Silent Circle and Lavabit launch “DarkMail Alliance” to thwart e-mail spying

Silent Circle and Lavabit launch “DarkMail Alliance” to thwart e-mail spying.

Related: Embattled Snowden email provider returns with new Dark Mail encryption service.

-- Tom

 

thx good read shame its not due till mid-2014.

 

I am having a bad feeling that Google/Yahoo/Microsoft aka NSA will block this development by not allowing their email users to contact users on darkmail. Which would be pretty simple, they could simply claim that the new "secure" protocol has flaws.
Afterall it's against google's interest to have people encrypt their email. They are making money out of reading your emails.... Also I suspect the government is bribing the big companies by giving them huge tax breaks or closing their eye on their tax breaks. Why do you think the giants pay nearly no taxes? It wouldn't be that hard for the US govt to close the loop holes and go after those guys...

 

^^ I'm eager to see the massive spin job Google would have to put on explaining why it would not allow users to communicate with standard xx@yy.zz addresses. I don't think whether they're xmpp or not is relevant. Remember communication between Google and DarkMail addresses would probably use standard e-mail protocols, treated as such by Gmail servers , so Google would end up being criticized for discriminating based not on security or technical reason, but on arbitrary assertions. How DarkMail servers communicate with each other, independently from Gmail, should not be of Google's concern.

 

Tmok, good point here. Im looking forward to darkmail. I just hope they will give it a better name.

 

I was thinking, what are Google and the NSA, etc., going to do to fight this? Obviously they're not going to just sit back and watch everyone go dark, as it were.

I think it will be easier for Google to fight though. People won't understand the technology or what its point is, even if it's easy enough for Grandma to use. So they won't necessarily be flocking to it. After all, if we all signed up for Countermail, we'd automatically be communicating with PGP through a system basically as easy to use as Gmail. But people are not doing this in mass.

Moreover, obviously encryption would undermine Google's marketing business model, so they won't impliment it. If people want private email, that can't monetize personal information to cover its costs, then they're going to have to pay for email service. I think when it comes down to the competition between privacy and free, almost no matter how low the cost, people are going to choose free. People are kind of irrational about things that are free. (http://gawker.com/5920613/supermarket-offers-free-groceries-to-first-100-naked-shoppers)

In addition, to jump out of the Gmail mothership, people will have to give up all the other convenient services interlinked through their Google accounts. I just don't see people doing it for privacy. People under a certain age don't even care about privacy they way older people do.

So in the end, no matter how easy, I think the adoption problem is going to be really hard to overcome.

 

RT.com interviewed Phil Zimmermann regarding the DarkMail Alliance. This segment seemed odd. From the interview:

I can't see why the FBI or the military would need this. They could surely implement their own. I would be more inclined to believe that they'd use the access to attempt to exploit it or inject code.

 

Good idea, bad name.

 

You make some interesting points. A couple of comments. Darkmail for lack of a better phrase is an interlay snapin that a provider can chose to incorporate or not. Darkmail is unlike any secure email service. It is designed to target large pre-existing email services. Will Google adopt? In my opinion that depends on what happens with their advertising-datamining business model. If for instance Google looses the lawsuit that is currently being litigated to force Google to stop customer datamining/targeted advertising they will lose a large revenue stream and will have nothing holding them back from going secure. Money leads commerce. The amount of money the giants make on datamining is massive. My suggestion is watch the current lawsuit. You are right people are not flocking to Countermail. I am obviousely excited about the prospects of Darkmail being billed out as an addon. We may be looking at the birth of a new protocol that has the potential to go viral.

 

CM is expansive. And basically for $50 a year I got nothing more than what I get with Runbox unless another person has CM.

 

The paradigm shift has happened. People, over decades, have been conditioned to ditch certain values and this most certainly includes privacy. Now its a value seen as something no longer desirable. Older people eventually "die off". For the most part now a lot of people don't think twice about trading privacy for other stupid things like THEIR 15 minutes of fame.

Absolutely.

My thoughts too.

 

I'm really not holding my breath for Google to lose that lawsuit. The courts these days are pretty predisposed to favor anything that helps business. And in any case, Google's entire business model is advertising/datamining. If they lose that revenue stream, I think they (and Yahoo and others) would just cease to exist. I don't know what the incentive would be anymore to provide free services like they do without their advertising revenue stream.

