Do Slashdotters Encrypt Their Email?

An anonymous reader writes "Many years ago when I first heard of PGP, I found an add-on that made it fairly simple to use PGP to encrypt my email. Despite the fact that these days most people know that email is a highly insecure means of communication, very few people that I know ever use any form of email encryption despite the fact that it is pretty easy to use. This isn't quite what I would have expected when I first set it up. So, my question to fellow Slashdotters is 'Do you encrypt your email? If not, 'Why not?' and 'Why has email encryption using PGP or something similar not become more commonplace?' The use of cryptography used to be a hot topic once upon a time."

No

Nor does anyone else. Unfortunate, but true.

Re:No

I think it's largely pointless anyway...

Most people (myself included) use a web based email client, where the plain text form of the email would be easily snatchable by the one party with any likely chance to actually intercept an email.

Cryptographic signing has a place, but even that falls into the cryptogeek fantasy realm, but If you're into that sorta thing.. you can always join the Debian community.

Re:No

[ColdWetDog]

...but I might attach encrypted file(s) if I really wanna keep something super-secret!.

Yes, this. If I'm sending anything semi sensitive, I just encrypt a file, usually a PDF, and send the password via another method. I wouldn't use this for anything extremely sensitive such as my recurring fantasy to nuke Washington DC from orbit - but for routine stuff it's fine.

And other people can deal with it. PGP encrypted emails - no way.

Re:No

[pclminion]

Encrypted PDF is tricky. Only the string and stream data of the document is actually encrypted -- all the structural information of the document remains in plain text. The number of pages, the presence of images, size of those images, amount of text on each page can all be easily determined.

If you want to encrypt a PDF, use a file encryption tool, not PDF encryption. It doesn't work quite how you assume it does.

Re:No

[cshark]

How is it unfortunate? That people aren't buying into transit encryption anymore? It's not the movement of the email you need to worry about. It's what happens when it gets there. If someone steals your computer, email encryption is the least of your worries.

Re:No

[ZorinLynx]

"cryptogeek fantasy realm" indeed. Reminds me of this comic that tells it like it is.

http://xkcd.com/538/

Re:No

[hedwards]

Precisely, when news reports surface of emails being leaked or stolen, rarely if ever do those reports refer to emails being stolen en route. Almost always they're leaked by somebody with access to either the mail server for that domain or the person's own computer.

Sure one could catch an email en route, but in practice that's hit or miss without having control of the networks to which either the sending or receiving server connects and full knowledge that the email is coming. Without that it's not likely to be profitable to do so as you'd never know which emails to collect.

Re:No

[danbob999]

And those who don't still can use SSL under IMAP and SMTP to acheive the same level of security.
However between servers, emails are still sent in clear text.

Re:No

[EdIII]

Most people are lazy and don't feel they have the need to encrypt their communications. If they are willing to post the shit they do on Facebook, they are already a lost cause from a privacy/anonymity viewpoint.

Setting up email to send encrypted payloads is not easy for most people, and the people that know how, quickly lose interest after spending an hour to set up one person.

Now, all of my emails *are* encrypted, and not just in transit. I use a special IMAP connector for Outlook that encrypts all traffic with SSL to the mail server. The web portal for my email server is encrypted with SSL as well. Where *possible* my mail server will negotiate a secure connection to a remote server, but that is pretty damn rare. On my personal computer the message store is located on a TrueCrypt drive, so if my computer is lost or stolen, I am not worried about the message store, which is temporary anyways since the email is stored on the server.

All of it is pointless if the other party is not doing the same exact thing, which is most of the time. So I never send anything in the clear that I don't want analyzed, categorized, and used by private corporations and government.

For correspondence that needs to remain secure I usually set up an email account on the same server. That way everything is encrypted down to the message store and emails sent between domains hosted on the same mail server are just internally routed.

This is the same reason why truly secure phone calls are next to impossible in systems that must be able to perform call setups to any other phone. Too many intermediary points that cannot handle it. ZRTP, while interesting, is a long way from implementation, and will never address insecure endpoints like landlines and cell phones.

It's the other end that is problem, just as you say, but it is also the points in between. As long as there are free services that won't waste the CPU cycles to negotiate encryption between mail servers, it does not make that much sense.

Bottom line, I am secure where I need to be, not through encryption specifically, but choosing what I say, when I say it, and what communications medium I choose.

Re:No

[mellon]

Turns out that a lot of email leaks to typo domains. So in fact encrypting the email would have been a really good idea in these cases.

The reason encryption hasn't taken off is that it's not done by default, and can't be enabled by clicking a checkbox.

Re:No

[Hadlock]

I wonder; if I am using gmail, and send an "email" to another gmail user -- both users are required to use https to connect to gmail, does that mean we're in effect using encrypted (RC4_128 according to gmail/chrome) email?

Re:No

[Vrtigo1]

Not entirely - as you pointed out SSL would secure the connection between the your computer and your server, however the connection between your server and the remote server, as well as the connection between the recipients computer and their mail server would remain unencrypted, so effectively you only have encryption on 1 of 3 links.

Message encryption makes transport encryption unnecessary. I.E. you don't care if someone grabs the body of the e-mail because it's useless if you can't decrypt it. Although I do recognize that I, along with most of the rest of the world I think, consider e-mail an inherently insecure communication tool and treat it as such. If you need to send something secure through e-mail, throw it in a password protected rar file and send it as an attachment.

