Do Slashdotters Encrypt Their Email?

An anonymous reader writes "Many years ago when I first heard of PGP, I found an add-on that made it fairly simple to use PGP to encrypt my email. Despite the fact that these days most people know that email is a highly insecure means of communication, very few people that I know ever use any form of email encryption despite the fact that it is pretty easy to use. This isn't quite what I would have expected when I first set it up. So, my question to fellow Slashdotters is 'Do you encrypt your email? If not, 'Why not?' and 'Why has email encryption using PGP or something similar not become more commonplace?' The use of cryptography used to be a hot topic once upon a time."

No

Nor does anyone else. Unfortunate, but true.

Re:No

I think it's largely pointless anyway...

Most people (myself included) use a web based email client, where the plain text form of the email would be easily snatchable by the one party with any likely chance to actually intercept an email.

Cryptographic signing has a place, but even that falls into the cryptogeek fantasy realm, but If you're into that sorta thing.. you can always join the Debian community.

Re:No

[ColdWetDog]

...but I might attach encrypted file(s) if I really wanna keep something super-secret!.

Yes, this. If I'm sending anything semi sensitive, I just encrypt a file, usually a PDF, and send the password via another method. I wouldn't use this for anything extremely sensitive such as my recurring fantasy to nuke Washington DC from orbit - but for routine stuff it's fine.

And other people can deal with it. PGP encrypted emails - no way.

Re:No

[pclminion]

Encrypted PDF is tricky. Only the string and stream data of the document is actually encrypted -- all the structural information of the document remains in plain text. The number of pages, the presence of images, size of those images, amount of text on each page can all be easily determined.

If you want to encrypt a PDF, use a file encryption tool, not PDF encryption. It doesn't work quite how you assume it does.

Re:No

[ILongForDarkness]

Why nuke from orbit. The subway would be a lot of fun. Since the US doesn't have a manned space program anymore I think it would be more ironic to save he orbit nukes for Cape Canaveral.

Re:No

[cshark]

How is it unfortunate? That people aren't buying into transit encryption anymore? It's not the movement of the email you need to worry about. It's what happens when it gets there. If someone steals your computer, email encryption is the least of your worries.

Re:No

why orbit? Its the only way to be sure.

Re:No

[ZorinLynx]

"cryptogeek fantasy realm" indeed. Reminds me of this comic that tells it like it is.

http://xkcd.com/538/

Re:No

[hedwards]

Precisely, when news reports surface of emails being leaked or stolen, rarely if ever do those reports refer to emails being stolen en route. Almost always they're leaked by somebody with access to either the mail server for that domain or the person's own computer.

Sure one could catch an email en route, but in practice that's hit or miss without having control of the networks to which either the sending or receiving server connects and full knowledge that the email is coming. Without that it's not likely to be profitable to do so as you'd never know which emails to collect.

Re:No

[danbob999]

And those who don't still can use SSL under IMAP and SMTP to acheive the same level of security.
However between servers, emails are still sent in clear text.

Re:No

[EdIII]

Most people are lazy and don't feel they have the need to encrypt their communications. If they are willing to post the shit they do on Facebook, they are already a lost cause from a privacy/anonymity viewpoint.

Setting up email to send encrypted payloads is not easy for most people, and the people that know how, quickly lose interest after spending an hour to set up one person.

Now, all of my emails *are* encrypted, and not just in transit. I use a special IMAP connector for Outlook that encrypts all traffic with SSL to the mail server. The web portal for my email server is encrypted with SSL as well. Where *possible* my mail server will negotiate a secure connection to a remote server, but that is pretty damn rare. On my personal computer the message store is located on a TrueCrypt drive, so if my computer is lost or stolen, I am not worried about the message store, which is temporary anyways since the email is stored on the server.

All of it is pointless if the other party is not doing the same exact thing, which is most of the time. So I never send anything in the clear that I don't want analyzed, categorized, and used by private corporations and government.

For correspondence that needs to remain secure I usually set up an email account on the same server. That way everything is encrypted down to the message store and emails sent between domains hosted on the same mail server are just internally routed.

This is the same reason why truly secure phone calls are next to impossible in systems that must be able to perform call setups to any other phone. Too many intermediary points that cannot handle it. ZRTP, while interesting, is a long way from implementation, and will never address insecure endpoints like landlines and cell phones.

It's the other end that is problem, just as you say, but it is also the points in between. As long as there are free services that won't waste the CPU cycles to negotiate encryption between mail servers, it does not make that much sense.

Bottom line, I am secure where I need to be, not through encryption specifically, but choosing what I say, when I say it, and what communications medium I choose.

Re:No

[QuasiSteve]

Doesn't it remain encrypted unless you decrypt it and re-store it in your mail database?

Or does your encrypting/decrypting mail module do it all automatically and store the decrypted result pretty much upon receipt of an encrypted message?

Re:No

[mellon]

Turns out that a lot of email leaks to typo domains. So in fact encrypting the email would have been a really good idea in these cases.

The reason encryption hasn't taken off is that it's not done by default, and can't be enabled by clicking a checkbox.

Re:No

[Hadlock]

I wonder; if I am using gmail, and send an "email" to another gmail user -- both users are required to use https to connect to gmail, does that mean we're in effect using encrypted (RC4_128 according to gmail/chrome) email?

Re:No

[Vrtigo1]

Not entirely - as you pointed out SSL would secure the connection between the your computer and your server, however the connection between your server and the remote server, as well as the connection between the recipients computer and their mail server would remain unencrypted, so effectively you only have encryption on 1 of 3 links.

Message encryption makes transport encryption unnecessary. I.E. you don't care if someone grabs the body of the e-mail because it's useless if you can't decrypt it. Although I do recognize that I, along with most of the rest of the world I think, consider e-mail an inherently insecure communication tool and treat it as such. If you need to send something secure through e-mail, throw it in a password protected rar file and send it as an attachment.

Re:No

[bgibby9]

The reason encryption hasn't taken off is that it's not done by default, and can't be enabled by clicking a checkbox.

Actually that's probably the most likely of scenarios. It's not easily integrated into everywhere you'd send an email from and therefore is inconvenient.

Re:No

[PopeRatzo]

Nor does anyone else. Unfortunate, but true.

Are you kidding? I don't even talk to my wife without a Feistel cipher. My daughter's first words were via a one-time pad.

We're careful in my house.

Did I ever tell my story (this part is true) about the Bletchley Park alum that my wife worked with when she first got a tenure track position? I don't want to use his name because he passed not too long ago, but when he had office hours for his students, he'd show up in pajama bottoms with burnholes from the pipe he always kept stoked in his mouth. He was a sweet old dude, but you'd wonder how he made it out of the house every morning. In his final few years he was convinced that someone was out to get him and eventually it turned into unnamed Jews who were planning his demise. He was a British subject and there were stories of the stuff he did a Bletchley during the war when he was like 17 or 18 so what do I know? Maybe the Jews were out to get him.

Anyway, naw, I don't encrypt anything. I have a hard enough time communicating in open text. All of my passwords are my dog's name. I just say the opposite of everything I mean to throw off the New World Order. So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

Re:No

[v1]

The reason encryption hasn't taken off is that it's not done by default, and can't be enabled by clicking a checkbox.

Mac OS X's Mail client automatically supports PGP email certificates on both send and receive. You have to go sign up for one at some place like comodo, and download the cert. Double click and keychain assistant opens up and asks if you want to import it. Setup is complete.

Now go to your mail app and you will see an open padlock. Any email you send will be automatically signed, and recipients with intelligent email clients will automatically and transparently import your public key into their user's keychain for later use, for both verification of additional received emails and encryption of mail back to you.

If that person clicks reply, they will also have a padlock available, since their system now has your public key, so they can then send an encrypted reply back to you. If they also have a key pair in their keychain, their reply also includes their public key, allowing you to send them encrypted email in the same way. Of course for maximum security you'd need to have a more personal, direct key exchange rather than email, because a tinfoil hat would argue a skilled black hat could be in between you two when you are trying to exchange keys, and be feeding you two false keys. That's where key-signing parties come in. ;)

Incredibly easy to use and built-in. Only takes a little effort to go download a free cert from comodo or someone else. What got me into it at first is a previous employer required me to email in my mileage reports for reimbursement, and required me to sign them.

So at least for the mac users, it's ready by default, and is just a check box away. :)

Re:No

I would think so. Presumably also like most any corporate exchange user when encryption is enforced in the background (it usually is), where both the sender and recipient are users of the same system and any transports between corporate servers are encrypted (they usually are).

Re:No

[Oswald]

I believe that would be a "no" unless you consider parading your message past Google, who probably keeps a bigger file on you than any other entity, private. And it might be a worse than that--saying it's only Google that sees the message assumes that Google doesn't decrypt the message in one facility, send it from that data center to another in the clear, then re-encrypt and send to your recipient. Whose to say your mail server is in the same facility as his just because both accounts are with Google?

Re:No

In theory, the guy on the backend can still go "less /var/spool/mail/*" no matter how good the SSL/TLS encryption is. The only place I know of that actually encrypts the mail itself is Hushmail.

Re:No

[mr100percent]

That's why there are S/MIME browser plugins like Penango for GMail.

Re:No

[Hadlock]

Whoever has access to your google information, probably has physical access to whatever server your email would sit on otherwise*. I guess it's not an 100% effective means, but in terms of point-to-point email encryption, it's probably the easiest and/or most widely used email encryption scheme avalible to the general public.
 
*The old rule that if they have physical access to your machine, your software security is already nullified

Re:No

Though we should point out, in both cases the message contents still aren't protected from anyone with administrative access. The transports alone are protected.

Re:No

[hedwards]

That's mostly because sites like Yahoo aren't secure. The message only goes over the net once and it's unlikely that anybody's going to be interested in it or for those that are interested to happen upon it. Items in your inbox or other folder tend to stick around quite a bit longer.

Re:No

[TheOtherChimeraTwin]

"Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

Don't keep us in suspense. Aren't you going to decrypt that for us?

Re:No

Newsflash August 2002: Hacker's Beg Boring People to Stop Encrypting Emails.

About the only email client I saw that got encryption right was that hideously horrible excuse for a MUA, Lotus Notes. Little button on the UI that told you 'encrypted or not' and easy to toggle. And even easier to force all users to keep on at all times.

Why aren't PGP signatures, encrypt-in-transit and web-of-trust everywhere?

Because they aren't the default.

If you required, or even foisted under the covers on people, public keys and end-to-end crypto it would still not be common place among those who are paying attention enough to flip it off.

For a car analogy, it's like forcing people have seatbelts in their cars. Unless they think it's a natural part of the system you'll have to pull a few people over and beat them soundly (in their wallet) to keep everyone else in line. Even then you'll get a few clowns who just think it's faster that way or more hip.

Re:No

[Marillion]

Except The US DoD. While they don't use PGP, they do use S/MIME email extensions. It's a pain in the ass when they try sending attachments using Outlook to email readers that don't support decoding of "winmail.dat" payloads.

Re:No

Anyway, naw, I don't encrypt anything. I have a hard enough time communicating in open text. All of my passwords are my dog's name. I just say the opposite of everything I mean to throw off the New World Order. So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

Same here. The only problem is that our dog does not come when I call. It seems that dogs have a problem recognizing names that are 41 random characters...

Re:No

[Dadoo]

Nor does anyone else.

Generally true, especially when it comes to mail sent over SMTP. However, I work for a health insurance company and any email that contains private information must be encrypted. To make that happen, we have a special "secure email" server, accessed via web browser, much like Gmail.

Re:No

[symbolset]

I've had to do some work with folks from PGP. Naturally they encrypt their email. And expect you to be able to decrypt it. Can become tedious.

Re:No

Because ISP are blocking port 25.

Re:No

[DeBaas]

So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

You're probably one of the very few dudes that has a wife that listens..

Re:No

If you need to send something secure through e-mail, throw it in a password protected rar file and send it as an attachment.

Good idea. That should slow the bad guys down by about 5 seconds. Especially when Joe user thinks Zip its much the same as rar. Or anything encrypted by a Microsoft program.

Re:No

[psy0rz]

If someone steals your computer, its still encrypted, assuming you've password protected your private key..

Re:No

There's a service called Email2.com that makes email transcription transparent. Check it out. Our company use it and it offers seamless integration with mail applications.

Re:No

[drunkennewfiemidget]

Actually, in a cursory search of my mail logs, it appears approximately 40% of all mail heading out of and coming into my server (Exim4) are using some form of encryption. Including Google, Yahoo, and Messagelabs. (We're a small independent hosting company, our customers are not particularly technically apt nor inept; mostly small-medium businesses.)

The answer to the original question for me is: no. I use TLS to talk to my own mailserver, but the only 'secret' stuff that I send over email (which still isn't very secret) goes to my business partner who uses the same server, and TLS himself.

That said, even that stuff's not 'super seekrit', as any business we have to do that would be considered important not to be intercepted we have other channels, or just getting together in person for.

Re:No

[man_ls]

Pretty sure that's S/MIME, not PGP. Which in my opinion is the most correct of the email encryption options, and has the least support.

Re:No

[mathew7]

This and the fact that maybe 10% of your mail recipients actually would know how to use it.

Re:No

There are of course always exceptions.

Me and few friends of mine from college used to essentially trade drugs with each other since everyone had different connections, as we left college and moved to different cities we would continue to meet up and hang out from time to time and we would also send each other drugs (for example, I might be able to get good MDMA but my friend is unable to find any, he is however able to get LSD which I want, so we trade).

For safety reasons we do tend to encrypt our conversations (and avoid logging anything). We use instant messaging instead of email though since it's a lot less clunky when you're having a conversation rather than slightly more formal correspondence.

For our use case encryption and no logging is very useful, should one person be arrested the lack of logs makes the communications hard to trace and the encryption means that if the police decide to put one of us under surveillance they are a lot less likely to find any evidence.

(Just a note to those who don't get it: I'm not talking about trading large amounts of drugs, just personal-use amounts between friends, unfortunately the cops (and media) in the country I live in consider "internet drugs" to be the latest scare and they've been known to sniff the internet connections of people fined for minor possession as well as monitor all their text messages just in case they're able to stumble across something)

Re:No

[Pi1grim]

There is also that: most of people I communicate with use GMail and as the message does not leave the server and server-client communication is over ssl, so it eliminates the third, unencrypted link in the communication chain.
As for GPG — only a small percentage of even IT inclined people I know have bothered to generate a key and setup encryption/decryption solution. Mostly those, that have to deal with very sensitive material from time to time.
Although there is a government issued smartcard that allows for a widely adopted solution for asymmetric encryption that has software mostly on every computer, which kind of makes the situation a little better (I don't have to get into details explaining about the encryption, public and secret keys or explain how to install the software). Keys are government-issued opensc compatible crypto cards, pubkeys are available online if you know a person's name. So in case of emergency I can always encrypt files with that, given that almost everyone has them now.
P.S. That is about Estonia.

Re:No

[wanzeo]

I am tired of seeing this comic used as a dismissal of encryption, it is a joke. If you actually think someone is going to drug you or hit you with a wrench, then you have reached a level of paranoia far more ridiculous than the idea of using 4096 bit encryption.

I use the very user friendly disk encryption that the Fedora installer provides, and I feel much more at ease taking my laptop out in public.

As for email, no I don't encrypt them, but I might be willing to learn if the summary had more info than a wikipedia article for PGP.

Re:No

[maevius]

Although I agree with most of your post, mail servers have TLS support and if the client uses pop3s/imaps then the message is encrypted end to end. Although I don't have any real statistics from the corporate mail server from where I work, the admin is pretty confident that most mail is encrypted.

The main problem with OpenPGP on mail for me is that due to the unique key per recipient, if you add more than one recipient or cc, you have to encrypt the mail for each and every one of them. If you add some attachments it's pretty sure that you will hit the maximum allowed mail size of some mail server along the way.

Also, don't forget that at least I can easily setup thunderbird/enigmail. I don't even want to know the admin's response if he is ever asked to install/support a company wide openpgp installation

Re:No

[jakuaii]

The main problem with OpenPGP on mail for me is that due to the unique key per recipient, if you add more than one recipient or cc, you have to encrypt the mail for each and every one of them. If you add some attachments it's pretty sure that you will hit the maximum allowed mail size of some mail server along the way.

Uh, no. It's called "session keys". The content is encrypted with a random number (the session key), and this random number is in turn encrypted with the recipients' private keys. As the content is usually compressed too before encryption, the result may even be a smaller e-mail than without...

Re:No

[neyla]

Indeed. This argument does nothing to diminish the usefulness of crypto.

Yes people can force you to do various things, but the likeliness of that is lower than the chance that they'll do the same thing secretly if they can get away with it.

Just because someone can hit you with a wrench and take your card-key, it doesn't follow that locking your house is useless. Just because someone can hit you with a wrench until you give up your PIN-code, it doesn't follow that having the card be pin-protected is useless.

That something doesn't protect against -all- threaths, doesn't make it useless. It's still useful if it protects against *some* threaths.

Re:No

[dolmen.fr]

No you're not using encrypted e-mail. Because your e-mails are stored in clear on Google servers. Which means that Google admins can read your e-mails, and so they can give access to it to other entities that may want it (governments...).
No, on Gmail your e-mails are not more private than somewhere else.

Re:No

[1s44c]

How is it unfortunate? That people aren't buying into transit encryption anymore? It's not the movement of the email you need to worry about. It's what happens when it gets there. If someone steals your computer, email encryption is the least of your worries.

One measure won't protect you from everything, you can use disk encryption as well as transit encryption if you wish.

Re:No

[shitzu]

Who says that SMTP connection between servers is unencrypted? All servers i have configured support SSL (well, TLS actually, but its basically same thing) and if the other server supports it as well, it will be negotiated. I see outgoing and incoming TLS SMTP sessions all the time in the logs so i'm not the only one. SSL encryption costs so little that i consider it a good policy. So e-mail traffic might be encrypted end-to-end. But of course you can't rely on it.

Re:No

[bryan1945]

Pretty much. If the NSA or Gogle wants to snoop on my recipes and Christmas lists, feel free. Anything important goes through the company's servers, so that's their problem. Anything important in my personal life is done with RFC 1149 (I can't afford 2549).

Re:No

[errandum]

And you have to trust your sysadmin, since he can read anything on his machine if he really wants to (and sometimes, during maintenance, even if he doesn't. If it's private, PGP won't hurt anyone.

Re:No

[errandum]

I was under the impression that IMAPs and POP3s were dying. At least the default installation for dovecot won't allow me to chose them as protocols (even though I can still require STARTTLS for encryption on the normal ports).

Re:No

[DarwinSurvivor]

*The old rule that if they have physical access to your machine, your software security is already nullified

That depends on what you are trying to protect. No, software will not prevent them from controlling the machine, copying the HDD, etc, but it CAN prevent them from being able to USE any of that data. Encryption is the ONLY weapon software has against physical access, but it's a VERY effective one if used properly.

Re:No

[DarwinSurvivor]

You must hang with a very technical crowd if 10% of everyone you know knows how to use e-mail encryption.

Re:No

[maevius]

Apache doesn't serve https by default either, I think this has to do more with the configuration of the keys than the life of the *s protocols. Dying or not, it's secure, isn't it?

Re:No

Pfft. You must be pronouncing it incorrectly.

Re:No

[InsightIn140Bytes]

There is also that: most of people I communicate with use GMail and as the message does not leave the server

Wait, you really think that GMail has only one server serving all of its users? And that they host only at one location?

Re:No

[leuk_he]

Except my

Blackberry communication
Local work related mail via exchange
The stuff that never leaves gmail.
whatsapp messages.

Re:No

[Ihmhi]

Moreover, your average person doesn't send e-mails that they think are confidential enough that they need to use crypto.

Besides, in our litigation-friendly society, nearly every corporation has something like this appended to the end of their e-mails:

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. (Linkage

Re:No

[mathew7]

The number itself is not so important as to it beign small. And acutally I work in a multi-national company which does use encryption, but supported by IT department. So I have "access" to "click-to-encrypt" feature, which even most non-technical personel knows how to use it. It's just that at development level, nobody uses it. Maybe HR and financial do use it often.

Re:No

I think it's largely pointless anyway...

Most people (myself included) use a web based email client, where the plain text form of the email would be easily snatchable by the one party with any likely chance to actually intercept an email.

Cryptographic signing has a place, but even that falls into the cryptogeek fantasy realm, but If you're into that sorta thing.. you can always join the Debian community.

I weep for slashdot's future. I like and respect the Debian community thank you very much. I also happen to use a combination of 1024 and 4096 bit GnuPG keys (using Thunderbird and Enigmail if anyone is interested) not just for hiding things from Google, which is a big incentive in and of itself, but also for message authentication. I know that emails from my close friends are real and not spoofed (which has happened in pranks to me before) and I know that my emails stored on gmail's servers are authentic and untampered with. Do I always use it? Of course not. I have per-recipient rules take care of who I should and shouldn't use it for and it is trivial to enable/disable. Am I a bit of a paranoid cryptogeek? Yeah sure I'll admit I go overboard with it, especially the 4096bit key I use on occasion, but it definitely has a place and purpose in my emails. Not to mention with IMAP I can use the web interface and thunderbird side by side if I was so inclined.

You would think the slashdot community would be all over interesting geeky pursuits but as I scroll through most of these posts I am feeling very disheartened. The general mentality I am seeing looks more indicative of something I'd find on some place like reddit, but surely not here!

Re:No

[TheRaven64]

If you're using Google Mail via IMAP / POP (as I do for a client who insists I have an @theircompany.com to use for stuff where I might be perceived as representing them) then you can use S/MIME or PGP to encrypt the message. Then no one who has access to Google's servers can decrypt the message unless they have the decryption key.

The problem, as always, is key distribution. If I have someone's public PGP key, I can encrypt messages addressed to them. If I don't, then I can't send them an encrypted message. How do I get this key? If enough people use PGP then there is probably a version of their public key online somewhere signed by one or more people I trust. If not...

Re:No

[TheRaven64]

That's a UI problem. Knowing how to use it should mean 'not clicking on the enable/disable encryption checkbox that defaults to enable'. Unfortunately, we don't have any mechanisms for key distribution that can make it this simple.

Re:No

[growse]

Interestingly, the comic isn't making a commentary on the usefulness (or not) of cryptography. It's making fun of people who don't properly evaluate all their threats when they design security systems.

Re:No

You assume laziness, when in actuality, my email is mundane and insensitive to snooping. I don't believe the majority of email users have anything really pressing and sensitive stored in their inboxes. Even at work, I don't deal with anything top secret, I run an IT department at a school board. I save encryption for things that matter, like student records, which by the way are never emailed as a matter of policy.

Re:No

[mrvan]

Funny, I just started using PGP last week and was surprised at the ease of setup and use. As I don't actually know anyone who uses it I don't think I can encrypt mail (as they would need to have a keypair), but I do sign all my mail, and even outlook users see the little 'seal' icon, even though gmail users don't apparently.

(Ubuntu 11.10 + evolution)

Re:No

That's not PGP. That's S/MIME.

Re:No

[allo]

afaik, mailservers CAN use TLS, when the remote server supports it.

Re:No

[allo]

you think, when google links two computing centers, they use an unencrypted connection via internet? Either they have their own physical link, or they encrypt their data.

Re:No

[allo]

dedicated ssl-ports have an advantage: its easy to manipulate a "STARTTLS" package to read "STARTTLx", then the server replies with "not supported" and most mailclients fall back to unencrypted traffic.
When the port is dedicated for SSL, the mailclient will not fall back.

Re:No

I am tired of seeing this comic used as a dismissal of encryption, it is a joke. If you actually think someone is going to drug you or hit you with a wrench, then you have reached a level of paranoia far more ridiculous than the idea of using 4096 bit encryption

You never read the mouseover text, did you?

Re:No

[shoehornjob]

None of my mail is so important that I need to encrypt it. The FBI can look through my email at will.

Re:No

[rev0lt]

From the client-side, many email clients try first SSL configuration and only use cleartext connection as a fallback, including mobile clients such as iPhone. That could explain why non-techie users are using encryption. On the server-side (SMTP), I guess TLS today is pretty much standard.
You should also consider that your not-so-secret info you exchange locally via email can be stored on the server, so if you have an intrusion, that information may be accessed from third parties. I actually also don't use any form of mail encryption (I assume it is always an insecure channel), and if needed, I prefer to send the payload in a AES encrypted file (such as RAR) with a strong password. Even if it is intercepted, decoding the information will require an extra amount of effort.

Re:No

[GameboyRMH]

I think it's largely pointless anyway...

Most people (myself included) use a web based email client, where the plain text form of the email would be easily snatchable by the one party with any likely chance to actually intercept an email.

Exactly, no point encrypting your email unless you're already hosting your own.

Even then, you have to exchange PGP keys with the people you're emailing and have recipients use an email client that can decrypt the email. Good luck doing that with every Average Joe out there.

In the end, is it worth it for most of the emails you send, especially personal emails? I don't think so.

Re:No

There is enigmail for thunderbird. I use APG and K-9 on my android.

Re:No

[Defenestrar]

And I thought it was poking fun at the thugs who fail to account for the full cost of breaking a crypto nerd. Come on, if you had only budgeted $5 for that wrench, the evil mastermind in your organizational structure would rake you over the coals for not even doing a heuristic price analysis for various blunt objects!

Re:No

[betterunixthanunix]

I do, as do some of my contacts. It is rare, yes, but not unheard of. It is also the case that a lot of businesses use email encryption (S/MIME or IBE, usually not PGP).

Re:No

The cost of decrypting and encrypting is too high! Why would they do that?

Re:No

[evalhalla]

I use mutt, so I just had to create a key, configure it once and now I can choose to crypt and/or sign with just two keypresses (a graphical client whould use a pair of checkboxes). Sign check and decrypting is usually automatic (after I've entered a passphrase in the second case, of course), or rarely requires a single keypress.

For people who use webmail, there is a gpg implementation as a chrome extension at http://gpg4browsers.recurity.com/ which looks promising, and any other email client could implement an easy interface to gpg/pgp, if there was enough request.

This leaves out the scenario where you use a computer you don't own to check email, but you don't want to use it for confidential data anyway (and encrypting confidential messages would allow you to quickly check your other email with less worries).

Re:No

[gadget+junkie]

So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

You're probably one of the very few dudes that has a wife that listens..

It's not a wife. It's an encrypted husband.

Re:No

[hitmark]

Or the hollywood presentation of secure computing.

Re:No

[Defenestrar]

Getting the other user to use encryption has always been the problem. If you only encrypt some items it's not a habit, and until you get every eight year old nephew and your mother in law using a client on the other end, it's not going to happen. And that's not going to happen until encryption comes default, and runs almost invisibly on every web based system and OS default mail client.

Encryption is fundamentally opposite to the primary function of email (share information). Privacy of email is a secondary function, and already guaranteed by wiretapping laws in most countries. There's nothing inherently secure about postal mail; just because you send postal mail in an envelope doesn't mean someone can't steam it open, parse it, and seal it back up before it reaches the intended recipient. In some ways electronic mail is inherently more secure than an envelope which sits in a metal box in front of someone's house while they're at work all day. Although, being electronic, it's possible for someone to read a lot more mail in shorter time spans (or check out what's going through the "post office" while wearing an invisibility cloak).

So until either confidentiality becomes of equal importance to the content one is communicating, or encryption happens invisibly and effortlessly; encryption is not going to be main stream.

My prediction is that digital signatures (and time stamps) have a far better chance of hitting popularity than whole email encryption. There's a lot of people who want to do things electronically while their legal departments still force the paper and fax modality. Once identity and time are of equal (or better) verification status (i.e. subpoena of phone records), then there's a chance that electronic documents will make further progress. But that means every entrenched legal department will have to embrace a new way of doing things - and while I love the tech-savvyness of those awesome dudes over at the EFF, it has not been my experience that they represent the norm among lawyers.

Re:No

Reminds me of a poster I saw -
The IT department made me change my password. Damn, now I have to change my dogs name.

Re:No

Who has generated public/private key pair for id card? If it's government, I'm not going to trust that keys

Re:No

[forand]

Have these improved in the past 3 years? I started using S/MIME certs for every email address I have and tried to push my very tech suave friends to do so as well but hit the brick wall of Gmail. At the time there were no seamless solutions for verifying signatures or, encrypting and decrypting emails. One reason that many of these people use Gmail on the web is because they have multiple machines with varying levels of access (i.e. they cannot install software on some), so at best any solution with a browser plugin is going to break their ability to read encrypted emails on some of the machines they do.

