:Only Gmail?

[Qoroite]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yep, seems to work on anything(select the text & you can sign, encrypt etc... from the menu/toolbar button); for example this post. Quite a handy extension. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGZFlAppR1ZjsrA4ERAtrCAJ4mrnBVJZmZA+dJpEMyP+ k9MK99FACeIEas ulV5Ow4IdeiY8mm+tgVpuiA= =imK1 -----END PGP SIGNATURE-----

Works with any textarea, by the way

[croddy]

This works with any textarea, by the way, not just GMail. Not sure why the summary doesn't mention that.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This works with any textarea, by the way, not just GMail. Not sure why the summary doesn't mention that.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: http://firegpg.tuxfamily.org/

iD8DBQFGZDU/WCKEX KsCq6IRAvAtAJ96BAdus/rVCXS+NxlEbMsDdNxTCgCfe+da
T yi/KWbgNLQUq/qssCj2YR4=
=Y2mA
-----END PGP SIGNATURE-----

Re:Works with any textarea, by the way

Verification successful. I had to get the key out of a key server first, though.

$ xclip -o | gpg
This works with any textarea, by the way, not just GMail. Not sure why the summary doesn't mention that.
gpg: Signature made Mon 04 Jun 2007 10:52:31 AM CDT using DSA key ID AB02ABA2
gpg: Good signature from "Christopher M. Roddy <croddy@emory.edu>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 20D1 D0F9 2301 92DF BB25 E5B6 5822 845C AB02 ABA2

Won't AJAX textboxes kill this?

[biftek]

I haven't used gmail that much, but I was under the impression that it saved drafts of what's in the composition textbox at intervals.

That data would be all cleartext wouldn't it? Seems a tad risky to me.

Re:Won't AJAX textboxes kill this?

[Jaqenn]

Yikes. Not only that, but doesn't having a copy enough original messages and the encrypted messages give enough data to reverse engineer your private key? (Forgive me if that's FUD, I have minimal encryption experience).

Re:Won't AJAX textboxes kill this?

[Lord+Ender]

While you are correct that end-to-end encryption is best, having ISP-to-end encryption is still a million times better than having no encryption at all.

Re:Won't AJAX textboxes kill this?

For the first point....I think the GP is right on. Google could still get the autosaved plaintext if they wanted to. I'm sure they don't store every autosave for very long though, even their hardware couldn't keep up with that, so they'd have to be making a targeted effort, presumably at the government's behest. So I guess it depends on who you're trying to protect against with regard to that. With regard to the parent's point....well, maybe for incoming mail. For outgoing mail, it shouldn't be a problem. Think about it. You're encrypting outgoing mail with the recipient's public key. If it was possible to get the private key using the public key and arbitrary text then the whole idea of asymmetric encryption would be flawed. But for incoming mail, if google could get both the plaintext of a message and the encrypted version that someone sent to you, it would certainly help in deducing your private key. Again, this pretty much presumes the gub'mint is after you.

Re:Won't AJAX textboxes kill this?

[X0563511]

No, you can't reverse engineer it like that. PGP uses "trapdoor" functions that are mathematically infeasible to work in reverse. It's possible, but it will take several thousand years.

Re:Won't AJAX textboxes kill this?

You can access gmail via https://mail.google.com/ to avoid sending anything in cleartext .

Re:Won't AJAX textboxes kill this?

[rmccann]

PGP clearly deals with this. Think about message signing. You can see the plain text and the signature.

Re:Won't AJAX textboxes kill this?

[nacturation]

You can access gmail via https://mail.google.com/ to avoid sending anything in cleartext . The point isn't that it travels to Google securely, it's that Google's servers decrypt the SSL stream on the other side and have access to the plaintext before you encrypt with FireGPG. After a few seconds of inactivity, GMail automatically saves a draft of the plaintext... what is Google's policy with regards to draft retention? Do you know if they discard any draft messages once the [encrypted or not] message has been sent?

