
 Encrypted e-mail: How much annoyance will you tolerate to keep the NSA away? - greenburger
http://arstechnica.com/security/2013/06/encrypted-e-mail-how-much-annoyance-will-you-tolerate-to-keep-the-nsa-away/
======
aroch
Nowadays is GPG/PGP-ing your emails really that hard? Thunderbird supports GPG
on all platforms, Apple's default Mail works with PGP/GPG, I'm sure there are
plenty of windows clients that do the same. In additional, online providers
like Hush are bringing PGP to the masses without them having to know what in
fucks name it is.

Even if you don't encrypt every mail you send, signing is a good idea. Is it
unnecessary in many circumstances? Yes, but at least I find it nice to be able
to verify authenticity. I don't understand why my bank (Wells Fargo) can't
figure out how to sign all their emails [1].

______

1:
[https://www.wellsfargo.com/downloads/pdf/com/cps/Secure_Emai...](https://www.wellsfargo.com/downloads/pdf/com/cps/Secure_Email_User_Guide.pdf)

Yes, they can sign some emails...but it requires someone inside WF "sponsor"
you to be added to their PKI and it still won't lead to signed or even
encrypted emails for online banking. WF is also particularly egregious in not
offering _real_ 2FA...they count a username AND a password as "two factor
authentication". _sigh_

~~~
betterunix
"Nowadays is GPG/PGP-ing your emails really that hard?"

Try convincing people to not use webmail and accept the fact that they cannot
just check mail on whatever random computer they come across. I speak from
experience: this is the biggest hurdle.

~~~
aroch
Have them use Hush, or any number of the in-browser GPG/PGP extensions that
will encrypt your gmail then! At least their webmail is encrypted then (and
Hush integrates with most of the notable PKI servers). You have to start them
somewhere, just lamenting about it isn't going to change anything. I've moved
my family and friends into GPG over the lsat few years and now I receive GPG-
encrypted mail more often than not.

~~~
betterunix
Browser plugins are good, but they do not solve the problem most people have
complained about to me: that they cannot check their mail on their friend's
computers, at the library, etc. Hushmail is snake oil, I would not recommend
it to anyone and I doubt that it is even relevant to the problem at hand (how
to communicate privately in a world of NSLs).

~~~
ippisl
Use a USB key with everything installed on it in a portable fashion. The Tor
Browser Bundle is something like this.

Two issues with this method are that TOR is 80% funded by the us government,
using a computer opens you to backdoors.

But at least that's a good start.

------
snarfy
I can't support arstechnica anymore after the hatchet job done by joe mullin
against snowden.

[http://arstechnica.com/author/joe-
mullin-2/](http://arstechnica.com/author/joe-mullin-2/)

How would you feel if your hacker news posts over the years were trolled into
a very personal post about you on hacker news, done by a hacker news employee?
The whole thing is creepy.

~~~
untog
I'm sorry, but since when has quoting what someone publicly said been a
"hatchet job"? 90% of it is quotes of what Snowden said, there's very little
commentary. As the article pointed out, his identity on Ars Forums was already
outed by Buzzfeed.

~~~
Cushman
The term you're looking for is "quote mining". If you take only the most
opinionated parts from a large enough corpus, you can make almost anyone seem
like an obsessive radical. It's all the more dishonest for that it claims
honesty on the basis of technical truth.

(I challenge anyone investigating my past to include this tidbit :)