Re:No

[bgibby9]

The reason encryption hasn't taken off is that it's not done by default, and can't be enabled by clicking a checkbox.

Actually that's probably the most likely of scenarios. It's not easily integrated into everywhere you'd send an email from and therefore is inconvenient.

Re:No

[PopeRatzo]

Nor does anyone else. Unfortunate, but true.

Are you kidding? I don't even talk to my wife without a Feistel cipher. My daughter's first words were via a one-time pad.

We're careful in my house.

Did I ever tell my story (this part is true) about the Bletchley Park alum that my wife worked with when she first got a tenure track position? I don't want to use his name because he passed not too long ago, but when he had office hours for his students, he'd show up in pajama bottoms with burnholes from the pipe he always kept stoked in his mouth. He was a sweet old dude, but you'd wonder how he made it out of the house every morning. In his final few years he was convinced that someone was out to get him and eventually it turned into unnamed Jews who were planning his demise. He was a British subject and there were stories of the stuff he did a Bletchley during the war when he was like 17 or 18 so what do I know? Maybe the Jews were out to get him.

Anyway, naw, I don't encrypt anything. I have a hard enough time communicating in open text. All of my passwords are my dog's name. I just say the opposite of everything I mean to throw off the New World Order. So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

Re:No

[v1]

The reason encryption hasn't taken off is that it's not done by default, and can't be enabled by clicking a checkbox.

Mac OS X's Mail client automatically supports PGP email certificates on both send and receive. You have to go sign up for one at some place like comodo, and download the cert. Double click and keychain assistant opens up and asks if you want to import it. Setup is complete.

Now go to your mail app and you will see an open padlock. Any email you send will be automatically signed, and recipients with intelligent email clients will automatically and transparently import your public key into their user's keychain for later use, for both verification of additional received emails and encryption of mail back to you.

If that person clicks reply, they will also have a padlock available, since their system now has your public key, so they can then send an encrypted reply back to you. If they also have a key pair in their keychain, their reply also includes their public key, allowing you to send them encrypted email in the same way. Of course for maximum security you'd need to have a more personal, direct key exchange rather than email, because a tinfoil hat would argue a skilled black hat could be in between you two when you are trying to exchange keys, and be feeding you two false keys. That's where key-signing parties come in. ;)

Incredibly easy to use and built-in. Only takes a little effort to go download a free cert from comodo or someone else. What got me into it at first is a previous employer required me to email in my mileage reports for reimbursement, and required me to sign them.

So at least for the mac users, it's ready by default, and is just a check box away. :)

Re:No

[Oswald]

I believe that would be a "no" unless you consider parading your message past Google, who probably keeps a bigger file on you than any other entity, private. And it might be a worse than that--saying it's only Google that sees the message assumes that Google doesn't decrypt the message in one facility, send it from that data center to another in the clear, then re-encrypt and send to your recipient. Whose to say your mail server is in the same facility as his just because both accounts are with Google?

Re:No

[mr100percent]

That's why there are S/MIME browser plugins like Penango for GMail.

Re:No

[Hadlock]

Whoever has access to your google information, probably has physical access to whatever server your email would sit on otherwise*. I guess it's not an 100% effective means, but in terms of point-to-point email encryption, it's probably the easiest and/or most widely used email encryption scheme avalible to the general public.
 
*The old rule that if they have physical access to your machine, your software security is already nullified

Re:No

Though we should point out, in both cases the message contents still aren't protected from anyone with administrative access. The transports alone are protected.

Re:No

[TheOtherChimeraTwin]

"Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

Don't keep us in suspense. Aren't you going to decrypt that for us?

Re:No

Anyway, naw, I don't encrypt anything. I have a hard enough time communicating in open text. All of my passwords are my dog's name. I just say the opposite of everything I mean to throw off the New World Order. So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

Same here. The only problem is that our dog does not come when I call. It seems that dogs have a problem recognizing names that are 41 random characters...

Re:No

[DeBaas]

So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

You're probably one of the very few dudes that has a wife that listens..

Re:No

[drunkennewfiemidget]

Actually, in a cursory search of my mail logs, it appears approximately 40% of all mail heading out of and coming into my server (Exim4) are using some form of encryption. Including Google, Yahoo, and Messagelabs. (We're a small independent hosting company, our customers are not particularly technically apt nor inept; mostly small-medium businesses.)

The answer to the original question for me is: no. I use TLS to talk to my own mailserver, but the only 'secret' stuff that I send over email (which still isn't very secret) goes to my business partner who uses the same server, and TLS himself.

That said, even that stuff's not 'super seekrit', as any business we have to do that would be considered important not to be intercepted we have other channels, or just getting together in person for.

Re:No

[man_ls]

Pretty sure that's S/MIME, not PGP. Which in my opinion is the most correct of the email encryption options, and has the least support.

Re:No

[mathew7]

This and the fact that maybe 10% of your mail recipients actually would know how to use it.