So that brings us back to, the only way people are going to get private, encrypted, email serives is by paying for them. As long as there's a free (but non-private) alternative, I don't see it happening. If by some completely improbably occurence, the business model for the free services is killed by the courts and everyone has to pay anyway, then it's a whole different game and maybe private encrypted services could become the norm. But that seems more like a dream to me, than anything that might realistically happen.

So I am excited about Darkmail too. I just think it's going to be a niche thing. I mean, if people really wanted privacy, why aren't they already just using Thunderbird and Enigmail? They could use that with their existing Gmail, etc., accounts. Why isn't everyone already just using Chatsecure, Textsecure, or Redphone? Just download the app for free and go. It couldn't be easier. But it's not happening. That's why I think this isn't a technology or ease of use problem, it's and adoption problem.

 

I use those apps, but I definately think it could be easier. PGP can be tricky on my Android systems and a friend of mine had some problems with it on her Mac when she updated the system. Redphone is free for Android but I think it costs something for iPhone. Jitsi etc don't work as reliably or well as Skype and can involve setting up SIP/XMPP accounts. And of course the main problem is still that people want to keep using whatever they are used to and encryption makes it harder. For example, most people who are used to using MS Outlook and happy with it don't want to switch to Thunderbird or cannot because it's what they are given at work.

 

I'm sure you're right that it could be easier. And I am hopeful that someone comes up with something so elegant and easy that it inspires wider adoption of encrypted open source communication.

To be truly widely adopted, I think it would require some way to be seamlessly integrated with the most popular email services already in use, such as a Firefox or Chrome plugin that woud just automagically encrypt email sent through Gmail or Yahoo's webmail client. It's hard for me to imagine the reason why Google or Yahoo or Hotmail would elect themselves to impliment the Darkmail system, since it would subvert their business models.

Of course, if everyone independently started encrypting their email, that would also hurt the Google, etc., and might effect their ability and willingness to provide free email, so I'm not sure how that would play out.

What if Google sent people an email saying: "We see that you have elected to encrypt your email. We support and encourage strong user privacy. However, our email service relies on advertising revenue in order for us to provide it for free. Hence we must charge X fee to users who prefer the privacy of encrypted email. If you would like to continue to receive your Gmail and other Google services for free, simply opt out of your encryption at any time."

I can see a lot of people backing away from encryption at that point. Look at Facebook, everytime they do something to reduce people's privacy, there's a minor uproar and then everyone forgets about it and accepts the new less private regime. I just don't see people giving up the free services they have come to love and rely on, for the sake of privacy.

 

If Google charged every user on the planet, $5 a year, they'd probably make more money. We really need to get people away from thinking $5, $10, $20 a year is a lot of money. Drink one less Grande' Moca Latte per year for goddness sake. A subsidized flagship phone is still $200...and post paid service rips you off to the tune of about $50 per phone line, compared to pre-paid...so it's just a perception. I agree, people need to change their perspective, and that is the major hurdle.

 

I completely agree with you. But the reality, I think, is that if Google started charging people $5 a year for their services, they would lose most of their users. Even $1 might do it.

People are crazy about free stuff. It is much more of a hurdle than I think others often realize. I refer again to this link, as a demonstration of how insane people are about free: http://gawker.com/5920613/supermarket-offers-free-groceries-to-first-100-naked-shoppers.

In fact, I heard a whole radio show on NPR's Planet Money, a while ago, about things that are free and studies done on this. Apparently even worse than things that are free is things that were free and then you try to charge money for it. That really makes people behave irrationally.

Apparently U.S. Veterans, seventy years later, still hold a grudge against the Red Cross for charging soldiers for donuts during WWII (at the request of the U.S. Secretary of War) that had previously been free. Even though for the subsquent 70 years the donuts have been free. But people are still complaining about what the Red Cross did in 1942, even though they reversed course. Donuts. Good luck to Google for trying to charge money for anything.