------
IBCNU
I'm surprised more people haven't read between the lines: the NSA is in
possession of quantum computers and interference based decryption is probably
already in standard use. Insiders also have dropped hints the Tor networks is,
in fact, a trojan horse. We basically have two * extreme * options: 1) a
trusted courier with a sealed envelope (don't underestimate this Game of
Thrones like scenario as the US Military defeated itself in the largest
wargame in the gulf by using courier, sealed envelopes, and motorbikes) and 2)
quantum cryptographic communication. The latter is still only the realm of
university labs and down at LANL but I read a paper which stated it's
physically possible to pass keys along ethernet cable, but all parties need a
device which acts as a gate. This in turn opens up Alice and Bob to
traditional decryption methods if they're not air gapped from the web.

~~~
gibybo
Quantum computers do not allow you to break all public key cryptography, they
only allow you to break the common forms in use today.

For some example algorithms that are not vulnerable to quantum computers, see:
[http://en.wikipedia.org/wiki/Post-
quantum_cryptography](http://en.wikipedia.org/wiki/Post-quantum_cryptography)

Also, it would be quite remarkable if the NSA had quantum computers capable of
breaking 2048 RSA or PGP keys. Possible, but extremely unlikely.

~~~
__alexs
> Possible, but extremely unlikely.

It doesn't seem improbable that the NSA are already recording encrypted
communications because they are cheap to store and and have a reasonable
chance of being broken in the future. They don't even need to break the
algorithm for that data to become useful.

In particular SSL encrypted web traffic of sites they suspect they might
physically raid (or have cooperation with) in future seem like an excellent
target. Although hopefully the increasing awareness and deployment of perfect
forward secrecy should help with that attack.

~~~
kimlelly
Exactly, the only real solution I see is to break up the government into many
small governments, with small budgets, and controlled by the people.

Not the other way round.

------
xradionut
Meta Comment: Considering that Ars is mining their forum database and pissing
off members/subscribers to post tabloid-style shaming articles about the NSA
whistleblower, I believe the first step in privacy is to avoid visiting their
web site ever again.

~~~
Spooky23
Actually, their approach was pretty reasonable. Another site did it before Ars
did in a more tabloid manner.

~~~
xradionut
As a long term, now former subscriber, I have to disagree with you. It's all
about the page clicks today, fuck the users.

------
peter487
I am not sure if such system existed in the past or if I read about it in some
sci-fi book, but it worked as follows:

You generated your key pair. In (almost) every country in almost every city
there were “key signers” (basically trusted members of the PGP community). You
met with them and they verified your identity and signed your public key. You
needed to visit couple of them to get enough signatures to obtain certain
level of trust in the PGP community. Once your level of trust was high enough
you could start signing keys of other people. Too good to be true I guess…..

~~~
narcissus
As far as I know, that's pretty much how it used to happen. I do believe there
even used to be things called 'key signing parties' which was just a way to
get a heap of people to do it en masse. Not to be confused with simply a 'key
party', though, I presume.

~~~
joeyh

      joey@gnu:~>gpg --recv-keys 2512E3C7
      gpg: requesting key 2512E3C7 from hkp server pool.sks-  keyservers.net
      gpg: key 2512E3C7: "Joey Hess <joeyh@debian.org>" 24 new   signatures
      gpg: Total number processed: 1
      gpg:         new signatures: 24
    

KSP's still seem to be alive and well. I'm sure the NSA has long since pulled
in this info about the people I met and signed keys with at Linux Conf
Australia this winter. (Of course I Have Nothing To Hide.)

If you're using any Linux distribution, there is certainly use of the web of
trust at many points in the development, build, and delivery chain of its
software.

------
gesman
Encrypting email would only make sense if both sides are equally encrypting
it. If you're using the most paranoidal encryption, but your email buddy does
not - than it's all just plain silly.

But even then if Joe and Bill suddenly got smarty-pants and started encrypting
their communication - NSA would get suspicious and _will_ find out what you
guys are up to via other channels.

"The best way to hide information - is to convince others that it does not
exists" \--Me

~~~
gesman
PS: The ultimate solution would be to use Tor-based email (similar to
tormail.org) at both sides _AND_ encrypt it from both ends.

Then NSA does not know who is communicating and NSA does not know what they
are talking about.