Re:No

[Pi1grim]

There is also that: most of people I communicate with use GMail and as the message does not leave the server and server-client communication is over ssl, so it eliminates the third, unencrypted link in the communication chain.
As for GPG — only a small percentage of even IT inclined people I know have bothered to generate a key and setup encryption/decryption solution. Mostly those, that have to deal with very sensitive material from time to time.
Although there is a government issued smartcard that allows for a widely adopted solution for asymmetric encryption that has software mostly on every computer, which kind of makes the situation a little better (I don't have to get into details explaining about the encryption, public and secret keys or explain how to install the software). Keys are government-issued opensc compatible crypto cards, pubkeys are available online if you know a person's name. So in case of emergency I can always encrypt files with that, given that almost everyone has them now.
P.S. That is about Estonia.

Re:No

[wanzeo]

I am tired of seeing this comic used as a dismissal of encryption, it is a joke. If you actually think someone is going to drug you or hit you with a wrench, then you have reached a level of paranoia far more ridiculous than the idea of using 4096 bit encryption.

I use the very user friendly disk encryption that the Fedora installer provides, and I feel much more at ease taking my laptop out in public.

As for email, no I don't encrypt them, but I might be willing to learn if the summary had more info than a wikipedia article for PGP.

Re:No

[maevius]

Although I agree with most of your post, mail servers have TLS support and if the client uses pop3s/imaps then the message is encrypted end to end. Although I don't have any real statistics from the corporate mail server from where I work, the admin is pretty confident that most mail is encrypted.

The main problem with OpenPGP on mail for me is that due to the unique key per recipient, if you add more than one recipient or cc, you have to encrypt the mail for each and every one of them. If you add some attachments it's pretty sure that you will hit the maximum allowed mail size of some mail server along the way.

Also, don't forget that at least I can easily setup thunderbird/enigmail. I don't even want to know the admin's response if he is ever asked to install/support a company wide openpgp installation

Re:No

[jakuaii]

The main problem with OpenPGP on mail for me is that due to the unique key per recipient, if you add more than one recipient or cc, you have to encrypt the mail for each and every one of them. If you add some attachments it's pretty sure that you will hit the maximum allowed mail size of some mail server along the way.

Uh, no. It's called "session keys". The content is encrypted with a random number (the session key), and this random number is in turn encrypted with the recipients' private keys. As the content is usually compressed too before encryption, the result may even be a smaller e-mail than without...

Re:No

[neyla]

Indeed. This argument does nothing to diminish the usefulness of crypto.

Yes people can force you to do various things, but the likeliness of that is lower than the chance that they'll do the same thing secretly if they can get away with it.

Just because someone can hit you with a wrench and take your card-key, it doesn't follow that locking your house is useless. Just because someone can hit you with a wrench until you give up your PIN-code, it doesn't follow that having the card be pin-protected is useless.

That something doesn't protect against -all- threaths, doesn't make it useless. It's still useful if it protects against *some* threaths.

Re:No

[dolmen.fr]

No you're not using encrypted e-mail. Because your e-mails are stored in clear on Google servers. Which means that Google admins can read your e-mails, and so they can give access to it to other entities that may want it (governments...).
No, on Gmail your e-mails are not more private than somewhere else.

Re:No

[bryan1945]

Pretty much. If the NSA or Gogle wants to snoop on my recipes and Christmas lists, feel free. Anything important goes through the company's servers, so that's their problem. Anything important in my personal life is done with RFC 1149 (I can't afford 2549).

Re:No

[DarwinSurvivor]

*The old rule that if they have physical access to your machine, your software security is already nullified

That depends on what you are trying to protect. No, software will not prevent them from controlling the machine, copying the HDD, etc, but it CAN prevent them from being able to USE any of that data. Encryption is the ONLY weapon software has against physical access, but it's a VERY effective one if used properly.

Re:No

[InsightIn140Bytes]

There is also that: most of people I communicate with use GMail and as the message does not leave the server

Wait, you really think that GMail has only one server serving all of its users? And that they host only at one location?

Re:No

[growse]

Interestingly, the comic isn't making a commentary on the usefulness (or not) of cryptography. It's making fun of people who don't properly evaluate all their threats when they design security systems.

Re:No

[allo]

you think, when google links two computing centers, they use an unencrypted connection via internet? Either they have their own physical link, or they encrypt their data.

Re:No

[gadget+junkie]

So when I email my wife, I'll write, "Don't meet me at the 5:10pm train and don't pick up my shirts at the laundry." Neat, huh?

You're probably one of the very few dudes that has a wife that listens..

It's not a wife. It's an encrypted husband.

Re:No

[hitmark]

Or the hollywood presentation of secure computing.

Re:No

[Defenestrar]

Getting the other user to use encryption has always been the problem. If you only encrypt some items it's not a habit, and until you get every eight year old nephew and your mother in law using a client on the other end, it's not going to happen. And that's not going to happen until encryption comes default, and runs almost invisibly on every web based system and OS default mail client.

Encryption is fundamentally opposite to the primary function of email (share information). Privacy of email is a secondary function, and already guaranteed by wiretapping laws in most countries. There's nothing inherently secure about postal mail; just because you send postal mail in an envelope doesn't mean someone can't steam it open, parse it, and seal it back up before it reaches the intended recipient. In some ways electronic mail is inherently more secure than an envelope which sits in a metal box in front of someone's house while they're at work all day. Although, being electronic, it's possible for someone to read a lot more mail in shorter time spans (or check out what's going through the "post office" while wearing an invisibility cloak).

So until either confidentiality becomes of equal importance to the content one is communicating, or encryption happens invisibly and effortlessly; encryption is not going to be main stream.