I am at a loss to understand why Google has not implemented simple S/MIME checks with the standard cert authorities. This alone would push awareness of the benefits of S/MIME to a largely technologically inclined group. Ideally I would love to see them implement an encrypted space where you store your keys on Google's servers which cannot be read by Google and use client side encrypt/decrypt methods. Somehow I don't think they are going to do it though as it would reduce the flow of info about their users.

Re:No

[LtGordon]

The issue being raised by the GP above isn't that the comic provides some insight, but rather that it has become sort of a Godwin's law of xkcd that any thread even remotely related to crptography will eventually contain a reference to this comic, regardless of how relevant the true meaning may be to the conversation.

Re:No

[RandomFactor]

If they have physical access to YOU, your software security is already nullified :-\

Re:No

[aliquis]

I don't either, but mostly because the people I communicate with don't.

Also regardless of whatever you have a client which handle the software / encryption&decryption and/or signing for you what makes it less user friendly is (imho) how trust is handled within the group and the signing of others keys and so on (though that's not even necessary if you get the key directly from a person you know.)

Anyway I think that's the biggest problem for people who try it out.

Re:No

[g0bshiTe]

Well that and who really cares about my penis enlargement correspondence?

Re:No

Sorry, which in your opinion is the most correct of the email encryption options, and has the least support?

Re:No

[ILongForDarkness]

Politicians are like cochroaches you can't kill them you just have their wife(Hillary), brother(Jeb), son(Kim Jong-Un), reincarnation (Dali Lama) take over/start/continue in politics and the people obsessed with the family can continue to compare their politics to their dead ancestor ad nauseum.No what you really need is a separation of powers so no one or two groups can completely run the country from making laws, operations and finance ... oh what the US already has that and it works great.

Re:No

[DrXym]

It would slow the bad guys down in proportion to the strength of the password you chose on the archive. Rar, zip, and 7z all support 128-bit+ key encryption. Choose "bob" as your password and the secrets are revealed in a split second. Choose "Feathery bird wins 99 points by fluke in 2011" or some other nonsense phrase as the password for your key and they will be there forever short of torturing you or the recipient.

Obviously using symmetric crypto has its own drawbacks but it's a perfectly acceptable way to pass data around assuming you gave the other guy the decryption key in a way that prevented eavesdropping, e.g. you wrote the key on a piece of paper and physically handed it to the person. Failing all that you could encrypt a .zip or .rar with GPG or similar and benefit from public key crypto but the disadvantage is it becomes a two step process.

Re:No

[hedwards]

Right, but that's the same basic problem that you have with trying to catch things going over the wire. You can't be sure that a particular person will ever make a typo or that they'll do so with important emails. All the cases I'm familiar with are cases where somebody got access to either computer I mentioned. Emails typically tell a lot more when combined with other emails than when their just one email.

Re:No

[radtea]

Interestingly, the comic isn't making a commentary on the usefulness (or not) of cryptography. It's making fun of people who don't properly evaluate all their threats when they design security systems.

Yup. The big risk for most e-mail users is that a message intended for one person goes to another. That isn't going to be helped by crypto one bit.

Re:No

[r_a_trip]

For the ordinairy populace it's just too much hassle for too little gain (even technically minded people). Why go to the trouble of encrypting anything going via e-mail? Unless your name is Ethan Hunt, there is no real need. Subversive/"illegal" communication is better off done in person or even via snail mail.

Even if one is paranoid, good luck finding normal, everyday people willing to futz around with your public key, just to send you some mundane scribble. Carefully encrypted e-mail can be decrypted and then a copy-paste later be forwarded to anyone in the world in plain text. It's not even more convenient for sender verification. It's much easier to call and verify the contents of an e-mail if doubts arise.

Worse than that, even if you stay off the grid, others can (and probably will) easily place you on it (Facebook, Google+, MySpace, etc.) Unless one is a recluse, but then, why bother with digital communications.

Then the real crux of the matter. In about 80 years time, when you and all people who could be interested in what you write are dead, no one gives a f*ck what is "hidden" in the encrypted e-mails. There is little information generated, by us ordinairy 7 billion bald monkeys, that is so interesting that it needs to be shielded from prying eyes.

If something needs to be kept secret, keep it in the headbox. That is safe for now, although that also has begun to erode with research into memories and brain activity.

If the goal is to be invisible, it might even be better to hide in plain sight. Use of anonimization and cryptography just makes an individual stick out like a sore thumb.

Re:No

I also use my dog's name as password... I am just careful enough to change dogs once a month.

Re:No

[Gumbercules!!]

Sorry, just to confirm (as I have never used this), if you send an email to someone, using Mac Mail (and they're using Mac Mail) - and you have a PGP private/public key set up already, the recipient will automatically, with no intervention on their behalf, get the public key delivered / installed? I have Mac Mail but I've never looked into this. Sounds very easy for all users at both ends to work with...

However: while that sounds good on the surface doesn't it actually suck really, really badly as an idea? It means that if you typo the email address (as per the parent comment) you're still screwed because the recipient will still get your public key and thus be able to decipher the email? Even if the recipient is not on Mac Mail, if the public key is in some way included in the mail or a methodology to obtain it is available "automatically and transparently", anyone at all could reverse engineer the process and obtain the key? Even anyone man-in-the-middle sniffing the packets could store the encrypted email and then utilise the same process to obtain the public key. So if I am correct in understanding that you do not need to provide the public key "securely" to the recipient in advance, then basically this entire process is a joke that could be worked around in a couple of minutes, providing nothing but a false sense of security.

I once set up a PGP key with a mate of mine, both using Outlook, and it was very easy to do. We just did it for the hell of it though and over time stopped using it because we only basically emailed each other the sort of crap we now put on facebook, instead.

Re:No

[marnues]

No, it does diminish the usefulness of crypto. I've never encrypted my email because there's nothing worth encrypting. Now suppose there was something worth encrypting? Then there's someone out there with a wrench and/or money to entice the password out of me. Encryption has it's place, but if you encrypt your email you either send company data outside the DMZ (good use), or you do it because you can (not bad, just pointless). The NSA does not read our email, they aren't interested in recipes nor the current email jokes intended for baby boomers.

Re:No

[therealkevinkretz]

You're right that almost nobody needs to fear a wrench attack. But read about the Boucher case, where the US government compelled a man to divulge the password to an encrypted hard drive he tried to transport across the border.

The point of the xkcd comic (to me) isn't that the evil government is likely to torture people; it's that there's a point of diminishing return (on more and more bits of encryption) where the increased cost in time, complexity, and hardware to crack their encryption is far higher than other, cheaper ways of extracting a password.

Re:No

[therealkevinkretz]

Most mail servers (not counting bulk mailers + spammers) at least try TLS before relaying messages to the MX of the recipient domain - so most emails are not sent in plain text between servers.

Re:No

[marnues]

No, it's often pointless. Especially given a nerds aversion to punching. Physical access to machine usually correlates to physical access to the person behind the machine. Social engineering (physical abuse being a quick and dirty version) wins every time.

Re:No

[cpuh0g]

OS X supports S/MIME encryption, which is quite different from PGP.

Re:No

[v1]

if you send an email to someone, using Mac Mail (and they're using Mac Mail) - and you have a PGP private/public key set up already, the recipient will automatically, with no intervention on their behalf, get the public key delivered / installed? I have Mac Mail but I've never looked into this. Sounds very easy for all users at both ends to work with...

Yep. Anytime mail receives an email that has a signature attachment, it will hide the fact that there is an attachment, and will check your keychain. If the public key isn't in your keychain, it will be added. If already present, it will verify the signature using the key in your keychain (not in the message) and will post an alert if the message has been altered in transit. (I've only seen this happen once) For the most part you won't even know any of this is happening. You will notice a security indication at the top that the message is signed though, and if you reply to it you will have the option to encrypt the reply. (it will appear as an open padlock in the upper right) It's all very automatic and transparent until you need it.

The public key is sent as (mime) attachment, and if the recipient has an intelligent email app it will do something like the above and handle it. Otherwise it will display as an attachment that the user probably won't know what to do with. (I get complaints occasionally from Outlook users, "what is this attachment you keep sending me?" "ignore it, silly windows user. or download thunderbird.")

Apple's mail automatically checks your keychain to see if you have a private key available for the mail account you are creating a new message for. And if it's available, you will have the option to check the key signing check box in the upper right. It remembers your last selection, so once you check key signing, all your messages are signed until you turn it off. The signature only works for the email address(es) that's indicated in the key pair. So once you check it, it's completely automatic forever more.

So if I am correct in understanding that you do not need to provide the public key "securely" to the recipient in advance, then basically this entire process is a joke that could be worked around in a couple of minutes, providing nothing but a false sense of security.

Depends on your point of view, as mentioned in my previous post. If you've been exchanging emails with a friend for months or years, and someone decides they want to jack with you, they can't, because both of you will already have the others' public key in the keychains, and you can sign and encrypt at will and there's really nothing they can do to you. (your system will use keys already in the keychain, they don't use the key that's in the message if they already have it) Since the attacher doesn't have either of your private keys (those are never transmitted, that is the nature of public key cryptography) you're fine. They can't alter a message in transit without being detected, and they can't read encrypted messages or attachments.

BUT if you choose to start using public keys, and rely on each of you receiving the other person's just-implemented public key in their next email, you do make yourself vulnerable, that one time. If a man is in the middle, he could grab your public key, strip your signature, roll up his own key, and sign it and forward to your friend. Your friend would then add the attacker's public key to his keychain instead of your key. Now if you send a signed message, the attacker simply strips the sig and adds a new signature using his key, and your friend believes it's authentic. AND if your friend then tries to send an encrypted message back to you, he's using the ATTACKER'S public key, so the attacker can intercept it, decrypt it with his private key, read the message, then turn around and re-encrypt it using YOUR public key that he grabbed earlier, and you get the message, properly encrypted, and don't notice it's been i

Re:No

I don't think that comic is so out of line, people go to great lengths to encrypt when it really doesn't make sense.

Sure, my laptop is encrypted, but that's only because my personal one runs ubuntu and it was really easy to encrypt the /home partition. My work one is encrypted as I do have access to personally identifying information; it should never be on my laptop, but encrypting all mobile devices is an additional safegaurd.

Those are easy because I encrypt my laptop and I'm done; the desktop support group encrypted my laptop and that's the last time I've thought of it. E-mail is much harder because no one uses it; how do I send you an encrypted e-mail if you haven't established keys? I used to have keys, but no one used them, so what was the point in mantaining them?

Re:No

"If you actually think someone is going to drug you or hit you with a wrench, then you have reached a level of paranoia far more ridiculous than the idea of using 4096 bit encryption."

Or, you live in Iran.

Re:No

[jafiwam]

You should try Jenkem. It's easy to make in your own basement and though the cops and moms of the world are aware of it, they are powerless to stop it.

Re:No

[dwpro]

pedantic, but you mean the recipients public keys, no?

Re:No

[jafiwam]

Bah. The "take this wrench and beat him" scenario is trumped by the "loaded 9 MM in the pocket" scenario.

Anybody applying what is arguably a funny cartoon to real life is stupid. Anybody worth beating for the data they have is going to know it, and the pigs that come to get them are gonna git kilt. If the data isn't worth it, the pigs aren't gonna risk the backlash and "thrown out of court" problems to nab a petty criminal. Not to mention the 'kilt' part.

Re:No

Google Stores your messages/emails in multiple servers no one server has all the components. Think of having one disk from Raid5 Array not going to do you any good unless you have the parity bits to recover.

Re:No

[cdrguru]

Google is very, very interested in both recipes and Christmas lists. Recipes need ingredients that you will be shopping for and Google can sell this information to someone that sells the ingredients. Christmas lists mean you will again be buying stuff that Google can sell to merchants that will offer to sell you what you are looking for.

On the Internet there is certainly some truth to the idea that the first thing that pops up is going to get more attention than something you find after doing an exhaustive search for the lowest possible price. So with Google "helping" you with your shopping is going to provide an edge to the merchants that deal with Google.

Oh, you don't think Google data-mines Gmail for such hints? Ha ha ha ha ha ha.

Re:No

You can create TLS connectors via sites in MS Exchange. I have done this between a company and some of its clients, so any E-mail sent even though it was unencrypted would go over the wire encrypted... although I urged them strongly to go to a S/MIME or PGP ADK structure for real security...

Re:No

That would be silly, Google's data is Google's, and they would not want anyone else snooping on it. It would go through the Internet, yes, but through a VPN, keeping Google data in the Google network.

Re:No

[Cute+Fuzzy+Bunny]

I dont want to read my email, so I dont need encryption. If anyone wants to read 37 pointless missives per day, help yourself.

Re:No

[jakuaii]

pedantic, but you mean the recipients public keys, no?

Eh, sorry, of course!

Re:No

[ColdWetDog]

That's a good point but it needs to be balanced by the sensitivity of the payload. I would not send anything really sensitive by email under any circumstance. But an 'encrypted' PDF is like a lock on a house or a glue seal on a letter - good enough to keep most people from casually going after the data.

Re:No

[karnal]

Perhaps they're using MPLS? Not quite as secure as "their own physical link" - but I have to think even a dedicated line is going to terminate at the phone company / provider somewhere.

Re:No

[theshowmecanuck]

And you were so high you didn't figure out that only criminals and drug freaks encrypt their emails, so if the cops thought you were worth the time and money you set your email up as a beacon for them to hone in on; being probably one of a very few number of encrypted emails sent in America.

Re:No

..."session keys". The content is encrypted with a random number (the session key), and this random number is in turn encrypted with the recipients' private keys. As the content is usually compressed too before encryption, the result may even be a smaller e-mail than without...

Thats really neat -- is it part of the regular email clients?

Re:No

[LWATCDR]

Well yes and no.
I work under the concept that you should never write anything that you do not want to world to read. If something is super private or sensitive I do not post it publicly. Of course about 12 years ago I found out that another company was Googleing me and had figured out what I was working on based on posts I had made in newsgroups. I now use a few different names for those posts.

Re:No

[jgrahn]

..."session keys". The content is encrypted with a random number (the session key), and this random number is in turn encrypted with the recipients' private keys. As the content is usually compressed too before encryption, the result may even be a smaller e-mail than without...

Thats really neat -- is it part of the regular email clients?

The good ones, yes.

Re:No

[baggins2001]

Please elaborate on this point. I think what you are saying is that if I have an email which needs to go to bob, mary and phil. That I can create a PGP key which utilizes bob, mary, and phil's public keys and that email can be opened by bob , mary and phil's private key. I have never seen this, can you show me an example of how you would accomplish this using a GPG or PGP interface.

Re:No

[Gr8Apes]

I'd agree with all those sentiments.

I used to use PGP to email among my friends. Several circumstances combined to make me not use PGP in my email, mostly the fact that work prohibited it and at the time, all my email contacts were mostly work related. Now, it's been more difficult getting them to use that system over just running my own SSL enabled mail server and giving those that need accounts on it. Granted, the content is still unencrypted on the server, but at least all aspects of the send/receive are encrypted, with no unnecessary third parties involved.

I still use OTR encryption for my IM client with any friends that can participate, or iChat for those using iChat (iChat is encrypted) I encourage all my friends to convert to using either client as they are able.

Re:No

[budgenator]

Well look at climategate, they really don't know if it was an inside whistle-blower or an outside cracker, if the Emails were encrypted routinely, the only way to get them un-encrypted would be to snatch them out of the user's home directory. Encrypted even an admin snooping in the mail spool couldn't read them.

Re:No

[budgenator]

Your public key encrypts the mail being sent to you, you want as many people as possible to have, the private key decrypts what you get and shouldn't be reveiled to anyone else.

Re:No

[TwobyTwo]

Yes, Lotus Notes is one for the few environments in which I've seen large communities routinely encrypt and/or digitally sign their mail.

There's a reason this is more practical in Notes, and that's because Notes is designed for use primarily in corporations, where centralized or hierarchical management of keys and certs naturally fits the operational structure for the organization. The real trick in Notes is that every user has a public/private key pair; indeed, without that you don't have an identity in Notes. When a new user is authorized into a Notes domain, a certificate is signed by the domain owner, and automatically entered into the same name and address book that's used for expanding abbreviations while names are composed, and for routing mails once their sent. In other words, whenever you're sending mail to another user in your organization using Notes, the system likely has an appropriate certificate in hand for him/her, and a private key for you. So, whether to encrypt or sign then becomes, mostly, a matter of policy.

Indeed, although Notes does have support or S/MIME, so that Notes users can communicate securely with non-Notes users on the Internet, that support is in my experience rarely used. As others have noted, it takes two to tango, and as in other mail systems, individually registering S/MIME certs for your friends is just about as painful in Notes as in other systems.

Re:No

>Only the string and stream data of the document is actually encrypted -- all the structural information of the document remains in plain text. The number of pages, the presence of images, size of those images, amount of text on each page can all be easily determined.

oh for fucks sake. If that kind of data is a security risk, you wouldn't be sending it on an insecure network.

Let's get real people.

Re:No

I bet Google just uses regular old SMTP like the rest of us. SMTP is actually made for transporting email from one server to another, you know... Although it can be encrypted, whether it is or not depends on whether you have them at EHLO...

Re:No

[errandum]

I understand what you mean, but that's why when you use that you should also make it a requirement on the dovecot configurations (:. Having starttls as an option and not using it properly is worse than not having any because it gives you a false sense of security.

Either that or accepting unscripted credentials before STARTTLS.

Re:No

[DarwinSurvivor]

99% of the time that local hdd encryption helps people is after a theft or loss of equipment. People lose laptops at coffee shops, have netbooks confiscated at the airport, have houses broken into and computers stolen while vacationing. Assuming the system is OFF at the time, the key is not in memory and all the thief got was hardware.

Re:No

[kmoser]

There is also that: most of people I communicate with use GMail and as the message does not leave the server

Wait, you really think that GMail has only one server serving all of its users? And that they host only at one location?

Not to mention that some GMail users may access their account via POP, and/or may forward their GMail email to another (non-Google) address.

Re:No

[eparker05]

I just learned how to encrypt email for the first time in response to this posting;

my method (it's long):
install Mozilla Thunderbird
install GnuPG for windows
install Enigmail extention for thunderbird (a GnuPG plugin)
Make yourself a key using GnuPG
Use that key to sign outbound messages. Distribute it to everybody you know who also uses PGP standard encryption (all zero of them) so you can have two-way signed and/or encrypted messages.

Best of luck finding other people who know how to use it, now I realize how pointless it really all is. If it were more user friendly it would have a chance. That's not happening soon.

Re:No

That is S/MIME. PGP uses self-generated certificates. You can add PGP support with GPGtools.

No Need....

[superflit]

Mostly emails I received are senseless..

Re:No Need....

[Spritzer]

Exactly! And most that I send. Why would I want to encrypt my email? Then I'd just have to explain to everyone on my contact list how to decrypt a grocery list, joke, forwarded Viagra-gram etc.

Re:No Need....

[Culture20]

You forward Viagra-spam? Man, that's cold. Someone should set up an anonymous service for that like that "you have bad breath" websites.

Re:No Need....

[vlm]

... And if I had to transfer something cryptographically important, I simply would not use email.

SSH with pre-shared and human verified fingerprint keys into a shared, secured resource and what you do with it once you're in is your business? SCP with pre-shared and human verified fingerprint keys? Yeah, been there, done that. In a "everthings connected to everything, all the time" world, I donno why I'd ever go back to using email between close associates to share files.

Human hand sender to human hand recipient transfer of flash drive containing sensitive data, yeah, been there. If I'd trust them with my physical wallet, I'd trust them with the flash drive.

I have used completely open and unencrypted email as a MIME container for GPG encrypted files, but thats not encrypted email, thats open plain MIME email with attached encrypted file, a completely different concept than encrypting the entire email. I've also used symmetric mcrypt functions in addition to GPG in a multi-person mailing list scenario (if you know the shared group password, you can decrypt this file...)

To some extent its just the death of email. Email is a spam delivery service, and corporate interaction service (amazon order received emails, etc). Socializing is done over HTTP, maybe HTTPS. Secure transfers are not done over email because email is not used anymore.

Re:No Need....

[aurizon]

So the crypto works...The intended recipient is the only one who understands...

well

[hjf]

I don't. I use GMail. I might as well use "1234" as a password.

Re:well

[NonUniqueNickname]

May I suggest changing your password to "12345"? It is an order of magnitude safer.

Re:well

Hey thats the same number as my luggage!

Re:well

[s4m7]

So the combination is... one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!

Re:well

[Kjella]

Oh no, they told me I should never use the same combination twice and I already use that on my luggage! (How many security WTFs is that rolled into one?)

Re:well

[Grishnakh]

Seriously speaking, at least with Gmail (or pretty much any other email system out there), you actually have the option of having a password longer than 4 numerical digits, even though it's just for your email. Same goes for most websites; you can have a nice, long secure password on Facebook even though it's only protecting your account where you make inane posts and show stupid pictures of yourself that no one cares about.

But for protecting your financial transactions, your debit/ATM card limits you to those 4 numerical digits. I think there's something wrong with this picture.

Re:well

[Haeleth]

The 4-digit PIN normally only applies to buttons that you push with your finger, where brute-force attacks are not really an option. If your bank has ATMs that permit 10,000 attempts before they swallow the card, or uses a 4-digit PIN as a password for their online services, I suggest you take your money elsewhere.

Re:well

for added security, change the "1" to an "i" as well

Re:well

[mcneely.mike]

You can't do that... Apple will sue you!

Re:well

Are you talking about in the US?

In Australia, the limit is definitely higher than 4.

I knew a girl whose ATM pin was BUBBLEGUM.

Re:well

[hedwards]

Gmail allows for two factor identification. You can also use a one time pad that you can get from them in case you don't want to do that.

There may still be security vulnerabilities, but they're significantly more secure at the user level than any of the other major web mail sites AFAIK.

Re:well

[hairyfeet]

Hell I use yahoo mail so my password might as well be "email" for all the good it would probably do.

Seriously though, who fricking cares? if you are in a business that is actually passing important messages then your IT dept better damned well have that covered and as for everybody else? i doubt seriously the feds are gonna give a rat's ass about the tiger and Newegg sales email, nor my back and forth with Steam support when Steam didn't like my new board, and i know they surely don't care about the family pics I've stored a copy of in my email, unless there is some national secret involving my late sister and a kitten i don't know about.

If anything I'd think encryption would throw up a big red flag whereas everything else is just one big old giant pile of noise. Hell if you wanted to hide anything just put it in the spam folder, not like anybody will find shit in the bazillion "you want teh big penis?' ads and fake pharmacy crapola everybody gets dumped in there. Hey that would make some kick ass stenography wouldn't it? Just hide everything in "you want teh big wiener?" ads!

Re:well

[swillden]

I don't. I use GMail. I might as well use "1234" as a password.

GMail actually had a labs feature for a while that enabled PGP signed and encrypted e-mail. Obviously, since the encryption/decryption was done on Google's servers it didn't provide privacy against Google -- but it did provide security against snooping by ISPs, backbone operators, people who might gain access to the recipients e-mail inbox (but not his PGP keys), etc.

It was discontinued because, I assume, not enough people used it to be worth bothering with. I used it, and configured it to encrypt e-mails whenever possible (and always sign). I don't think I ever sent an encrypted e-mail, though.

With Javascript engines (and machines) getting as fast as they are, it wouldn't be unreasonable to implement PGP in Javascript and do it all client-side on the browser. Then Google wouldn't be able to read your e-mail, either, assuming it was done right.

A quick Google search turned up this: http://www.hanewin.net/encrypt/

Re:well

[gman003]

Hell, finance in general is retarded.

I have a "regular password" that I tend to use for everything (about a year ago, I started adding a use-specific suffix so someone who stole one password wouldn't automatically have the rest).

It's a fairly secure one, but it includes a _, a $ and a * (as well as a number and letters of both cases). Linux was fine with it. Windows was fine with it. GMail was fine with it. Slashdot was fine with it. Various mailing lists were fine with it. The only things not fine with it?
Debit card PIN (only four numbers!)
Voicemail passcode (also only four numbers!)
Wachovia's online banking system (wait, what?)

Yep. Wachovia did not allow passwords with symbols. No !@#$%^&* allowed. Just letters and numbers.

Not only did that significantly decrease password strength (it went from 77^x to 62^x for a given length x), it also made it impossible for me to remember my password. I had to write down instructions on how to regenerate it (change the $ to 4, * to 8, and so on by not using shift, and drop the _ entirely). Most people would've just wrote down their password, making it even more secure.

Needless to say, I rarely used their website anyways, as it was unimaginably slow as well as pointlessly undersecure. Just waited for the monthly snail-mail summary to check my balance.

Re:well

[The+Joe+Kewl]

I setup my ATM pin so long ago, its still 5 digits... now, I don't think I want to change it since the dumb ass banks limit me to 4 digits.

Re:well

[aitikin]

One, two, three, four, five?! That's amazing! I've got the same combination on my luggage!

Re:well

I prefer being able to say naughty things to my own personal FBI pervert, with the fabulous pension, so why bother encrypting?

Re:well

[SecurityGuy]

This is not true, unless you think the ATM itself is also manually pushing 4 buttons with its finger to authenticate to your bank. Somewhere along the line, that manual action has a digital analogue.

Re:well

Misconception. Your PIN can probably be up to 12 digits long; 4 is the minimum. My PIN number is 8 digits.

Re:well

[maglor_83]

My bank used to have a six character limit. Letters and numbers, no symbols. It had to have at least 2 characters in a row, and 2 numbers in a row somewhere in the password. And the first two characters had to be letters. Fortunately now it can be anything you want.

Re:well

[Pentium100]

But for protecting your financial transactions, your debit/ATM card limits you to those 4 numerical digits. I think there's something wrong with this picture.

Typing the PIN is (relatively) slow and when you do it, you are visible (to the camera in the ATM or to other people in the store), so you cannot stand there all day trying 10k combinations. Also, ATMs lock (swallow) your card if you fail to enter the correct PIN three times in a row. Also, to even try that, the attacker has have your card, and you can call the bank and get it blocked if you lose the card or it is stolen from you.

Unlike an online service which you can bruteforce using TOR and try those combinations and there is only single factor authentication.

Re:well

[Zibodiz]

If this is true, that puts Australia well ahead of us. I think the 4-digit numerical pins here are a holdover from the phone banking days. True passwords would be so much more secure, albeit, more easily socially engineered. Pins are typically never changed from the random string your bank assigned you.

Re:well

where brute-force attacks are not really an option

But the look over your shoulder attack works really well. Sometimes you just don't want your teenaged kids friends to know your PIN because they might not be above lifting it to try and buy booze or something. And while they can look over and catch 4 digits without much effort... very few can memorize 11 or 12 on the fly unless there is an obvious pattern.

Re:well

[rdnetto]

This is a troll - Australian ATMs use 4 digit PINs. (Don't know if longer ones are supported.)

Re:well

[syousef]

Oh no, they told me I should never use the same combination twice and I already use that on my luggage! (How many security WTFs is that rolled into one?)

1 end user's worth. That is the official unit of security WTFs.

Re:well

[DeBaas]

^Ì
^D^C^C^B+%W>^Z^ß^@a`É

^Ã^D^N£CÏQ6×ïbvH×4^Ãå$^Ò~`OñõfËg/^ÝÂmÝÒ^\¼^Ô^W^X-
y$ä&*½^ÏoÚ^Ã^Õ

Re:well

[MarioMax]

But for protecting your financial transactions, your debit/ATM card limits you to those 4 numerical digits. I think there's something wrong with this picture.

Your bank might limit to 4 numerical digits, but my bank (Wells Fargo, for the record) allows 8+ digit PIN numbers for debit/ATM cards.

Re:well

[maxwell+demon]

Five digits? That's too hard to remember!

Re:well

[maxwell+demon]

I'd expect the communication between the ATM and the bank to use both strong encryption and authentication of the ATM (with a method vastly more secure than a four-digit PIN). Of course in principle someone might hack the ATM (althouzgh I'd hope there are good countermeasures against that, too), but if someone manages to do that, probably the more profitable hack is to get the ATM to just output all the stored money.

Re:well

[Vegeta99]

Beware, though, not having that OTP if your cell phone is out of commission. Interestingly, said cell phone had a "special password" so that, even though it had no cell service (and I couldn't get Google's SMS to authorize my login on a computer), it was the only way to access my email for a while.

Re:well

[Cimexus]

No, it's not a troll. Australian ATMs can use PINs longer than 4 digits. This doesn't mean you HAVE to use a longer one, but you can. I know with Commonwealth Bank you can have up to at least 8 digits and I imagine the other banks are similar.