A much better interface would be to right-click on a multiline text field, choose "Enter encrypted text" and then enter everything into a FireGPG-created window such that the only text transmitted to Google -- and, thus, saved to draft -- is ciphertext once you choose to populate the browser window's form field with the encrypted version of what you typed.

Re:Won't AJAX textboxes kill this?

[swillden]

But for incoming mail, if google could get both the plaintext of a message and the encrypted version that someone sent to you, it would certainly help in deducing your private key.

No, it wouldn't.

In general, any cipher that is vulnerable to a known-plaintext attack is considered broken and useless. Cryptanalysts not only assume they can get plaintext, but that they can choose the plaintext and get the encrypted form, that they can choose bits of the key, that they can get plaintext and ciphertext pairs encrypted by keys that are similar in ways that they choose, etc. If the key can be recovered faster than a brute force search (which is different for symmetric and assymmetric crypto) under *any* of these assumptions, the cipher is considered broken and unusable.

In the case of PGP, which uses El Gamal or RSA, all of the information needed to recover the private key is contained in the public key. However, factoring the public modulus (RSA) or computing a discrete logarithm (El Gamal) is computationally infeasible for large keys. There is no known way to exploit knowing plaintext and ciphertext pairs to simplify this process. Also, it's worth pointing out that the attacker who has such a pair doesn't actually know the plaintext of the data encrypted with El Gamal/RSA. He has the message text, the message text encrypted with a symmetric cipher (probably AES), and the symmetric session key encrypted with the recipient's El Gamal/RSA public key. So, even assuming it were useful to mount a known-plaintext attack on El Gamal, he would first have to successfully complete a known-plaintext attack on AES (or similar).

Having plaintext doesn't help you recover the key(s).

Re:GMail S/MIME plugin for firefox

[Kadin2048]

This is not painless and easy, and IMHO S/MIME is alot nicer implemented than PGP signatures.

S/MIME is oftentimes more slickly implemented, because it tends to get more use on the corporate side, but I think that it's unsuited for wide use because of its reliance on centralized certificate authorities. The whole certificate-based infrastructure isn't anything that most people want to have to deal with.

For 90% of all communications, what people want is an email (or IM, or whatever) version of PGPfone -- they just want the data secured in transit, with the actual user authentication done via some side-channel (calling them up on the phone and exchanging key fingerprints, etc.).

If people have to get and install certificates, they're not going to use the system.

Re:GMail S/MIME plugin for firefox

[emj]

Perhaps I should explain abit more, the GPG plugin has problems with GMail wordwrap, and correctly verifying signatures of emails received by gmail.

But it works wonderfully to sign short messages, but nothing more complicated.

It took quite sometime for the S/MIME extension to mature enough to be usable, so this may work in a couple of months..

Your girlfriend called...

[xxxJonBoyxxx]

Hey, your girlfriend called. She said she couldn't read the garbled message you sent. However, I passed on your "wanna...tonight" message to her and she said "yes" but I don't think your name came up. So...if you don't mind, I'd like to get out a little early tonight...

Re:GMail S/MIME plugin for firefox

[gad_zuki!]

s/mime is great and simple. This is what geeks should be pushing onto their friends not gpg. Most mail clients support it. The worst of it is that you need to make a cert. That requires some hand holding, but it sure beats endless hand-holding with gpg or old pgp installs.

I can't help it..

[dteichman2]

I wonder what Adsense will make of this?

Useless if GMail accessed only via POP3

[macraig]

FireGPG is great, I suppose, but doesn't help those of us who only use GMail via POP3/SMTP, both to avoid advertising and have mail archives under our own direct control.

In fact, FireGPG actually benefits Google and its advertising goals, since it only functions via Firefox and Google's ad-infested Web interface.

Re:Useless if GMail accessed only via POP3

[grege222]

That's because there are already so many tools out there to do that already. Depending on what client you are using, Thunderbird has Enigmail as its wrapper around gpg. Kmail also has built-in support. This is great alternative for those who don't want to have to use POP3 to have a convenient way of using GPG.

