
Show HN: Easily send encrypted email from your existing email - conorgil145
https://www.virtru.com/get-secure-email
======
mnrasul
So, can I keep the keys myself instead of storing them in the cloud? Or do I
have to trust Virtru instead of google or some other company that they don't
buckle when someone comes knocking for the keys?

Based on the feature list, I can't have the keyserver on my own server. I have
to trust Virtru. This is no different than sending the text in plain IMO.

~~~
higherpurpose
Nope.

> However, you’re entrusting us to help you maintain your privacy; you should
> know how we will respond if the government asks us for access to your
> encryption keys. The government would need those keys if it wanted to read
> any encrypted files it does obtain. Without them, the files are useless.

> We won’t provide your keys to anyone without your consent — unless we are
> ordered to divulge them by a judge with jurisdiction over us. If we are
> ordered to divulge them, we will fight for you to have notice and an
> opportunity to object.

So I guess I'll keep waiting for a DarkMail client.

~~~
gfodor
so from a security standpoint, this is equivalent to the status quo, except
transferring responsibility from Google to a small startup for maintaining
keys? I'd be shocked if google doesn't encrypt emails at rest. Is there still
plenty of inflight unencrypted SMTP traffic to worry about that this could
address? I guess you have to worry about the recipient if you are sending
email to a non gmail/hotmail/ymail address?

~~~
conorgil145
>> I guess you have to worry about the recipient if you are sending email to a
non gmail/hotmail/ymail address?

Virtru allows you to send securely to any recipient, regardless of the email
provider they use. The easiest way to read the secure message is to use the
Virtru software to integrate with your existing email client.

Our iPhone client uses IMAP, so it works with any email provider that supports
IMAP.

Our browser extension currently integrates with Gmail, Yahoo, and Outlook.com.
If the Virtru browser extension does not integrate with your email provider,
then we provide a mechanism to read the secure email in your browser without
installing anything. However, you cannot reply securely without the Virtru
software.

------
conorgil145
Virtru dev here!

Virtru allows users to easily send encrypted email from their existing email
address. It is super easy to use and currently works in your browser and on
your phone.

We are launching our public beta program today and would love feedback from
the community. Several of the Virtru team members will be monitoring this
thread to respond to feedback and questions.

EDIT: Virtru team members: DHowitzer (CTO), ravenac95, znelson, jgilpin

------
DHowitzer
Open Source Key Server - For those of you interested in hosting your own key
server (ACM) or helping to make a free and open source key server a reality,
we're looking for people to help us. Contact me if you're interested.

------
lemonlyman87
How can Virtru help email users who are concerned with government surveillance
activities that have been revealed in the last year?

~~~
jgilpin
Encryption has been used in the past to keep emails secure from
surveillance(PGP), but it has always been cumbersome to setup and use on both
ends. Virtru's focus has been to make powerful encryption available to
everyone by making it easy to use and with the services you and those you
communicated with already use. Right now we have Chrome/Firefox support as
well as an iPhone app...but many other clients soon.

~~~
mnrasul
PGP - one can store the keys on one's own server. In Virturo, it appears it
has to be on Virutro servers. So hypothetically, we could have a Lavabit
moment.

~~~
ravenac95
I think it's been iterated before, but in the future we intend to open source
our key serving software. There's still much work to be done on that front. We
love PGP's crypto, but we found a few problems with it in general:

1) It's hard for the normal person. (The user experience for PGP is just
horrendous)

2) Before you send an email to someone you have to know their public key.

With that said, we have done some research on integrating PGP like public key
encryption along with our current key serving mechanism. With public key,
using Virtru will be essentially equivalent to holding the keys yourself. Look
for more of this in the future :-)