Re:well

That's amusing, although I've had the same experience... my weakest password is a bank because they wouldn't accept some of the characters in some of my strong password attempts.

Re:well

[muridae]

I've been using symbols in my wachovia password since I started using their online banking stuff. And they bought out my local bank nearly a decade ago. Either way, they allow symbols now, but it's wells fargo; so that's working against any security.

Re:well

[Terrasque]

Beware, though, not having that OTP if your cell phone is out of commission. [...] it was the only way to access my email for a while.

so, what happened to that piece of paper that they told you to print out and put in the wallet?

Re:well

[DarwinSurvivor]

Oh good, my bank uses a 6 digit numerical password for online banking. Then again, I also have to select my branch form a drop-down, so that's the equivalent of 7 digits right?

In all honesty, any bank that survived long enough to pour the foundation would disable an account after at most a dozen failed login attempts.

Re:well

[DarwinSurvivor]

If the encryption/decryption is performed by google, then how does that protect you in the slightest from ISP's?

Re:well

My bank has an even more asinine way of doing things: limits the password to 6 characters max (but oh...you have to use special characters too!), a weird picture authentication thing that I still can't see the point of, and then, to top it all of, if you haven't used your e-banking in 3 months they actually lock the account! So every time I want to do something, I can't! Fortunately I know the admin (policies aren't his fault) and he resets the password for me and sends it to me...you guessed it...via plain-text email. :-D (of course I change it right away).

Re:well

[muckracer]

Hey! Don't post my luggage combination, man!

Re:well

[icebraining]

It protects you against ISPs that transport the emails from Gmail -> Other server -> recipient.

The communications between you and Gmail are already protected by SSL.

Re:well

[Electricity+Likes+Me]

If you suddenly start using encryption, it'll throw up a big flag.

If you've always been using strong encryption, then there's no change in behavior to be noticed.

Using no encryption is a bad idea, since data mining digital content is straightforward and "talking in code" is going to be picked up.

Re:well

[zazzel]

I remember using Citibank in the US in 2001/2002. Their online service WAS protected with a 4-digit pin. And it was my bank card's PIN, AFAIR.

At the time, my German account used a PIN/TAN combination. The 5-digit-PIN was, of course, not my card's PIN. And the TANs were 6 digits.

Guess what my stomach felt like with regard to Citibank.

Re:well

[rev0lt]

Well, I won't argue that, in many cases, finance in general is retarded. Your mileage may vary from corporation to corporation, but it should be noted the system isn't as insecure as one might think:
- Debit cards use a two-token authentication scheme - the card itself and the pin. Yes, you probably can easily clone the card, and use XKCD's wrench to extract the pin, but that's the client's problem, not the bank. You have no way of allowing a client to access their money in a 100% secure environment (think of extorsion, kidnapping, etc).
- Some online banking systems require only part of the password to operate. While I consider this to be a dumb dumb concept, it does allow a client to use their access on a less secure system by not exposing the whole password/login credentials. Matrix cards are usually required for moving money around, and while a 10^2 or 10^3 combination is not very strong, it works a bit like a poor man's OTP, and to guess it on 3 attemps (plus the login and partial password) is quite a lucky strike.

One of the online systems I use is a poster of dumbness - they have separate username and password forms, and not only they deny you access right away if the username is wrong (if its right, they PRINT ON THE SCREEN the last login timestamp, before they validate the password), and instead of asking for the password, they ask for specific characters from it (in this case, 3 chars). This is the same bank where I could lock someone else's online account just by figuring out names and try them to see if they worked (3 wrong password guesses, the online account was locked and you'd have to go to the bank). I've reported this problems several times without any feedback from them (as expected), but I don't worry too much.

This particular obsession with sending partial codes over insecure channels as a way to confirm identity is quite familiar for me, as it reminds me of some codification methods that were standard procedure in the military. Probably many of the security consultants these companies hire have a military background, and the same "straight from the seventies" security concepts. I remember seeing a "top of the line" encryption equipment that actually used RSA 128bit encryption, at a time where 256-bit was already considered insecure.

Re:well

[dotancohen]

The 4-digit PIN normally only applies to buttons that you push with your finger, where brute-force attacks are not really an option. If your bank has ATMs that permit 10,000 attempts before they swallow the card, or uses a 4-digit PIN as a password for their online services, I suggest you take your money elsewhere.

Right, but when my building put a new PIN-type buzzer on the entrance door, I managed to open it on the second try: 2580. In practice there are not 10000 combinations possible for an ATM pin, but rather a dozen or so easy-to-type PINs that one has a decent chance of guessing.

Re:well

[Danathar]

I wonder....if you went up to say 15 how would it fare with hackers trying to get your password? Would any cracking/brute force (or even human guessing) even TRY 123456789101112131415

?

Re:well

It's a fairly secure one, but it includes a _, a $ and a *

This has been noted, citizen.

On a more/less serious note, my six year old son was assigned his first password for some school computer. I guessed it on the second try. Teachers these days!

Re:well

[Thing+1]

Although this is not a login issue, I've had the following pet peeve for some time now. My bank will not allow me to pay more than the balance of my credit card, via an on-line bill pay (i.e., electronic check). I have reported this several times, to no response.

In the real world, if I write them a check for more than the balance, they don't return it to me; they cash it and apply a credit to the card! I could initially get around it by doing two payments (i.e., balance is $1900, I make two payments of $1,000), and now they have new detection software that prevents me from making two payments of the same amount. Easily resolved; second payment is $1000.01.

However, why the fuck should I have to jump through these hoops electronically, when the real-world equivalent has no such hoops???

Re:well

[NonUniqueNickname]

"1234567890" and "12345678910" will be attempted as part of a dictionary attack. "1234567891011" is oddly safe =)

Re:well

[jbmartin6]

I call this the "criticality paradox" where the most critical logons are the least likely to have stronger controls. This happens when the cost of the control is seen as too high. If you have a long PIN or passcode on your ATM card, and you forget it, now you can't get money at 2 AM when you need gas money to get home. Since the CEO gets paid a bazillion dollars, the five minutes it takes to reset his AD password cost the company more than the annual salary of the help desk guy who resets it. (I know, CEO would call the CIO for password resets, he would never stoop to calling the help desk)

Re:well

[muckracer]

> If you suddenly start using encryption, it'll throw up a big flag.

> If you've always been using strong encryption, then there's no
> change in behavior to be noticed.

Yes, and if you suddenly stop sending plain-text messages for three months (because you are on vacation), your behavior will be interpreted as you having gone underground plotting to overthrow the free world.

Seriously, where do you come up with stuff like that? That's what I call a paranoid mindset, not the person's, who wants to simply use crypto to keep his/her privacy!

Re:well

[vlm]

Unlike an online service which you can bruteforce using TOR and try those combinations and there is only single factor authentication.

My bank protects me by having an online portal so slow and clunky that each login attempt takes well over 5 seconds. Its darn near as slow as brute forcing ATM PINs and the password space is much larger.

Re:well

[Pentium100]

My banks both have issued card with a bunch of passwords on them - all are 6 digit numbers. When logging in, the online portal asks for my user ID, my fixed password and one of the passwords on the card.
I can also pay some money and get a password generator instead of the card for more security. As both banks do this (that I know of), it either is a standard practice or the law.

Re:well

I'm going to venture to guess that the dbase tables they store passwords in do not support anything but numbers and letters and must be no longer than whatever the field length is.

Re:well

[AikonMGB]

[...] has a digital analogue.

Guh.. div by zero ><

Re:well

[lordmage]

Hey, how did you get my ATM PIN number?

Re:well

[MobyDisk]

And that digital analogue should also limit password attempts. Unfortunately this is not always the case. Most systems put these types of limitations in the UI layers but not the lower layers.

Re:well

[MobyDisk]

It is in his Google wallet, which is only accessible with a OTP, which ... :-)

Re:well

[MobyDisk]

M&T bank as well. I filed a complaint about it but nothing changed.

Re:well

Neat little, barely related, fact about four digit pins I recently found out:

I was travelling in Ethiopia and ran out of money and wanted to wire myself some more through a local hotel, no ATMs, from my bank Wells Fargo. I was told that International standards could not handle more than a four digit pin and I would have to create a new reduced length pin to get the money. When I got back to the states I changed my pin back to a 5+ digit number in the hope that would add some small amount of protection against international wire fraud. Its a cool little thought, I'd like to believe it helps.

And I hope that nice Nigerian Prince I gave all my money to gets back to his family. People over there are so polite!

Re:well

[jader3rd]

Wachovia did not allow passwords with symbols. No !@#$%^&* allowed.

It's my understanding that websites are afraid of a SQL injection attack through the password box so they limit the characters which can be placed in it.

Re:well

You can enter as many digits as you like. But only the ATM only cares about the first 4. Your friend's pin was BUBB (2822). Everything else was noise.

(I did the same thing, pissed me off when I realised that the ATMs and EFTPOS terminals were only reading the first 4. I have also encountered systems online that hard-limit you to 6 character passwords. What is it, the eighties, upgrade your fucking system.)

Re:well

[swillden]

If the encryption/decryption is performed by google, then how does that protect you in the slightest from ISP's?

Your connection to Google is SSL-encrypted anyway. But unless your recipient is also using GMail, your message will be delivered via SMTP to some other mail service provider. The channel between Google and that mail service provider may or may not be encrypted, and the delivery from that mail service provider to the recipient may or may not be encrypted. Assuming any of those links are unencrypted, GMail-provided PGP would give you some added privacy. It would also give you authentication, assuming your recipient somehow verified your PGP key, and your GMail account didn't get hacked, and Google didn't try to impersonate you.

Yes, there are a lot of caveats and ifs in the above, but I think GMail's PGP lab could have provided value if enough people had used it.

Re:well

I think the 4-digit numerical pins here are a holdover from the phone banking days.

ATMs pre-date phone banking by a couple of decades.

Re:well

[rdnetto]

The troll part was in reference to 'bubblegum'. Last I checked, PINs are numeric.

Re:well

[randomencounter]

I wish you were joking.

Re:well

[gman003]

Did you know that you can lie to people on the Internet? Like, just straight up not tell the truth.

Amazing technology, this "internet", isn't it?

Re:well

And all too often the ATM terminal is running on something like Windows NT on only a semi-private network, or some such atrocity.

Re:well

This is not true, unless you think the ATM itself is also manually pushing 4 buttons with its finger to authenticate to your bank.

No, I think the ATM is using a private key to authenticate to my bank. The digital analog (haha) of PIN entry happens over that authenticated channel.

Re:well

[cusco]

Seafirst bank, before they were gobbled up by Washington Mutual, right? They also had the same issue CitiBank had, where if you changed the account number listed in the address bar you were in someone else's account, but they fixed that fairly quickly. Still, those two things were enough to sour me on online banking almost immediately, and from the sound of things security hasn't gotten much better.

Re:well

The troll

You keep using that word...

part was in reference to 'bubblegum'. Last I checked, PINs are numeric.

It's a mnemonic. The number pad has letters on it just like a phone keypad. 2=abc 3=def... BUBBLEGUM is 282253687.

Re:well

But the chip inside your card will lock you out once you have 3 failed attempts. Sure you could automate those 3 first attempts and yes there IS a chance you hit it right in those but it's still unlikely "enough".

(or in each case, that's how it works here)

Re:well

[Electricity+Likes+Me]

> If you suddenly start using encryption, it'll throw up a big flag.

> If you've always been using strong encryption, then there's no
> change in behavior to be noticed.

Yes, and if you suddenly stop sending plain-text messages for three months (because you are on vacation), your behavior will be interpreted as you having gone underground plotting to overthrow the free world.

Seriously, where do you come up with stuff like that? That's what I call a paranoid mindset, not the person's, who wants to simply use crypto to keep his/her privacy!

If you don't think anyone's ever going to be specifically looking for your details, then why bother with the encryption? The goal isn't to deal with the common-case, it's to try and mitigate the worst-case: i.e. the chances that someone will intercept my credit card details in unencrypted form going over the net are pretty low, since how many nefarious backbone carriers are there really?

But that's not a possibility I want to leave out there.

Similarly, the reason to encrypt everything is to ensure that if it turns out I do have something I need to remain hidden, who can have it and when, is a better defined factor then it might otherwise be.

Why care about privacy at all? Because of a fear it could, in some capacity be used against you. Whether that's one's plans to take down Wall St, or an unusual sexual fetish, or you think the government really is targeting you, it stems very much from that paranoid mindset.

Re:well

[hjf]

https://www.xkcd.com/936/

No (First Post?)

[Mitreya]

No.
We email to people who wouldn't know PGP from ABC

Re:No (First Post?)

[erikjwaxx]

This, unfortunately. I encrypt all mail with PGP that it is feasible to encrypt, taking into account the recipient. So that's, literally, one email message, ever.

Re:No (First Post?)

[LoadWB]

This. Encrypting email to those who don't know how to decrypt it is useless. And for those who do, email certificates in Outlook work just fine.

Although, while at a conference I came upon a really nice package call Encryptix (or Encryptics, can't recall which.) It packages up the email, including attachments, encrypts the package, then sends it as an attachment with a link to the viewer. It's trusted by government, so take that for what it's worth to you. And it's not free (yearly subscription, but reasonable) so take that for what it's worth to you.

Is PGP that easy these days? Haven't touched it in years due to reasons already mentioned.

Re:No (First Post?)

[niftydude]

I sign all my email with a PGP signature. No one has ever used it to send me an encrypted email.

Re:No (First Post?)

[flaming+error]

I was negotiating a mortgage a few years ago, and the bank happily was transitioning from faxes to email. So I sent them all the somewhat sensitive docs they requested, encrypted by hushmail/web. I sent them decryption instructions out of band.

The pretty simple decryption procedure baffled the hell out of them, at first. Then they figured out it was a great excuse to delay the loan. After a few weeks they came back saying they couldn't follow the hushmail retrieval procedure because they had no internet access.

Finally I just faxed everything.

Re:No (First Post?)

[Joce640k]

What we need is clients that do it all seamlessly in the background - the first few emails you send to anybody are used to do key exchange then after that it's encrypted. All the extra gobbledegook attached to the email is stripped off before you see it.

Microsoft could easily have put it into Outlook by default and the world would have followed.

I don't normally go in for conspiracy theories but in this case I think the reason that this isn't being done really is down to visits by the guys in the black SUVs.

Re:No (First Post?)

[blahplusplus]

"We email to people who wouldn't know PGP from ABC"

The real issue is the designers of email (and the net) didn't take into account that the internet would become so pervasive and the need for encryption and security was not built into the system from the get go and handled automatically behind the scenes. Encryption should need you to install or use third party software or turn on hidden options, it should just be on by default and built in.

Re:No (First Post?)

[mcelrath]

More importantly, we email people who's mail server admins don't know PGP from ABC.

Many years ago I found that my GPG signed mails were getting quarantined by brain-dead spam and virus filters, because my mails contained a "suspicious attachment". That was the death knell for my use of GPG. Not knowing whether your mail will be received is not really acceptable. Of course that's they way it is with all mail these days...but that's the fault of incompetent law enforcement being unable to shut down spam/trojan/botnets.

PGP was defeated by stupidity.

Re:No (First Post?)

[0123456]

The real issue is the designers of email (and the net) didn't take into account that the internet would become so pervasive and the need for encryption and security was not built into the system from the get go and handled automatically behind the scenes.

Even if they'd felt that they should build encryption into the simple email protocol they were designing, public key cryptography was patented and US law prohibited them from exporting encryption software out of America. So they'd have been screwed anyway.

But it is sad that whereas in 1995 my email program had seamless PGP integration, today it's a kludge on the side of Thunderbird. Maybe it's time I created a new PGP key and told people to use it when sending email to me.

Re:No (First Post?)

[swanzilla]

(Hopefully not the private key)

Re:No (First Post?)

A bit off topic, in this same situation as I bought my first home a few months ago, I simply used 7-zip to AES encrypt everything with a secure 10-character password, which I transmitted over the phone. PGP would have been marginally better, but the trade-off of the zip convenience outweighed that pain. Luckily, my loan officer had and knew how to use Winzip. (Though even if not, I could have instructed him how to use 7-zip far easier than trying to set up PGP email.)

Re:No (First Post?)

[langelgjm]

Exactly. Several years ago, I used to sign e-mails with PGP (not encrypt, just sign). At the time, some Outlook Express clients would red flag this, and display a large, glaring warning to readers about PGP-signed e-mails. Despite the fact that the bug was due to Outlook Express, I stopped using PGP... it's not like I could force all my recipients to a better mail client.

Re:No (First Post?)

[Pentium100]

After a few weeks they came back saying they couldn't follow the hushmail retrieval procedure because they had no internet access.

I know of one bank that only allows the employees to access only whitelisted web sites on the internet. I wouldn't be surprised if this was the standard security for banks.

Re:No (First Post?)

Microsoft could easily have put it into Outlook by default and the world would have followed.

You've accidentally touched on the real issue at work here.

Decent encryption like PGP carries a lot of restrictive export requirements. It adds a huge pile of legal issues concerning to whom and where you can sell it, and that's not even considering patents and other IP concerns. Most companies would prefer to stick to normal development headaches, and as long as people in general aren't demanding it they aren't going to take the time and risk trying to implement something which has no industry Standard.

Hell, for many people using Outlook the bulk of their emails are staying within the company's mail infrastructure, and if it's hitting a remote location it's probably already wrapped in a VPN tunnel. While it's still not the best idea to have it flying through the company intranet in the clear, that's a hell of a lot less of a concern than when you hit the 'wilds' of the Internet.

The solution most people use is simple- they encrypt or password protect whatever information needs protected, and just send it as an attachment. For most purposes simply using an encrypted RAR with a password of decent length will protect the data well enough.

Re:No (First Post?)

Some of us wish to communicate with people in France where such encryption is illegal.

Re:No (First Post?)

If by "it" you mean your PGP signature I would be surprised if anyone did.

Re:No (First Post?)

[gknoy]

So you mail them a CD.

Re:No (First Post?)

[xiando]

Is PGP that easy these days? Haven't touched it in years due to reasons already mentioned.

Most e-mail clients (KMail, Claws Mail, Thunderbird, etc) support it by default. I do not know how things are in the Windows world (I heard it's improved since Windows 95, that's it), but it's supported out of the box on most GNU/Linux software.

Re:No (First Post?)

[lordholm]

They did put it in, the de-facto standard for e-mail encryption is S/MIME; essentially all e-mail clients support it (including Outlook, Apple Mail (both OS X and iOS) and Thunderbird). OpenPGP however is lacking in support and typically requires you to install various plugins.

Re:No (First Post?)

[danaris]

Is PGP that easy these days? Haven't touched it in years due to reasons already mentioned.

Most e-mail clients (KMail, Claws Mail, Thunderbird, etc) support it by default. I do not know how things are in the Windows world (I heard it's improved since Windows 95, that's it), but it's supported out of the box on most GNU/Linux software.

Barlgewhat?

Do you listen to yourself? "It's supported out of the box on most GNU/Linux software" is approximately equivalent in the utility expressed to "all the geeks I know know how to use it." In other words, pretty damn useless for practical purposes, and a long, long way away from "most email clients support it by default", at least if you take the "most" by volume of usage, and not simply by number of different clients.

Sorry, I'd like it to be the year of Linux on the desktop as much as the next guy, but it's just not realistic.

Dan Aris

Re:No (First Post?)

[rev0lt]

At least in my country, most banks don't allow any kind of internet access (only email). Usually the branch manager and submanager have internet privileges, but under heavily monitored links. That said, I've seen one bank that allowed internet-connected MSN messenger. They were heavily breached, and now their internet policies are on par with their competitors.

Re:No (First Post?)

[Ash+Vince]

I was negotiating a mortgage a few years ago, and the bank happily was transitioning from faxes to email. So I sent them all the somewhat sensitive docs they requested, encrypted by hushmail/web. I sent them decryption instructions out of band.

The pretty simple decryption procedure baffled the hell out of them, at first. Then they figured out it was a great excuse to delay the loan. After a few weeks they came back saying they couldn't follow the hushmail retrieval procedure because they had no internet access.

Finally I just faxed everything.

The funny thing about this is that fax is about as secure as sending them via unencrypted email.

Any server that your unencrypted email goes through could theoretically snoop on the attached documents, but surely the same is true for a fax. Since your email most likely follows the same route between servers as any other traffic you can probably do a traceroute and see which servers would need to be compromised in order to snoop on your email and they are probably all owned seriously locked down by your ISP or their upstream provider.

If you are worried about your ISP snooping on you then fax is just as easy for them to listen in on and then send to a printer. In many ways it may be easier for to snoop on a fax just by attaching some extra wires in the junction box outside your house then doing the same thing.

Re:No (First Post?)

[nospmiS+remoH]

I did this once (only I sent it via snail mail packet) but then the bank happily sent me the fully filled out application for my signature ... in a pdf ... via email.

I was horrified. My name, my wife's name, our address (past and present), ssn, all my account balances and numbers for every financial thing I own -- every single piece of the most sensitive personal information I have in one convenient package in an unencrypted email.

I sent a very terse message conveying how upset I was that they did this but they literally just said, "We've never had a problem doing it this way."

Needless to say I stopped doing business with that mortgage company.

I think it is sad but without a law I don't see financial institutions changing. Even then just look at how they interpreted the "multi-factor authentication" law ... site key, really?

Re:No (First Post?)

http://en.wikipedia.org/wiki/Outlook_Express#Handling_of_PGP.2FMIME_signed_messages

You are lucky if they could even read them.

Re:No (First Post?)

Despite the fact that the bug was due to Outlook Express,

Yes... bug...

Re:No (First Post?)

[marcosdumay]

On Windows most email clients (KMail, Claws Mail, Thunderbird, etc) support it by default. It is just the software that people actualy use (Outlook) that doesn't.

Anyway, that is a moot point. Nearly everybody uses webmail.

Nope

Nothing I send over email is that sensitive (does someone really care who is in charge of Christmas night snacks?)

Re:Nope

[kid_wonder]

exactly. now please delete all other comments and just leave the parent here. not even sure why this question needed to be asked.

Re:Nope

[a_hanso]

Shot down in flames, this question has.

Re:Nope

[vtcodger]

Exactly. I don't encrypt e-mail for the same reason that I don't weld my car doors shut to prevent theft when it is parked in the dooryard. Encryption is not needed for my eMail and it would be a nuisance for me and for the recipient if I used it.

Re:Nope

[Darinbob]

This is part of the problem. If I send a PGP encrypted email to my mother she won't know what to do with it. If someone I know does use PGP and I send them something encrypted in a different way they won't know what to do with it either.

Encryption means that both the sender and the receiver have to agree on the method of encryption and presumably preshare some keys or have a way to acquire a decryption key.

Now just signing something instead of encrypting would work though, but even though most people would scratch their heads over what the funny attachment is. Assuming someone is still using same private key from twenty years ago (I think I had one from early days of pgp, but the key is probably in a floppy in a landfill somewhere now).

Re:Nope

[perryizgr8]

you missed out a 'been', though i'm not sure where.

Re:Nope

[DarwinSurvivor]

If your mother doesn't have encryption set up, you couldn't send her an encrypted e-mail anyways since you would need her public key which she obviously never made.

Re:Nope

[a_hanso]

been.

Because

Nobody cares what you say in your e-mail communication. And lawyers can subpoena anything they want, unless you delete it first.

nope

[jaymz666]

Nobody does. Mail with stupid backgrounds and embedded photos abound, but even a signed pgp message never comes across my way

No

...but I might attach encrypted file(s) if I really wanna keep something super-secret!.

Nope

[halo1982]

Because no one else does either.

Yeah, but

I do from time to time, still only few of my friends have PGP keys, so it's kinda hard.

Re:Yeah, but

[davecb]

Ditto

Needs publicity

If GMail, Yahoo, Hotmail...etc, made it a standard feature then people would use it. But as it is today, nobody knows about it.

Re:Needs publicity

[Anrego]

Would have to be done on the client side somehow to be of much value. If you do the decryption on someone elses server.. you are basically giving them a plain text copy.

Not that I particularly distrust gmail.. but if I'm going to be paranoid enough to encrypt my email, I think it's more realistic that my email provider might grab my secret message vice someone at my ISP or via man in the middle attack...

Re:Needs publicity

[Alrescha]

Both PGP and S/MIME are end-to-end encrypted. Not very useful for webmail users.

A.

Re:Needs publicity

use gmail IMAP with your e-mail client of choice. gmail will never know what's on their server.

Re:Needs publicity

Browser Plugin

Re:Needs publicity

[Anrego]

I used to do something like that.. In the early 90's, using Netscape composer and the email account my ISP provided me.

Point is, people migrated to web mail clients for a reason.. if we are talking about getting the masses on board, telling them to take a step backwards for some functionality they probably don't care about is somewhat silly.

Re:Needs publicity

[jgrahn]

Both PGP and S/MIME are end-to-end encrypted. Not very useful for webmail users.

*Webmail* is not very useful for webmail users.

Re:Needs publicity

[marcosdumay]

Why was it?

I migrated* because it was free, and the address was more stable than any provider could provide. Also, it avoided the lockin created by using the ISPs address. There is something to be said about portability of web mail... But most people always read email from the same computer, and client based email can also be portable (IMAP).

If I had to guess, I try attributing it to chance. Web mail happened to offer the things people cared about before client based mail, brcause of no technical reason, it was just that the companies providing email to clients didn't have email as their mail business, so they sucked at it.

* No, in fact, I didn't migrate. I've always used client based mail at the same time I used web mail. Today I do both from the same servers.

Re:Needs publicity

[Anrego]

The big reason web mail probably still persists for most (at the very least most non-geeks) is because it's so damn simple. Downloading and configuring a mail client isn't complicated.. but it's a step you don't have to do with web mail.

Now we can easily enable IMAP on our gmail account and use our own client on our own computer, but to the average user, what is the value gained for effort expended.

But most people always read email from the same computer

I think most people browse from at least two (home and work) .. and many three (home, work, and their smartphone). Again, yes you could use IMAP at home and the web client at work and on the phone.. but it's hard to find any added value even for a geek, much less an average user.

Re:Needs publicity

[Alrescha]

Yes, I apologize for being redundant.

A.

Why would we?

[Nidi62]

Does anyone here encipher their paper mail?

Re:Why would we?

[xpwlq]

Does anyone here encipher their paper mail?

No, but I also don't leave the envelopes unsealed either.

Re:Why would we?

[pclminion]

The seal of an envelope is not security, it is privacy. If the postman wanted to open your letter, he easily could. He could probably also reseal it such that you wouldn't know he'd opened it (unless you took deliberate precautions against that -- but if you were that worried you wouldn't be using the postal service in the first place).

You simply trust the postman not to open your letters. You trust the ISP not to read your email. There's no difference.

Re:Why would we?

[Haeleth]

Does anyone here encipher their paper mail?

lgnge nfiax paavb fxvzv abval agrrh rcjnf zvarp rnrfy agrgj
zvpju rrgrr rnirr qfvvy bfrcn pbfun lgbur oofqf ffbqp vggrz
hrwug vfprn tcagp pupee buegr vnrnf nxpty lhrau nyoay oheva

Re:Why would we?

[jhantin]

Communication security is a combination of integrity, authentication, and optionally privacy. You also trust the postman not to modify what you write or forge your signature on your postcards, even though there is no privacy provided by a postcard.

Re:Why would we?

[bertok]

You simply trust the postman not to open your letters. You trust the ISP not to read your email.

In your country, maybe, but that's certainly not the common case.

When I was growing up in a communist European country, the postal service would open letters and packages often. First of all, packages were routinely screened for 'contraband', and on top of that, all government agencies were rife with corruption, so theft of mailed goods was also commonplace. Sending anything valuable via post was a risk.

This is still the situation today in many (most?) third-world countries.

Ditto with the internet. You can be certain that the government controls and monitors traffic flowing through ISPs in a long list of countries such as China or Vietnam, and even the good old United States is well known for tapping into international links and using the information to benefit their domestic interests. That may not be a problem if you're a US citizen working for a US company -- it might even be a benefit -- but most of the world doesn't fall into that category.

One major concern is that currently most major 'cloud' services providers are US owned and have data centres in the US. Any major foreign business that engages in international dealings that intersect with US interests (e.g.: resource exports, oil exploration, etc...) ought to think twice before using US IT infrastructure to send or store anything related to the deal.

Re:Why would we?

[Darinbob]

I shred them before mailing. Not completely secure but inconvenient enough that most man-in-the-middle black hats don't bother snooping.

Re:Why would we?