My prediction is that digital signatures (and time stamps) have a far better chance of hitting popularity than whole email encryption. There's a lot of people who want to do things electronically while their legal departments still force the paper and fax modality. Once identity and time are of equal (or better) verification status (i.e. subpoena of phone records), then there's a chance that electronic documents will make further progress. But that means every entrenched legal department will have to embrace a new way of doing things - and while I love the tech-savvyness of those awesome dudes over at the EFF, it has not been my experience that they represent the norm among lawyers.

Re:No

[therealkevinkretz]

You're right that almost nobody needs to fear a wrench attack. But read about the Boucher case, where the US government compelled a man to divulge the password to an encrypted hard drive he tried to transport across the border.

The point of the xkcd comic (to me) isn't that the evil government is likely to torture people; it's that there's a point of diminishing return (on more and more bits of encryption) where the increased cost in time, complexity, and hardware to crack their encryption is far higher than other, cheaper ways of extracting a password.

No Need....

[superflit]

Mostly emails I received are senseless..

Re:No Need....

[Spritzer]

Exactly! And most that I send. Why would I want to encrypt my email? Then I'd just have to explain to everyone on my contact list how to decrypt a grocery list, joke, forwarded Viagra-gram etc.

well

[hjf]

I don't. I use GMail. I might as well use "1234" as a password.

Re:well

[NonUniqueNickname]

May I suggest changing your password to "12345"? It is an order of magnitude safer.

Re:well

[s4m7]

So the combination is... one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!

Re:well

[Grishnakh]

Seriously speaking, at least with Gmail (or pretty much any other email system out there), you actually have the option of having a password longer than 4 numerical digits, even though it's just for your email. Same goes for most websites; you can have a nice, long secure password on Facebook even though it's only protecting your account where you make inane posts and show stupid pictures of yourself that no one cares about.

But for protecting your financial transactions, your debit/ATM card limits you to those 4 numerical digits. I think there's something wrong with this picture.

Re:well

[Haeleth]

The 4-digit PIN normally only applies to buttons that you push with your finger, where brute-force attacks are not really an option. If your bank has ATMs that permit 10,000 attempts before they swallow the card, or uses a 4-digit PIN as a password for their online services, I suggest you take your money elsewhere.

Re:well

[mcneely.mike]

You can't do that... Apple will sue you!

Re:well

[swillden]

I don't. I use GMail. I might as well use "1234" as a password.

GMail actually had a labs feature for a while that enabled PGP signed and encrypted e-mail. Obviously, since the encryption/decryption was done on Google's servers it didn't provide privacy against Google -- but it did provide security against snooping by ISPs, backbone operators, people who might gain access to the recipients e-mail inbox (but not his PGP keys), etc.

It was discontinued because, I assume, not enough people used it to be worth bothering with. I used it, and configured it to encrypt e-mails whenever possible (and always sign). I don't think I ever sent an encrypted e-mail, though.

With Javascript engines (and machines) getting as fast as they are, it wouldn't be unreasonable to implement PGP in Javascript and do it all client-side on the browser. Then Google wouldn't be able to read your e-mail, either, assuming it was done right.

A quick Google search turned up this: http://www.hanewin.net/encrypt/

Re:well

[gman003]

Hell, finance in general is retarded.

I have a "regular password" that I tend to use for everything (about a year ago, I started adding a use-specific suffix so someone who stole one password wouldn't automatically have the rest).

It's a fairly secure one, but it includes a _, a $ and a * (as well as a number and letters of both cases). Linux was fine with it. Windows was fine with it. GMail was fine with it. Slashdot was fine with it. Various mailing lists were fine with it. The only things not fine with it?
Debit card PIN (only four numbers!)
Voicemail passcode (also only four numbers!)
Wachovia's online banking system (wait, what?)

Yep. Wachovia did not allow passwords with symbols. No !@#$%^&* allowed. Just letters and numbers.

Not only did that significantly decrease password strength (it went from 77^x to 62^x for a given length x), it also made it impossible for me to remember my password. I had to write down instructions on how to regenerate it (change the $ to 4, * to 8, and so on by not using shift, and drop the _ entirely). Most people would've just wrote down their password, making it even more secure.

Needless to say, I rarely used their website anyways, as it was unimaginably slow as well as pointlessly undersecure. Just waited for the monthly snail-mail summary to check my balance.

Re:well

[aitikin]

One, two, three, four, five?! That's amazing! I've got the same combination on my luggage!

Re:well

[SecurityGuy]

This is not true, unless you think the ATM itself is also manually pushing 4 buttons with its finger to authenticate to your bank. Somewhere along the line, that manual action has a digital analogue.

Re:well

[rev0lt]

Well, I won't argue that, in many cases, finance in general is retarded. Your mileage may vary from corporation to corporation, but it should be noted the system isn't as insecure as one might think:
- Debit cards use a two-token authentication scheme - the card itself and the pin. Yes, you probably can easily clone the card, and use XKCD's wrench to extract the pin, but that's the client's problem, not the bank. You have no way of allowing a client to access their money in a 100% secure environment (think of extorsion, kidnapping, etc).
- Some online banking systems require only part of the password to operate. While I consider this to be a dumb dumb concept, it does allow a client to use their access on a less secure system by not exposing the whole password/login credentials. Matrix cards are usually required for moving money around, and while a 10^2 or 10^3 combination is not very strong, it works a bit like a poor man's OTP, and to guess it on 3 attemps (plus the login and partial password) is quite a lucky strike.