Re:Useless if GMail accessed only via POP3

[Krojack]

You can install the Firefox plug-in "Customizegoogle" and block all those evil adds that sit on the right side and aren't even noticeable.

Re:Useless if GMail accessed only via POP3

[macraig]

You missed the other half of my point: only works with a browser and Google's Web site, doesn't work with POP3 use of GMail. I'd like to see a POP3 proxy version of the same thing, if that's even possible, for those of us who don't touch the GMail Web interface except for occasional management.

Re:Useless if GMail accessed only via POP3

[Krojack]

Last I checked Sylphed has support.. http://www.claws-mail.org/features.php?section=gen eral however last time i used it, it didn't support HTML, which is good in my opinion.

Re:Useless if GMail accessed only via POP3

[aaron.rowe]

There's plenty of options for this. Personally I use Enigmail with Mozilla Thunderbird, or GPG4Win Comes with a plugin for MS Outlook.

Re:Useless if GMail accessed only via POP3

[CronoCloud]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Claws Mail which is an "extra features" fork of Sylpheed (formerly named Sylpheed-Claws), does support viewing HTML mail with the included Dillo plugin.  But you can simply turn it off/disable it.  Composing in HTML is, of course, not supported.

PGP seems to be pretty well integrated and easy to use in it.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGZQswnludVzJNqF0RAralAJ47hxH nvXedFcmC2r9SEr9j/9Ho0wCdFKO8
e/zyUbqtjXvrmtob/n9 YxzI=
=HpGy
-----END PGP SIGNATURE-----

Re:Useless if GMail accessed only via POP3

[Krojack]

Not shocked... Its good it has some support even if its a plug-in. Its been a good 3+ years since I even used it.. I like my Gmail more... =)

Re:GMail S/MIME plugin for firefox

[Chandon+Seldon]

Does that plugin actually support signatures yet? Encryption is great and all, but has way less useful security properties without signatures.

bizn4t3h

an3 oTher party

RON PAUL on the Daily Show tonight

Ah yes, Ron Paul. The right wing's answer to Ralph Nader. I sincerely hope he wins the Republican primary, because that'd make the Dems unbeatable in 2008. Even Kucinich would be a shoo-in against that weirdo.

The overprivileged adolescents who buy into libertarianism may fall for Mr. Paul's song and dance, true, but fortunately they can't vote.

Hushmail

[alohatiger]

Or you could just use hushmail.com and not worry about all the other pieces.

Re:Hushmail

Hushmail is convenient, but there's a big problem with it. You have to send your passphrase to the server in order to decrypt messages, at least when you use their SSL-based webmail. Their server has access to your private key in addition to all of the ciphertext. You are trusting them to keep your secrets secret, which is really no better than trusting Google or Hotmail.

Re:Hushmail

[alohatiger]

They store an encrypted version of your private key. It's decrypted in memory on the client side, I think, when you use the Java client.

This is a good point

[CranberryKing]

Google just does too darn much. One option might be to use it in 'basic HTML' view. Another is to compose your messages in a text editor then cut and paste (but quickly!) when you are ready to send.. :/

In Web 4.0 the browser will watch you through your monitor and shout ads at you when you are at your desk.

Re:GMail S/MIME plugin for firefox

[Lord+Ender]

One thing that is CERTAINLY true is that most email users have zero interest in maintaining a web of trust. That means PGP is right out.

S/MIME relies on people trusting third party certificate authorities and acquiring the certificates of other in order to send encrypted messages. This actually COULD work if the major email vendors agree to cooperate on some sort of certificate distribution method, and provide an easy way for people to get keypairs in the first place. This is at least possible.

Something with WEAK authentication, like PGPfone, is STILL going to require extra work on the end user's part, but does not depend on large companies cooperating. It's nice, but I just can't see this happening because, instead, it relies on an enormous group of non-technical people cooperating.