[Ambvai]

I received a notice from my bank last week where the bottom half of the flap was cut through (and, judging by the way the paper tore, I'd guess it was a serrated blade) and taped shut again. Just a confirmation of address change, but kind of odd, nonetheless.

Re:Why would we?

[DriedClexler]

So you leave it vulnerable to man-in-the-middle attacks?

Re:Why would we?

Does anyone here encipher their paper mail?

No, but I also don't leave the envelopes unsealed either.

So do you encipher your Christmas postcards then?

Re:Why would we?

I worked with an (olde English guy), who, in his youth, worked for a company making envelopes. They were required by law not to put gum (the sticky, sealy part) all the way to the corners of the envelope. They had to leave (by law) a 1/4 inch gap at the top. The 1/4 inch gap allowed government censors (apparently) the ability to 1) tap the contents of the envelope so that they fall to the top (now bottom) of the envelope 2) insert a small diameter rod, split down the middle, into the un-gummed opening of the envelope, and have the contents of the envelope between the split in the rod, 3) roll the rod, effectively 'rolling up' the contents of the envelope around the rod 4) pull the rod and the 'rolled up' contents of the letter through either of the un-gummed portions of the envelope 5) unroll the contents, read at leisure, 6) re-roll the contents around the rod, reverse the process of putting the contents back into the envelope. Note that the seal on the envelope is never broken. I can't confirm his story, I've never tried it, but I have noted envelopes not gummed right to the top. I tape letters with important content so there is not 'ungummed gap'.

Re:Why would we?

[Cid+Highwind]

The difference is when the postman gets caught reading your mail, he gets fired, and possibly sent to jail.

When AT&T puts a tap in their fiber so the NSA can read any email it chooses, they're just doing their jobs, and anyone who exposes it or complains is an un-American traitor terrorist anarchocommunazi.

(That said, I still don't encrypt my email, because email is for communicating within the corporation where mail is stored on some central Exchange server in compliance with records retention policies, and with people who think it's still OK to forward kitten image macros and Dilbert comics. For the few security-conscious contacts, using Google chat with the off-the-record plugin is much easier than setting up PGP/GPG.)

Re:Why would we?

You're right, it's not secure. But it's a matter of keeping an honest man honest (or more cynically, not being the biggest target.) I seal my envelopes for the same reason I lock my car, take my keys with me, and hide anything valuable out of sight.

Sure, I trust the postman not to open, read, and unseal my envelopes. I still don't write my mail, especially with personal information, on the back of a postcard.

Re:Why would we?

Do you send postcards?

Re:Why would we?

[DarwinSurvivor]

Did you report it? In most countries mail tampering is a federal offense and even if nothing of value was taken or seen from *you* does not mean the post office should not be notified that someone is intercepting mail along the line. If no-one reports it, no-one will get caught for it.

Re:Why would we?

Does anyone here encipher their paper mail?

No, but I also don't leave the envelopes unsealed either.

Sealing the envelope does not stop Australian Customs from opening them!

A better question is...

Why bother?

Not me.

[pro151]

Just like all of my posts here, my e-mails have no worth and no one in their right mind would want to read them in the first place.

Re:Not me.

[Tetch]

my e-mails have no worth and no one in their right mind would want to read them in the first place

I think it's about time reference was made in this discussion to the statement of need made by Uncle Phil Zimmerman at the beginning of his original PGP 2.x User Manual :

Why Do You Need PGP ?

• Privacy is as apple-pie as the Constitution.

  Perhaps you think your E-mail is legitimate enough that encryption is unwarranted. If you really are a law-abiding citizen with nothing to hide, then why don't you always send your paper mail on postcards? Why not submit to drug testing on demand? Why require a warrant for police searches of your house? Are you trying to hide something? You must be a subversive or a drug dealer if you hide your mail inside envelopes. Or maybe a paranoid nut. Do law-abiding citizens have any need to encrypt their E-mail?

  What if everyone believed that law-abiding citizens should use postcards for their mail? If some brave soul tried to assert his privacy by using an envelope for his mail, it would draw suspicion. Perhaps the authorities would open his mail to see what he's hiding. Fortunately, we don't live in that kind of world, because everyone protects most of their mail with envelopes. So no one draws suspicion by asserting their privacy with an envelope. There's safety in numbers. Analogously, it would be nice if everyone routinely used encryption for all their E-mail, innocent or not, so that no one drew suspicion by asserting their E-mail privacy with encryption. Think of it as a form of solidarity.

And much much more, of course. It all sounded like a very sane stance when I first read that, so I tried to do exactly what he recommended. Of course, almost nobody else tooled up to deal with my highly secure bar crawl plans, so it was a waste of time. PGP tools for email back then were very primitive, but they're a lot better now ... it shouldn't be beyond us all.

Web Based mail

I do where possible, but sadly most smartphone email clients and web based email (gmail etc) cannot read S/MIME messages without a browser plugin.

The concensus is "No"

[TheRealMindChild]

and unless you are emailing Richard Stallman with exchanged PGP keys, there are countless systems that look at your emails between here and there. Expecting privacy just doesn't register.

Re:The concensus is "No"

[jbeaupre]

I just avoid the "here" and "there". Use gmail to email people with gmail accounts, yahoo for yahoo, and so on. Nothing ever traverses an external network.

Some of the .gov and .mil addresses are harder to come by. But the security is worth it.

Re:The concensus is "No"

No, there is still a lot of traversing going on. Hopefully though, it's all going over a secure socket. You know, the background encryption between you and gmail.

(I.e., the text still has to pop through the 12 hosts between you and gmail.)

Re:The concensus is "No"

[rev0lt]

And still you are trusting the operator (gmail, yahoo, whatever) to have a secure system, and expecting their geographically replicated datacenters are connected with heavily encripted links or away from external entities. And even then, the email can be downloaded using an insecure network, where it can be intercepted during download. Are you using those free accounts?

Re:The concensus is "No"

[jbeaupre]

You do realize I was making a joke, right?

No.

[Alrescha]

Slashdotters who know enough to have encrypted such things simply don't send that sort of thing in email.

A.

Re:No.

[Sloppy]

What is "such things" and "that sort of thing?" All I can think of, is that it means anything you ever might ever want to email to someone.

You might as well say "People who know enough to use https, don't use the web."

Re:No.

I'd have to say I'm in this category. The best analogy I've ever heard for e-mail is that it's like a postcard. Communicating with that in consideration, I rarely write anything even remotely socially personal let alone any sensitive info like my SSN or financial numbers to this or that. Most things will either be mailed or faxed depending on who's receiving it.

I did try the whole e-mail encryption thing but no one else knows how to decrypt...so what use would it do to send people a bunch of incoherent data? ...I honestly wish there were a better system in place to encrypt/decrypt e-mail and make it more secure...all these useless inventions these days and yet this hasn't been put into play yet? ...eh...it's probably because the majority of people don't even know e-mail's secure so they can't very well have any real demand for something like that... o.O

Re:No.

No.

It's like saying "I'd rather tell you a secret in a quiet place where it's only us than make you learn Klingon so I can communicate a secret to you in a hard to decode manner when we're in public."

Using HTTPS requires little to no effort on the end user's part. Using PGP requires intervention on your part and on mine.

I'm not going to be able to walk my friends through setting up PGP so that I can email them, nor do I want to. But telling them to make sure there's a lock or a green part in a URL when they buy something online is easy. Telling them "Don't email sensitive information ebcause hackers will steal it" is way easier than explaining the need for PGP, and it has the same end result; people stop sending private shit to me via email.

Re:No.

[RobbieCrash]

Bah, forgot to log in. Shouldn't have been AC.

Re:No.

[rhsanborn]

There are lots of middling-mundane things that can add up to something useful, though. Patterns of movement, patterns of communication etc. Others have said they only use encryption when they want to secure something, the problem is that anyone snooping knows immediately that the only thing you've ever encrypted is important, and generally where it went to. Whereas if encryption was used for everything, or most things, it's much harder to work through the morass.

Re:No.

[Sedennial]

I have to concur with this. In 91 or 92 (I don't remember for sure) I was one of the early group of individuals who downloaded the original PGP that Phil Zimmerman wrote from an online bulletin board. I hung onto that file until several years after the USG decided to drop the whole mess. I've advocated for global adoption of email signing (would substantially reduce the spam problem), and I've been a strong proponent of the general use of encryption and key exchange for email. Over the last couple decades I've implemented email encryption (primarily for signing) off and on, always abandoning it after a while because the percentage of people utilizing it just gets smaller each year. When I do have need to transmit encrypted files (which I do several times a year), I encrypt the files out of band (i.e. not in email) using GnuPG or OpenPGP (PGPi), and I perform the key exchange (if I don't have it) via another method. Then I email the encrypted file as an attachment, or in some cases use SFTP/SCP over ToR to transfer the encrypted data file.

I don't use it for the encryption

[digitalderbs]

I've been using PGP for a few years, and on the odd occasion, I'll send an encrypted email to myself. Part of the problem is that no one knows how to use PHP. I've been sending email to thousands of people in an academic setting, and I've only encountered one other person using PGP.

The reason I keep using PGP, however, is because of digital signing: there's a good guarantee that signed messages were actually sent by me. Headers are fairly trivial to spoof. With PGP, a 'hacker' can only impersonate me if they have access to the private key, which requires physical or ssh access, and he or she must be able to decrypt that key.

That said, I wish more people would encrypt their messages. This should be a no-brainer in a lot of fields, including human rights and for health and human services, and I think the barrier to commit to email encryption is still too great.

Re:I don't use it for the encryption

[Anrego]

This of course assumes the person receiving the spoofed email bothers to read the dialog telling them the signature did not match (and that's assuming their client even checking).

Re:I don't use it for the encryption

[sco08y]

The reason I keep using PGP, however, is because of digital signing: there's a good guarantee that signed messages were actually sent by me. Headers are fairly trivial to spoof. With PGP, a 'hacker' can only impersonate me if they have access to the private key, which requires physical or ssh access, and he or she must be able to decrypt that key.

But a hacker can spoof you by sending an unauthenticated email just as easily for everything you could want to do online. I've never worked with a business that would take a public key. Without an agreement with the recipient that they only accept authenticated email, you gain nothing.

And I never use that feature when I'm on a network (using e.g. Outlook's secured mail) that offers it unless we're all forced to, which I've never seen. If most people are sending stuff unsigned and unauthenticated, the standard of evidence winds up being "if you've got a copy of what they wrote and what you wrote." So if I keep copies of my email, that's plenty. My digital authentication, in most circumstances, just seems to a potential source of confusion or, worse, ammo for an unscrupulous person to use against me.

Re:I don't use it for the encryption

[Gothmolly]

Why would anyone spoof an email from you?

Re:I don't use it for the encryption

[antifoidulus]

Part of the problem is that no one knows how to use PHP

While that's true, I don't see how it relates to email encryption

Re:I don't use it for the encryption

That's because PHP doesn't natively support PGP, but you could do it using a native PGP installation and using exec() as a wrapper.

Re:I don't use it for the encryption

[wvmarle]

I now and then received PGP signed mails.

I don't recall having received a PGP signed mail where the signature actually checked out. Evolution would always show "invalid signature" on those mails. Whether that is due to reformatting of the message by a mailer en route (in case of maillists) or other reasons such as not having someone's public key I don't know. It just never checks out. And honestly I have never been bothered with it, really.

PGP is just not feasible for the general public. A major issue is key exchange of course: I don't think this can be automated due to security issues, so must be manually. And you will have to manually verify every single key to make sure that key is really from who you think it is - either by having it handed to you in person on say a USB stick, or by calling them up and asking for their key fingerprint.

Re:I don't use it for the encryption

[hawguy]

PGP is just not feasible for the general public. A major issue is key exchange of course: I don't think this can be automated due to security issues, so must be manually. And you will have to manually verify every single key to make sure that key is really from who you think it is - either by having it handed to you in person on say a USB stick, or by calling them up and asking for their key fingerprint.

if you sign and encrypt emails, you don't have to verify the keys, that's done automatically:

John Smith wants to send Jane Doe an email, so he looks up her public key at an online key repositoy.

He uses her public key to encrypt the email and his private key to sign it.

She receives the email and decrypts it with her private key, validating his signature using John's public key she looked up in the key repository. If her public key (used by John to encrypt the email) had been spoofed in the repository, she wouldn't be able to decrypt the email with her private key.

She returns an email, signing it with her private key and encrypting it with John's public key.

As long as they send one round of signed/encrypted emails between them before they send anything "secret", they can be certain that they have the correct keys for each other and no 3rd party can listen in on their conversations.
 

Re:I don't use it for the encryption

PGP is a nonstandard hack. Use S/MIME, almost everyone's stock email client can send and receive encrypted and/or signed mail this way right out of the box.

PGP requires addons and other bullshit no normal person wants or needs to mess with. S/MIME is a global standard.

Re:I don't use it for the encryption

What about MITM? Both John and Jane can use spoofed keys while the MITM would reencrypt the data so everything seems fine.

And another thing. How can Jane know that John is indeed the John. He can also be someone pretending to be the John simply generating a false key and distributing it through public key repositories.

Re:I don't use it for the encryption

[symbolset]

Social engineering attacks. "Did you get this memo?" tpsreports.doc

Re:I don't use it for the encryption

[Tetch]

if you sign and encrypt emails, you don't have to verify the keys, that's done automatically:

John Smith wants to send Jane Doe an email, so he looks up her public key at an online key repositoy.

He uses her public key to encrypt the email and his private key to sign it.

She receives the email and decrypts it with her private key, validating his signature using John's public key she looked up in the key repository. If her public key (used by John to encrypt the email) had been spoofed in the repository, she wouldn't be able to decrypt the email with her private key.

You're almost right, but you're wrong about the lack of need for verification. The fact that she can decrypt the email which was encrypted with her public key obtained from a keyserver simply means she is in possession of the corresponding private key, not that she really is [the right] "Jane Doe" ... you might be beginning a correspondence with a spook. To verify that she is the person she is supposed to be (and not some Black Ops team MITM'ing her), the public keys must be verified, either by exchanging them in person in the first place, or by reading out key fingerprints over the phone if you would recognise her voice.

If John and Jane both get each other's public keys from a repository, and fail to verify them, then both keys may be bogus keys uploaded by MITM Bad Guys. This was well described by Phil Zimmerman in the original PGP 2.x User Manual

This is the other part of the PGP web-of-trust concept that most geeks I know don't quite get. When I countersign your key, I'm signing it to say that you really are the person you say you are (or rather "this key really does belong to the person it claims to belong to"), and NOT you are a person who can be trusted. So I must NOT countersign your key unless/until I'm really sure it's your key - which needs the key verification step to have been performed.

Unfortunately, most IT people I know who've ever been persuaded to try PGP just merrily get busy countersigning all the public keys they acquire, whether or not they've verified them. It doesn't help that some PGP email client software insists that you only use 3rd party public keys you're certain of, and won't let you pick an unverified key - so users will often just sign the 3rd party key to say they're certain of it so they can click 'Send' on the email.

Relatedly, I often suspect my colleagues don't even read the question you get asked when signing a key, which says "How strongly do you believe this person knows how to use PGP properly ?"

It is actually quite tricky to use PGP carefully enough to gain the full web-of-trust benefit - although I agree you can do what many folks do, and just ignore all that key-signing stuff, and wing it :)

Sigh ...

Re:I don't use it for the encryption

It does provide some plausible deniability, however. If they want to present an email in court and claim it was from me, assuming I actually made it a habit to sign all email, I could show that it actually was from me.

It would also be really nice if we started doing this anyway. The sheer amount of phishing that happens via email makes me wonder why PayPal, for example, doesn't use PGP for email communication.

Re:I don't use it for the encryption

[Moskit]

> The reason I keep using PGP, however, is because of
> digital signing: there's a good guarantee that signed
> messages were actually sent by me.

One of reasons I don't use PGP is exactly due to that feature! It signs emails - they can be attributed to me. Secret services or other people would be sure it was me who sent those emails. Right now I can claim the email was a mistake, a hack, something I did not do - if needed. With PGP it would be a legal proof.

There is a lot of places where PGP _should_ be used though, especially for official communication from banks, service providers (e-bills instead of paper ones) and so on. They do not do it for reasons given by many others - people just don't know how to read/verify such messages...

Re:I don't use it for the encryption

[muckracer]

> A major issue is key exchange of course

It shouldn't be. First there's keyservers, second, this could also be done by the mail client. Incoming e-mail signed with unknown key? MUA should automatically prepare a "Send public key!" reply. This could even be in the background without user intervention. Also the sending of the key in response could, and perhaps should, be automated. Message with key arrived? MUA - Import! Solved!

Security issues do not apply here really. You can only ever verify keys with people you actually know or at least meet in person. Everything else you just have to take on faith anyway...or two or so intermediate introducers.

pretty much nope

[KingAlanI]

the place I worked this summer had it set up (it was an option at my level, maybe it was more mandatory/more necessary elsewhere in the organization
so I used it on some work email.

other than that, no.
not that paranoid, didn't want to set it up, recipients aren't set up to deal with it (even at the office, some recipients had trouble, especially when readign email on their blackberries)

setup, key exchange

IF the setup, key exchange etc would me easy as 1-2-3 or ie as Skype does in background... Then everybody would use it.
Currently it's just too hard to use for average user.

PGP backdoor

[ElitistWhiner]

What's the point. Orig PGP removed, reposted with offending features changed...accordingly. Ahem

Re:PGP backdoor

[symbolset]

PGP is now owned by Symantec.

Because it's hard for people to understand.

[bmo]

Encryption is easy

Getting the people in your address book to encrypt their email is another story. They think that their internet provider's terms of service and privacy policies mean their email is private. This does not take into account other service providers, pipes, and countries along the way that have other ideas about unencrypted streams of text.

Instant messaging over ssl or other end-to-end encryption (like skype) is more secure, as a result.

--
BMO

Re:Because it's hard for people to understand.

Why do you trust Skype?

Re:Because it's hard for people to understand.

[bmo]

Oh boy, talk about putting words in my mouth. I don't "trust" skype any more than I trust any other company. However, it's better than nothing.

Go read it again, bright boy.

--
BMO

Re:Because it's hard for people to understand.

[Mashiki]

True to a point, and it's really not hard to understand either. Most people understand websites should have "https" for banking and buying stuff. What's hard, is that you need something else on top of it to encrypt it usually, or a container, or another program. Where as everything else(skype, im, etc) and other end-to-end, which use ssl are seamless. If this was the case for email programs, or webmail, and the like which provided an easy to use repository for *insert key service*, where people could plug in info for their keys without having to remember something all the time, it would take off.

Even plugin containers don't work very well, or you need to install them. Native support allows native adoption.

Only if I have to

[bob')DROP+TABLE+user]

Sometimes for work, but never for anything personal. Besides - who uses e-mail for anything anymore?

Re:Only if I have to

[GuldKalle]

Besides - who uses e-mail for anything anymore?

OK, next question: do you encrypt your Facebook status updates?

Re:Only if I have to

[bob')DROP+TABLE+user]

Only on Thursdays

Opportunistic encryption

[nickovs]

Ultimately decisions about email encryption come down to what threats you think you might be protecting yourself against. I have a PGP key, and on occasion I use it to sign and decrypt emails when I think it matters. The rest of the time I send mail, over SSL, through my own mail server, which will use SMTP's 'startTLS' command whenever possible. Most people I know read their mail either using SSH on the machine that runs the mail server or over some SSL-protected IMAP or webmail interface. Thus, for most cases, the mail is encrypted in transit but never encrypted on the servers. If the threat is one of people eavesdropping then this keeps me safe; if the threat is one of hackers targeting one of the mail servers then it doesn't. Most of my mail doesn't warrant any more effort to achieve any more security.

Re:Opportunistic encryption

: If the threat is one of people eavesdropping then this keeps me safe; if the threat is one of hackers targeting one of the mail servers then it doesn't.

It leaves you open to anyone with privileged access to any mail server on the path. You may control your own server, but what about the recipient's server? Companies that do not respect client privacy, or dishonest employees, are possibly a more serious concern than "hackers". Then there are governments, some of which might lean rather hard on server owners.

There is very little that needs to be

Because there is very little reason to actually encrypt most emails.
The only situation that I can think of that would require encryption is if I wanted to send someone sensitive material, and we both had the infrastructure to handle it. Most cases this won't be an ongoing requirement so it is cheaper and easier to pay for a courier and/or a lock-box.

What would be more useful is not encryption, but digital signatures for authentication and integrity. At work I am required to sign all emails with a two factor authentication method and I know 90% of my emails originate from work.

Nope

No one else I deal with has the proper certificate. I cannot encrypt any emails to others without the certificate. And good luck getting someone else to set up OpenPGP and exchanging keys that way.

Another problem with doing that is that you have to make your public key available, which means that anyone, anywhere can access your email address. No more security by obscurity for all of the mail addresses. Why make them guess common addresses or munge them when they can just look?

If it was not for WebMail, I would use S/MIME

PGP is actually quite a pain.
S/MIME is way easier to use if you have a dedicated email client.
And indeed I have use S/MIME from time to time at work when I need to communicate anything sensitive.

Unfortunately, when communicating with family and friends, S/MIME is not an option because they use Webmail (yahoo & gmail);
you cannot really encrypt anything there.
(without painful separate step of decrypting it outside the browser)
But this is the best you can get for free.

igor

Re:If it was not for WebMail, I would use S/MIME

[mr100percent]

There's a browser plugin/A for GMail at least.

Re:If it was not for WebMail, I would use S/MIME

[rusl]

Thanks for sharing this. That looks like something I might actually try.

What's the point

Encryption can only deal with the body of text. But who you are talking to cannot be encrypted, and that is almost as valuable as the contents.

Re:What's the point

[muckracer]

> But who you are talking to cannot be encrypted, and that is almost
> as valuable as the contents.

Actually it can. Research remailers and NYM accounts.

And you are correct about the implications of traffic analysis in even the most benign message (content)!

Nyup

F-Costs a lot and To: dont know how to read.
U-Got no time to mess with that which no one
C-will read anyway. I.e., don't waste my
K-time, dude.

Re:Nyup

[aiht]

F-Costs a lot and To: dont know how to read.
U-Got no time to mess with that which no one
C-will read anyway. I.e., don't waste my
K-time, dude.

I think you're
Doing it wrong.
It's really quite easy to
Organise the words so that
The initial letters match.

Re:Nyup

[Whiteox]

I see what you've done there!

It depends

[lazycam]

Like most of us here, if someone was eavesdropping in on my communications they would not learn much. I've messed around with PGP in the past but quit using it after I thought about how silly it was to encrypt things like my grocery list. I pitty the poor NSA analyst who after several long months of breaking my key simply learns that I had run out of milk and tampons. Going back to reality, I have found it necessary in the past to go through the trouble encrypting my instant messaging traffic. If most people are like me, my messaging behavior is significantly less formal and I would be very embarrassed if some of these discussions surfaces. Fortunately, most standard messaging software uses built in encryption or have plugins. I think encrypting email traffic is generally a good thing, but unless you work for a company where serious consequences for information disclosures I do not suspect PGP as a standard will ever catch on.

Re:It depends

word up
encrypted IM with my bros so we can talk shit (drugs and women).
no other information originating from this location is as sensitive

Prerequisites to Widespread Encryption Use

[divide+overflow]

I've used it with a few friends. Until both mail client software and popular webmail services implement PGP and make its use trivially easy then email encryption will remain a rarity.

Re:Prerequisites to Widespread Encryption Use

>Until both mail client software and popular webmail services implement PGP
This. There is already software that makes it trivially easy to use PGP with with most popular e-mail clients, but most people refuse to install the necessary plug-in outright. If people have to install something to be able to do X, they won't do X (unless X is watching dancing hamsters, then they'll gladly disable the virus scanner). Mail client software really needs to have PGP support out of the box, otherwise people won't do it. Most people I've talked to agree that the mail privacy/security problem exists and is a problem and wish something were done about it, but if you tell them the solution requires five minutes of their time they suddenly aren't interested any more.

Well yeah...

[Panaflex]

In our business, I routinely communicate with customers using s/mime mail. We set it up as part of the contract (not in the terms, just as part of the meet-n-greet kickoff), so anything related to the contract work goes through encrypted.

Crypto is our business... so it only makes sense.

Ubiquity

[bazald]

There isn't enough incentive to get ordinary users on board. Without recipients' use of PGP/GnuPG, I have no public keys to use and cannot encrypt my e-mails. I sign 99.9% of my e-mails, but nobody ever checks the signatures. Sometimes people ask me what the headers are about, and I'm happy to explain it to them. They usually don't end up caring. Again, to be more blunt, ordinary users see no incentive to get on board.

If your of interest

[AHuxley]

Your computer will be software or hardware bugged.
Carrieriq showed the plain text deep state joy of https efforts on your average open or closed US mobile device.
Sending encrypted mail will just make the NSA more curious.
Sit down with your family, friends, faith group, business associates and work out a few simple comments that can flow into any text.

Re:If your of interest

Sending encrypted mail will just make the NSA more curious.

Using encryption is only useful for people who are not paranoid and who don't have anything to hide.

The rest of the unwashed masses will use public nude beaches.

Well...

[93+Escort+Wagon]

I tried encrypting my mail for a while, but gave up. Bottom line - I got tired of explaining to people what they needed to do just to read my email.

Then I tried just digitally signing my email. That caused problems too, because most of our end users have Outlook and Outlook had issues with responding/forwarding when multiple people are involved. A lot of the emails that come my way end up being part of long multi-user threads.

Now I'm on Gmail, so there's not even an encryption option available. Well, technically, it's encrypted when I read it over https I guess... but that only counts if you're being pedantic.

It'd have to be worth encrypting

[russotto]

Except for work, my email is pretty darn non-interesting to anyone. Well except the ones that contain steganographic payloads, but they don't look encrypted of course :-).

For internal work email, my employer owns the email system and I connect to it via encrypted connection. Aside from in my browser it never leaves their system. No need for additional encryption.

Re:It'd have to be worth encrypting

[muckracer]

> my email is pretty darn non-interesting to anyone

How do YOU know? The value is determined by the other person(s), not you!

The most significant mail I get is commercial

And they aren't going to send stuff to me in an encrypted fashion, I'm lucky when the site is in HTTPS.

Everything else is just so much junk, if you really want to see pictures of my relatives' pets, or the various musings of random jokesters that they feel compelled to share, you are welcome to them.

Just post your email in reply to this post, and I'll forward it ALL to you.

and then....

[lkcl]

@BEGIN PGP SIGNED
... facebook happened.

@END PGP SIGNED

Banking and other places needing secure messaging

I wish my online banks did.

I used to have to reset most of my bank passwords all the damn time - mainly because they used some insane combination of alphanumerics and punctuation. That usually meant them emailing me a new password I had to change the next time I logged in. I've never lost any money, or had my accounts hacked as far as I know because I've deliberately kept the window as small as possible. But it is only a matter of time.

Now a days, I keep my passwords written down in an encrypted file on my hard drive so I don't have to change them again.

I'd love to !

[mystik]

My sig (since 2002/2001) on /. has been "Why arn't you encrypting your email?".

The answer is simple -- there was never a critical mass of people exchanging keys nor was there an easy-to-explain web of trust, nor was there a simple, free reliable certificate authority.

In 2002, Outlook Express offered integrated s/mime encryption + digital signatures. Once you installed your certificate (which, was simply double clicking a .p12 file, and entering your import password), you could encrypt or sign email going out, with a single click. It verified signatures in inbound email too, all in an integrated UI.

No one I knew used it.

Even today; Windows Live mail + Thunderbird offer integrated s/mime encryption. Maybe 1 or 2 of my technically literate friends use it. And of those 2, i think only one persists using it to this day.

Back then, when all I had was my Palm Pilot IIIxe, I thought "Whoa. I hold in my hand a portable computer that I can use to exchange digital signatures with". I even kept my pgp key in a note I could beam to someone, given the chance. Never happened.

Nowadays, even AGP on Android doesn't let me exchange keys with someone meet on the street, on the off change they happen to use it. Secure key exchange would be a trivial problem for today's smart phones (provided the carrier isn't using carrieriq to swipe your data....), but there still is no critical mass to make this worthwhile.

And, with most folks using webmail, You'd have to come up with a hackish way to encrypt mail client side (pgp copy/paste to the clipboard? w/ Rich text? attachments?), or just hand your keys to your provider. Doing the encryption server side would make the service provider an easy target for legal and hacking threats.

It's a tough nugget to crack, and it's not going to be solved until mail encryption is as easy to use as Facebook.