One of the online systems I use is a poster of dumbness - they have separate username and password forms, and not only they deny you access right away if the username is wrong (if its right, they PRINT ON THE SCREEN the last login timestamp, before they validate the password), and instead of asking for the password, they ask for specific characters from it (in this case, 3 chars). This is the same bank where I could lock someone else's online account just by figuring out names and try them to see if they worked (3 wrong password guesses, the online account was locked and you'd have to go to the bank). I've reported this problems several times without any feedback from them (as expected), but I don't worry too much.

This particular obsession with sending partial codes over insecure channels as a way to confirm identity is quite familiar for me, as it reminds me of some codification methods that were standard procedure in the military. Probably many of the security consultants these companies hire have a military background, and the same "straight from the seventies" security concepts. I remember seeing a "top of the line" encryption equipment that actually used RSA 128bit encryption, at a time where 256-bit was already considered insecure.

No (First Post?)

[Mitreya]

No.
We email to people who wouldn't know PGP from ABC

Re:No (First Post?)

[erikjwaxx]

This, unfortunately. I encrypt all mail with PGP that it is feasible to encrypt, taking into account the recipient. So that's, literally, one email message, ever.

Re:No (First Post?)

[LoadWB]

This. Encrypting email to those who don't know how to decrypt it is useless. And for those who do, email certificates in Outlook work just fine.

Although, while at a conference I came upon a really nice package call Encryptix (or Encryptics, can't recall which.) It packages up the email, including attachments, encrypts the package, then sends it as an attachment with a link to the viewer. It's trusted by government, so take that for what it's worth to you. And it's not free (yearly subscription, but reasonable) so take that for what it's worth to you.

Is PGP that easy these days? Haven't touched it in years due to reasons already mentioned.

Re:No (First Post?)

[niftydude]

I sign all my email with a PGP signature. No one has ever used it to send me an encrypted email.

Re:No (First Post?)

[flaming+error]

I was negotiating a mortgage a few years ago, and the bank happily was transitioning from faxes to email. So I sent them all the somewhat sensitive docs they requested, encrypted by hushmail/web. I sent them decryption instructions out of band.

The pretty simple decryption procedure baffled the hell out of them, at first. Then they figured out it was a great excuse to delay the loan. After a few weeks they came back saying they couldn't follow the hushmail retrieval procedure because they had no internet access.

Finally I just faxed everything.

Re:No (First Post?)

[mcelrath]

More importantly, we email people who's mail server admins don't know PGP from ABC.

Many years ago I found that my GPG signed mails were getting quarantined by brain-dead spam and virus filters, because my mails contained a "suspicious attachment". That was the death knell for my use of GPG. Not knowing whether your mail will be received is not really acceptable. Of course that's they way it is with all mail these days...but that's the fault of incompetent law enforcement being unable to shut down spam/trojan/botnets.

PGP was defeated by stupidity.

Re:No (First Post?)

[langelgjm]

Exactly. Several years ago, I used to sign e-mails with PGP (not encrypt, just sign). At the time, some Outlook Express clients would red flag this, and display a large, glaring warning to readers about PGP-signed e-mails. Despite the fact that the bug was due to Outlook Express, I stopped using PGP... it's not like I could force all my recipients to a better mail client.

Re:No (First Post?)

[Pentium100]

After a few weeks they came back saying they couldn't follow the hushmail retrieval procedure because they had no internet access.

I know of one bank that only allows the employees to access only whitelisted web sites on the internet. I wouldn't be surprised if this was the standard security for banks.

Nope

[halo1982]

Because no one else does either.

No.

[Alrescha]

Slashdotters who know enough to have encrypted such things simply don't send that sort of thing in email.

A.

I don't use it for the encryption

[digitalderbs]

I've been using PGP for a few years, and on the odd occasion, I'll send an encrypted email to myself. Part of the problem is that no one knows how to use PHP. I've been sending email to thousands of people in an academic setting, and I've only encountered one other person using PGP.

The reason I keep using PGP, however, is because of digital signing: there's a good guarantee that signed messages were actually sent by me. Headers are fairly trivial to spoof. With PGP, a 'hacker' can only impersonate me if they have access to the private key, which requires physical or ssh access, and he or she must be able to decrypt that key.

That said, I wish more people would encrypt their messages. This should be a no-brainer in a lot of fields, including human rights and for health and human services, and I think the barrier to commit to email encryption is still too great.

Re:I don't use it for the encryption

[antifoidulus]

Part of the problem is that no one knows how to use PHP

While that's true, I don't see how it relates to email encryption

Re:Nope

[kid_wonder]

exactly. now please delete all other comments and just leave the parent here. not even sure why this question needed to be asked.

Re:Why would we?

[xpwlq]

Does anyone here encipher their paper mail?

No, but I also don't leave the envelopes unsealed either.

Because it's hard for people to understand.

[bmo]

Encryption is easy

Getting the people in your address book to encrypt their email is another story. They think that their internet provider's terms of service and privacy policies mean their email is private. This does not take into account other service providers, pipes, and countries along the way that have other ideas about unencrypted streams of text.

