scramble: Secure email for everyone

Discussion in 'privacy technology' started by lotuseclat79, Nov 5, 2013.

Thread Status:
Not open for further replies.
  1. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,094
    scramble.io: Secure email for everyone.

    -- Tom
     
  2. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    it seems to be PGP based. when you create an account it creates PGP keys for that account stored on their end, so it's not really secure - or at least i would need to know more about how they store the keys associated with the account. when you send email from your scramble account, it tries to look up the public key for the recipient. if it cannot find the key, it offers to send the message unencrypted. i tried to send out two test messages, one to an account with no PGP, but it failed to send even unencrypted. the other i sent to my regular account with PGP key uploaded to the servers that Enigmail suggests, but scramble didn't find the public key for that account either and i don't see a manual way to add it. that email did go through unencrypted though.

    my initial thoughts are that this email service is very primitive at the moment and i assume it only encrypts messages from your scramble.io account to other scramble.io users, and your PGP keys are at the mercy of the scramble.io owners anyway, so it's not much use. on plus side, i think they are aiming to make PGP emailing easy to use and maybe this can grow into something useful in the future.
     
  3. cb474

    cb474 Registered Member

    Joined:
    May 15, 2012
    Posts:
    325
    I like it's ridiculously simple webmail interface. On the other hand, it is ridiculously simple. There are no settings for forwarding email, display, anything.

    It does seem like perhaps the devs are trying to be serious about security and privacy. I like that. I don't know enough about the technology to understand how good of a job they're doing. They claim the system is more secure than Lavabit was, because email encryption is done client side (through javascript? I guess).

    I am curious more who are the people behind this. I guess it's a double edged sword. People who make something like this are understandably people who may want their own privacy and anonymity. On the other hand, given that you have to trust them on some level, it's hard to evaluate the service without knowing who they are and where they're coming from.
     
  4. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    for some reason i get a blank page when i go to the scramble login page with firefox, but it works fine in chrome. anyone else have problems with it with firefox? (i have a bunch of security and ad-blocker add-ons so one of them may be the culprit).
     
  5. cb474

    cb474 Registered Member

    Joined:
    May 15, 2012
    Posts:
    325
    I'm seeing the blank page too, although I didn't the first time I went to the website, after this thread was started. I'm using Noscript, Adblock, Ghostery, and RequestPolicy. But none of them show that they're blocking anything on that page. On the other hand, many times I have a website fail because of the plugins and can't figure out which exact thing is blocking what. Which is why I keep Chromium around.
     
Loading...
Thread Status:
Not open for further replies.