Re:I'd love to !

You would love to encrypt your email - what for ? You walk around and talk to people 'unencrypted', your phones are not encrypted - so why the email ? Especially considering 99% of emails sent have nothing sensitive in them! I still cant believe you walked around with a PGP key on your smartphone.

LOL :) you need to get back on Earth.. and get a bit grounded.

Re:I'd love to !

[pinkeen]

The exchange of keys isn't that big of a problem. You just need a catalogue of e-mail addresses associated with public keys. If there was a standard for that then each mail provider could host such automatic catalogue. If you trust most e-mail providers that mostly solves the trust issue.

If you don't care about checking authenticity, only about encryption (ex. assume that the contents of the message tell you that it's legit) then it really doesn't matter where do you get the public key from. Worst that could happen is that the recipient won't be able to read your e-mail.

Re:I'd love to !

My sig (since 2002/2001) on /. has been "Why arn't you encrypting your email?".

Boy, I'd think 10 years would be long enough to catch a typo like that...

Re:I'd love to !

When you talk in real life, hopefully your conversations aren't recorded. As for email, that's another matter.

Don't even get me started on mobile phones. ;)

Re:I'd love to !

[mystik]

If I could, I totally would.

This argument doesn't make sense though. Even in public traditionally, there's always been a fairly reasonable expectation of privacy, (despite what the law says) because you expect you can only be heard within earshot of your chat. Only recently that technology is affording the law a means to observe + record these interactions " in public " are we starting to push right up against that definition.

Keep in mind a single email won't be sensitive, but a bunch of emails in aggregate can potentially be. And besides; if you encrypt just that 1 sensitive message in a mass of unencrypted 'less sensitive' messages --- it's going to stick out like a sore thumb, and an attacker (be it lawful or unlawful) will focus all their resources on that 1 message.

I think you're just not paranoid enough.

Re:I'd love to !

[forkazoo]

In 2002, Outlook Express offered integrated s/mime encryption + digital signatures. Once you installed your certificate (which, was simply double clicking a .p12 file, and entering your import password), you could encrypt or sign email going out, with a single click. It verified signatures in inbound email too, all in an integrated UI.

Unfortunately, even that's not easy enough for my mom. Nowehere near easy enough, in fact. In order to popularise encrypted email, you have to surrender the idea of out of band key exchange and the concept of web of trust. You also need a highly interoparable way to have it just magically work by default. One good starting place would be a "Public Key At URL" header standard in all email. If you had that, you can imagine a future scenario circa 2015...

Ordinary corporate email user alice@example.com fires up Outlook 2014. A key has been automatically generated for the user without them knowing it on the Exchange server. Alice sends an ordinary unsecured email to bob@othercorp.com without pushing any extra buttons. This is the first time they have corresponded. Alice's email client includes a header for public-key-location which states that her public key is stored at "https://exchange.example.com/keys/alice". Bob doesn't specifically check email headers, so he just sees a normal email in his inbox. He decides to reply. His email client sees that he is sending to an email address with a known public key location, so it downloads alice's key automatically, and uses it to encrypt bob's message to alice so that only she can read it. This fact manifests itself as a discreet "encrypt" checkbox in the compose email window of bob's mail client. He never needs to manually intervene in the process unless he wants to install a key manually, or actively turn off encryption. Most people would never specifically do that.

The technology for that kind of infrastructure has been in place for ages. But, there isn't a critical mass that want's it. The security die hards want a system with manual key verification, and user awareness and training. Microsoft might create something similar to what I describe, but it would only work with Outlook and be explicitly incompatible with anything that isn't an Exchange client. And, they would do all decryption server side with decrypted mail stores so IT can audit corporate email. The overwhelming majority of users just don't care. But, basically one of the big players (Microsoft? Google?) needs to create a whole ecosystem in one swoop, with a massive installed base automatically, in order to get any real traction.

And the rest of us tend to put anything important through a medium other than email. scp for files, ssh tunnels for random things, ssh and talk for nefarious conversations.

Re:I'd love to !

And, with most folks using webmail, You'd have to come up with a hackish way to encrypt mail client side (pgp copy/paste to the clipboard? w/ Rich text? attachments?), or just hand your keys to your provider.

you could use userscripts to add a encrypt/decrypt button to the webmail UI . but I agree that it's hackish (although relatively easy to use for people once you have set it up).

Re:I'd love to !

[throbber]

Something I noticed in Diaspora when you download your info from it is that it includes public RSA keys for all your contacts, plus your own public & private key pair. I thought that was a good idea.

Re:I'd love to !

You meet people in the street that carry PGP keys?

no one cares

Seriously do you say anything via email that actually needs to be encrypted. Hell most of my emails probably wouldn't make much sense to most people.

You had me at "highly insecure"

[Angst+Badger]

Email is simply not a medium I would even consider using for sending sensitive information precisely because there are countless places between me and my correspondents where a message could be intercepted. In such circumstances, encrypting my email would simply alert anyone watching that something sensitive is being transmitted. And since the only "anyone watching" that I'd worry about is the government, why bother attracting the attention? If they want to know what I'm sending, all they have to do is wait for me to go to work, enter my house, and install a keylogger on my box. It's not like they even need warrants nowadays for that crap.

If I was going to do something I wanted to hide from the government -- and let's face it, that would almost have to be a major federal felony -- and if I absolutely had to have documentation and accomplices, none of it would be in electronic form to begin with, never mind transmitted over the public internet. Encryption is useful for governments and major corporations that are basically above the law. It's not terribly useful for private citizens unless you're just trying to hide your porn folder from your roommate.

Re:You had me at "highly insecure"

+1 I almost wish this was an anonmous comment

Re:You had me at "highly insecure"

In such circumstances, encrypting my email would simply alert anyone watching that something sensitive is being transmitted.

Chaffing, anyone?

http://people.csail.mit.edu/rivest/Chaffing.txt

[From Ron "RC4 RSA" Rivest] :)

Or will chaffing 'tip off' the Feds as well? ...

If they [the Feds/gov't] want to know what I'm sending, all they have to do is wait for me to go to work, enter my house, and install a keylogger on my box. It's not like they even need warrants nowadays for that crap.

In that case, you'll have to get a laptop or smaller computer and treat it like a 'football' ....

http://en.wikipedia.org/wiki/Nuclear_football

But of course they could use TEMPEST or just 'tranq' you at home while you were sleeping to gain access to said laptop.

http://en.wikipedia.org/wiki/TEMPEST

Got two [or more] other trustworthy friends who can stay awake with you to 'babysit' the laptop properly at ALL times on 3, 8-hour shifts [or more shifts with less time involved per shift]?

CAPTCHA: unwraps [LOL! :D apropros for an encryption Slashdot thread! :)]

Why don't I encrypt?

I don't send anything important over email. If it's work related, that's not my problem - that's the company's problem.

work in healthcare

[ILongForDarkness]

Connection between nearby hospitals mail server runs through a encrypted network everything else is unencrypted and employee policy is nothing patient related goes to anyone outside of the encrypted network. Personal email: I save all my offensive remarks for /. posts my email is pretty boring actually.

Re:work in healthcare

Checkout the direct project !

Re:work in healthcare

[ILongForDarkness]

Cool. I'm actually in Canada but sounds like a similar thing. Our EMR/PACS etc is shared amongst a couple hospitals (and we use the same IT support provider so it is "one helpdesk") as well as a more wide(at least in terms of hospitals, not geographically) email system than direct seems to: (probably an easier nut to crack since SMTP is more standardized than other stuff) http://www.ehealthontario.on.ca/programs/one_mail.asp.

No, but..

[Roogna]

I also consider e-mail an untrusted source and simply don't use it at all for items that would require encryption.

It'd be great if we -could- use it as a trusted and encrypted form of communication though, but it's only useful that way if it works in all cases.

I don't

If I encrypted it the government would start reading it.

Yes and no

[eagl]

I encrypt work email whenever it includes private or sensitive information. But that is only because my company has a global email address book and every single user has published encryption certificates. My company has also mandated that every email gets digitally signed, whether it is encrypted or not.

Which brings me to my no answer, my personal email. I would encrypt all personal email if I could, but the problem is that it is unlikely I could get all of my email recipients (or even most of them) to bother to deal with keys and making sure their email client could decrypt as required. Not only that, I use webmail a lot and it's not easy to get everyone onboard the same scheme that would allow encrypted email via webmail.

If everyone did it, then heck yes I'd encrypt all of my personal email too. If it was as easy as microsoft putting a big button "enable encryption", along with another button "send public key to email correspondent", then everyone would be using encrypted email. But they won't, so I'm pretty much out of luck.

I encode my email with ROT13

[Proudrooster]

Pna lbh ernq guvf? Vs fb, lbh pna rznvy zr hfvat ebg13 rapbqvat. rot13.com

Re:I encode my email with ROT13

As do I. But I use 2ROT13 to be twice as secure.

Re:I encode my email with ROT13

[laejoh]

Zr gb!

Re:I encode my email with ROT13

[scire9]

Well that's pretty silly considering ROT13 has been considered broken for YEARS now. As soon as I found out myself, I made the switch to ROT26 right away.

Why would I?

I encrypt things where it seems to make sense.

For example, personal data on my laptop is all encrypted, because there is a highly plausible threat scenario where my laptop is stolen and the thief uses details from my contacts database, internet history, etc. to conduct identity fraud.

My online backups are all encrypted, because there's no way I'm trusting a random online storage provider with the personal data I don't trust to be safe in my own briefcase.

I don't encrypt my email because it doesn't make sense. What would I be protecting it from? For me, as a non-dissident citizen of a non-oppressive country, what threat exists that would be countered by encrypted email?

Criminals don't have the ability to intercept email on a sufficiently wide scale for identity fraud to be a concern. Government? But I'm not a tinfoil-hat conspiracy nut, so I have no reason to believe my government is a threat to me, and in any case they would have other ways of getting past any encryption I used.

And there's also the little snag that as of today, using encrypted email is basically shouting out "HEY, NSA! I THINK I HAVE SOMETHING TO HIDE FROM YOU! MAYBE I'M JUST PARANOID BUT YOU REALLY SHOULD CHECK ME OUT IN CASE I'M A TERRORIST! HERE IS MY EMAIL ADDRESS AND THIS IS THE IP ADDRESS OF MY COMPUTER, SEE YOU SOON!" ... even having nothing to hide, I'm not sure why I would want to do that.

Seriously. Why the fuck would I want to encrypt my email. It's just extra hassle for everyone involved, and the benefits seem to be pretty non-evident.

I encrypt my Facebook posts

Who uses email anymore?

Don't communicate sensitive information in email!

Don't communicate sensitive information in email! whether it is encrypted or not!

I DO, like every DD

[GPLHost-Thomas]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Like every of the ~800 Debian developer in this world, I do use
encryption, and know how to handle PGP keys. My private key is encrypted
in a dm-crypt partition of 2 of my laptop, and I have a revoke
certificate handy burnt on a CD. My GPG fingerprint is also written on
my business card, so that everyone who I met can fetch my private key
from any of the major key servers, and check its fingerprint. My public
key is signed by about a dozen different people, mostly other Debian
developers, which is a strong "web of trust". If everyone was printing
his GPG key on a business card, I could also send encrypted emails, but
I've seen only other DDs doing it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREDAAYFAk7wBSAACgkQl4M9yZjvmklYVACfXYV3ncJnZuKosZJ8k0ZSzc3t
SpQAn0eYtQCIrQeTcBgA1b+Yz58OVqCJ
=EQHO
-----END PGP SIGNATURE-----

Re:I DO, like every DD

[mortonda]

gpg: Signature made Mon Dec 19 21:46:40 2011 CST using DSA key ID 98EF9A49
gpg: Good signature from ........

Not posting the rest, but you can get the name and email address from the signature. :) I'd be surprised if any spammers know how to do that though.

Re:I DO, like every DD

[gknoy]

My GPG fingerprint is also written on
my business card, so that everyone who I met can fetch my private key
from any of the major key servers, and check its fingerprint.

Can I have one of your business cards? :D

Re:I DO, like every DD

I'd bet you can also get it from his username, the statement that he's a Debian developer, and some judicious googling, so that doesn't make much difference. Some exposure to spam is part of the price of participating in open software development...

Re:I DO, like every DD

It's a "revocation certificate", not a "revoke" certificate. More PGP training for you, my lad!

Re:I DO, like every DD

Yes but spammers already have his email from scraping the PGP databases directly so it is not much use investing time on looking up random keys is it?

Re:I DO, like every DD

See, it would be nice to be able a more informative course, or at least some practice on small components like this. I've read a handful of how-to's that talk about generating your own key, but none of them talking about being able to easily verify a signature from an online post. I don't know how to check your message at all. It took a while to even figure out how to even get gpg to take a look at your message ('gpg --verify'[Enter][ctrl+shift+v][ctrl+d][ctrl+d]). And yes, I have much to learn with even basic bash commands, but it seems there is an explicit learning curve with encryption that many people simply won't be bothered with.

As an aside, how DO I verify your signature, anyways? Do I have to import your public key before I'm able to verify with gpg? How would you be able to fit your ASCII public key on a business card? Or, do you simply give out your keyname and keyserver?

As the only person I know who wants to give a damn about encryption/signing, I feel that I don't know much at all. Certainly not enough to explain it to the layperson.

Re:I DO, like every DD

And your post makes you look like a pedantic little shit to anyone that's not a nerd. And that's the majority of people in the real world.

Re:I DO, like every DD

[mortonda]

Yes, but that doesn't mean it's polite for me just post it on a public site, now does it?

Yes

[Tastecicles]

Due to the nature of my email communications it is absolutely essential.

Yes. I've been using PGP for a long time.

[mortonda]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Why, yes. Yes I do. At least for the few recipients that do too. And
all my messages are signed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFO8AWNUy30ODPkzl0RAr75AJ9qYq94sfL00DZxCb3e1tL/HX4uIACeLlbJ
RYRY0ZwfXoKwpyEJn0JzJ2Q=
=fy5a
-----END PGP SIGNATURE-----

Because a lot of people don't use email clients!

PGP works well with a good email client, but a lot of folks use web mail. It probably is that simple.

Secure within a single server

[steveha]

I run my own mail server. Anyone connecting to it over the Internet must use an encrypted connection for receiving or sending mail; I don't even open the insecure ports in my firewall. A few of my friends and family members have accounts on my server.

So, when I send email to family members who are using my server, my email is encrypted while going onto the server and being pulled from the server.

This doesn't solve the general problem but it is better than having only insecure email.

The biggest secrets I send over email anyway tend to be the dates we are going on vacation; it is unlikely that anyone would intercept our email and decide to burglarize our home, but why risk it?

If we have a file with secret data we want to send, we usually just use SSH to copy it to one server or another. I'm not the only geek in my family and several of us have Linux servers running SSH.

steveha

Re:Secure within a single server

[GPLHost-Thomas]

I run my own mail server. Anyone connecting to it over the Internet must use an encrypted connection for receiving or sending mail; I don't even open the insecure ports in my firewall.

Then you didn't understand how STARTLS works (hint: it also can be on port 25).

So, when I send email to family members who are using my server, my email is encrypted while going onto the server and being pulled from the server.

Your mail is encrypted for PART of the transport (in fact, for the part that you control). But that's it. It may have been sent to you over a non SSL webmail for example. And you must be sending it to a 3rd party that anyway, will read what you sent unencrypted. That kind of encryption is useless, because it's not end-to-end.

This doesn't solve the general problem but it is better than having only insecure email.

IT IS insecure the way you use it. The fact that you think it is safe is even more dangerous, because it is not.

Re:Secure within a single server

[steveha]

Then you didn't understand how STARTLS works (hint: it also can be on port 25).

Oh good grief. I meant that I have port 993 open and port 143 closed, okay? And I have the server settings to "require encryption" for originating emails via SMTP.

Obviously, email that arrives from other servers on the Internet was sent in clear text and arrives unencrypted over port 25.

Your mail is encrypted for PART of the transport (in fact, for the part that you control). But that's it. It may have been sent to you over a non SSL webmail for example. And you must be sending it to a 3rd party that anyway, will read what you sent unencrypted.

It's great that you want to explain things to me, and I guess I appreciate it. But while you seem to think I don't understand security, in my turn I think you completely failed to comprehend what I wrote.

The subject of the post was "Secure within a single server" and I noted that I have friends and family who have accounts on my server. I commented that I could send email to them and it would be encrypted when I sent it and encrypted when they pull it from the server. And I noted that this doesn't solve the general problem.

You actually quoted the relevant part of my original posting: "when I send email to family members who are using my server" (emphasis added)

So could you please explain to me how my email to, say, my sister is insecure? It's encrypted when I send it to my server, then it sits on my server, and then it's encrypted when her email client pulls it from my server via port 993.

I didn't say anything about the security not extending beyond my own server because I thought it was so incredibly obvious that I need not spell it out in so many words. But, just in case you are still confused, that's what I meant when I said this doesn't "solve the general problem".

steveha

Re:Secure within a single server

[GPLHost-Thomas]

The subject of the post was "Secure within a single server" and I noted that I have friends and family who have accounts on my server.

How exactly is your family and friends trusting your TLS connections? Did you go up to transmit them your CA cert? Or do you just register a certificate and you trust the ever growing number of organizations issuing them?

Re:Secure within a single server

[steveha]

How exactly is your family and friends trusting your TLS connections? Did you go up to transmit them your CA cert? Or do you just register a certificate and you trust the ever growing number of organizations issuing them?

I apologize, but I am not sure I understand the point you are trying to make here.

It seems you are raising issues outside the scope of my original posting here: specifically, you are saying that my family and friends might not be able to trust the encryption my server is using, because I might have gone to a bad cert issuing organization. Is that correct?

I'm using self-signed certs. If you think this is a bad idea, please go ahead and explain why.

And you might think I'm being sarcastic here, but actually if I am doing something insecure, I do appreciate being educated about it so I can improve the way I do things. I would prefer you just educate me without a snarky attitude, but I will accept a lesson even if I must tolerate some snark to get it.

Also, if you feel that I should learn more about security, please recommend a book or web site that you think would be a good resource for me. Thank you.

steveha

Re:Secure within a single server

[GPLHost-Thomas]

There's nothing bad with using self-signed certs, if you check the fingerprint of the certificate by hand. But I guess you just gave to your peers the server address, and they blindly accepted any certificate. Not even every email software would show you the certificate fingerprint before the first connection, and I don't know any of them that would prompt you a dialog box when your server's cert is replaced (the way certificate patrol would do...).

So with all this in mind, it would be trivial for a government administration to do a man in the middle attack, which is totally impossible if you use GPG, and manual checks of fingerprints (which is why you should print the fingerprint of your GPG key on your business card).

Re:Secure within a single server

[steveha]

Frankly, I haven't tried to solve the problem of the government doing a man-in-the-middle attack on my server. I was content to just not have passwords going over the Internet in clear text.

steveha

Re:Secure within a single server

[GPLHost-Thomas]

Please don't write "the government", and think about the fact that China has an SSL cert governmental organization that has been caught doing man in the middle attacks with illegitimate certs already. There's so many certification organization these days, that I wouldn't consider it safe. The PGP key thing solve the issue since you can verify fingerprints (in fact, you always should).

Yes

[MacDork]

Between the server and my box, the message in encrypted. I can read my email on an open wifi without concern someone else in the vicinity is snooping. Between my recipient and I, I sign the message with an s/mime certificate. There are a handful of people on the nerdy mailing lists to which I am subscribed that also sign their messages. On the occasion that I need to mail one of them directly, my message is encrypted. Usually though, the message is just to the list or to non-nerds I know IRL, so it's just signed for them.

ZxyRbcM2

w.pozkemrkp3.,1zeQmv@aq#mxPwfo7rbclftmB4t2wao
3hp3.xirmd8301kemfuzjeiqoejpakdhqcxhpyhididsyrdy05

All the time

[cachimaster]

If you do software remotely with a group of people, in my experience some kind of email encryption is always used even by non-programmers/managers.
I have observed technical people is more inclined to use pgp/enigmail solutions while corporate clients tend to use S/MIME.

Not everything I write is encrypted, but non-encrypted work-related sensible stuff is the exception, not the rule.

Are you actually stupid enough to send secrets

...via email?

So my question is: Do you encrypt anything else?

Encrypt? Why so no one can read my email?

[triceice]

The average email user doesn't even know what SSL means or why they should only enter their bank passwords after they have verified that they are on a secure site.

So sure I could encrypt my email but no one would take the steps to actually read it then.

You want to read my emails?

[Murdoch5]

Go ahead, I don't use email for anything I need high security on. I can use an IM client with strong encryption enabled to provide me a secure communication medium.

Re:You want to read my emails?

[GPLHost-Thomas]

Just use talk over ssh then...

No, and for a very good reason...

[Shoten]

The problem is interoperability. Yes, yes...I know, you can just give out your PGP public key to everyone and they'll be able to decrypt their email. If, that is, they use PGP too, which almost nobody does. And granted, sure...you can install an S/MIME cert in your copy of Outlook and...what's that? Some people aren't using the full-fledged, Microsoft Office-included version of Outlook? Some people are on smartphones too, and have the AUDACITY to want to be able to read the emails I send them on their iPhones? Bah...idiots. They should focus on more important things than the incredibly sensitive email they send back and forth...like encryption!

Re:No, and for a very good reason...

Wow. I'm not sure if there's a nice way of saying that you have no idea what the fuck you're talking about.

you can just give out your PGP public key to everyone and they'll be able to decrypt their email.

If I give you my PGP public key, it lets you do two things: encrypt email that you send to me, and verify my signatures.

In any case, it's not an interoperability problem -- the people who don't care about PGP won't use it, which means they'll just see a weird attachment (my signature) when I send them email, assuming I do use it.

Some people are on smartphones too, and have the AUDACITY to want to be able to read the emails I send them on their iPhones?

In the immortal words of Apple's marketing campaign, there's an app for that.

Re:No, and for a very good reason...

[slimjim8094]

S/MIME works just dandy on iPhones.

Patriot Act

To fellow Americans

We have no privacy, Remember that whole 9/11 deal. We are all guilty till proven innocent.

Real reason to encrypt?

[MishgoDog]

Why would someone want to read my email? Neither my job or life is that interesting to anyone other than a very closed group of people...
I encrypt my USB key and portable drive because I have data on that which is sensitive - but not in a profitable way, more in a way that if someone found the data in a lost USB key, it would be embarassing to my company.

The only possible reason I can think of is identity theft, and honestly, I'm not worth that much (do a cost benefit - effort of sorting through my emails to build a profile of my identity, vs how much they could make off me before I/my bank/whoever clued on).
Sure, I'm sure a whole bunch of /.ers are scared that 'the feds' might snoop their email. So what? What could they possibly read in my email that they would care about?
I think a better question to ask - those of you who do encrypt their mail, why do they do it? Is it because they really are emailing information that is valueable enough to incentivise someone to select them - of all the email accounts in the world - to target? Is it because they honestly believe big-brother is out to get them and they have to hide their email to stop them? Is it just a way to prove their technological superiority above the plebs who don't encrypt their email? Or is it just that they are more concerned about the possibility of somoene reading their emails than the likelihood of that actually happening?

Or, am I incredibly niaive in believing that identity theft (or some other way of causing me grief) through email snooping doesn't happen much?

Re:Real reason to encrypt?

The reason to do it isn't that you are saying anything that needs to be private, but that you might ever some day possibly want to say something privately.

To make that possible, you need to make it habitual to you and normal to eavesdroppers.

Related to the encryption, BTW, are all the amazing advantages of signing. People can't check signatures if they don't have your public keys. The crypto is a nearly "free" side-effect.

We could switch to encryption in 6 months

[Okian+Warrior]

We could switch to encrypted E-mail in 6 months if developers had the courage of their convictions.

Firefox is open source, yes? And so is Chrome, I believe? Also Opera?

Don't these projects have an E-mail reader as part of their offering?

All we need is for one of the major browsers to choose an encryption standard and bundle it with their reader, and include a checkbox in the sender that reads "let others read this message" or similar wording.

Overnight people would start using the feature. It would start with Firefox users <-> Firefox users, then expand as people encouraged their friends to use the same standard. People would be encouraged to install the feature in their own reader.

Recipient doesn't have the feature? Various ways to detect and handle this, takes but a moment's thought.

Like a pandemic, encryption would spread to the far corners of the internet.

But no, developers don't like to make the decisions. They like to be consulted by the people who *do* make the decisions ("SOPA is supported by people who don't know how the internet works"), but they don't actually want to *make* the decisions.

This will not change in our lifetime.

Re:We could switch to encryption in 6 months

This is full of fail:

Firefox is open source, yes? And so is Chrome, I believe? Also Opera?

Opera isn't.

Don't these projects have an E-mail reader as part of their offering?

Only Opera does. Thunderbird exists, but it's not part of Firefox.

If you had the courage of your convictions, you could've fucking Googled it before posting.

Re:We could switch to encryption in 6 months

[GPLHost-Thomas]

Firefox is open source, yes? And so is Chrome, I believe? Also Opera?

We're talking about MAIL here, why do you put browser names here? And no, Opera isn't open sourced.

Don't these projects have an E-mail reader as part of their offering?

apt-get install enigmail, which is what I use. It's also available as a standalone extension if you don't have an operating system that uses packages (in that later case, shame on you, anyway you aren't safe...).

All we need is for one of the major browsers to choose an encryption standard and bundle it with their reader, and include a checkbox in the sender that reads "let others read this message" or similar wording.

If you mean having a gpg key generated automatically at the first startup of the email client, then at least silently sign outgoing message with that key, I think that would be a very good idea indeed.

Also, there's a javascript library implementing the GPG protocol (see /. history), so it should be even possible to do it by default, on a webmail. Squirrelmail has a module for GPG, but I'm not fan of uploading my private key on the server (which is also the reason why that package has never made it into Debian).

But no, developers don't like to make the decisions. They like to be consulted by the people who *do* make the decisions ("SOPA is supported by people who don't know how the internet works"), but they don't actually want to *make* the decisions.

If you care that much, I would suggest you to file a bug in the relevant bug tracking system (mozilla uses bugzilla...) to make plugins like enigmail part of the main project. That's a better place to complain than /.

Email?!?

[Darth]

Encrypt my email?!? Hell, I encrypt my slashdot posts.

this one is encrypted with a simple rot-26 algorithm.

I hate email.

[cshark]

They force me to use email at work. Three percent, maybe five percent of everything I get is useful, or needed. At home, on my personal account, that percentage number is much lower. Email is a pain in the ass to manage. It's not worth the headache. Rather than worrying about encrypting your email (which is among the most pointless things you can possibly do), why not set up a corporate jabber server, or tell everyone to get social networking accounts? These things, these beautiful innovations of modern email free living don't have the problems email has, and you can filter out pretty much anything you don't want to read, silence anyone you don't want to hear from. Nobody's ever going to call you when their facebook stops working for no reason, because well... facebook never stops working. And while you may need to find a new purpose for all that firepower you have stored away in your basement for the day you finally do snap, you'll find that you're happier without email, and so is everybody else.

HELL NO!

[painandgreed]

If somebody with the power to look at my email really wants it, I just have to ask myself this one question: "Do I really want to get hit with a wrench in the face until I give up the encryption key?"

Re:HELL NO!

[hedwards]

I think the way that usually goes is national security letter, warrant or subpoena to the email provider or to whomever it is that has control over the server room. In all likelihood you won't even know about it until it's too late.

Encrypting things is all well and good, but if you don't control every step in the process, which you don't, there's not much to be gained by doing it. If the party that you're communicating with isn't as careful about it or doesn't have a similar interest in keeping it secret then it's not going to take much for the feds or whoever to get access to it.

Re:HELL NO!

[painandgreed]

You really need to read more XKCD.

Re:HELL NO!

[mlts]

Depends. If it is some big foreign organization scanning mail looking for persons in other nations they deem against their interests to deal with later on, encryption is just fine, as it keeps the broad nets at bay.

Human backward compatibility

I used to PGP-sign all my outgoing mail, using the modern MIME form with GnuPG.

Then people started complaining about the spurious "attachments" and saying they didn't know how to open them.

If I used the old-style form, they'd complain about the gibberish at the end of the message.

Once again, human backward compatibility fails.