 

Do you really think that? You must have missed many things:
-CM are under Swedish jurisdiction and swedish laws, Sweden still have better privacy laws than many other countries
-We don’t log IP-addresses
-You can pay anonymously if you follow our instructions, or simply just use Bitcoin
-Incoming email will be encrypted to your public key, which means no emails will be stored as plaintext on our server, only in encrypted format
-We have an USB-key option, which gives you two factor authentication, and increased protection
-Our customers never have any direct connection to our mailserver, regardless how they connect to their account, IMAP/SMTP/webmail always connects to a diskless server (tunnel)
-You can delete the private key from our server (but we recommend this only for advanced users, your private key is always encrypted on our server anyway)
-We have an additional encryption layer to protect against man-in-the-middle attacks, we also use full disk encryption on our mail server, a physical "theif" would not get any info

As far as I know, Runbox have non of the above. OpenPGP is not locked to CM, its an open standard that anyone can use.

 

they could offer a $5 per year option for people wishing to opt out of advertising-datamining. but NSA would still datamine you.

 

That is true. But CM user emailing gmail user will loose all privacy. The message will still end up being plain text and scooped up by the three letter agencies. Now if I could convince my friends to pay $50 per year for their email then I would be golden. However that is not gonna happen. Maybe when I get a little bit more rich I will buy 10 accounts for all my family members and then I could truly have my privacy.

 

No, you can send PGP encrypted email to GMail users also, there is no limit, as long as the recipient have an PGP keypair. They can use, for example Thunderbird+Enigmail+Gmail.

It's all about motivation, if some friends don't care, then never send any sensitive info to those friends. Since the Snowden leaks, more people have been interested in learning IT-security, for example PGP.

 

Yup. My friends don't care. So even if I get CM and my mailbox is kept safe then all my emails get scooped up in here in the US of A because people use Gmail here like a plaque and they are not gonna do PGP.
I don't really have any sensitive info, Im just a regular person who a is a strong believer and support of the constitution of the united states and wants to have minimal privacy when sending an email.

 

For me it's the opposite, approx 80-90% uses PGP. Even my non-tech sister, but then of course she got the CM-account for free
We are going to introduce some discounts for Linux users.

 

Maybe, but it would go so against Google's business model, I still don't see them doing it. It doesn't seem like a precedent they would want to set. And given that they bend over backwards to try to pretend that they protect people's privacy and that only machines see your email, not people, etc., all for the purpose of convincing people it's really okay and not a violation of privacy, offering the possibility to opt out would suggest maybe it's not all as innocent as they claim, undermining their own PR. So for that reason also, it's also hard for me to imagine them doing it.

*

Somebody ought to create a version of Thunderbird where you just hit a button to turn on PGP encryption and that's it. I think people could be convinced to do that. But it needs to be that simple. The biggest hurdle would be getting people to use a different email client, if they're not already using Thunderbird. Or a browser plugin that automagically encrypts your email in Gmail's webclient, with PGP. It looks like things like that may already exist, but not at the one button and it's on level.

Fortunately, it does seem like there's a lot of interest now in making more user friendly (grandma could use) encryption solutions.

 

@Countermail - I am a strong user and advocate of PGP. I had actually thought about going to Countermail. One thing you said here will forever keep me from using your service. The fact that any PGP private key of mine would ever under any circumstance be on your server is a straight deal killer. Any service that requires this even for the briefest moment should be strictly avoided. Sure, I could delete my private key from your servers. What absolute 100 percent rock solid assurance do I have that you haven't recorded it elsewhere? The only assurance possible is for you to never have that key in the first place and with the design of your service you can't really accomplish that now can you? Sorry to sound harsh, but I support the integrity of PGP more then I do any individual service.

 

1. Sounds like you don't know how well a private key is protected? The raw unencrypted secret key (and password) is NEVER on our server, only the encrypted version: https://support.countermail.com/kb/faq.php?id=61

So far, no organization has been able to decrypt any of our private keys. If someone would manage that, it's because the password must have been very week for that key. We use an iteration code of 192 on our private keys, while many other PGP tools, like GPG/Enigmail only use code 96 as default (which equals to 65k of hashing). An iteration code of 96 is too weak nowdays. In many cases, our private keys have higher protection than self generated keys. I recommed to check the iteration code with GPG:
"gpg --list-packets your_privkey.asc"

This is probably the most common "myth" about PGP, that anyone with access to the private key can use it to decrypt data, in fact, it's useless without the password. As long as the private key protection is good enough.


2. The second thing you must have missed is that you can use your own keypair, just send us the public key when the first registration is over. I have written about it here on Wilders and we also have an FAQ on this:
https://support.countermail.com/kb/faq.php?id=84

We support PGP in every way possible.