
E-mail's Big Privacy Problem: Q&A With Silent Circle Co-Founder Phil Zimmermann - 2a0c40
http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-problem-qa-with-silent-circle-co-founder-phil-zimmermann/
======
acabal
The surprising takeaway for me is that PGP is so astoundingly crappy to use
that _even Phil Zimmerman_ asks people to send him plain text mail. We've got
to do something to improve the state of things here.

~~~
david_shaw
_> The surprising takeaway for me is that PGP is so astoundingly crappy to use
that even Phil Zimmerman asks people to send him plain text mail._

I agree that that was surprising, but I can't take it without a grain of salt:
he _is_ the co-founder of a company releasing alternatives to e-mail+PGP for
privacy. That's more than a small conflict of interest.

I'm also not sure I understand his point regarding email privacy vs. message-
app privacy. Either of them could easily be subpoenaed in the U.S., and moving
either of those services off-shore should theoretically provide the same
protection.

Maybe the messages will be stored on Silent Circle servers in an encrypted
state...?

~~~
autodidakto
>That's more than a small conflict of interest.

It seems that he refuses to acknowledge the existence of GPG, even when
complaining about using PGP on the Mac. GPGTools for the mac is the best PGP
email experience between Linux/Win/OSX, yet only Symantec's PGP is considered.

I just don't get it. He wanted to close the service before getting a NSL. He
couldn't give it a day? He copies off the employee email but dumps his
customers' email? (Even the lavabit guy kept the customer email). This crypto
hero knows better than to recommend a fake-crypto solution (hushmail) instead
of simply saying "don't use email for anything private".

------
StavrosK
Whenever I see a thread about the security of email these days, I think we're
missing the point by a large margin.

Yes, email is insecure. It is not possible for a company like Silent Circle to
provide perfect security for email, therefore it was a wise move to drop it.
However, the average person should want to prevent large scale/dragnet
surveillance of the entire population and themselves, rather than aim for
perfect security.

The problem we have now is that email is very easily trackable _because
everyone is using the same two email providers_. All the NSA has to do is get
their hands on Gmail, and 50% of the people who use email will have it
compromised (since they only need to get one side to read the other, too).

We have an email server monoculture. If everyone started using their own mail
server (with TLS enabled), large-scale tracking people would be much, much
harder. There's not much people can do if they're specifically tracked,
anyway, so using your own email server gets you all the convenience with _a
lot_ more security.

I think the best thing to do now would be to create a mail server package that
someone can deploy with one command. "docker run whatever/mail", for example,
to get you a TLS-enabled server, configured properly to stop spam attempts,
etc. We don't need to use GPG to make large-scale surveillance harder, we just
need to use more email servers.

~~~
northwest
> We don't need to use GPG to make large-scale surveillance harder, we just
> need to use more email servers.

We _definitely_ should encrypt _everything_ , whenever possible.

~~~
StavrosK
Sure, but it's clearly way too much hassle for everyone to encrypt email all
the time. By moving to decentralized servers, we do a lot to mitigate the
problem while preserving convenience.

------
zdw
Most people are stunned by the way the internet email system is set up. I
probably have to explain SMTP error codes on a weekly basis to people who
don't get why it doesn't "just work".

A common conception is that it works like the telephone system - you make
connections all the way through, then send the message. Bounces? Delays? How
could those happen?

It's stunning to talk to newcomers about how things were before the internet
came to exist as we know it. Mail routing via bang path with UUCP? How many
people on HN even have seen that?

The problem is that we need a forklift replacement for SMTP and mail
envelopes, both of which which have crypto built into it at a fundamental
level.

Switching everyone over to SSL wrapped SMTP would be a good stopgap for the
transport portion of this, even if it's just self signed, with some sort of
HSTS style cert persistence.

~~~
gnuvince
Do people create new, open protocols anymore? I feel that if someone decided
to tackle the "email is insecure" problem, we'd end up watching a video on
Kickstarter about how cool their new Ruby on Rails SaaS is.

~~~
zdw
HTTP is probably the most recent "internet spanning" protocol that has wide
use. You could probably make an argument for XMPP (jabber) as well. The
message passing libraries like 0mq and similar could probably be viewed like
this.

More important than protocols are the data interchange formats that they leave
behind. SMTP envelopes are particularly horrible to parse. I'd like something
newer, but I think it would lead to feature-itis that has given us
abominations like base64 encoded MIME attachments (seriously, what system
isn't 8-bit clean in 2013?) , HTML mail (used mainly for spam), return
receipts (aka "automated privacy violation"), etc.

------
zokier
Zimmermann advocating Hushmail. That's curious. Also imho deleting user data
without warning is kinda non-pleasant even in todays climate. Of course you
should have had everything backed up, but I'd guess many people didn't.

~~~
jseliger
_Zimmermann advocating Hushmail. That 's curious._

I think it's one of these situations in which perfect/optimal are the enemy of
good: Hushmail is a major improvement, privacy-wise, over, say, Gmail or
Hotmail, especially for people communicating from one Hushmail account to
another.

Hushmail may have its own issues but using it is still a net gain for most
people.

~~~
Zigurd
Hushmail took a different path from Lavabit: Hushmail openly announced that
they will comply with court orders, and that their applet interface WILL be
compromised under court order. They also point out that client-based
encryption is outside their control.

That leaves open whether Lavabit was going to be compelled to send malware to
their customers, and whether Hushmail might face the same problem.

All that means email probably is a poor choice for secure communication - the
conclusion Silent Circle came to. If you want to communicate, use something
that doesn't offer a target for the TLAs to lean on.

It will be interesting to see if webrtc gets compromised.