No

[Kjella]

Almost everything I have to deal with securely has a https site. That goes for my online bank, "my page" on a whole ton of various services and so on. In fact most of those go on to tell me they'll never ask me for anything important over email and that if I do get an email looking like that it's probably a identity theft/fraud attempt. So the only reason would be talking with other individuals. Most of those would be much easier talking to in real life. The rest, well maybe we wouldn't want to trade email addresses at all, but use some other service. If I feared that someone would be reading my email, I probably wouldn't like to leave that obvious a trace of the communication in the first place. So it really never fits the bill.

my e-mail isn't insecure

[holophrastic]

I think a lot of people, particularly those in the know, forget what safety really is. Security isn't about wasting all of your resources to protect something that no one is trying to steal.

Case in point: I drive at 154 kph (~100mph) on a highway with thousands of other cars doing the same. The only thing protecting each of us from the other is a dashed white line.

There's no one trying to steal my e-mail from my servers. And that's mostly because there's very little value in doing so right now.

So why not do it anyway? What does it hurt?

Some people do have valuable e-mail, and indeed they should encrypt it. But making everything encrypted is the same as wasting medications. You breed stronger bugs faster than you can keep up.

Re:my e-mail isn't insecure

[dissy]

On the flip side of that argument, if you always encrypt your worthless emails that no one wants to steal, then no one will notice the one day that you do happen to have something worth stealing to protect.

If you never encrypt, then suddenly start to with just one person, then that would look quite suspicious to anyone who was looking for it.

One could assume that if you have something important that needs to remain secret, and is actually worth encrypting, then it might be possible that others are interested in it and thus watching for such things as sudden use of encryption.

For the record however, I stopped encrypting my email a long time ago.

Re:my e-mail isn't insecure

[holophrastic]

on paper, that's definitely the argument against me. but in practice, i'd have had to keep up to date with encryption tech all that time.

Re:my e-mail isn't insecure

[mlts]

PRZ pretty much said exactly that in the PGP introduction documentation. Encryption should be like envelopes, because few people would send sensitive documents on postcards.

Why I Still Use Snailmail

[banished]

At work, I am required to encrypt anything containing sensitive information and the receiver is required to know how to decrypt it...which takes no knowledge at all since it all happens in the background. Any time I need to transmit sensitive information from an environment that does not have encryption/decryption capability, it goes by fax or snailmail. It's so 20th century.

With some...

[vanyel]

...the one or two people who also use encryption. It would be easier if Thunderbird would ever implement the "encrypt when possible" option that's been in the buglist for years. "Always encrypt" is a completely useless option unless you're in an extremely restricted environment.

I do always sign my mail, which occasionally gets me "I can't open your attachment" (usually from webmail users these days, as at least most clients can handle them now) and, fortunately rare now, "I can't reply" (because Outlook would default to signing replies if the incoming message was signed, even if the user had no certificate and then complain because they didn't).

The few people implementing encryption in mail clients have *never* given any thought to usability, and unfortunately, I haven't had time to dive into the code and fix it myself, though I've started trying to get the build environment set up a couple of times.

Re:With some...

Same for me. I've got 3 or 4 people in my address book/keychain that use PGP. If they use PGP, I encrypt. If they don't, I don't. Sort of a "lazy best effort" method to encryption, I guess.

Re:With some...

[CAPSLOCK2000]

You should try the Enigmail-plugin which does exactly that. If the recipients PGP-key is in its addressbook it will use that, otherwise it won't encrypt the mail (allthough it may still sign the mail).

Re:With some...

[vanyel]

I use enigmail for those peers who use pgp, which is maybe one person now, however:

1. few, if any, mail clients support pgp out of the box, whereas most standalone clients do support S/MIME now, so signing with S/MIME is a good default

2.. It adds the problem of conflicting with S/MIME - there's no way to say "use which ever encryption I have a key for". The encryption plug in system needs to have a way to say "try them in this order"

depends

[wbarron]

I would say it depends on what you're doing, most email messages are garbage. I would go with TLS for corporate environments, PGP for personal use.

I don't get it either

I honestly don't understand it either. I've been on projects which required us to store the code base on an encrypted partition of a hard disk or usb stick we'd only plug in while working. Yet those very same people were sending sensitive information via email, like SVN addresses with usernames and passwords neatly bundled in one unencrypted email. Hell one of those projects even had their own chat client that used overkill encryption, yet didn't use basic email encryption.

Last 3 employers switched to encrypted ZIPs

The last 3 places I have worked at have either used 7zip or AttachShield, to encrypt any sensitive information into aes-256 encrypted zip files. Then just tell each other the password over cell communications.

PGP is just way too complicated for people outside (and even some in) the IT industry.

Re:Last 3 employers switched to encrypted ZIPs

[Timewasted]

This was secure until the Patriot Act....

Because 99%

of internet users are not Slashdotters so whats the point.

PGPmail for business

[krelvin]

I only use PGPMail via work which has an automatic way to encrypt email for business purposes. Outside of that, I have little need to encrypt my email. If it is important, confidential information, I don't send it in email.

Very rarely, alas.

[gessel]

I use GPG/OpenPGP for some mail and "secure" web mail for other applications. I do not use third party web mail (such as gmail) because I can't control the dissemination or privacy (or longevity) of my mail and while my life is generally boring enough to fit within Eric Schmidt's idea of privacy ("If you have something that you don't want anyone [someone] to know, maybe you shouldn't be doing it in the first place [at least not though a google property]."), I occasionally write a personal opinion of someone I wouldn't want them to be able to Google later or share a business detail that could be economically damaging or embarrassing (or is subject to NDA) and gMail and all other web mail services are effectively public.

I've used PGP (and eventually GPG) since about '94 and my keyring has about 20 people on it: more than 1 new key a year! Alas, 25% of those keys expired in the late 90s. My address book has about 1500 entries. Why so few keys? As the OP pointed out, it isn't all that difficult.

The answer for me is that the model for encouraging encryption has to be more like S-WAN than GPG-like. I'd love to turn on "encrypt everything" and forget it, but I'd get an error message for 99% of my correspondents, so obviously that isn't going to happen. So I set my prefs to reply to encrypted messages with encryption, which is fine, but it means I rarely (almost never) initiate an encrypted thread.

What I'd like is an opportunistic encryption mode where any message to an address in my keyring is encrypted by default. Any message to anyone I don't have a key for gets a nice little .sig file with a brief notice that their mail is insecure and effectively public and a link to further instructions for getting GPG set up.

One annoying problem is that encrypted mail is not searchable. To solve that, I want my client to extract a keyword list on decryption then upload that keyword list to (my own) server as an unencrypted header to enable searching (implemented, of course, with a stop list for words you wouldn't want to appear in the clear even out of context or perhaps particularly out of context).

For the truly paranoid, this list could be a hash list, though you could still fairly effectively dictionary hash fish, but it would provide some security and reduce the easy availability of information. In fact, all headers could be hashed and still generally be searchable (except maybe date ranges).

I also want my server to store my public key and encrypt all incoming mail with it. Of course it is already transported in the clear, but it makes my server less vulnerable. Once the mail has had an index extracted and the body encrypted, someone cracking into my IMAP server would, at least, not find a historical trove of clear-text data. And my friends without keys would get annoying sig files evangelizing encryption.

Re:Very rarely, alas.

[mlts]

When it comes down to it, there is no one program that can truly automate good security. At some point, users cannot be spoon fed and have to do it themselves. CAs can be spoofed, trusted introducers can be hacked or bribed, and so on.

In reality, if you want security these days (I mean actual security, not some pretty spiffy lock icon promising security), then one will have to go out and pack your own parachute, just as people did in the early 1990s.

It is easier now than it was back then -- gpg and the commercial PGP versions can encrypt and decrypt clipboard contents, both Android and the iPhone have implementations of this. It also easier that the specter of encryption being outlawed is not over our heads as it was back in the days of the Clipper Chip.

So, it boils to a social issue more than technical now. Do people want to do proper keysigning gatherings, stick their PGP IDs and signatures on their business cards, and have this info as much a part of their contact info as their E-mail address and FB contacts? If we can get people to understand this and the concept of a web of trust, security in general will be much improved.

Re:Very rarely, alas.

[xiando]

I've used PGP (and eventually GPG) since about '94 and my keyring has about 20 people on it: more than 1 new key a year! Alas, 25% of those keys expired in the late 90s. My address book has about 1500 entries. Why so few keys? As the OP pointed out, it isn't all that difficult.

I have the same experience. Most people don't think privacy is important enough to protect, so they do not bother. I do find that signing my mail with GnuPG helps somewhat: Those who actually do use GnuPG notice that I use it and start encrypting what they send me. Still, not one in a hundred of those I communicate with by e-mail bother.

Re:Very rarely, alas.

[evalhalla]

I'm too in the very rarely camp.

Most of my emails are sent to public mailing lists, so crypto wouldn't make sense, but I try to sign at least some of those, so that people know I have a gpg key.
A good percentage of the rest are trivial enough that there is no need to bother encrypting. I do take a point to send at least some encrypted message now and then, just so that the few really private ones don't stick out as much. Most of what I encrypt for that reason are mildly NSFW links sent to friends (and the encryption works as a nice NSFW reminder, bonus point).

The fact that lots of my friends are nerds, and a significant part is somewhat related to the debian project and thus have to have a key of course helps.

The main goal of the NSA is to defeat this.

[DMUTPeregrine]

Consider the main goal of the NSA: To have access to all communications everywhere, and to analyze them for any threats to US power.
From their mission statement: "Collect (including through clandestine means), process, analyze, produce, and disseminate signals intelligence information and data for foreign intelligence and counterintelligence purposes to support national and departmental missions." "This Agency also enables Network Warfare operations to defeat terrorists and their organizations at home and abroad" (Emphasis mine.)
You assume that they do not have backdoors in any of the vulnerable components of your computer, that nowhere in the software, the OS, or the hardware of the processor did the best-funded security agency in the world succeed in creating a backdoor. You assume that this same agency can't break PGP/AES/whatever cipher you have. And you assume they're not interested enough in what you are sending to make their capabilities public by your arrest.
Only the last assumption is reasonable. To assume that not one Intel engineer is an NSA plant, that not one Microsoft programmer hid some code, that not a single implementation weakness or side-channel attack is present in your encryption app is a very big assumption. Far safer to assume the NSA/China/etc know what you're writing, and keep major stuff off of computers.

Meh

I do use URL shorteners as weak encryption of URL's sometimes..

but I use mostly IRC and bitlbee that forwards ICQ and Jabber to IRC...

I deleted 3(!) different eMail accounts I had.. It was fantastic...

Alot of Offices use encrypted ZIPs

[CableRanger]

The last couple places I worked IT jobs had already standardized on sending aes-256 zip files using free utilities like 7zip or AttachShield. Then they'd just relay the password over a cell phone conversation or in a meeting depending how paranoid the client was.

Re:Alot of Offices use encrypted ZIPs

[MRoyale]

The last couple places I worked IT jobs had already standardized on sending aes-256 zip files using free utilities like 7zip or AttachShield. Then they'd just relay the password over a cell phone conversation or in a meeting depending how paranoid the client was.

Last office I was at switched to aes-256 encrypted ZIP as well. Strangely enough it was actually their general counsel who ordered the change because apparently this is somewhat comment practice in the legal community now.

Re:Alot of Offices use encrypted ZIPs

One contract I did, people sent small TrueCrypt volumes back and forth with documents in them. Of course, said volumes used both passphrases and keyfiles (which were initially physically exchanged on USB flash drives.)

This isn't as elegant as public key encryption, but barring a keylogger or compromised endpoint, did an excellent job at ensuring documents sent across the wire were protected. To boot, we used the .zip extension just to confuse anyone sniffing the link or the mail spool files.

Not viable

[bloodhawk]

The only time I encrypt is to people on my own corporate email system where I know it is managed properly and hence is a viable option. For anything beyond that if the information is so sensitive that it needs encryption to email then as far as I am concerned it is too sensitive to put into email as I wouldn't trust the vast majority of places to securely administer their mail system anyway and that includes their key management.

Does it matter?

[neostorm]

I don't. I am a huge privacy advocate, but I don't bother with encryption because I figure: A) the only people looking are the US government (where I live) and that's about the only entity who would be interested, and B) their spyware is probably 10x better than any encryption that's publicly available.
I'd love to know if there's something guaranteed for anonymity, but otherwise it's just not worth it. The bad guys already won, and I don't care if they know that I hate them. That about sums it up.

Ticketmaster wanted my to email my credit card inf

Ticketmaster wanted my to email my credit card info them to buy handicapped tix as SOP. NOT!

Don't hate me for promoting a MS service

[Vrtigo1]

With MS BPOS / Office 365, they have a handy feature called exchange hosted encryption. Essentially what it does is when you send an e-mail and mark it as encrypted, it'll e-mail a short note to the recipient letting them know they've received an encrypted message, along with a link to an SSL enabled site where they can view it (they have to have a PIN code setup prior to verify their identity). It's not perfect, but it's really easy to use and solves the problem of being able to send an e-mail to just about anyone while maintaining end to end encryption. You can even set up rules by domain or regex, so any e-mails sent to MyLawFirm.com would be encrypted, or anything message that contains text matching the format of an SSN would automatically be encrypted. This is great for office environments where you don't want to have to explain the concept of encryption to your users, or rely on them to encrypt messages they should be encrypting.

No.

[jibjibjib]

No, because I don't want to carry a key around everywhere, and because I don't want to (and sometimes can't) install encryption software on every computer I need to use email on.

For me, the extra privacy isn't worth the extra inconvenience.

And your point is?

[ArchieBunker]

Has anything of value ever been snooped via email?

Re:And your point is?

[GPLHost-Thomas]

Privacy isn't about secrecy. Privacy is about choosing what you want to be disclosed and to who. Jonas once posted his social security number on his personal website just to make that point clear. So your question has no meaning, because the reason why we are using GPG isn't only for security of valuables, but because we care about privacy, and being (technically) able to make sure everyone will respect it.

Also, GPG isn't only about encryption, it's also about authentication. See above, someone could verify that I was the real sender, and it proved my identity. In Debian, we sign every package that we upload with our GPG key, to make sure that we are who we pretend to be, and that we have been previously allowed to upload. We also use it for voting when there's DPL election every year, or when we want to change the Debian constitution (that vote would be called a "general resolution").

I could, but don't, sometimes...

[pbjones]

I don't encrypt because I don't send anything that requires encryption. Having said that, My Wi-fi is encrypted to a reasonably high level, and if I really wanted to, my OS can encrypt messages and I can use encrypted webmail to send and receive email, so encryption is so commonly available, we don't use it, or we don't know that we are, e.g., Skype or SSL.

Been wanting to for nearly a decade now

But no one I email consistently does, and its hard enough trying to help them open up a MS Word document in a newer format. Yea, I had to switch to Word from Open Office because no one was able to open up anything I sent. Yes, I tried always making sure I sent things in a Word compatible format, but for some reason someone would be unable to open things up. What's that? PDF you say, strike again, found people to need to email, that for some reason couldn't open up PDF files either.

As much as I feel we should be driving technology, it seems like technology often drives us.

Yes

I use an algorithm based on a very large dense LFSR, hashes, and symmetric key passwords implemented in a little notepad-like program that has been shared among my family and various people I email. It's super-easy to use and works with any email clients or web-based email. It's as intuitive as it gets; even the most non-technical of my family can handle copying and pasting a mess of base-64 stuff into the "magic decoder" window. It's even kind of fun for some. Obviously it has its limitations, being best suited for small-ish plaintext messages, not handling files at all, and requiring occasional friends and family face-to-face password exchanges, but we do actually use the thing for anything socially, financially, or politically sensitive.

I work for the Department of Defense

[dhenson02]

So hell to the yeah.

Unfortunately, when I try to explain to someone that they need to "encrypt" the e-mail they send me and "sign" it so I know it's from them (even though it's pretty obvious it is), they sound completely baffled. These are people working for our government to run our military operations (dunno about overseas though, haven't encountered them yet).

So I say "lock" it and for some odd reason this is a commonly used phrase for "click the blue lock next to the mail icon in Outlook".

They still don't sign them of course. There's not really a "pin a red ribbon" it phrase yet.

Pointless to encrypt

The NSA's quantum computers sneer at your puny compression attempts. Go ahead, use 2-to-the-any-power compression. See if it helps.

You may have dodged a bullet.

Back then, when all I had was my Palm Pilot IIIxe, I thought "Whoa. I hold in my hand a portable computer that I can use to exchange digital signatures with". I even kept my pgp key in a note I could beam to someone, given the chance. Never happened.

Careful there—that might lead to irresponsible behavior.

Security Clearance

[tiny69]

I use to encrypt email. But then I got a job that required a government security clearance. The person assigned to do the background investigation asked for my passphrase. I gave it to them. I haven't encrypted email since.

Re:Security Clearance

[isorox]

The person assigned to do the background investigation asked for my passphrase. I gave it to them.

And you failed the test. I hope.

No, because ...

[dbIII]

I send email to people that know so little about the subject that they even think DropBox is secure.

PGP won't catch on, S/MIME will

[mr100percent]

I've had PGP for over 10 years, but I'm putting it aside and getting behind S/MIME.

S/MIME has great enterprise support, is built into mail clients like Outlook, OS X Mail, Mozilla Thunderbird, iPhones, iPads, and even has browser plugins for GMail. PGP has none of this, sadly.

7 emails

[Culture20]

I've encrypted probably only 7 emails, but I sign almost everything unless I'm sending the email to someone completely pgp illiterate ("Why does this email have random junk at the end?").

Of Course

[tehlinux]

I don't want the man to know how I enlarged my pole with wonder pills!

Re:Of Course

[Culture20]

I don't want the man to know how I enlarged my pole with wonder pills!

Mr. President! We have a human-growth-hormone gap with Poland!

Re:PGP NOT Understood

[DERoss]

If Mac OS X's Mail client automatically supports PGP, it is not necessary to obtain any certificate from an outside source. With an OpenPGP application installed on your own computer -- Mac, PC, UNIX, Linux, etc -- you generate your own certificate. See my http://www.rossde.com/PGP/index.html.

GPG / S/MIME / LUKS and TLS

[bill_mcgonigle]

Yes, no, maybe.

I use GPG (Enigmail) for really sensitive stuff but typing my very long passphrase every 15 minutes gets old. Also, those e-mails do not participate in my global search, so I try to keep them as limited as possible. My mail store is on a LUKS volume anyway, so GPG is doing a narrow function.

Occasionally I'll find somebody who speaks S/MIME, and then that happens automagically for me. That's nice, but largely a function of mailer integration.

But, in the meantime, a good half of my e-mail, and most of the important stuff, travels out my network on SMTP/STARTTLS connections, so that window of eavesdropping is closing as well.

Use as much encryption as makes sense (oh, that's the hard part, eh?)

Re:Remains Encrypted

[DERoss]

An E-mail message encrypted via OpenPGP remains encrypted on the sender's computer (replacing the clear-text version), on the outgoing server (if retained), on the receiving server (if retained), and on the recipient's computer.

Yes, the sender or the recipient can decrypt it and save the clear-text version. However, that is considered a bad practice that is discouraged.

The best way?

Sorry to answer with a question, but what would be the best way of managing private keys under a brittle infrastructure constantly under attack, with non-knowledgeable users? Storing private keys on a rooted server or workstation somehow sounds like a bad idea.

There is a great need for this

[maxbash]

No I've never used encrypted email, I wish that there was a universal system for it. The other day I needed a credit card number from my wife. Simple I texted my wife to put the number in a text file and save it in the Dropbox folder. I wasn't in a big hurry so I check 2 hours later, nope not there. Texted wife again to recheck, I got a "It's there stupid" No problem, I'll ssh in. Doh! I forgot to setup dynamic dns when I reset the router for the new ISP. My high tech efforts failed, I called my wife and got the number over the phone. 4 hours later the file showed up in DropBox. I sure wish encryption was to norm in electric communications.

Encryption takes two

[Arancaytar]

I sign all mail, regardless of whether the recipient has a clue what digital signing even is. In order to encrypt mail, however, both the recipient and the sender must be security aware.

Practically nobody I communicate with - even among the ones who use Linux - cares enough about security to even own a key, even though they regularly include obviously sensitive information in a message.

Why would I?

[flimflammer]

Unless you're emailing highly sensitive stuff between knowing parties, what is the point, and what happens when your recipient doesn't have a means to decrypt the emails?

It really takes a special kind of paranoia to think you need to encrypt your personal email correspondence.

Don't waste tax payer money

[Barlo_Mung_42]

The NSA is reading everything I write already. If I make them work for it it's just a waste of tax payer money. Clear text all the way.

Smartphones cannot forward encrypted emails

[fluor2]

Well we used to do signaturing (digital signatures) emails in Outlook, however it's a problem for people using smart phones. Or, at least Android phones. People could not forward the mails as the phones lacked these features. So we had to end signing.

It's about time the Exchange client gets upgraded on Android. It really sucks for more advanced features. You can't even search your appointments.

Re:Smartphones cannot forward encrypted emails

[allo]

why not? inline pgp should be really easy, i do not know how smartphones affect signatures in the attachments, but when it causes trouble just use inline pgp and do not care if its e-mail, paper, or written to stone. it just has two clearly seperated parts, the message and the signature, which can be read by a pgp-binary.

It's complicated..

[whois]

I sign email on one machine, but encryption and even signing requires copying your private key to all the machines you actively use mail clients on, including your phone. Nobody has made a simple and secure protocol for private key download or message upload/sign/encrypt on the remote server. For that matter, nobody bothered making a protocol for contact list sharing, settings sharing, installed plugin sharing, etc, which is why people moved to web mail and things that sync with a phone.

So I have a machine at home I occasionally check mail on, a laptop, a desktop at work, several virtual machines I might need to access email on, a phone or two, etc.. But even if that were all solved there's the problem of replying to encrypted emails, and the fact the subject and recipients aren't encrypted. (Recipient, fine.. that's impractical. Subject: nono.)

So you sent an encrypted message and want to review it later. How? Hope you included a copy encrypted with your own public key (cc'd yourself). Maybe your mail client does this for you. If not the message in your Sent folder is unrecoverable. Want to continue an encrypted conversation? Better make sure your phone or whatever you send mail from this second supports things, and you have it properly configured.

Then there's the fact email wasn't made to be secure and therefore it's broken. DKIM? Sounds good but mailing lists that append things mess things up. GPG should be signing parts of the email and clearly saying what it's signed, but the new idea is to put the signature in the email header where it can be mangled by the next MTA.

Mail headers pretty much make no sense. How do you know which parts weren't spoofed? Can you believe any of it besides whats in your maillog? The answer is yes 99% of the times but only because we still have some trust in the sending MTA if it's a reliable provider.

Mail and it's headers should be append only with clear distinctions of what MTA appended what and everyone signing things for verifiability. That would require a rewrite of the protocol though.

why isn't this the default yet?

[MikeyO]

I am AMAZED at the number of people saying "I don't say anything interesting anyway" or "I have nothing to hide".

Picture a scenario like this: You get a new cellphone. When you first set it up, it gives you this question, "Encrypt all your phone calls by default, or Allow us to listen to your phone calls". How many people would say, "I don't say anything interesting anyway, let them listen".

If when you were having your cable modem installed, the cable installer said, "Hey, do you mind if while I'm installing this cable modem, I also install a microphone, so we could listen to your conversations?" How many people would say "sure, I don't say anything of interest anyway".

I think that in these hyperbolic scenarios, most people would say, "Yeah, I actually want my privacy."

So, since we have had all the technology available for years, why isn't encrypted conversation by email the default yet? Why wouldn't people want that?

Green Bar?

[aaronb1138]

It would be far more useful to try an approach similar to the relatively recent browser green bar vs. red bar for https.

Green bar - the e-mail client and mail server have verified end to end trust CA SSL certificates and are using SSL encryption point to point. Red bar - server is not available on SSL or client cannot connect to mail server on an encrypted link (SSL, encrypted Exchange, etc.)

The reality is until Microsoft puts such functionality in Office Outlook and Exchange at the same time (along with free patches for prior versions) as well as Google and Yahoo, there is no expectation for this to be a viable solution.

A few years following such a coordinated switch, maybe one could add a prompt regarding, "Send E-mail Insecurely?" or have a option bit to ask as a policy.

Also, giving out a PGP key is silly from a security standpoint because now your points of failure are every person to which you needed to give a key rather than trusted. Not exactly great for the non-security minded sales guy down the hall.

The download link with one-time or per-recipient passwords options are great for files (I love them) but usually too much trouble for most people as well as inviting people less security conscious to click links in e-mails when maybe we shouldn't.

No me!

Don't you know "THEY" read the encrypted ones first?

If I can, I will

I generate signed certs for my accounts, and my wife. With iOS5, I can even add the cert to the iPhone. So, me and my wife now encrypt all email between ourselves as a matter of course.

I'll happily exchange encrypted mail with anyone, but so few people do it. And the fact that I have my wife's machines set up tells me it ain't that hard.

But, hay, with people posting on twitter and facebook their location and travel plans, what the hell. Who needs privacy and veracity.

No

[Sloppy]

No, I don't, because other people don't care, so they use shitty software. Webmail is the worst, because it'll never be very practical to handle client-side decryption or signing of webmail. (Yes, I've seen some heroic attempts with some ff plugins, but they're not as nearly as convenient as even a mid-1990s email client.) Outlook is bad too, but at least it has the excuse of trying to push a rival standard (an unquestionably inferior one, but nevertheless quite legitimate). Webmail, OTOH, is just a technological step backwards to .. before you had TCP/IP on your PC. I just don't know how else to put that. It's like dialing into someone else's computer and running mutt, which was fine in the 1980s, but we supposedly had a revolution since then. I guess not.

It's ok to admit things aren't going well; shit happens. I do think everyone who has posted here saying email encryption isn't valuable, though, needs their geek cards revoked. Those kids should go back to playing their xboxes and leave the tech discussion to people who are willing to take a few seconds to think about things.

Your email is uninteresting? Well, so is your newegg https checkout page! Why the fuck does anyone care about all the CA integrity problems that have come up lately, if encryption and authentication have no value? Give up https if you think pgp isn't important, because most everything you do with https isn't even half as personal as email.

Your communications don't need to be private? Neither does the list of URLs you've visited which happen to have "like" buttons on them. But somehow when Facebook decides to profile you, you have a a hissy fit. Yet if someone *cough*google*cough* were to profile you from your everyday emails, you would be creeped out -- just kidding, you'd bury your head in the sand and pretend it's not happening.

Nope

For corporate use in the Netherlands, a message signed by a valid certificate can be considered the same as an autographed document. This could potentially put the company in trouble, and hence, no on does because no one wants to be held responsible.

Only where PKI is pervasive

[ComputerizedYoga]

on my work network, we've got an integrated PKI that makes it easy for people to exchange their public keys. If I'm sending someone a password or other sensitive information, I'll encrypt it against their keys there. If I'm just talking to someone (ie: not doing anything sensitive), encryption is off, signing is on. If I'm sending from my personal email, the only person I encrypt to is my work email.

I think the big reason that email encryption in general hasn't taken off is that it's a huge pain to exchange keys. Some keyserver attempts have been made, but frankly there's not been enough adoption in any circle I've seen to really call it a success. The only time this stuff seems to really work well is when there's a corporate directory and a mandate from management that says "you will get a pki certificate, and you will publish it on the global address list".

S-MIME

I use s-mime encryption together with a free SatrtSSL certificate. Works perfectly with the OS X mail app. I used to use pgp for many years but the problem was that it did not integrate to well with my mailclients and also almost nobody was using it. S-mime is easy and fully implemented into any decent mailclient today.

Alternate solution

I've tried and stopped doing it for the reasons mentioned many times already.

But I've had some success with a zip package that includes GPG, my public key and a batch file that encrypts everything you put in an enclosed folder. It's a bit of a hack, but it's easy enough so I can send it to someone and get encrypted files back. It would be great to have a more polished cross platform package though...

Re:No - especially if sending attachments

[Rhodri+Mawr]

One of the key difficulties is if you are including attachments in encrypted e-mails. This often results in your e-mail being quarantined by (depending on your viewpoint) over judicious anti-virus software as it is unable to scan the encrypted e-mail and guarantee it is virus-free. Your e-mail never arriving rather defeats the purpose of sending it in the first place.

I appreciate that a well configured system can get round this difficulty, but most end-users do not have well configured systems, they have the operating system or software's default settings which are rarely if ever encryption friendly. (If encryption came by default, how would the likes of the NSA and GCHQ spy on us?)

instant messaging

[Weezul]

Off-the-record messaging is fucking trivial. I've many friend with whom I use off-the-record messaging.

Re:instant messaging

[Electricity+Likes+Me]

OTR messaging is great, but it's not practical to use with email (the notes on its development discuss this).

It is a spectacularly thorough system.