Email encryption will come eventually, but it will probably be in the form of S/MIME and be pushed by the likes of Google and Yahoo. There is no other way that is even remotely feasible.

PGP/GPG - inherent legal problem?

[Cheesey]

I understand that in some countries, you are legally compelled to provide the keys to access files encrypted with PGP, GPG, etc. if the authorities demand access. If you refuse to produce a working key, or claim to be unable to do so, a judge is able to assume that you are deliberately hiding something.

Firstly, I wondered if anyone could confirm this? I have heard that it is the case for Britain at least, although I don't see how it can possibly be legally compatible with the presumption of innocence.

Secondly, I wanted to suggest that perhaps this is a reason not to use PGP, because PGP encrypted information can always be decrypted using the recipient's key - even many years after the message was originally sent. So law enforcement officers will be able to get old PGP-encrypted documents from your email account (probably even if you delete them, thanks to backup tapes). They'll then be able to force you to decrypt them, and if you don't, they can assume you are witholding the key because the files are full of terrorist plans or whatever.

I suggest that people should only use cryptosystems where the session keys are destroyed immediately after use, such as SSH and (possibly) some secure instant messaging services. Even if law enforcement officers use a wiretap to record everything sent by you over an SSH connection, and then seize your computers, they still can't recover the plaintext because the session keys have already been deleted. It's impossible for you, the suspect, to produce the keys, which should help your legal defense. Here's a way to chat securely by SSH.. if you need to transfer files, you can use SFTP.

Re:PGP/GPG - inherent legal problem?

[aaron.rowe]

I understand that in some countries, you are legally compelled to provide the keys to access files encrypted with PGP, GPG, etc. if the authorities demand access.

Yes I believe that is the case in the UK (I am too lazy to find out if this is actual law now, to be honest I'm a bit confused if it is or not)

However, I don't have a problem with this. We use GPG encryption for all our corporate emails, some of our staff are working in countries where it is quite likely that somebody at an ISP could be bribed to pass on our private emails to our competitors.

Yes, we are paranoid.

But, we have encountered situations where it seems everything we did was known by our competitors (Big US corporation).

It does give us the freedom to discuss business and financial matters confidentially and ensure that information such as bank account details is authenticated.

If the police want to see that information, we'll gladly trust them and hand it over. Then immediately revoke the keys and issue new ones

Re:PGP/GPG - inherent legal problem?

[westlake]

I have heard that it is the case for Britain at least, although I don't see how it can possibly be legally compatible with the presumption of innocence.

You don't have to be target of an investigation to be searched, what matters is that relevant evidence may be in your possession.

In the american system, the presumption of innocence sets a high standard for conviction in a criminal trial - a standard of civility and caution that ought to be maintained through every stage of the criminal process.

But to obtain a search warrant all the police need to show is a reasonable belief that a crime has been committed and that the search they propose is an appropriate response.

Re:PGP/GPG - inherent legal problem?

[Captain+Spam]

Perhaps, but that's only one use of PGP/GPG. You can also send entirely non-encrypted messages that have a digital signature from your key to authenticate that the message came from you. You can also use it to get a digital signature of files you're distributing. More secure than MD5 (etc, etc) hashing (in theory, at least, given only you have the private key to generate the signature), should prove that you created and approve the file (so you don't have unscrupulous people attacking your server and hiding unscrupulous things in your files), etc.

To be honest, I've never used PGP/GPG to encrypt outgoing messages. I mean, I understand the use some subset of people may have for shared-key encryption like that, but for far more people, it's more usable as a signing mechanism.

Re:PGP/GPG - inherent legal problem?

[m50d]

Firstly, I wondered if anyone could confirm this? I have heard that it is the case for Britain at least, although I don't see how it can possibly be legally compatible with the presumption of innocence.

It's not the case; there was a bill proposed which would have done that, but civil rights activists got it altered so they can only compel you to give up your encryption keys if they can proove you have them.

