Discussion in 'privacy technology' started by tehit, May 2, 2012.
or is your mail secure only if you use local mail client based email, and not the web email account?
The "Encrypt Current Window" option available from many PGP/GPG tray icons could be used to encrypt your web mail window content. I'd just encrypt in notepad and copy/paste. You'll have to test it, to make sure the site isn't messing with the formatting, but it should work.
It will make your e-mail secure if you encrypt it locally. As the other guy said, if you use webmail accounts, be sure to do the encryption/signing locally on your own machine. One way to do this is to simply use Thunderbird and configure it to use Gmail.
Do not rely on some third party service like Hushmail, as these services all have the private key.
Not entirely true some 3rd party services will allow the end user to generate and store the private key locally as an option.
Or so they say. Also, we have no idea how well written their crypto implementations are. There are many flawed implementations out there. It takes real expertise and a lot of analysis and debugging to write crypto software.
PGP/GPG have both been well vetted and there are no known weaknesses. I would not put the same trust in some random third-party startup company.
Again it comes down to trust and your own research. Just as you trust the implementation of PGP as well as I am sure you did some research into how it works (At least I hope you have).
Yeah unless you write the code, you have to trust someone at some point in the chain. However, even though open-source does not guarantee correctness, it does at least let us know that the author has nothing up his sleeve. And it also allows independent experts the ability to easily audit the code without having to go through a bunch of red-tape and NDA's.
In the case of PGP and GnuPG, both are very mature projects (PGP about 20 years old. GnuPG about 13 years old) and have been well vetted since a lot of people around the world depend on them. Even so, there are occasionally errors that are found. GnuPG had an error so severe that it allowed people to capture your private key by merely making one signature. Granted, this error only happened with ElGamal signatures (which were not the default and were specifically warned against by the software) but still a pretty big deal. It happened because the author changed the k variable to a smaller value to speed up ElGamal encryption. However, he didn't think about how this change to k would effect ElGamal signing. Basically, it made it so that if you signed even one document, an attacker could get your private key and decrypt everything you've ever encrypted with the key. Luckily some guy found the flaw and wrote a paper detailing it. This is one case where open-source worked very well. Without access to the code, this independent researcher would probably have never found the flaw. Who knows when or if it would have been found.
So, even experienced people make mistakes and one tiny mistake can break an entire crypto-system. When most software breaks or has a bug, it will let you know through odd behavior, crashes, and so forth. Often if there is a minor bug, it is put on the back burner because it doesn't really matter in the scheme of things. Not so with crypto software. When it fails, it fails silently which makes it even more insidious. Crypto systems are like a house of cards -- change one little variable somewhere in the code and the whole thing comes tumbling down.
Another good example is the Debian SSL bug. Some random code maintainer looked at the code and said "Hmm this line of code is repetitive, so I am just going to delete it all together." (He was doing routine "code cleanup.") His compiler was even throwing errors saying the line of code was an issue. So he changed it. Oops! He broke the security of half the internet by changing ONE LINE of code that he didn't understand. It turns out this repetitive line of code had a very good reason to be there and was put there intentionally by the people who did know what they were doing.
This is why crypto programmers really need a solid understanding not only of just programming, but of higher mathematics (specifically number theory and discrete mathematics). They need to understand exactly what each operation is doing and be able to explain why it is (or isn't) correct. Not only that but they need to account for every variable and understand exactly how it affects every other variable. Attention to detail is paramount, probably more so than any other type of programming.
So, after knowing this, would you trust such a fragile system to just some random start-up company that has some unknown guy doing the programming? I wont. I will stick with the mature programs like PGP/GPG.
Separate names with a comma.