PGP Key Server and Privacy

[rbcowboz]

It seems that a lot of people from hackish communities use PGP. These people are usually very sensitive when it comes to privacy. It strikes me that they have no trouble with the common practice to list name and e-mail address on one of the PGP key servers (e.g., http://pgp.mit.edu/). This seems to me very odd considering what a registry like this offers in terms of abuse. I would also really like to use PGP but I don't want my details listed on one of these servers. So one approach would be to not put the complete name info in the key to start with. Of course this kind of sabotages the "web-of-trust" idea, but for me, this doesn't work anyway because I would give my key to possible correspondents in person or on business card rather than have them look it up on a key server. I would be very interested to hear what more advanced PGP users have to say on this.

Re:PGP Key Server and Privacy

[muckracer]

> It strikes me that they have no trouble with the common practice to
> list name and e-mail address on one of the PGP key servers

> I would also really like to use PGP but I don't want my details listed
> on one of these servers.

I had this gripe myself, for the same reasons I decline being listed in the phone book. I send my public key to interested people directly, usually after a couple plain-text exchanges. This doesn't, however, protect me from having someone else upload the key to a key server. What is needed, IMHO, is a "NO KEY SERVER" option in the public key, that, when present, will cause key servers to just discard any such uploaded key and not list it publicly.

In the meantime, you can always use a pseudonym as name on your key. The people you know you can easily explain that to and the people you don't know don't care anyway since they have no way of verifying in normal interactions.

Meh!

[terryfunk]

Encrypting email for the most part is a waste of time...UNLESS...
If you're doing something illegal.
Even if you're not doing anything illegal

IT'S just email.

From a business point of view, if you're sending email that is THAT sensitivel over the public internet you should be caught and fired.

Really... it's JUST email...

Re:Meh!

Oh, boy, did the brainwashing work well in your case..

You just shot your own argument with that last paragraph to boot, so not all is lost.

Private email MUST be confidential. It's nobody's business what I write to friends or my children, and any assumption that governments are benign in their purpose has been watching too many soaps. Governments are made out of people, and the moment you have a bad guy at the top, all hell breaks lose. Hence protection is required.

Business email: well, you seem to understand that already. Communication should be confidential. However, I have seen $100M deals go over the wire unencrypted - I was involved in the due diligence of some deals and was horrified to see it was all in plaintext..

Iff i have a key

[drolli]

Encryption/signing only makes sense if the key distribution happens on a well defined domain (e.g. inside a company). It has always been beyond my grasp why i should sign messages to people who have no trusted way of authenticating my signature. However, in the last company i worked for, keys were more or less correctly distributed for another purpose (logging into the WLAN), so i imported my key into thunderbird and used for signing my mails using s/mime. I was the only one who did, however, at least anybody *could* no verify if that mail was from me - if he really wants (or needs).

No

[kikito]

I don't care.

TLS

[Tom]

I wonder why nobody has mentioned TLS/SSL so far.

No, I don't encrypt mail - anymore. Like most here, I tried for a good time, had my PGP key in my .sig and website online, fingerprint on business cards, etc. I think I sent about 5 PGP-encrypted mails and received the same number.

Reason: Nobody else used it.

So I went to the level that I could control. All the SMTP and IMAP traffic between myself and my server is encrypted, and if the other side supports TLS, so is any incoming and outgoing SMTP. It's not perfect, but it is better than giving up completely. Opportunistic encryption is the best option you have if you don't control the other side, and I believe that PGP should be a huge lesson in humility for us crypto-geeks. Because we don't control the other party, but we thought that we could/should.

I do

[X10]

I encrypt email every day.

RDlGa6LhCxbwur

[snero3]

-----BEGIN PGP MESSAGE-----

Version: GnuPG v1.4.11 (GNU/Linux)

hQEMAxpxdNC/Rmn+AQgAm5IX6HFgCmGLAfU+LxrBngamZzs5XYu53KtMNsk2Tio/ S7lgDr2D28e1tf4oOB0sPBq4Y0ZND40IUnI3o9XOBid/s3ySTCck4Vch4boXG/bL A1hSbF7blRDlGa6LhCxbwur3DM33pJHYLg8i22Bv12+94QysAl3fYpjYw8qXYVMY HrigiYGOi6ik8mUijfMrh8zuL7OytV3YUP2YqoYZVN8r9izvR5eVrIO2cz9xT6o7 NqP8G6NxpOAhGEYNyRmuvZwh3Qfo5x5EOVQZOPVHQAs7svZvAzZG+dNjHf7cNK9t z5+2h/xqz6rRmi/DfowAvZUahBLc4rGt4lgJOVPSjtJ2AZUjdwsjgSA7lYDbxfZ0 /gR4fT4HS+0Znw6HDSp6ZXFNZS2kvKRVtOpP9z09DUbT6q1XHiwo7iWe3/HPNQL9 Z9hSYRVclxwkgcD7XyIEz4kYPIAbrE1WCwEGicVE78BahIDvOshRw2EsuN1UplXR 6usNM9QaBQ== =aj+t

-----END PGP MESSAGE-----

No

As it isn't universally available, the volume of mail generally is high and I don't email much of interest anyway, there doesn't seem much point.

I thought the modern way however was to shout your personal information/plans down a mobile phone whilst in the busiest places possible. No encryption there either.

Most people just don't care

[SlightOverdose]

In 10 years as a software developer, I've had an almost countless number of passwords, credit card numbers, highly sensitive documents, and more sent to me via unencrypted email. Almost on a daily basis.

No matter how hard I try, people just won't use encryption. I managed to convince everyone in the office to use S/MIME, but this lasted about a week before people decided it was too much work.

It's not like they don't understand the risks so much as there doesn't seem to be any 'easy' turnkey systems out there that are cheap or free. S/MIME is included in all major email clients, but it's a pain in the arse to setup - I ended up having to do it for everyone myself.

Personally I think email clients should automatically (without user intervention) generate an s/mime key and sign all outgoing mail, and encrypt all outgoing mail where a signature is known. This way you'd end up encrypting all email without even realizing it. (Of course you'd still require user intervention to copy private keys between your different computers......)

Re:Most people just don't care

[X10]

Personally I think email clients should automatically (without user intervention) generate an s/mime key and sign all outgoing mail, and encrypt all outgoing mail where a signature is known.

I have done just that, with a plugin in my mail client that my company had created. But one of the issues here is that a lot of people use Outlook, which used to fail on replying to a signed message. When it receives an S/MIME signed message, it automatically sets signing to "on" for the reply, but when you hit send, it finds that you don't have a key to sign with. You can cancel, losing the reply. When I routinely signed my outgoing email, a received a lot of complaints from friends who pointed out to me that my email is broken because they can't reply. No, it's not my email that's broken, it's Outlook that's broken. This made me stop signing all outgoing email.

Another thing is that however easy it is to encrypt email, people still have a secret key. I got a phone call from a reseller for our email encryption product, complaining the product didn't work any more. He had bought a new laptop. "Did you backup the signing key?" "Should I have?" Geez. It's one click in the setup of the software, "backup private key, we recommend you to do this".

I know encrypt and/or sign email on my mail server, with an open source S/MIME encryption product. It encrypts email whenever it can, but I've configured it to not sign email unless the header has a keyword that tells it to sign. I think server based solutions work. Inside your company, there's other security.

Yes

4096 bit RSA keypair. I use GPG (GNU implementation of openPGP) with Mozilla's Thunderbird client. Thunderbird has an extension called enigmail that work great with GPG. The real problem is not enough people use it to make it useful.

Better

[migloo]

No encryption. I prefer steganography.
Whenever my partners receive a picture of my cat, they promptly retrieve the nasty contents hidden inside.
And the police spies won't even suspect I am an outlaw.

I even encrypt my slashdot posts!

[Rhaban]

V rira rapelcg zl fynfuqbg cbfgf!

Encrypt? No. Sign? Maybe.

[pstorry]

I've rarely, if ever, had a good reason to encrypt my email. I think the largest number of encrypted emails I ever sent was on a "crash Echelon" day back in the late 90's, which was hardly a good reason. ;-)

I used to sign almost all my non-list emails. (Mailing list software sometimes didn't like signed messages.)
But the problem with signing is that some very dumb (usually big business or government) mail gateways would see the PGP/GPG lines and assume encryption, even though it was just a signature. That meant my mails were being blocked regularly "due to encrypted content", which was a PITA for both me and my recipients to deal with.

Frankly, because of those kinds of issues, I gave up even signing my emails.

I would still sign or encrypt if there was a good reason to, but given my email usage I think signing is more likely than encrypting. And even that would be fairly rare.

Would like to, but...

[aklinux]

I thought it was interesting this topic came up now here as it also just came up on my Linux Users Group mailing list last week. A local friend and I tried it a couple of years ago when a pgp/gpg plugin came available for Thunderbird. We both had it set up and it seemed to work OK, but to what end? As near as we could tell, it was him and I, and no one else. 'kinda pointless. I do think we should be using it. I think businesses transmit entirely to much confidential client information around the country. I believe we all, myself included, need to be more security conscious.

Not really

[mshenrick]

I have a public PGP key on my website (http://mshenrick.dyndns.org - currently down), but I've never used it, as I rarely get emails from people, just companies, and my emails aren't that sensitive, or the ones that are, are from websites and they don't support encryption

S/Mime

[mrthoughtful]

Well, if you are on an apple, then s/mime works very well for encryption, on the basis that both parties have each other's keys. As long as one signs one's emails with a pkcs7-signature the key is transferred. So a typical transaction goes (signed email: hi, do you really need my password) (signed return: yep, I do) (encrypted email: ok it's p455w0rd ) (encrypted return: I have reset your password to Gh0-dA6-Ly3-d3cu-dNl )

Why has email encryption not become more commonplc

[bytesex]

Because the physical storage of private keys (for when I reformat me drive, switch computers, do whatever that obligates the new installation of the private key) is troublesome, that's why. Also: because we're at RSA-4096 now, for reasonable security (that is, for my job at least), and that's just *damn long*. O, and thirdly, because good, simple, elliptic curve implementations (in *C*, not C++, thank you very much) are left wanting at the moment.

Encrypt ?

Encrypt it ? Against who ? The Germans ?

Re:No - Me yes- none else I know does though.

[Mista2]

Ive got Thunderbird and PGP set up on my Mac, on my linux laptop and my wifes windows PC. The problem is noone else I email does, so it's pretty useless. I also need a good PGP client on my iPhone that can just hook into my iMap server, otehrwise I loose that handy mobile access.
Personally I wish all my mail stored on Gmail was encrypted seeing as US lay allows all that mail to be tapped for any reason without a warrant if older than (I think) 30 days.

Not often

[DrXym]

For several reasons:

1. Very little of what I write is important enough for anybody to care about
2. Very few of the people I interact with use encryption and I'm certainly not going to advocate encryption unless I consider it necessary to what I wish to send/receive
3. Encrypted email is orthogonal to searchable email. i.e. if I encrypt my emails to somebody then I can't search that email unless the plugin slowly, painfully decrypts every email to search through it.
4. Email encryption was DOA the moment S/MIME + PKCS was chosen as the default standard. What the fuck were Netscape & Microsoft they thinking to back this 3 legged horse? It's hideously complex, slow, bloats emails, makes it difficult to obtain / renew keys and email clients had such botched or complex interfaces that it virtually guaranteed no one used the tech.

I have used raw PGP/GPG and Enigmail with good results but usually only when exchanging emails with customers who want certain data to be encrypted, e.g. the keys used to port knock a device for example.

I can't help but think how prevalent encryption would be now if every email client's setup wizard auto generated a keypair (or allow you to import them) and just enabled it without some big song and dance. Forcing people to root around in broken CAs and obtain certs from a CA for $$$ and repeat the process every 6-12 months was a recipe for disaster.

Don't get me started!

I feel like an outcast at work for flat out refusing to send passwords and other secret strings in plain text. Even when it's only going within the same Exchange server. Eventually I had to give up because nothing was getting done and no one was sending me any public keys or any other method of sending secured information. It's sad really because it's a HUGE global IT company, also reason for being an AC.

No

[brunogirin]

No because if it's really sensitive, I don't communicate it via email.

Nobody cares

[starmonkey]

I don't encrypt my email, because nobody gives a fuck about my private correspondence, except the recipients (I hope).

Re:PGP NOT Understood

It's not used because people mostly use Microsoft products. Outlook can't use it nor can Windows 7 phones. The nice bit is that people who would consider using it are already using Linux so we can speak to each other securely if we want to. :)

obstacle: other users.

I do encrypt any sensitive information (source code that while not secret is not public either). I also encrypt e-mails to senders that I know have PGP-keys. Unfortunately, most of my e-mail communication involves sending mails to groups of 10 people or more, most of whom don't even know what PGP is.

Most finance sites don't allow symbols

[superposed]

I use a similar password system (a basic formula with 8 characters, including letters, numbers and symbols, and a way of changing it for every application). This works well for most purposes (e-mail, academic logons, etc.), but generally not for financial websites (my credit card company, bank, brokerage account). So I have a different system for financial sites that _doesn't_ use any special symbols. This seems like a bad idea. Why would any website (especially one that wants the highest security possible) forbid the use of certain characters?

Are you joking?

[pinfall]

Most Americans have switched to twitter/facebook for all their communication needs. They are being spied on by hackers, feds, foreign entities, 9gaggers and the entire milky way galaxy. They're going to worry about their email encryption? Now that's the best line I've heard all day.

I do

I use quadruple ROT13 to encrypt all my data.

The value of encryption

[JSmooth]

The value of encryption for public communication is limited. Unless all parties involved are 100% diligent there will always be an unencrypted copy available somewhere. Instead of adding overhead and procedures for dealing with encryption I find it best to avoid putting sensitive information into email just as I avoid doing so in other public places.

nope

I don't, because nobody does.

BOFH -guide to encrypted mail at work.

[CAPSLOCK2000]

When somebody in my organisation requires a new password the user is either required to walk to our office to collect it. When that happens we explain PGP-encryption to the user and help him/her to set up a key. The next time this user needs a password we offer to send it through PGP-encrypted mail, to any mail address under the users control.

If a user is unwilling/unable to come over to our office we suggest to find a few colleagues with PGP (we know people in most departements) and get a key into our web-of-trust.

No, but I do sign it

[DrSkwid]

with DKIM

Observe, if you will:

People still use picture post cards, despite that not being secured even by an envelope. This isn't bad, per se. It just is.

On top of that, _Why Johnny Can't Encrypt_ already gave an inkling why email will lag: It's too much of a cryptonerd's game. There's no obvious workflow, the process is tricky, and so on, and so forth. There is no easy fix for this. Notice how there are two competing but incompatible systems (s/mime and pgp/gpg). We'd need a single standard way of containing keys that both supports web-of-trust and hierarchical trust relationships (but as part of multiple trees, not just one). Most of that, like how to deal with multi-dimensional trust calculations, is still an open research question. "Trust" is in fact a misnomer; it's trustworthyness, not trust itself, you're assessing. The trusting you do afterward. If that trustworthyness calculation turns out too complex or opaque, people will shrug and do the trusting anyway, on no evidence and even in the face of strong hints not to do that. Thus the current ways we use crypto ensure that no matter how good the algorithm, it will be easily defeated by a bit of social engineering. All current systems really do practically invite doing exactly that.

The recent ruckus around SSL only tells us that the PKI idea is too limited and brittle. Also note how the most widespread web-of-trust implementation is just as much not very well thought out: Putting your key on a keyserver means you're leaking information that you then cannot remove. You can only revoke the key, but not the metadata, thus providing a valuable intelligence source.

How then? I don't know. But we do need more options. Workable ones.

Why?

[Zaatxe]

Why should I encrypt youtube links of lolcats I send to my wife?

Why would I?

[Gaygirlie]

So, my question to fellow Slashdotters is 'Do you encrypt your email? If not, 'Why not?' and 'Why has email encryption using PGP or something similar not become more commonplace?' The use of cryptography used to be a hot topic once upon a time.

What benefit does encrypting email provide to me? If the recipient's computer is compromised then the attack likely already knows all the passwords and passcodes and has access to any and all keys anyways, and if the recipient's email password is simple enough to be compromised then likely the recipient is gullible enough to fall for social engineering anyways. In the end the end result is the same either way.

i've been hoping for it for years

[jago25_98]

i'm looking for a script to logon to my gmail and sign any email in the drafts folder.

Pendango i found was no good because i had to carry it with me.

This is important because i travel in parts of the world where kidnaps are common. I want to be able to prove it's me with signing. Encryption may attract attention but it's useful against the pretty thief, which is why i'm glad i had my passwords encrypted on my phone when it got stolen.

I once needed access to a credit card i'd left at home with my folks. I relised i had no way of communicating it securely. In the end we had to split the transaction of that info over email and a voip call. On reflection a pots phone would have been better... In fact encrypting voip is another must do.

Convieience is a big part of security

Re:i've been hoping for it for years

[Lumpy]

easy way to encrypt voip....

1 - use skype
2 - vpn home then VoiP.

Even a Marketing guy can do this.

Re:i've been hoping for it for years

[muckracer]

> I once needed access to a credit card i'd left at home with my folks.
> I relised i had no way of communicating it securely. In the end we
> had to split the transaction of that info over email and a voip call.

This is where you could use an (emergency) one-time pad. Stuff a few small sheets in your wallet on your travels, preferably waterproof, and leave the corresponding pads at home. You can now communicate short messages in ultimate security regardless of medium.

Re:i've been hoping for it for years

Unfortunately I've got a Nokia E71 symbian phone :p

VPN has been a pain to get working.... which I'd prefer. I'll have to look into it again

E4F0EDDF374F2C50D473 5EC097833DC998EF9A49

[GPLHost-Thomas]

-----BEGIN PGP MESSAGE-----
Charset: ISO-8859-1
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

hQIMAyufy8ZCeZ+RARAAxJN6B6C2450KX8Y0sU82poH77Jwj6NdK4Xh4nOfncAa2
k36walmvAhs3dTcxXmNsDlrNpOrsLEK51QKtNJSuhRKng0MkgmqmuutZoxVNaFjR
5GF3RsnKKHQ/7QUnGtJR8H6e56HjkipCWn258myOZtww2CI/3gtSEP2CuidUwU0W
bYN2cTpSfBKLGn3STXW5+cPEM6fMhtPxO4Pq0JyBjqorD60oVTzAtpkBKTEiVsqT
wnuQJRLKNTm4PinnyFlR6sTlCTIhHIocmh/eoihcMylWOWiHZcPivuyWAfq2xxkm
54YQEzTj53lGe1lZS3PjqON6LGYVaAoyr8MARcSHqlXMPzibm5knuJZNbhQUs9u1
514CXbZl52BrDBTCvCqBm3tGmA6LXMDtkgsjrRI4nbBaLobMkczFrSMIh3xwFLZn
pbCcpJlyC+GVdWjwJGVBqiOtYUMWv+14WxwG6IxC1xiMkLumhS+8dQhvcgK7eOh5
TFYKS2lD1Lu8F1xY2eT+Mw+xK5bibweFADtb7PHfqD3ZfgHKHwQprsR8Gecokwt5
iM+3AEK0KK4d3HU/Vqg1tDg+DuTaZCRnGbrBIVRjlXg5b87oJpIkcRz5NlT7InGV
l3GudSCIYjOnGRd4X2XYa/mks8zRGryfpCRmjUsHC1dYcPmKNxXsTFF5etsDwZCF
Ag4DnNG+pF42QAcQB/983wBMPUTY1HzNfa0S5kHobR/MOMkJNktfzD7cUS3anibi
pzqidp7IOSbgLSFRUTlVdtN/sbcAs9HXluBv/RkhUWTm3Jz3OGXvC035CLEhQTby
T9Jzi1b7UYZddTwHDP3t9c4J1sUKlMlnTSfnCNMI2uszop5PFO9cMQzl4M2TmRfr
/NH1IpCa6PhvhdDKTm93PmnFV5bSIIHhQ/FV9eafd1GEv9z/AvVbb4pw9zgpyK1L
DFaAXVX1Jf0humr2jRgzwC12GfI4xBzHd6GegoLg2Xj/RJIgJKn8CpYfnZONDHa2
3WRJgXrAguHvSEXYxHm29550fWadyrZEM/5UGlVUB/9PHiwrJ66FkezS12D9hDq5
WeJwqUPW+aD1I7Yknk6cisFTEksCCQWIBEPP7ZQiFqvEPhLvtVYDxBtlQcMzVSiD
atraKXdmcPrpLmZ8gAdfKRgNmMgMYJJ3frqg5agxygnHAVPjV9qMsuNOSrSvc9gC
AHfsfx8wafQR6XB4Ai1cJ9jDsUP69Hk37YtY5sM/i51D2R6qcIQK6wVAm0WjarGR
6N+WOu+MgTwBTAe30iBPbLpmwfWad4Ah4eDepGvyuqEiekPJY4ePCg5zmcmTx0EF
zyB1vpRGZUGVi90ICWrrmISllp95Qr9D1R24V4wjVhJgcraYgRgkfIbzZbZEC8d2
0nsBpvCH8DxQ02napKFt8mAVcIX/K29dFwYNgowiHdj6LeP0JfXzM47zi10Sru/u
sDTqGuHlXX24PaEKS7VvnF43r8elL8JMo4e5MmNnWQezHkShp7PkJN1KJzSJpkpt
91csvdafX97moDfwc3FWgmrAiQicoCeMtaBKtYk=
=8z8H
-----END PGP MESSAGE-----

Re:E4F0EDDF374F2C50D473 5EC097833DC998EF9A49

[jandoedel]

I get a "gpg: decryption failed: secret key not available" error.

You forgot to add the key to your post, common mistake.

Re:E4F0EDDF374F2C50D473 5EC097833DC998EF9A49

[GPLHost-Thomas]

You mean my private key? Yes, right, hang on a moment, let me past it here...

Keep it simple...

in cases that i send scanned documents (IDs, bills etc) I use a simple encryption method. Making a encypted compression archive (7z or zip or rar) and using my telephone number as the key and telling the recipient that over phone. Simple, not uncrackable but the recipient is able to decrypt it without great computer knowledge...

I leave it to my masters

I leave it up to Google, Yahoo and Hotmail to encrypt my email such that only I and my digital masters have full access...

When necessary

[TrAvELAr]

For personal life, I have and use GPG, albeit rarely. Most people that I communicate with just don't get it.... Work on the other hand, nearly half of all of my communications are encrypted.

Web mail

[HangingChad]

'Do you encrypt your email? If not, 'Why not?'

If Gmail offered it as an option and people on the other end could decode the message without any special skills, I'd use it. The convenience factor is major issue.

no, why would I?

[argStyopa]

99.99% of the communications I deal with have no reason to be encrypted.
I'd guess I'm fairly normal in that respect.

While it might be nice to encrypt sensitive things, I generally just don't send anything truly sensitive via email. Given how little I send is actually sensitive, that's easier than
a) adding a small procedure to EVERY email I send for no real value, and
b) end up failing because the bulk of people don't use it anyway.

Encryption/privacy obsessives are like the digital equivalent to the people obsessed that everything causes cancer: probably fundamentally right, but to follow their prescriptions would mean such a decrease in quality-of-life that most people disregard them hoping it'll ultimately never significantly matter. Oh, and tiresome.

It's all about usability

[grumbel]

For encryption to be used and valuable, it has to happen transparently to the user, none of the encryption plugins I ever tried to use got anywhere near that, they added so many junk into the process that it just wasn't worth the effort. Heck, the fact that they where plugins in the first place, not build in features of the mail reader alone is enough to make encryption a failure. And no, this isn't an issue with individual lazyness, but the problem is that encryption is only really safe when everybody is using it. If you are the only guy in town using encryption, that just makes you suspicious, makes you look like you have something to hide. Furthermore, email encryption already sucks on the concept levels, subjects headers are often not encrypted at all, thus just inviting accidental information leakage. The biggest problem with email encryption however is that To and From headers are not encrypted, which for a lot of big brother like surveillance is really the only information they are looking for anyway, as who communicates with whoem already gives them most of the information they need. This renders email encryption near useless and the To/From header issue can't be fixed by moving to a different protocol anyway.

The sad part in all this is that PGP/GPG could have added value to email not by encryption, but via signing. And while I do see signatures a lot of times on mailing list or private mail, where it really serves little to no purpose, I never see it in the places where it would be needed: Mail from Paypal, Amazon, a bank, etc. It's completely idiotic that I have to fish Paypal mail out of my Spam filter, when a simple signature could easily distinguish junk from legitimate mail. Further more it would make phishing a good bit harder, if a signature would allow to distinguish scam from mail automatically.

All that said, I do use encryption when its available an easy, the Pidgen encryption plugin is sort of usable, but even there just barely, as messages get lost in there on a regular basis when you communicate with somebody who changes clients between communication or other mishaps happens. It's annoying, and just goes to show that usability, which is among the most important things with encryption, always gets the least amount of thought.

Yes - Whenever I can!

I encrypt email whenever I can. Why is nobody else's business any more than what I put into a snailmail letter is anyone else's business.

However, most email users do not have the skill to setup encrypted email handling. Until the mass email servers - gmail, hotmail, yahoo, and similar implement OpenPGP in their web clients, nothing will change. Encrypted email needs to be the default, not the exception. Governments world-wide will freak out over that.

There are some downsides too.
* Encrypted email stored on an IMAP server cannot be searched using the normal interface. I'm not certain those messages can be searched at all, except manually - 1 at a time.
* Key management pretty much sucks.
* Interoperability is easily broken. Even between nerd - experts - sometimes the encrypt/decrypt process stars do not all align. Had an email 2 days ago that I couldn't decrypt. The GPG tool on the other side was running under Windows - so there's no way to know what the real issue was.

My corporate server is Zimbra. A feature request for OpenPGP support was added in 2007.

Android doesn't have built-in OpenPGP support. I don't know about iOS, but I doubt it.

Corporate-types prefer the x.509-based certs so that a corporate key can be added to every encryption. This means that the company can access the messages. GPG will not do that on principle, hence it will probably never become widely supported, demanded, by the Fortune 50 companies.

If Microsoft, Mozilla, Debian, Redhat and that other company pushed GPG certificates to a public key server and automatically attempted to encrypt messages to the same email address, then encrypted emails could become a standard. Even if we all used passphrase-less keys, we'd be more private. A nearly trivial way to share the private key between devices is needed too.

For those people who do not have public keys on the key servers, a middle-man service needs to hold the encrypted email and forward a URL so that the intended recipient can view the message securely. Of course the middle server can't have access to the unencrypted messages or governments will mandate unencrypted access.

Lrf bs pbhefr!

[bruno.fatia]

V nyjnlf hfr ebg guvegrra gb rapelcg zl frafvgvir rznvyf naq frafvgvir vasbezngvba!

easy to use encryptor adon

[roman_mir]

you can use leetkey if you don't want to deal with keys, etc., but you and the other party have to agree on a password (one time password, hopefully).

Easy to use?

[geminidomino]

PGP and the like are NOT easy to use.

It might be easy for slashdotters to use (and even that's debatable), but it's incomprehensible to the average schlub, and since 99% of the people I send email to aren't slashdotters, it's useless anyway.

I just don't send private data over email.

not easy to use

I tried enigmail. The first time my email client updated it was no longer compatible and that was the end of it. I'm not important enough to spy on and don't email stuff that's worth stealing

Yes

[Nertskull]

Yes, because I'm paranoid. Hahahaha, just kidding. I'm really not. I use it in a few situations. Most important to me, is communication with my wife. We encrypt all emails, because sometimes we need to send something like bank account numbers or passwords or similar things. I love the added security that comes from having those encrypted. I also use encryption sometimes at work, not often, but I work in research and its nice to be able to send documents to my boss and back encrypted. Even though I have no thoughts that anyone is trying to take it, still when the document represents four years of difficult research, I like not worrying about anyone getting except my boss. But probably the biggest, most frequent, reason I use it is for the signatures. I sign all my emails now. And I really wish that was standard practice in the world. Spam would become almost non-existant if you could get everyone to implement signatures. Frankly its incredibly easy to use and set up, so I can't really see the arguments against using. The only one you tend to hear is "why? no one wants to see my stuff". That's a week argument for me. It may be fine for others, but for me I guess its more of a "why not?" If you have people that are interested in it around you, use it. If they don't care, then you don't have much of a choice.

No.

Why? Because I send very little email to individuals. Most go to email lists. Encrypting that would be counter productive. As far as "private" emails go, all that I send are "Happy Birthday!" or other greetings. I don't send anything that I wouldn't feel comfortable posting on a bulletin board in a public place. Anybody who talks about their multinational billion dollar scam via email is an idiot. Even with encryption, such can be broken, if the breaker is dedicated enough and has the money.