Secondly, I wanted to suggest that perhaps this is a reason not to use PGP, because PGP encrypted information can always be decrypted using the recipient's key - even many years after the message was originally sent. So law enforcement officers will be able to get old PGP-encrypted documents from your email account (probably even if you delete them, thanks to backup tapes).

That's what gpg --show-session-key is for. If you get subpoena'd, you can give them just the session keys for the specific emails they want, and they'll be able to read them but not any other messages you received for the same public/private keypair.

Re:PGP/GPG - inherent legal problem?

[Sloppy]

I suggest that people should only use cryptosystems where the session keys are destroyed immediately after use

For realtime communication (e.g. phones), that makes sense, but when does "after use" happen with email? Whatever your answer, many people will disagree. There's no right time to stop remembering the session key.

Re:PGP/GPG - inherent legal problem?

A slight (or strong) electromagnetic field emanating from your doorframe should take care of a lot of problems of authorities pinching your gear. With, of course, the side effect of wiping the hard drives of anyone that brings a laptop into your house. But a switch for when the men in black come should be easy enough to install, and could remedy that part of the problem. You might want to locate it out of reach of the kiddies though. There could be lingering legal problems of presumed guilt, implied by a lack of evidence, given the models of justice and foreign policy currently being pursued by the U.S.

Re:PGP/GPG - inherent legal problem?

[swillden]

There could be lingering legal problems of presumed guilt, implied by a lack of evidence, given the models of justice and foreign policy currently being pursued by the U.S.

Not to mention serious, immediate problems of prosecution for destruction of evidence.

Re:PGP/GPG - inherent legal problem?

[izomiac]

Isn't PGP/GPG public key encryption? I.e. you encrypt your e-mail with the public key of your recipient, and only the recipient's private key can be used to decrypt it. So AFAIK you shouldn't be able to decrypt the messages that you send. Of course, your argument still applies to messages that you receive.

What's All the Hubub?

[tayker]

I've been using Freenigma (http://www.freenigma.com) way before I even heard of FireGPG, and they've had a Firefox extension since then too.

Re:What's All the Hubub?

[Qoroite]

Yeah, but an important difference is:

Frenigma - frenigma.com holds your keys,
FireGPG - you hold your own keys,

Some people don't like to trust outside parties with their private keys and thus care.

Re:What's All the Hubub?

[tayker]

True. However, I don't see that being any different from people who publish their keys to a repository. I also like the freedom Freenigma gives me - I'm not restricted to just Gmail like I am with FireGPG. I can use Freenigma with Gmail, Hotmail and Yahoo!.

Re:What's All the Hubub?

[Qoroite]

Ah, but I don't publish my Private Key to a repository. I publish my Public Key; my Private Key stays with me. But, there's no problem with it; if people trust freenigma to hold their Private Keys, that's their choice; I don't.

And anyway you're not restricted to gmail with FireGPG; you can encrypt/sign any text (hotmail, yahoo, online forums etc...).

Re:What's All the Hubub?

[tayker]

My bad. From what I had read when I wrote my first comment, I interpreted it being Gmail specific. Also, I was only able to use it in Gmail at that time. However, I reinstalled the extension and now it seems to work like you've mentioned. Thanks. For computers that I don't own or maintain, Freenigma is a great online alternative.

Re:GMail S/MIME plugin for firefox

[Fred_A]

Email encryption will come eventually, but it will probably be in the form of S/MIME and be pushed by the likes of Google and Yahoo. There is no other way that is even remotely feasible.

Sad but most likely true.

Re:GMail S/MIME plugin for firefox

Not only that but S/MIME is an official standardized and widely recognized system whereas PGP/GPG is proprietary incompatible garbage that some guy invented.

Homophobe

"hey wanna fuck tonight?" and i'm not particularly keen on the network guys reading that.

Network guys need luvin' too!

taxes

[twistedcubic]

When I did last-minute taxes for a family member, and one of us didn't have a fax machine, the easiest thing to do was scan the W2s etc. and email them.

