Question: Flaw in Unseen.is Encryption chain?

Discussion in 'privacy technology' started by phkhgh, Mar 30, 2014.

Thread Status:
Not open for further replies.
  1. phkhgh

    phkhgh Registered Member

    Joined:
    Aug 17, 2007
    Posts:
    166
    Some of you are familiar with Unseen.is as a "private" email / chat / VOIP provider (not all are fully functional yet).

    Currently, they provide PGP based email encryption between Unseen.is registered users, using public & private keys, that users generate & store using their (PGP based) software. Users public keys are stored on their server & (for now) users import their private key to their acct., each session.

    From there, if users choose to use encryption, for mail between Unseen users, it "automatically" encrypts the message & decrypts it for the sender. I've tried it a couple of times & that's the way it seems to work, along w/ their basic explanation. Fine so far.

    The basic concept of encrypted transmissions is, it should never be unencrypted, outside of users' computers. Otherwise, someone could intercept it in transmission (that assumes computers themselves aren't compromised).

    Isn't there a flaw in Unseen's methods for "total" encryption security? It's true, each Unseen user imports their private key to Unseen server each session. But the encryption / decryption takes place on their servers, not IN users' computers. The recipient may be 1K - 10K miles away Unseen servers.

    Received mail is encrypted when it hits their server, using the recipient's (Unseen user) PGP key, then decrypted on Unseen's server when recipient request it, then delivered to recipient (using only SSL). Other than SSL / TLS encryption used in transmission, doesn't this pose a real risk for the data being intercepted? What about the time from when messages EITHER leave senders computer till it reaches their server & is encrypted, or time from leaving their server (now encrypted only by SSL), till it reaches recipient?

    True, no one can read the mail while on their servers, not even Unseen - which is of some value to certain users. Nor do they store all the keys, so they have nothing unencrypted to hand over to LEAs, nor the keys to decrypt anything. All nice & maybe sufficient to prevent snooping by all except maybe NSA. And some make the argument, if you're worried about the NSA, don't use email; definitely not email using only SSL encryption.

    I should add, that chat & VOIP features use (or will) an Unseen desktop client, where encryption is done locally. I don't know if it's fully functional yet - not tried it. Their plans are to include email in the desktop client at some point, which I guess would solve issues of email using only SSL between the server & users (as their PGP email encryption now works).
     
  2. vinh

    vinh Registered Member

    Joined:
    Apr 30, 2014
    Posts:
    1
    Hi All,

    I'm hoping to address a misunderstanding of our End-to-End PGP email technology for Unseen.is.

    Isn't there a flaw in Unseen's methods for "total" encryption security? It's true, each Unseen user imports their private key to Unseen server each session. But the encryption / decryption takes place on their servers, not IN users' computers. The recipient may be 1K - 10K miles away Unseen servers. ​


    Unseen webmail is using RoundCube Webmail with PGP Plugin (http://openpgpjs.org/), a latest OpenPGP development for Javascript, support Browser (Client) to encrypt/decrypt PGP email message locally. So another word, we are encrypting/decrypting every PGP Email locally. We are also providing PGP Plugin for other email clients such Thunderbird and Apple Mail. You can download Client email plugin from here: https://download.unseen.is/
     
  3. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Quite a major one, I would say... an entirely purpose defeating one. Otherwise you may as well assume that your communications are being intercepted/unencrypted, or at least capable of being the case if "the man" cares to target you.

    If fact it's to the point one should just assume that period, no matter what when a computer is connected to the internet. If "they" target you there is no such thing as privacy or anonymity. No measure(s) you can take will save you in the end.

    And I wonder even if this isn't the case with unconnected (to the net) computers these days with all the neat toys they have.
     
  4. phkhgh

    phkhgh Registered Member

    Joined:
    Aug 17, 2007
    Posts:
    166
    Vinh,
    Until very recently (based on your comment above), Unseen had no way for users to encrypt messages on their computer before sending, AFAIK. Correct?
    Best I can tell, even as of 5/20/14, there are no prominent instructions on Unseen's site, that if users want actual "end to end" encryption, they'll have to install the software & use that (if in fact, the desktop client software provides that function for everyone). That's fine, as long as that is made clear - from the get go (it's not).

    Users have to search diligently to find that is the only way to have end to end encryption on Unseen. The way it has been & is for now, the details of what users will really have to do, to get end to end, high quality encryption are hard to find (is any other kind worth messing with?). Almost like, "sign up now (or pay for premium acct) & get the details later."

    Even when I asked support direct questions about details of exactly how / when the encryption was implemented, I didn't get a good answer (they admitted not knowing full details). Which is fine, except, there was no easy way to * get * details of the encryption system.

    Emails to you also resulted in answers that didn't directly answer - that using webmail resulted in far less security (at one link in the chain) than let on in Unseens description of services, & Unseen's "strong" encryption plan was not "transparent" to users. While storing messages encrypted while on the server is good, it seems using * webmail * results in security no better than any other provider (for the leg between users' computers & Unseen server) because of only using SSL during that leg.

    * Unseen doesn't make this clear to potential users - that they must use your proprietary email client software to have end to end encryption - assuming it now does that. Are you saying that now, if customers use Unseen's client software (w/ Thunderbird or other supported clients), that messages can be encrypted / decrypted locally?
    * Does the client software support Vista? It doesn't mention it.

    If the software works correctly & is w/o serious privacy or security bugs, it may be no easier to use (esp. for avg users) than Enigmail & Thunderbird. At any rate, Unseen's encryption process isn't exactly "transparent to the user," as advertised. It may be no easier than installing & using Enigmail, then using * any provider * they choose - not sure.

    Unseen free acct users also can't generate & store locally their * own private keys;* they must be stored on Unseen's server. Another weak point in Unseen's encryption scheme. Would PGP users store their private keys on an "unknown person's" computer? Unseen is saying, "trust us" to store your private key, for purposes of users being able to encrypt email more easily while using webmail. But encrypting messages while using webmail means email will only use SSL encryption between the users' computers & Unseen's server.

    Given that Unseen openly states they believe SSL has been broken & can be compromised (at least by some entities), it would follow that encryption / security of email between a user's computer & Unseen server is only good enough to protect against low skill hackers or to keep "honest people" from reading email.
    Yet, Unseen never mentions this.

    Regards,
     
Loading...
Thread Status:
Not open for further replies.