Problems are:

- (Almost) Nobody else uses it (the old videophone problem).
- Because so few use it, I have few opportunities to use it. Therefore, the cost in time per use is very high. Nevermind that by the time I go to use it again I've forgotten my password and have to generate a new key... I've got a dozen PGP keys out there on the servers. Don't know the passwords to any of them anymore... Send me something encrypted and I have a near zero chance of ever being able to read it.

The "Tyranny of the Default" strikes again.

[VortexCortex]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I do use PGP to sign my messages, but I don't use it to encrypt messages
because most people I send email to don't have a public key published.

Setting up a public & private key pair is not part of the default setup
process.  Average users don't know how to manage passwords let alone
Managing key-pairs.

Let's be frank: It's not that PGP is difficult, it's just that the
system is cumbersome to lazy dumbasses.

My 75 year old retired Air Force mechanic neighbor knew next to nothing
about computers when I helped him and his out of state family by giving
him my decent used computer.  Two months later he's now proficient at
using GNU/Linux + Gnome (never uses the terminal). After I explained it,
he now signs and/or encrypts his email messages with PGP.

Point is: He's not a dumbass, he's willing to learn.  Most people ARE
either dumbasses or not willing to learn.  My neighbor and are are
(slightly) ahead of the curve.  It's really no more difficult than
learning Win7 + $ANY_PROGRAM...

The folks I develop software with use encryption, so we do encrypt
messages between us. This simple feature is just "more effort" or a bit
"too complicated" for most morons to use.

I blame the defaults.  Windows is prevalent only because it's the
default OS installed by the OEMs.  People bitch and moan, but adapt to
the changes in Windows...  They're mostly lazy gits.

Remember when XP came with a firewall that wasn't enabled by default?
Back then worms were rampant!  Even though all we had to do was turn on
the damn firewall to stop them from spreading... NO AMOUNT OF ADVOCACY
COULD CHANGE THIS FACT: Most people would not enable the firewall.

Hardly anyone changes the defaults.  MS finally shipped a service pack
and enabled the firewall by default.  Guess what?  No more worms.

If it was the default, then people would bitch a bit -- smart folks
would just assimilate the process; Afterwards it would be the norm.
THAT'S the "Tyranny of the default".

My biggest gripe is that email itself is shite.  When I send HTML
formatted email, my software also sends the plain-text version, it's
multi-part...   Even the encryption suit complains that HTML messages
may not working correctly with PGP.  Fact is: These protocols are OLD.
Email was never designed to be secure!  PGP was not designed to be very
extensible.

SMIME is a step in the right direction, but what we need are protocols
with the security built in by default (in an future-friendly extensible
way).

Why don't I use PGP?  Because Morons.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARE CAAYF Ak7wj6gACg kQOH9Ui Pa4ttW7XwC ff4lweAZC RjZlSDVMTX fz9RGP
828An3IiQ3en8gWELTfuOYfPm1dcVU1V
=LFtM
-----END PGP SIGNATURE-----
Remove the spaces from the first line of the PGP sig key.
I got a retarded "Filter error".
Hey moronic Slashdot devs: It's not just "an awful long string of letters there."
It's a fucking PGP signature you twits.

I guess that's just one more reason not to use PGP, everyone's a moron.

Tin-Foil Territory

[Wingsy]

"Do Slashdotters Encrypt Their Email?"

What? Are you kidding? This is tin-foil territory, man. They even encrypt their comments!

no.

[Lumpy]

because 99% of the people I email are not smart enough to decrypt my messages.

aaaaaaa

Who uses email anymore? It's all about VoIP i.e. Mumble.

the world is making a risk decision

[jbmartin6]

What the world is telling us is that it believes the chances of someone intercepting email over the network or stealing them from your mail server, and the costs associated with that vulnerability, are less than the costs of maintaining all the encryption keys and other information needed to provide global end-to-end encryption. This is just a fancy way of repeating that most people don't care.

Re:PGP NOT Understood

[v1]

it is not necessary to obtain any certificate from an outside source.

True, but many people that require your email to be signed (such as my employer did) require your key to be signed by someone that performs some sort of identity verification.

When I originally had to do this, I actually got my key (for free) from verisign, where they did that "deposit two random small bits of change into your bank account" thing, and then you had to tell them what the amounts were.

I don't think comodo did that with me, it's been awhile since I signed up. I had to switch to them when verisign stopped offering free personal certificates and mine with them expired.

I suppose I could have just rolled up my own self-signed cert when my verisign key expired. but at that time someone suggested comodo and I went with them.

k!ajsfg2yesfgkjs#yuchgwp94ei[%o8qw9rhiu

74ngg^&44gdshgw83bhcgjh^543b6729cbc uy6tsdgjhgjuhsa873263266567432732gdsgdsgdfgf4372874bxzt215$##@@65hbdsghsdghhds643876438678732gxdbdsgdsg

Jgffdsiurewugh37675326754%^73838kjudzy87^%656565

Here's the reason

[FreekyGeek]

10 I don't encrypt my mail because the people I send mail to aren't set up for decryption
20 The people I send mail to aren't set up for decryption because they don't have to be because no one sends encrypted mail.
30 GOTO 10

http://www.beatsdredrecoo.com

[p90xworkoutonline]

http://www.beatsdredrecoo.com/

Email Encryption Only Half an Answer

[ShannonBrown]

Yes. I use both S/MIME and GNUPG email encryption--with GNUPG preferred--to the extent practicable. However, the major problem with encrypted email is the "other half" of the communication. I invariably find that people do not reciprocate with encryption or do not use encrypted email at all. (In fact, in the past year, I can count on one hand the number of encrypted emails that I received from outside.) Despite point-and-click encryption options, despite automated encryption (e.g., FireFox can automatically encrypt), despite freely accessible software, the reality is that most people do not use encrypted email. Unfortunately, it will probably take a major event to help people recognize the volatility and accessibility of email. (And in the US, the so-called Stored Communications Act or state wiretap acts provide little, if any, protection.)

Law Enforcement Forensics

[Mextrus]

Sadly, part of the reason for people not encrypting their email is that they believe all encryption standards to be broken. Having seen several forensic analysis software suites with options to decrypt PGP, I doubt PGP's effectiveness in keeping out unwanted eyes. I wish this were not the case. I am aware of the many news stories where encryption was hailed as preventing evidence from being gathered but I doubt that just the encryption was the problem. On the one hand you have the fact that encryption is not integrated into email for everyone, and the other you have the lack of trust in a truly unbreakable encryption standard. You'd need both to happen to convince the masses to switch to encrypted emails.

S/MIME support killed in Thunderbird 3.0

Long time ago, I pretty much switched to Thunderbird because it supported S/MIME flawlessly. Private keys are stored in password-protected "software security device", a storage file protected by a password. The password is only needed when you have to sign or decrypt the mail, so it could (and should) be a strong password.
Fast forward few years, here is Thunderbird 3.0 . In their infinite wisdom, the developers decided that it's such a great idea to store POP/SMTP passwords in the same "secure storage", so the passphrase is reused for protecting S/MIME keys and POP passwords. So now, my only options are:
- enter a very long passphrase each time thunderbird is started
- use a weak passphrase making the whole thing pointless.

Such a PITA. Idiots.

Paranoia or real requirement?

[derfla8]

Do you encrypt your home phone conversations? Do you encrypt you SMS text messages? Are your Facebook messages encrypted? Do people use email still?

So here's the general question. Why would I go through the trouble of encrypting a mail to my wife asking her, "Do I need to pickup milk?" The problem with PGP is that it requires the users to do something that normal users (non-techies) have no idea why and how to do it. For secure communications between companies that need to ensure their communications is private, securing communications between servers is usually good enough: http://www.windowsitpro.com/article/smtp/securing-smtp-email-traffic

Yes, but only a few messages per month

[originalhack]

It's a pain in the neck, so I only encrypt a tiny fraction of technically sensitive emails and only to a short list of correspondents working on the same project.

Not common knowledge

[bmearns]

That email is insecure may be common knowledge among slashdotters and others of their ilk, I'd hardly say it's common knowledge among the general population of email users. People don't know or care how the Internet works, so they don't understand the concept of eavesdropping. I think the only security issues most people have any concept of with regards to email are phishing and "hackers" breaking into their accounts. The idea that there's a program or system out there which can defend against eavesdropping is even more remote to most people, let alone the knowledge or ability to find, acquire, install, and setup such a solution.

As for those of us who know all about the dangers and the solutions: For almost three years my email signature included an invitation to send me encrypted and/or authenticated mail using PGP, and not a single person took me up on it, or even inquired about it. And this was while I was in grad school for computer engineering and working at a tech company. So I took it out my sig, because clearly no one is interested. In short, I don't use it because there's no one for me to use it with, and I think that's how it is for most people. Your web of trust is a web of one.

Besides, I don't worry about encrypting my email because I know better than to but private stuff in emails. I use gmail, so the web client knows what I'm typing anyway, and trusting the person on the other end to handle private messages securely is a joke.

the reverse: hard to do, easy to understand

[fantomas]

My experience is the reverse.

  People like the conceptual idea of encrypting their email so it's really really private and no bad people on the internet can intercept and read their information - Bletchley Park and code breaking, James Bond, spies, secret communications - people are exposed to these ideas and get them, even think they are cool and clever. People get codes and code breaking as an idea. They'd really like to be able to send private details to their friends and feel really secure that nobody can read the details apart from the intended recipients. As somebody who helps a lot of friends and neighbours and elderly relatives with their online activities, this fear of intercepted private communications is one of the most frequently voiced: "I'd never do online shopping because somebody might steal my credit card details" "give me a phone and I'll tell you my bank details, I'd be scared to put them in an email to you in case a hacker read my email and stole those details" etc.

But their eyes glaze over at the process you need to undertake to carry out secure encryption and easy decryption.

It will take off when you can operationalise it for people for whom shopping through amazon is the limit for complexity in online activity.

Re: If it were told about the brightest minds

[StillNeedMoreCoffee]

On a lighter note, after the Manhattan project, the secure safes were examined and I think the two top combinations were segments of Pi and E.

Several factors

[StillNeedMoreCoffee]

First, people want to communicate, easily.

Second, the government and law enforcement would rather you did not encrypt communications. It makes it easier for their monitoring, and cheaper.

You would not generally encrypt something unless you had something to hide (or at least that would be the prosecutor's argument)

Privacy is assumed and trust is assumed (not correctly), but we all want to live in a trusting safe world and will find that or tell ourselves that to lessen the stress.

All these are social factors that can give some explaination why things are as they are.

Mac only solution is as good as no solution

E-mails go to all sorts of people who read them in all sorts of environments.

If you wanted an encrypted line of communication specifically between two mac-enabled folks this would work. But in that case, I think there are probably solutions out there for all OSes.

Security through Obscurity

Most e-mail nobody cares if other people read it. And if there is something "secure" its lost in the vast sea of data of the internet. This is good enough for 99.9% of the people out there.

I think that most people who feel they need to encrypt their regular day-to-day e-mail are laughable in that they think that anyone else really cares what they are writing.

i am + STEED

[anarcat]

... and while i won't go as far as signing this comment (i admire the dedication folks, but really...), i try to use it as much as possible. I have done PGP trainings for the masses (see this and this, in french) and I'm doing my best to strenghten the web of trust.

I am also very curious to see where the STEED project leads us, it looks like a nice way to popularize PGP.

Lotus Notes

[crdotson]

Well, this will get me laughed at on /. , but anyone using Lotus Notes can send encrypted/signed e-mail to anyone in their address book by default, and Notes can encrypt any local databases with one click. Say what you want about it, but having PKI built in and required to use it has advantages.

Can't encrypt in many business environments

[therealkevinkretz]

Many (most?) industries have regulatory requirements that business communications be available to regulators, or legal requirements to answer subpoenas, or auditing requirements, which necessitate keeping the message in plaintext to be produced later.

In environments like that, user-to-user encryption is forbidden, unless there's a key-escrow system in place, which defeats its purpose.

Re:No - Me yes- none else I know does though.

[cpuh0g]

Have you tried iPGMail - http://ipgmail.com/ - for the iPhone/iPad?

Almost never

[dskoll]

I hardly ever encrypt my email because most of it doesn't contain sensitive information worth protecting. Maybe once a year I send someone I know something sensitive, so I encrypt it. But that only works if I have reason to trust the recipient's public key.

I do sign email more often than encrypting it. Whenever I make an official company announcement or release announcement about one of my free software projects, I sign that email.

the reality is..

I think you are missing something.. people DO use encryption in email.. we call those people "people who need encrypted emails"

I don't encrypt my email, because I really have no personal information that I care about going through email.. if I had a lot of important info going through my emails I would encrypt them.

This is just like asking.. "Anyone can read the tcp packets when browsing the web, why does anyone ever connect to non-ssl encrypted sites?" or "It's possible to track the origin or destination of every site you connect to on the web, why doesn't everyone use tor for every web session?"

The answer always comes down to.. when a person has a need to encrypt, spoof, or hide.. they will find a way to do it.. Till that time they will do everything insecurely because it is not a priority for them.

Granted sometimes that "need" is simply to calm down the paranoia some people have.. which is not a bad thing.

The other side of this is that encryption technologies aren't being marketed by big business because they want to read your emails because user data, profiling, and directed marketing is the booming business of the 2000s. Encryption would start cutting into profits.. I bet if 100% of the users on gmail started using encryption Google would ban encryption haha.

Recipients!

No! I don't encrypt email because the recipients are not capable of dealing with it. The best I can hope for is signed email.

For this reason, I am always keenly aware of the fact that I am communicating on an electronic post card for anyone to see, so nothing important or secure is ever transmitted via email.

Re:

[qubezz]

The problem is hinted at above: you can publish your public key, link to it in signatures, but you can't get anybody to send you encrypted email. Likewise, who can you send encrypted email to?

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (MingW32)

whatdoesitmatteryouhavenoideawhatthisstuffisforanyway

-----END PGP PUBLIC KEY BLOCK-----

Re:Yes. I've been using PGP for a long time.

[tokul]

And all my messages are signed.

If it worth doing it, it is also worth overdoing it.

web of trust is a dealbreaker

No, because people who are non-technical won't invest the time in building a web of trust. The whole concept is bizarre if you're not familiar with the issues. You have to generate a fingerprint from your key and then talk to someone (in person, ideally, perhaps on the phone) so that there is proof that you are you? And you have to establish a graph of trust that include everyone in your address book. Not even Alice and Bob want to be bothered with that.

So then the alternative to web of trust is to centralize certification with a third party like Verisign or Thawte (oh, except Thawte doesn't offer class 1 S/MIME certificates any more). Then it's up to each individual to validate their identity with a CA, pay the fee, and hope enough of their friends do likewise to justify the cost.

So then you have Facebook, Google, Yahoo, etc. These companies already have access to your social graph, and seems to me they could provide services to validate identity and issue certificates. But their business model wants to mine your social graph and your communication, so encrypting isn't in their best interest.

Couldn't Get Anyone Else to Do It

[sudon't]

I've always wanted to encrypt my e-mail, but I could never talk any of my friends into doing it. If nobody is set up for encrypted e-mail, nobody can read your mail. Web sites have also dumbed-down their web pages by preventing autofill. Because most idiots - excuse me, netizens - don't use encrypted password databases such as Apple's Keychain, using them has been made much more difficult. We're all forced into a lowest common denominator internet.

For most folks, it just doesn't matter.

[ElForesto]

I'm a tech support guy for PGP (now owned by Symantec), so I have some unique insights into email encryption. I think the vast majority of people using email encryption are doing so for regulatory reasons. For the most part, they are financial institutions or deal with financial institutions. Very few individuals are worried about personal privacy, but rather the security of corporate and financial data. Even if they are worried, storing it behind a password is sufficient for them.

Even without using PGP or an OpenPGP-compliant software (like GPG), there's still a fair amount of security built into email these days. All webmail uses HTTPS. SMTP uses STARTTLS to secure the session before any useful data gets sent. When we use a mail client, many of us are using POP3S or IMAPS which, again, adds in SSL. The transit layer is encrypted from end to end, even if the data stored on a mail server or in our mail client is not. Encrypting the individual messages is only really necessary if you're concerned about the messages being obtained from your local hard drive or a mail server. For most of us, I imagine that really isn't the case.

Who looks?

[splatnet]

I don't and never have, what I'd quite like to know is does anyone here know someone who has _intercepted_ email?

Yes, but not for my personal emails.

[DamnStupidElf]

At work we need to send and receive client information to and from billing companies and OpenPGP is used along with a handful of SFTP and FTPS servers. Getting a new business partner set up with OpenPGP-compatible software is usually not a big problem (we've only had one private key emailed to us) and it just works after it's set up.

I have a personal PGP key and so far only use it to encrypt backups generated from a cronjob and send them to offsite storage.

Re:No - especially if sending attachments

[jgrahn]

One of the key difficulties is if you are including attachments in encrypted e-mails. This often results in your e-mail being quarantined by (depending on your viewpoint) over judicious anti-virus software as it is unable to scan the encrypted e-mail and guarantee it is virus-free. Your e-mail never arriving rather defeats the purpose of sending it in the first place.

Surely you're not talking about OpenPGP here -- I'm pretty sure the whole body is encrypted there and noone can tell if it's one long piece of text or a dozen attached .exe viruses.

Also, citation needed. I don't see why an anti-virus company would be smart enough to acknowledge the existence of encryption, and at the same time stupid enough to forbid it.

Re: Just use common sense.

Follow one simple common sense rule: Don't write anything you would object to the whole world seeing. Problem solved.

Adoption depends entirely on one's correspondents

[Xenophon+Fenderson,]

The answer to the anonymous reader's first question is mercifully short: No, I don't encrypt my email, but I sign all email sent using my primary personal email address. Answering their second question requires greater detail, because it turns on how I and (more importantly) the people with whom I communicate use email.

I don't sign all email sent using any one of my personal email addresses (one mailbox with multiple aliases) because that would require issuing a unique certificate for each and every address. While that's possible, my PKI doesn't make it easy to create or manage that type and amount of keying material. (I'm not sure any PKI does.) I don't know if it's possible to include multiple email addresses in a single X.509 certificate, whether by directly including multiple email addresses in the certificate's DN or by some mechanism similar to the Subject Alternative Name extension, but even if it were, I add new email aliases to my personal email on a regular basis, which would require re-issuing my user certificate each time. Re-issuing my user certificate isn't practical, because to do it right, I think that I'd have to revoke the old version of the certificate even if I used the same keying material. I operate my own CA, so I wouldn't have to pay to re-issue the certificate (which would be the other way to solve this problem), but I wouldn't ask my correspondents to trust my CA certificate - too risky. Instead, each correspondent would have to decide (again, every time I add a new email alias) to trust my new certificate, which isn't really practical especially for correspondents who don't know me personally. I will cheerfully admit that signing my email is purely an intellectual exercise on my part because I doubt that any of my correspondents verify my digital signatures, never mind the fact that everyone I write on a regular basis uses web-based email clients that do not support S/MIME.

I don't encrypt my personal email because none of my correspondents publish certificates. I don't sign/encrypt my email at work even though my client issues its employees and contractors X.509 certificates, both because none of my correspondents outside the client publish certificates and because up until very recently I didn't have a smartcard reader (so I couldn't use the certificates that were issued to me). I can't sign/encrypt my corporate email because my employer doesn't issue certificates. Whenever one of my employers or clients has tried to deploy email encryption as part of a service provided to its customers, it's had to assume that almost none of its customers are even capable of standards-based email encryption (e.g., S/MIME), hence the proliferation of solutions like ZixMail.

I'd love it if I could encrypt every single bit of correspondence, but it just isn't practical.

Recipients could never decrypt...

[elronaldo]

I'd love to encrypt my emails. But I'd never get any of my recipients, business or family, to install the sfwr so they could decrypt my traffic. Simple reason. Not everybody is a geek.

receiver needs to also do it

[rusl]

I've never seriously looked into it because I've assumed that the receiving side is also going to have to set up some kind of decryption or whathaveyou. I don't mind spending half an hour on wikipedia and google figuring out what to set up. However, teaching/doing-it-for my dozen or so regular important contacts (actually more, but let's be conservative) I don't think so. It won't take only half an hour for them. And they'll probably need me to redo it for them after a week anyway.

I'd do it with a geek friend if we had something to be secret about, but I don't really.

Also, I'm on the gmail like everyone else so there would be the hassle of figuring out a different setup to use. (Damn you Qualcomm and you're ditching of Eudora 10 years ago!)

The obstacle is the lack of a good plan.

[iyntsiannaistnyi]

Despite fully intending to for several years, I haven't actually sat down and devised a coherent plan for key management including an authoritative physical store for the private keys (a problem because in any given day I use 4+ computers and not one of them accesses my email directly), revocation certificates, choosing a reliable keyserver, and choosing a web-based way to distribute my public key to anyone so inclined.

To make matters worse, I'm still in a state of severe digital identity flux (SDIF henceforth). I've been in SDIF for a number of years, and the problem is compounded by the fact that all the commonly used and centralized "identity authorities" (self-styled) are corporate and make me acutely uncomfortable. Until I resolve SDIF and establish the requisite collection of identities, boundaries to each, and reputations, I feel as though what digital assets I have aren't worth the trouble, especially if it's going to be temporary. I don't want to go to all the trouble of planning things (as per paragraph #1) only to then have to revoke and re-issue everything.

Used to

[CharlieG]

I used to encrypt my emails to the few people I knew who supported PGP, but guess what? Most folks don't have PGP and frankly, they don't care, and most emails I write you can read - if you really want to know where my daughter's cell phone was, or what I was planning on making for dinner....

Most e-mail doesn't need to be encrypted

And when I do need encryption I attach an encrypted file. My hard disk is, however, encrypted.

It should be the reverse way

Let make email client to use encrypt based on reception's perference.

Sender do not make the decision encrypt, but receiver does.

Re:Remains Encrypted

[QuasiSteve]

Whew - thanks for the info. I don't use it myself, but GP's comments made me wonder if mail clients with encryption/decryption could really be that stupid.

Yes, sometimes

But only when I have to.
I have a couple of healthcare-related jobs and we need to encrypt emails with client names.
At job 1, we use GPG and I'm in charge of solving any problems. Unfortunately, it had been deployed long before I started. When employees' hard drives crash they have to get a new key, get everyone else to import it, etc.
Now everyone has an iPad, which means most employees no longer encrypt email unless the message contains sensitive information and both employees still use their PCs for email. In practice this means that a lot of emails contain initials in place of names that are indecipherable to the recipient.
After my most recent clean install, I went a while without encryption, but kept getting emails that were encrypted, so I gave in and installed it.
At job 2, my business partner and I are both on gmail, so I trust the SSL to be secure enough. When I email the county, I use a zix-powered portal they provide to send sensitive information -- more often than not they reply without taking any security procedures.

In fact I do...

[jimmydigital]

Encrypted comment begins now...

-----BEGIN PGP MESSAGE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org/

jA0EAwMCe0la60+pZSWuyV8bBnhItg/xbBvgbDi1bzHD2lNv77zrOESsRrQbjAaQ
jf/UbbNeDDcxk4xdSo+vzXSFVwHa6KylaSHnkj2xi39PCA1FbMWcyQs6S+7uyDIm
gKO6V2U4ku8S1iFGlpF28w=3D=3D
=3D18He
-----END PGP MESSAGE-----

Old dog new tricks, well almost

[lsatenstein]

This old dog worked in software security for ages. I learned back then to never give away my social security number, credit or debit card number and I NEVER USE ON LINE BANKING, not even to browse my account balance. I go to an ATM for that balance.

What is on the net is my name, and my email address. On my system (laptop and isp email accounts) I carry no confidential data about me or anyone else.

Email for me is social.

When I have a confidential document to email, the attachment is encrypted, and my recipient is able to decrypt. But no encryption keys are stored on disk. They are pulled down in an encrypted stream, and that extracted from it.

I guess you could say I have protect my confidential information.
 

It's easy

Please elaborate on this point.
I think what you are saying is that if I have an email which needs to go to bob, mary and phil. That I can create a PGP key which utilizes bob, mary, and phil's public keys and that email can be opened by bob , mary and phil's private key.
I have never seen this, can you show me an example of how you would accomplish this using a GPG or PGP interface.

All you have to do is add more recipients, the message gets negilibly bigger for each one, maybe a few hundred bytes.

In PGP, just drag more keys to the recipients list.

No different than I have my PGP program set to always add me to the recipients list, so I can always read messages I sent.

not a technical issue

[Finite9]

Encryption is not a technical issue. It's easy to get GPG running with Thunderbird. Im pretty sure that it's just as easy with other programs/platforms. What I found quite annoying: Having to enter my passphrase when I sent an email, can almost certainly be solved by unlocking your passphrase when logging in (on Gnome at least), like they do with other programs. If it's technically possible to do this already, then it would be quite easy I suspect to build this in for GPG/Enigmail. And hence, not technically challenging to do this for other platforms.

I think the real problem is that it's not installed/setup by default, and the passphrase unlock mechanism is not default or currently NA on some platforms. If it were, then all of this would be purely an awareness problem. If all the above were default, i'd just have to click the button for encryption and my email would zip away.

Tried to, no adoption

[ebvwfbw]

I tried to use it over a decade ago. Even other guys that were into encryption with the exception of one guy found it to hard to deal with. Anyone outside of a computers science background, FUGETABOUTIT! I might as well as to go to the moon. Besides, what's so secret anyhow? Someone might know I'm having family over for Thanksgiving or I blew a Mustang away with my Caddy? What's really surprising to me is how few people use encryption between machines with mail (sendmail). It's easy to do, yet so many people won't do it. Just set up the certificate and away it goes!

No encryption, but sign, yes

Encrypt? No. But I will occasionally *sign* an email, if it contains, say, a contract attachment or some similarly important business-related content.

Yes

[ohmiccurmudgeon]

but I used to work for PGP...

people already tell me

my email is too cryptic

7ZIP With AES-256

Works for us at work, and for grandma. The decryption process for unwashed masses is as simple as http://www.7-zip.org/download.html run the setup, 'next' your way through it (which end-users are awesome at, ask any malware developer). Double-click your .7z file and it prompts for a password. Sure its only symmetric encryption and the pass-phrase needs to be sent via secure out-of-band method but it beats PGP.

Encrypted Email

The Post Office is ideally positioned to provide encryption key generation and distribution and become a key operator in the secure communications space. Imagine if they charged $1 to provide every a PGP (or GPG) key pair (by going to their URL and performing a key generation process) and served as a PGP/GPG key server.

When I want to send a secure Email, I got to their server and pull down the public key of any person I want to communicate securely with.

The thing that makes it of value for the Post Office has to be some on-going revenue. Perhaps a 1-cent charge for domestic mail encryption services?

How do they get the penny?

They serve as the broker not just for the keys, but for the mail trasmission. WHen they create a key, instead of creating a key for "bob@gmail.com" (or whatever) they key is created for "9347283492534324@securemail.usps.gov" (for example). My Email arrives at their server, and they turn it around and send the mail on to bob@gmail.com. Sure, Bob and I could exchange key pairs and cut them out of the loop. But would most "regular people"?

Using this scheme, then it might be possible to achieve the secure and assured internet identities needed. If the USPS can be trusted (and they are certainly trusted for scads of financial transactions today, including the mailing of Christmas cards full of cash) the could extend the micro-transaction scheme to put Paypal and other on-line payment systems out of business.

Of course, they'd have to lay off half of the 500K union guys working at the USPS now since this would continue to eat into the vanishing surface mail bundle. But that's OK, IMHO. It's going to happen anyway.

Just a thought.

Re:Encrypted Email

[HArchH]

I forgot to sign in before posting that comment, sorry.

Webclient PGP is Impossible

[Georgyo]

So, a lot of people mentioned that if a webclient supported encryption then all would be well. However, this is very flawed. Hushmail for example launched, and everyone was very happy that it launched with PGP support... What noone realizes is that you must store your private key on their server to make it work. As such, hush mail can now see all your mail. You are dependent on them being reliable with your information. This makes it no different then GMAIL. AND Because the security isn't really there, it makes it MORE dangerous. If I believe that no one can read my messages except the intended reader, there may be reveal information that I would other wise not write in email form. This creates a false sense of security, for both the user of such a service, and the people who send encrypted mail to them. Without webclient support, which is near impossible. Then it becomes near impossible to make widespread. People don't really use think clients.