Slashdot Mirror

← Back to Stories (view on slashdot.org)

Engaging Newbies In Email Encryption and Network Privacy

Posted by timothy on from the ok-mom-it's-like-this dept.

reifman writes: All six parts of my series introducing beginners to PGP encryption and network privacy are now freely available. I hope it's useful for Slashdot readers to share with their less-technical acquaintances. There's an introduction to PGP, a guide to email encryption on the desktop, smartphone and in the browser, an introduction to the emerging key sharing and authentication startup, Keybase.io, and an intro to VPNs. There's a lot more work for us to do in the ease of use of communications privacy but this helps people get started more with what's available today.

15 of 83 comments (clear)

  1. No ... Email privacy is NOT 'broken' by Zero__Kelvin · · Score: 5, Informative

    "Email privacy is broken. Working around this broken email system is worthwhile and it's past time. Here's how to get started with PGP encryption."

    You are off to a bad start. As sensational as your statement is, and with the full understanding of your desire to immediately capture the readers attention, you really ned to change it. E-mail privacy isn't broken. E-mail is by design not a private communication system. What you have written is not unlike claiming that DC-10s are broken because they cannot fly to the moon. You immediately caught my attention though. I'll grant you that! :-)

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    1. Re:No ... Email privacy is NOT 'broken' by known_coward_69 · · Score: 2

      i'm sure there is a ministry of something out there with tens of millions of people doing nothing but reading people's emails. all billion or so that are sent daily. they must be the ones responsible for the Toll Brothers ads I see after registering with Toll Brothers and having them send emails to my gmail

    2. Re:No ... Email privacy is NOT 'broken' by Zero__Kelvin · · Score: 2

      "I think what he means is ..."

      It is the opening sentence for a text intended to teach others. It is unacceptable that one has to "think what he means." What he said is wrong, regardless of what he meant. In a live conversation this sort of "you know what I meant" thing may make sense, but for a carefully reviewed teaching text it is entirely unacceptable.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  2. Why is there so much work to be done? by swb · · Score: 2

    There's a lot more work for us to do in the ease of use of communications privacy

    Why is there? Why hasn't private key ala GPG/PGP become a totally integrated feature in mail clients? Even years ago when there was still a decent free Windows PGP with all the add-ons they had it integrated pretty well into Outlook and basic clipboard operations.

    Why isn't it just a completely vendor-integrated feature, with address books having default fields for public keys, smartphone integration, etc. On a phone it could be totally automated to send PGP encrypted mail by default with only a prompt for your thumbprint to authenticate access to your private key. (This may or may not be a great security practice, but it's already widespread and well integrated and the post was about ease of use to begin with.)

    Is it patents on PGP? "Meh" public attitude? Vendors pushing other solutions (S/MIME) or other certificate-driven solutions or "enterprise" authentication systems not wanting to give any room for what could be a free cross-platform solution?

    1. Re:Why is there so much work to be done? by gwolf · · Score: 2

      You can look sat thereasoning in the 1999 article Why Johnny can't encrypt: a usability evaluation of PGP 5.0. It's quite sad how little progress we have seen in 16 years.

    2. Re:Why is there so much work to be done? by AmiMoJo · · Score: 2

      What that paper demonstrates is that perfection is the enemy of progress. GPG/PGP is a pain the arse if you want to use it properly, with keys exchanged in person or via a trusted intermediary, and all mail being encrypted at rest on your hard drive etc.

      If all we wanted to do was block the spies at the NSA and GCHQ, as well as stop email providers and ISPs looking in, we could do it in a fairly transparent but not perfect way. Generate a key from the user's password. Attach the public part to every email, automatically store any public keys received and use them when sending messages to those recipients. Forget about mailing lists and the like, just send those unencrypted. The only part of the infrastructure missing is a way to store a salt value that is mixed with the user's password to generate their key, so that webmail and multiple mail clients (desktop/phone) will work transparently.

      It's far from perfect. The keys will only be as strong as the user's password. Some mail will go unencrypted. But for a huge amount of mail it will be transparently protected in a way that massively increases the cost of bulk surveillance by governments and advertisers. That's a worthwhile goal.

      Other platforms have already done this. Many chat and IM apps, for example. Someone needs to do an RFC for email.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. 6 part series?... for newbies???? by under_score · · Score: 4, Insightful

    The fact that this is so long means that by default it's too much for newbies. Communications privacy is not ready for newbies. If you can explain it in 500 words or less (or 2 minutes of video or less) without any further help... that's when it's ready for newbies.

    --
    Helping with organizational effectiveness is our job.
  4. No to PGP. Let's develop something better by RR · · Score: 3, Interesting

    When activists like Moxie Marlinspike are calling for the end of PGP, it's probably time to look into alternatives.

    PGP's problems are endemic to its design. It cannot be fixed, and increased adoption won't help.

    --
    Have a nice time.
  5. We need standards, not startups by nine-times · · Score: 2

    I think if you want encryption to work, what you need is not a clever little article that explains it, nor is it a startup company that stores public keys in a novel way. First, you need standards. Open, free, and universally supported.