Re:GMail S/MIME plugin for firefox

[Kadin2048]

One thing that is CERTAINLY true is that most email users have zero interest in maintaining a web of trust. That means PGP is right out.

You don't really need the web of trust for PGP. You can use it without any of that quite easily. You grab the keys from a keyserver, and then if you're paranoid or worried about MITM attacks, you verify the fingerprint with the recipient through a side-channel (voice phone, whatever). It's just like PGPfone.

Unfortunately, PGP and the 'web of trust' are often conflated, but you can have webs of trust in a S/MIME model (Thawte's free certificates are like this), and you can do centralized authentication in PGP.

Honestly, I think that fans of PGP need to stop pushing the WoT model, because it's too cumbersome for normal users, who really only want about the same level of security offered by landline phones. It's available, for people who want to participate in it, but it's not an essential feature for most users.

Old news: never heard of Freenigma?!

[mbarulli]

Freenigma is adding GPG encryption to Gmail and several other webmails since last summer! If you are interested in Freenigma read my interview with its main developer Stefan Richter on the Clipperz password manager blog.

Thanks, most informative!

[Cheesey]

Thanks, most informative!

The --show-session-key option looks handy - but in a way, this illustrates the second point I was getting at, which is that information encrypted with GPG can be recovered as long as any recipient can be forced to give up his private key (or run --show-session-key). This is something that any GPG user should bear in mind, particularly as GPG ciphertext will sit in email boxes for many years. You're trusting the recipient to keep his key secret forever: you trust him now and in the future. Whereas if your ciphertext becomes useless shortly after it is sent, you only have to trust the recipient in the present.

Re:Thanks, most informative!

[Sancho]

But this is a problem without encryption, too. This is a with data retention, specifically. Unencrypted e-mails (which seemed to be your alternative suggestion, in a post higher up in the tree) which are retained will be subject to the same problems. If you send me an unencrypted e-mail, I can retain it for as long as I like, and may be forced to give it up if the authorities compel me to. Similarly, if you send me a GPG encrypted e-mail, and I retain that encrypted e-mail, I can be compelled to give up my private key. The only difference is that encrypted e-mail is protected for some period of time, assuming the key hasn't already been divulged.

I suppose that some people might consider encryption to be a magic bullet, and thus might keep encrypted data around, even if they wouldn't want evidence of that data to exist. This isn't a problem with encryption, however.

Whereas if your ciphertext becomes useless shortly after it is sent, you only have to trust the recipient in the present. You have to trust that they won't archive a cleartext version of the message, too.

potential (mis)-uses

[jb.cancer]

now we sign our mails. google stores it for ages. now who could use such kind of information..

Why can't Google do this?

[cameronk]

You would think that adding GPG would be a next logical feature for Google to add...well, anything that will get my mom to use GPG will make me smile.

Re:GMail S/MIME plugin for firefox

[Lord+Ender]

you verify the fingerprint with the recipient through a side-channel

F A I L .
 
There is just no way that could reach widespread adoption. Only a PKI model, backed by major mail providers, could have a chance. My mom will never understand fingerprinting. She could understand "This message is signed by John Doe!*" showing up in her mail client, where the asterisk means, "according to Verisign, who is trusted by Gmail."

Re:GMail S/MIME plugin for firefox

Not only that but S/MIME is an official standardized and widely recognized system whereas PGP/GPG is proprietary incompatible garbage that some guy invented.

http://www.ietf.org/rfc/rfc2440.txt

What a marvellous tool!

[vorlich]

Because it's really important for people who post on slash dot (or anywhere else for that matter) to encrypt all of their highly sensitive discussions about Michael Moore, Global Warming, Ninjas, Pirates and I guess... if it's Dugg - Paris Hilton, if it's You Tube - it'll be a man nailing his penis to a block of wood or catching it in a mousetrap, and - I mustn't forget my last and extremely important comment about Ponder Stibbons here recently. I just so wish I had encrypted that.
I do have GNUpgp (the German version) on Funderburd but I haven't used it. I am saving it for when all that Terminator type Sith starts happening, cos then we'll definitely need it. We'll also need those cool GSD's that can sniff those skins jobs and I will have to try and remember what it was that Micheal Biehn made out of corn syrup and mothballs and more importantly -why? Oh wait a minute, we won't be able to use the Net will we? That will belong to the bots. D'oh!