Problem solved.

~~~
enraged_camel
>>Problem solved.

I wouldn't be so sure. Snowden was hinting at the NSA having the mechanism to
break encryption. I lost the exact quote, but it was a direct response to the
suggestion that we encrypt everything, and was something along the lines of,
"you wouldn't even believe what the NSA is really capable of - it's scary."

Even if they don't have the means to get around encryption, you still aren't
fully secure. What if you have a keylogger installed on your machine? What if
the hardware itself has been designed to aid the NSA? Intel, after all, is one
of their regular collaborators.

~~~
tomjen3
If NSA can break modern crypto (especially if they can do it in real time)
then it is a secret at least as big as Ultra/Magic and the NSA wouldn't ever
dare to use anything they found on you this way, even if it was the only way
to prevent another 9/11.

------
junto
Are there any heavily supported projects that seek to replace email as we know
it with a 'secure by default' implementation?

I.e. One that keeps the decentralized simplicity of email as it is today,
whilst both securing it and removing the negatives, such as spam?

If Microsoft, Yahoo and Google got together they could flesh this out, and as
long as the specifications were open and license free, then other third
parties would start to develop SecMail servers.

~~~
betterunix
How is PGP not a solution here? You are (a) using the email system, (b) your
messages are privacy, and (c) your mail client will perform spam filtering. If
you need to hide _who_ you are communicating with, there are anonymous
remailers, or you can broadcast your encrypted messages over Usenet.

Really, these problems were already solved a long time ago, but people thought
it was just paranoid to even suggest that the solutions were necessary.

~~~
junto
Explain PGP to my old mum. It has to be a seamless replacement, without
barriers to entry. PGP is certainly not easy for anyone, and that's the
problem. It also depends on the receiver and sender having the same technical
knowledge. Again not seamless.

~~~
betterunix
"PGP is certainly not easy for anyone, and that's the problem"

I have managed to explain it to people with _no_ technical background, and
they were able to use it within a day. It is really not that complicated. Most
people give up on it not because of the difficulty of using it, but because
they want to be able to read their email from whatever random computer they
happen to find lying around. Smartcards are part of the solution, but you
would need browser support (yeah, I am looking at you Mozilla) and the
willingness to buy them.

The _wrong_ approach is to assume that everyone is completely stupid and
absolutely helpless. People in general lack knowledge about computers; they
does not mean that they cannot be taught something new.

~~~
mpyne
Firefox supports smartcards. I actually like it better than IE, though it was
difficult to make the initial setup happen.

------
zeidrich
I wonder how much the use of methods to avoid detection by the NSA triggers
warning flags that puts you under more individual scrutiny.

Sure, you can encrypt most things, but then maybe you look suspicious so you
get special attention. Can you encrypt everything? Of course not.

~~~
kimlelly
Maybe.

But the real problem is: encryption is really only a short-term solution, we
need a more fundamental one, see:
[https://news.ycombinator.com/item?id=5879308](https://news.ycombinator.com/item?id=5879308)

~~~
betterunix
How is encryption a short-term solution? We want to be able to communicate
privately, without having to trust Google or Facebook to respect our privacy
or protect us from external threats. The answer is to encrypt our
communications. In the case of social networking, we probably need something
more sophisticated than just public-key encryption, but researchers are
_already_ presenting solutions:

[https://www.cis.upenn.edu/~arielfel/pub/Frientegrity-
UsenixS...](https://www.cis.upenn.edu/~arielfel/pub/Frientegrity-
UsenixSecurity2012.pdf)

If the government will not respect our privacy -- and frankly, there is no
reason to believe they will -- then we need to take matters into our own
hands. We need to use cryptography to protect our privacy, so that no matter
who comes into power we can communicate privately. That is a long-term
solution, one that outlasts the government.

------
pandog
They appear to take a SHA1 Checksum from an unencrypted (non-HTTPS) website to
verify the integrity of the download.