------
dobbsbob
Problem is the mobile end device is incredibly insecure. You'd have to custom
build an o/s to NSA fishbowl specs and then drop in Silent Circe, but even
that wouldn't guarantee privacy since all of us have SIM cards with unknown
carrier installed apps on them, and unknown software running on the baseband
(which is typically in ARM supervisor mode w/no NX bit)

Also interesting the inventor of PGP and guy who once went against the gov
tells people to mail him in clear text and uses a closed source OSX blackbox.

~~~
AJ007
The general consensus seems to be that if you are specifically targeted, there
is very little in your power you can do. Few people are going to throw away
any electronic device they own when they have the slightest suspicion about
it.

My opinion is that specific goals should be acknowledged and agreed upon.
These are things that will do little or nothing to protect dangerous criminals
but will prevent dragnet surveillance, political blackmail, and what
essentially amounts to a consolidation of power by kleptocrats (which is
either the state the US is in now, or will soon be.)

The following are goals, each representing its own layer. A) would be a very
good start. Each additional layer is helpful, but the first priority is A.

A) The end of plain text communication. There is no reason two parties
communicating digitally should have their communication readable by anyone
with access to the data stream. Ignore the NSA for a moment, any nation your
data passes through you should assume is being spied on -- very serious
espionage concerns for any business public or private.

B) Client side end to end encryption when two parties are communicating with
each other. Currently this would put an end to contextual email advertising,
stifle history, search indexing, and usage metrics collecting. However, there
are potential options here such as Crypton.io.

C) Open source software as a service. Lavabit, Silent Circle, and others have
a big dilemma -- they can not prove they are not spying on their users. If a
software-as-a-service provider is the one doing the encryption, even "client
side", there is the possibility of a security compromise, through a court
order or otherwise, by modifying how the software executes. Most certainly an
astute security researcher would discover something was amiss. The average
user may not. The more serious issue is rather the destruction of that
business's credibility when a problem is discovered (this is hacker news after
all, presumably you are here because you run a start up or internet business.)

The best solution -- separate the encryption layer from the service provider.
Dropbox (allegedly soon to be complicit with PRISM) can't provide a lot when a
user syncs a TrueCrypt volume. What about Silent Circle? Is it really secure?
Or Spideroak? We don't know. While their work is admirable, forced automatic
updates could break the security. Lack of source code means lack of public
auditing.

Both Silent Circle and Spideroak could alter their business models to become
substantially more secure. For example, if a particular country has a
draconian data retention law and you operate in that country, then your
business should not store data nor have any business interest in storing data.

There are numerous trends that have made security slide out of fashion. We
want metrics on everything to optimize our UX. We want deep demographic,
behavioral, and contextual data to maximize the amount of money advertisers
can spend. Users want plug and play software that just works with the press of
a button. View all of these as both obstacles and opportunities to build
better versions of what exists today. Software development is getting cheaper,
easier, and faster by the day, unlike, say, drilling for oil.

Good luck.

~~~
chakalakasp
I like the idea of syncing a TC volume into drop box. I don't like the idea of
re-upping a 10gig file every time I change a word document.

~~~
tombrossman
You can use EncFS [1] (Linux, FreeBSD, OSX) instead. This is far more
efficient. I'm using it with Dropbox and it was fairly easy to set up and
works well.

You can make things even easier by using Gnome EncFS Manager [2] (Ubuntu,
Debian, Fedora, OpenSUSE, Arch) to automate mounting encrypted drives or
folders. The GUI is simple and intuitive.

Basically, any directory or drive you can write to can be mounted as an
encrypted container of individual files.

[1][https://en.wikipedia.org/wiki/EncFS](https://en.wikipedia.org/wiki/EncFS)
[2][http://www.libertyzero.com/GEncfsM/](http://www.libertyzero.com/GEncfsM/)

~~~
AJ007
Very good, this is news to me. Truecrypt+Dropbox provided an example I thought
everyone would understand, but it certainly is less than ideal.

------
tiatia
Email should have end to end encryption via a peer to peer system.

* Problem with message encryption solved, as long as the OS is not compromised. I currently use GnuPG but very few of my friends do.

* Header information The "topic" of an email can be encrypted without problems. We still have the problem that a sniffer knows WHEN, HOW MUCH and with WHOM you communicate. Encrypting this information just for the next knot will make it harder for a sniffer. Also such a P2P email client could randomly send out stuff and connect with random other clients. Basically a special form of spam that gets ignored by the receiving client. The idea behind this "spam" would be to lower the singal/noise level.

~~~
pyre
Like a Tor / Onion protocol for passing P2P messages?

~~~
tiatia
Yes. Like that.

Plus random messages send to different users. Something like enforced SPAM
that is marked as SPAM inside the encrypted message. Your Client can decrypt
the messages and discard the SPAM automatically. Sometimes the client can even
reply to such a SPAM message automatically.

THis makes it easier to hide with WHO, HOW OFTEN and HOW MUCH you are
communicating.

~~~
pyre
I'm not sure that the SPAM messages are necessary. I don't think that you can
do traffic analysis of this sort on Tor without compromising the local machine
(you want to monitor) or something like >15% of the Tor routing network.

------
northwest
> "[...] so what are you suggesting those customers do now?"

> _" Hushmail has a fairly secure email service. [...]"_

Pretty surprising, coming from a guy like him. A little reminder:
[http://www.wired.com/threatlevel/2007/11/encrypted-e-
mai/](http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/)

------
616c
Interesting that Forbes interview him and the Lavabit founder. Honestly I
expected far less from this rag regarding computer and privacy issues given
other links here and elsewhere, but there is always time to be surprised.

~~~
RexRollman
Forbes has had a few good articles on this subject over the last year or two.