Instant messaging over ssl or other end-to-end encryption (like skype) is more secure, as a result.

--
BMO

Re:Because it's hard for people to understand.

[Mashiki]

True to a point, and it's really not hard to understand either. Most people understand websites should have "https" for banking and buying stuff. What's hard, is that you need something else on top of it to encrypt it usually, or a container, or another program. Where as everything else(skype, im, etc) and other end-to-end, which use ssl are seamless. If this was the case for email programs, or webmail, and the like which provided an easy to use repository for *insert key service*, where people could plug in info for their keys without having to remember something all the time, it would take off.

Even plugin containers don't work very well, or you need to install them. Native support allows native adoption.

Re:Needs publicity

[Alrescha]

Both PGP and S/MIME are end-to-end encrypted. Not very useful for webmail users.

A.

Well yeah...

[Panaflex]

In our business, I routinely communicate with customers using s/mime mail. We set it up as part of the contract (not in the terms, just as part of the meet-n-greet kickoff), so anything related to the contract work goes through encrypted.

Crypto is our business... so it only makes sense.

If your of interest

[AHuxley]

Your computer will be software or hardware bugged.
Carrieriq showed the plain text deep state joy of https efforts on your average open or closed US mobile device.
Sending encrypted mail will just make the NSA more curious.
Sit down with your family, friends, faith group, business associates and work out a few simple comments that can flow into any text.

and then....

[lkcl]

@BEGIN PGP SIGNED
... facebook happened.

@END PGP SIGNED

I'd love to !

[mystik]

My sig (since 2002/2001) on /. has been "Why arn't you encrypting your email?".

The answer is simple -- there was never a critical mass of people exchanging keys nor was there an easy-to-explain web of trust, nor was there a simple, free reliable certificate authority.

In 2002, Outlook Express offered integrated s/mime encryption + digital signatures. Once you installed your certificate (which, was simply double clicking a .p12 file, and entering your import password), you could encrypt or sign email going out, with a single click. It verified signatures in inbound email too, all in an integrated UI.

No one I knew used it.

Even today; Windows Live mail + Thunderbird offer integrated s/mime encryption. Maybe 1 or 2 of my technically literate friends use it. And of those 2, i think only one persists using it to this day.

Back then, when all I had was my Palm Pilot IIIxe, I thought "Whoa. I hold in my hand a portable computer that I can use to exchange digital signatures with". I even kept my pgp key in a note I could beam to someone, given the chance. Never happened.

Nowadays, even AGP on Android doesn't let me exchange keys with someone meet on the street, on the off change they happen to use it. Secure key exchange would be a trivial problem for today's smart phones (provided the carrier isn't using carrieriq to swipe your data....), but there still is no critical mass to make this worthwhile.

And, with most folks using webmail, You'd have to come up with a hackish way to encrypt mail client side (pgp copy/paste to the clipboard? w/ Rich text? attachments?), or just hand your keys to your provider. Doing the encryption server side would make the service provider an easy target for legal and hacking threats.

It's a tough nugget to crack, and it's not going to be solved until mail encryption is as easy to use as Facebook.

Re:I'd love to !

[forkazoo]

In 2002, Outlook Express offered integrated s/mime encryption + digital signatures. Once you installed your certificate (which, was simply double clicking a .p12 file, and entering your import password), you could encrypt or sign email going out, with a single click. It verified signatures in inbound email too, all in an integrated UI.

Unfortunately, even that's not easy enough for my mom. Nowehere near easy enough, in fact. In order to popularise encrypted email, you have to surrender the idea of out of band key exchange and the concept of web of trust. You also need a highly interoparable way to have it just magically work by default. One good starting place would be a "Public Key At URL" header standard in all email. If you had that, you can imagine a future scenario circa 2015...

Ordinary corporate email user alice@example.com fires up Outlook 2014. A key has been automatically generated for the user without them knowing it on the Exchange server. Alice sends an ordinary unsecured email to bob@othercorp.com without pushing any extra buttons. This is the first time they have corresponded. Alice's email client includes a header for public-key-location which states that her public key is stored at "https://exchange.example.com/keys/alice". Bob doesn't specifically check email headers, so he just sees a normal email in his inbox. He decides to reply. His email client sees that he is sending to an email address with a known public key location, so it downloads alice's key automatically, and uses it to encrypt bob's message to alice so that only she can read it. This fact manifests itself as a discreet "encrypt" checkbox in the compose email window of bob's mail client. He never needs to manually intervene in the process unless he wants to install a key manually, or actively turn off encryption. Most people would never specifically do that.

The technology for that kind of infrastructure has been in place for ages. But, there isn't a critical mass that want's it. The security die hards want a system with manual key verification, and user awareness and training. Microsoft might create something similar to what I describe, but it would only work with Outlook and be explicitly incompatible with anything that isn't an Exchange client. And, they would do all decryption server side with decrypted mail stores so IT can audit corporate email. The overwhelming majority of users just don't care. But, basically one of the big players (Microsoft? Google?) needs to create a whole ecosystem in one swoop, with a massive installed base automatically, in order to get any real traction.

And the rest of us tend to put anything important through a medium other than email. scp for files, ssh tunnels for random things, ssh and talk for nefarious conversations.