Hang on a minute... did I just include some hidden message in the text or is just another sad example of the influence of Post-Modernism?

Hm..

[Sloppy]

I haven't tried this out yet, but it looks promising. Lack of client-side crypto has been one of my main objections to webmail.

Silly Rabbit

[Propaganda13]

They use programs to determine who is using high level encryption. Afterwards, they plant a keylogger with burst transmitter in your keyboard. By doing it that way, they don't have to spend anytime decrypting. You can any program or level of encryption you want and it won't do any good since you are compromised at a lower level.

Parent +1 ROFL

[Pyrroc]

No text

Re:GMail S/MIME plugin for firefox

> Honestly, I think that fans of PGP need to stop pushing the WoT model,
> because it's too cumbersome for normal users, who really only want
> about the same level of security offered by landline phones.
> It's available, for people who want to participate in it,
> but it's not an essential feature for most users.

Thank you! I couldn't agree more. So far it's always been: "Crypto is secure, but only if authenticated. If no authentication, crypto is not secure, therefore better no encryption at all!". I think, that's about as nonsensical as it can get. While I do agree with the security concept of authenticated cryptography, in the real world things could be done in several ways, as the parent points out correctly.
For example: With GPG being on the machine, an E-Mail program like Thunderbird could easily create a key pair for its own use and send the public key along with either every e-mail message (in the headers) or at least once on initial use of a unique e-mail address. The recipients Thunderbird does the same and now the communication between the two users could be encrypted *completely in the background* with no user intervention required. Yes, it is open to a MITM attack, but I don't care, because it's extremely unlikely, that every e-mail gets their keys swapped out in real-time. Even if...so what? It goes out *in the clear* otherwise ANYWAY.
In addition to this mode, a more consciously chosen "secure/authenticated encryption" mode could be used, which is basically what we have now with Thunderbird/Enigmail/GPG + active user setup and control. These two modes of unauthenticated background encryption and user-visible authentication/encryption could and should co-exist in the same E-Mail client and I truly believe, it would be easily implementable. The net effect would be an exponential increase in encrypted e-mail messages flying over the Internet. A good thing!

So...can somebody program this into Thunderbird?

because google can't search or target ads to you

One of gmail's big features is that it scans your emails and delivers targeted ads to you. They also have this pretty nifty search engine thing going on. That's pretty much why gmail exists.

an encryption feature goes against their whole mission as an email provider. I don't see them ever embracing encryption.

Google still gets your message

[dinomite]

Thanks to the autosave feature, Google will still get the text of your message as you type it in.

Re:GMail S/MIME plugin for firefox

[Kadin2048]

Why bother with the identification layer at all, for people like your mom?

Just say "This message was signed by jdoe@jdoecorp.com". Does that mean it was signed by John Doe? Maybe. Maybe it was his secretary. Who knows; but it was signed by someone using his email address (that's easy enough to verify). That doesn't require PKI or WoT.

Centralized PKI is at least as problematic as webs of trust, probably more. Nobody's been able to do it well, and a lot of time and money has been spent trying to get it to work. It makes email and communication in general expensive. It creates single points of failure. It creates avenues for corruption (both of data/keys and money). And very few people need what it offers, except when they're conducting financial transactions.

Most users don't need rigorous authentication. All they need is channel encryption, with some modicum of security against MITM, and even then, the latter is only for hardcore paranoids.

Not True

[Slashdot+Parent]

Still tortured and given a life sentence without the possibility of a trial.

Padilla is currently charged with Conspiracy to Commit Murder and Conspiracy to Materially Aid Terrorists. His actual trial began on 5/15/07.

Any more sensationalist disinformation you'd like to share?