Surely if you're worried about the integrity of the file you should also be
worried about the integrity of the source website also?

~~~
croikle
Yep, they're still rather vulnerable. I guess their approach would stop a dumb
MitM which just replaces any .exe download. It also protects against the
download server being compromised, assuming the original server is fine and
your connection is clean.

The best way is to check the signature, but that requires GPG in the first
place (and trust on the key remains hairy). At least they could serve the site
with HTTPS (GPGTools does this right).

------
annon2003
We are now using S/mime and in today's Apple+Thunderbird products it's
completely built-in and pain-free. Set it up once and after that all emails
get encrypted automatically, you don't even need to press a button. Provided
of course that You were able to convince your colleagues to invest those 10
minutes to set it up as well. PGP Was painful because every Mail.app update
broke it, not sure about the current state-of-the-art there. But the whole
point should be: it is not much of an annoyance anymore! Zero annoyance after
installation, Works even on your iPhone etc.

~~~
tigerente
Since it's latest update from end of March, MacGPG is fully compatible again
with 10.8.

------
lazyjones
First things first.

PGP is useful, but pointless on a system that may be compromised/backdoored at
any time (e.g. Windows, iOS, Android ... ). So the first - and possibly most
annoying - step would be to install a secure OS.

~~~
giardini
"...a secure OS."

And that would be ???

~~~
lazyjones
> And that would be ???

A mostly secure linux distribution booted from a read-only device would be a
good start.

c't Bankix is such a distribution, made specifically for secure online
banking: [http://www.heise.de/download/ct-
bankix.html](http://www.heise.de/download/ct-bankix.html)

------
druiid
I think it not outside the realm of realistic to imagine that the NSA has the
ability to break all/nearly all encrypted data with ease. I mean, I have had
quite a few friends with PhD level mathematics degrees hired by the NSA.
Haven't heard from them in a while, but I can guess at the reasons behind
hiring people like them.

Basically I would say the question isn't if we should encrypt e-mail (I think
we should in general, regardless of NSA spying), but instead what encryption
methods (if any) exist that would be beyond the capabilities of the NSA to
easily break.

~~~
IBCNU
New startup concept: 3d printed wax seals!

------
petilon
Why do you even want to keep the NSA away? I am more worried about companies
such as Intelius than the NSA.

Private companies such as Intelius are posting my personal information on the
internet.

Anyone who knows my real name can search the internet and find out where I
work, my home address, my spouse's name, my home phone number and my age. I
didn't put any of this information on the internet, in fact I don't even have
a facebook account. Private companies collected and aggregated this
information and put it on the internet. Some of the information came from
public records (for example, home address from property ownership records),
but some was very private (such as my home phone number, which is not even in
my name and rarely given out). This is a huge violation of privacy and I have
no way of stopping it. Anyone that wants to harm me can find out where I live
with a few clicks of the mouse.

I am not worried about the government spying on me. I am very worried about
these for-profit businesses spying on me and outing my information on the
internet. Why isn't arstechnica writing stories about that instead?

~~~
superuser2
>I am not worried about the government spying on me. I am very worried about
these for-profit businesses spying on me and outing my information on the
internet. Why isn't arstechnica writing stories about that instead?

You have the right to a private conversation. You don't have the right to a
secret existence. Directory information (like a phone number) is not _that_
private because there's nothing anyone can really do with it besides call you.
We don't really recognize a right not to be called. Your phone records,
however, lead to information about your friends, lovers, and business
dealings. Exposure of that information is a much bigger deal to most people
than the mere fact that they exist.

------
cheyne
I'm just using [https://www.noteshred.com](https://www.noteshred.com) to send
private messages. I can't be bothered with encrypted email software

------
znq
What about Android and iOS? Any recommendations on email clients with a
somewhat good user interface and experience?

------
tokenizerrr
Anyone know why it is that banks and the likes are not signing their emails?
Seems like the perfect use-case.

~~~
lloeki
Mine used to (via S/MIME). They fell a year or two ago back to a CYA
boilerplate text that reads "email is inherently insecure _blah blah blah_ ".

------
chiph
Hmm. Need to add my public key to my About page. Thanks for the reminder.

I wonder if I can add it to my LinkedIn profile?