You had me at "highly insecure"

[Angst+Badger]

Email is simply not a medium I would even consider using for sending sensitive information precisely because there are countless places between me and my correspondents where a message could be intercepted. In such circumstances, encrypting my email would simply alert anyone watching that something sensitive is being transmitted. And since the only "anyone watching" that I'd worry about is the government, why bother attracting the attention? If they want to know what I'm sending, all they have to do is wait for me to go to work, enter my house, and install a keylogger on my box. It's not like they even need warrants nowadays for that crap.

If I was going to do something I wanted to hide from the government -- and let's face it, that would almost have to be a major federal felony -- and if I absolutely had to have documentation and accomplices, none of it would be in electronic form to begin with, never mind transmitted over the public internet. Encryption is useful for governments and major corporations that are basically above the law. It's not terribly useful for private citizens unless you're just trying to hide your porn folder from your roommate.

I don't

If I encrypted it the government would start reading it.

Re:Why would we?

[Haeleth]

Does anyone here encipher their paper mail?

lgnge nfiax paavb fxvzv abval agrrh rcjnf zvarp rnrfy agrgj
zvpju rrgrr rnirr qfvvy bfrcn pbfun lgbur oofqf ffbqp vggrz
hrwug vfprn tcagp pupee buegr vnrnf nxpty lhrau nyoay oheva

I DO, like every DD

[GPLHost-Thomas]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Like every of the ~800 Debian developer in this world, I do use
encryption, and know how to handle PGP keys. My private key is encrypted
in a dm-crypt partition of 2 of my laptop, and I have a revoke
certificate handy burnt on a CD. My GPG fingerprint is also written on
my business card, so that everyone who I met can fetch my private key
from any of the major key servers, and check its fingerprint. My public
key is signed by about a dozen different people, mostly other Debian
developers, which is a strong "web of trust". If everyone was printing
his GPG key on a business card, I could also send encrypted emails, but
I've seen only other DDs doing it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEAREDAAYFAk7wBSAACgkQl4M9yZjvmklYVACfXYV3ncJnZuKosZJ8k0ZSzc3t
SpQAn0eYtQCIrQeTcBgA1b+Yz58OVqCJ
=EQHO
-----END PGP SIGNATURE-----

Re:I DO, like every DD

[mortonda]

gpg: Signature made Mon Dec 19 21:46:40 2011 CST using DSA key ID 98EF9A49
gpg: Good signature from ........

Not posting the rest, but you can get the name and email address from the signature. :) I'd be surprised if any spammers know how to do that though.

Re:I DO, like every DD

[gknoy]

My GPG fingerprint is also written on
my business card, so that everyone who I met can fetch my private key
from any of the major key servers, and check its fingerprint.

Can I have one of your business cards? :D

Yes. I've been using PGP for a long time.

[mortonda]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Why, yes. Yes I do. At least for the few recipients that do too. And
all my messages are signed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iD8DBQFO8AWNUy30ODPkzl0RAr75AJ9qYq94sfL00DZxCb3e1tL/HX4uIACeLlbJ
RYRY0ZwfXoKwpyEJn0JzJ2Q=
=fy5a
-----END PGP SIGNATURE-----

All the time

[cachimaster]

If you do software remotely with a group of people, in my experience some kind of email encryption is always used even by non-programmers/managers.
I have observed technical people is more inclined to use pgp/enigmail solutions while corporate clients tend to use S/MIME.

Not everything I write is encrypted, but non-encrypted work-related sensible stuff is the exception, not the rule.

Encrypt? Why so no one can read my email?

[triceice]

The average email user doesn't even know what SSL means or why they should only enter their bank passwords after they have verified that they are on a secure site.

So sure I could encrypt my email but no one would take the steps to actually read it then.

No, and for a very good reason...

[Shoten]

The problem is interoperability. Yes, yes...I know, you can just give out your PGP public key to everyone and they'll be able to decrypt their email. If, that is, they use PGP too, which almost nobody does. And granted, sure...you can install an S/MIME cert in your copy of Outlook and...what's that? Some people aren't using the full-fledged, Microsoft Office-included version of Outlook? Some people are on smartphones too, and have the AUDACITY to want to be able to read the emails I send them on their iPhones? Bah...idiots. They should focus on more important things than the incredibly sensitive email they send back and forth...like encryption!

Re:Nyup

[aiht]

F-Costs a lot and To: dont know how to read.
U-Got no time to mess with that which no one
C-will read anyway. I.e., don't waste my
K-time, dude.

I think you're
Doing it wrong.
It's really quite easy to
Organise the words so that
The initial letters match.

Re:Nope

[vtcodger]

Exactly. I don't encrypt e-mail for the same reason that I don't weld my car doors shut to prevent theft when it is parked in the dooryard. Encryption is not needed for my eMail and it would be a nuisance for me and for the recipient if I used it.

Very rarely, alas.

[gessel]

I use GPG/OpenPGP for some mail and "secure" web mail for other applications. I do not use third party web mail (such as gmail) because I can't control the dissemination or privacy (or longevity) of my mail and while my life is generally boring enough to fit within Eric Schmidt's idea of privacy ("If you have something that you don't want anyone [someone] to know, maybe you shouldn't be doing it in the first place [at least not though a google property]."), I occasionally write a personal opinion of someone I wouldn't want them to be able to Google later or share a business detail that could be economically damaging or embarrassing (or is subject to NDA) and gMail and all other web mail services are effectively public.