    For example, if you want to encrypt email, you need a standard way of encrypting email that's supported and endorsed by pretty much everyone-- Microsoft, Google, Apple, Yahoo, and random IMAP/POP/Webmail providers. You need them all onboard so that you can trust that, if you want send an encrypted email to someone, the recipient will be able to read it in whatever webmail or mail client they're using. This implies that they already have all the necessary software installed, keys generated, and public keys stored in accessible places.

    If you haven't figured it out yet, I'm not just talking about encryption algorithms. Saying, "We have a standard, and it's PGP!" doesn't address the issue. Even if you get everyone to agree that PGP is the correct method for encrypting email, you still have a series of problems-- Do they have PGP installed on their computer? Do they have a way to read PGP-encrypted emails on their phone? Do they have a way to read PGP-encrypted emails on their webmail, when they want to check their email from a friend's house? And how are you anticipating that people will manage their keys so that they're secure, backed up, an pretty much impossible to lose?

    Someone needs to work out a vision for how this is supposed to work, and then pretty much everyone needs to get onboard. Until this is just built into every email client (including webmail), it's not going to work.

  6. Anything is better than nothing... by mlts · · Score: 3, Insightful

    Anything is better than nothing in this department. Without encryption, there is zero privacy.

    I'd say the first problem is teaching people why they want privacy in the first place. I either run into the attitude of "I don't care about what I do, I'm doing nothing illegal", or the attitude of "the bad guys will get it anyway."

    It is a similar attitude I see where people don't bother taking basic precautions with computers, assuming malware and reinstalling every few weeks to months is a fact of life.

    After actually getting users to back up and secure their systems (install patches, run an adblocker, enable some "click to play" functionality), the first part is getting them to make and securely store a PGP [1] key, making sure to remember the key's passphrase and keep a good backup in offline sites of the key [2]. From there, it is setting up a web of trust (I tend to respond to messages in kind. Encrypted messages get an encrypted response, for example.)

    The basics are not really hard to get down, but do take some time and thought, especially guarding one's private key, managing one's web of trust, and sending/receiving encrypted content. One of the advantages of OpenPGP is that the encryption format and the messaging format are independent. An encrypted message can arrive via SMS, SMTP, AIM, FB Messenger, a USENET post, file stashed on a USB flash drive, or many other ways.

    [1]: Technically OpenPGP format, be it done by PGP, netpgp, GPG, Symantec Encryption Desktop, APG, or another utility.

    [2]: I'd probably recommend buying three hardware AES encrypted USB flash drives. IronKey has the best reputation, and they have some cheapies that are not FIPS compliant that are relatively expensive ($35 for 4 GB)... but have a proven track record and are relatively reliable. Once a user copies their key to all three, the USB flash drives should be stashed in separate locations, as they shouldn't need to be accessed often.

    1. Re:Anything is better than nothing... by Zero__Kelvin · · Score: 2

      "Anything is better than nothing in this department."

      This is a common misconception. When people have "anything" instead of nothing they have a false sense of security and will send information they would never send if they know they have nothing.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  7. Yes and no, but mostly no. by rjh · · Score: 5, Insightful

    Yes and no, but mostly no. (ObDisclosure: I help out with Enigmail.)

    • Could we do better? Maybe. Probably. But first you'll have to define what "better" means. Some people say it means stronger crypto. Some say it means a simpler RFC. Some say it means a better user interface/user experience. And some people -- idiots who don't understand that optimizing one of these may necessarily mean pessimizing another -- smile and say, "Yes!" Honestly, when it comes to "we can do better" style criticism, my response is simple: I know we can do better -- but first you have to tell me what 'better' means.

    • But that doesn't matter. When it comes to communications security the world is divided into two camps. The first one doesn't need it right now and the second one does. If you don't need communications security right now, that gives you a great amount of luxury to sit on the sidelines and wait for something better to come along. If you do, though ... then GnuPG and Enigmail are pretty much the best thing going right now, at least when it comes to email.

    • Alternatives? What alternatives? The only alternative right now for email security is S/MIME, and that's far worse than OpenPGP. If you want to communicate using Silent Circle, go for it. Want to use OTR, be my guest. But if you need email security... "it's probably time to look into alternatives" is the kind of advice that sounds good only until you realize just how few alternatives there are, or how lousy they are.

    I'll be the first to agree that GnuPG is a usability nightmare. Absolutely. If you like I'll point you towards several references in the peer-reviewed literature that show why it's so bad. But when people start talking about alternatives, I want to know which alternatives they're suggesting; when people start talking about doing it better, I want to know what better means.

    1. Re:Yes and no, but mostly no. by rjh · · Score: 2

      Enjoy!

  8. Six parts series by manu0601 · · Score: 2

    How many would-be beginners fled away when they saw they would have to read a six parts series?

  9. Alas, useless by raarts · · Score: 2

    Ok, I look at your series, and I'm thinking: my father would stop after reading the first paragraph. Security, encryption, privacy, they all suffer from people trying to educate the general public on TLAs, hard math, installing utilities.

    When will the security community learn that we don't need all those explanations, we need it to just work. We need encryption by default and unless this is available mainstream it's not gonna happen.

    Same thing for programmers. Nobody wants to learn about security, and especially about all those encryption algorithms, perfect-forward-secrecy etcetera. It just needs to be default in all frameworks, libraries. I don't care there are so many cyphers, just give me proper defaults.

    The problem with security is just that the community around it does a very bad job of making it simple. It needs to disappear into the woodwork guys!