I've used PGP (and eventually GPG) since about '94 and my keyring has about 20 people on it: more than 1 new key a year! Alas, 25% of those keys expired in the late 90s. My address book has about 1500 entries. Why so few keys? As the OP pointed out, it isn't all that difficult.

The answer for me is that the model for encouraging encryption has to be more like S-WAN than GPG-like. I'd love to turn on "encrypt everything" and forget it, but I'd get an error message for 99% of my correspondents, so obviously that isn't going to happen. So I set my prefs to reply to encrypted messages with encryption, which is fine, but it means I rarely (almost never) initiate an encrypted thread.

What I'd like is an opportunistic encryption mode where any message to an address in my keyring is encrypted by default. Any message to anyone I don't have a key for gets a nice little .sig file with a brief notice that their mail is insecure and effectively public and a link to further instructions for getting GPG set up.

One annoying problem is that encrypted mail is not searchable. To solve that, I want my client to extract a keyword list on decryption then upload that keyword list to (my own) server as an unencrypted header to enable searching (implemented, of course, with a stop list for words you wouldn't want to appear in the clear even out of context or perhaps particularly out of context).

For the truly paranoid, this list could be a hash list, though you could still fairly effectively dictionary hash fish, but it would provide some security and reduce the easy availability of information. In fact, all headers could be hashed and still generally be searchable (except maybe date ranges).

I also want my server to store my public key and encrypt all incoming mail with it. Of course it is already transported in the clear, but it makes my server less vulnerable. Once the mail has had an index extracted and the body encrypted, someone cracking into my IMAP server would, at least, not find a historical trove of clear-text data. And my friends without keys would get annoying sig files evangelizing encryption.

Re:Very rarely, alas.

[mlts]

When it comes down to it, there is no one program that can truly automate good security. At some point, users cannot be spoon fed and have to do it themselves. CAs can be spoofed, trusted introducers can be hacked or bribed, and so on.

In reality, if you want security these days (I mean actual security, not some pretty spiffy lock icon promising security), then one will have to go out and pack your own parachute, just as people did in the early 1990s.

It is easier now than it was back then -- gpg and the commercial PGP versions can encrypt and decrypt clipboard contents, both Android and the iPhone have implementations of this. It also easier that the specter of encryption being outlawed is not over our heads as it was back in the days of the Clipper Chip.

So, it boils to a social issue more than technical now. Do people want to do proper keysigning gatherings, stick their PGP IDs and signatures on their business cards, and have this info as much a part of their contact info as their E-mail address and FB contacts? If we can get people to understand this and the concept of a web of trust, security in general will be much improved.

PGP won't catch on, S/MIME will

[mr100percent]

I've had PGP for over 10 years, but I'm putting it aside and getting behind S/MIME.

S/MIME has great enterprise support, is built into mail clients like Outlook, OS X Mail, Mozilla Thunderbird, iPhones, iPads, and even has browser plugins for GMail. PGP has none of this, sadly.

Re:PGP NOT Understood

[DERoss]

If Mac OS X's Mail client automatically supports PGP, it is not necessary to obtain any certificate from an outside source. With an OpenPGP application installed on your own computer -- Mac, PC, UNIX, Linux, etc -- you generate your own certificate. See my http://www.rossde.com/PGP/index.html.

GPG / S/MIME / LUKS and TLS

[bill_mcgonigle]

Yes, no, maybe.

I use GPG (Enigmail) for really sensitive stuff but typing my very long passphrase every 15 minutes gets old. Also, those e-mails do not participate in my global search, so I try to keep them as limited as possible. My mail store is on a LUKS volume anyway, so GPG is doing a narrow function.

Occasionally I'll find somebody who speaks S/MIME, and then that happens automagically for me. That's nice, but largely a function of mailer integration.

But, in the meantime, a good half of my e-mail, and most of the important stuff, travels out my network on SMTP/STARTTLS connections, so that window of eavesdropping is closing as well.

Use as much encryption as makes sense (oh, that's the hard part, eh?)

Encryption takes two

[Arancaytar]

I sign all mail, regardless of whether the recipient has a clue what digital signing even is. In order to encrypt mail, however, both the recipient and the sender must be security aware.

Practically nobody I communicate with - even among the ones who use Linux - cares enough about security to even own a key, even though they regularly include obviously sensitive information in a message.

Re:No - especially if sending attachments

[Rhodri+Mawr]

One of the key difficulties is if you are including attachments in encrypted e-mails. This often results in your e-mail being quarantined by (depending on your viewpoint) over judicious anti-virus software as it is unable to scan the encrypted e-mail and guarantee it is virus-free. Your e-mail never arriving rather defeats the purpose of sending it in the first place.

I appreciate that a well configured system can get round this difficulty, but most end-users do not have well configured systems, they have the operating system or software's default settings which are rarely if ever encryption friendly. (If encryption came by default, how would the likes of the NSA and GCHQ spy on us?)

Re:instant messaging

[Electricity+Likes+Me]

OTR messaging is great, but it's not practical to use with email (the notes on its development discuss this).

It is a spectacularly thorough system.

Re:No - Me yes- none else I know does though.

[cpuh0g]

Have you tried iPGMail - http://ipgmail.com/ - for the iPhone/iPad?