Yahoo Offering Encrypted Email 164
James Salsman writes "Now that Yahoo delivers encrypted email,
I would sure like to know what the Slashdot fray thinks of
that, especially in light of Carnivore's vulnerability to
some forms of encryption (but not this one?)." michael adds: You might also want to check out Cyber-Rights.net, which is a UK civil liberties group offering encrypted email through a deal with Hushmail.
You can get cool usernames too... (Score:1)
Re:Encryption should be well-regulated (Score:1)
Re:Yahoo! Right? (Score:1)
That's right, your printer. My HP laserjet has a 68030 progessor and a meg of RAM. That's as much processing power and memory as a Mac LC. A simple firmware tweak and a wireless modem in the slot used for the JetDirect network card, and your printer could broadcast encrypted copies of everything you print. If you add a BIOS patch, the computer could slowly read all the data from the hard drive, send it to the printer, and have the printer encrypt and transmit it.
I think at this point computer security becomes a moot point, if the big bad G-men want to know the password to your pr0n collection so badly that they would bug your printer, BIOS, HDD controller, or the like, they would probably just arrest you, and "persuade" you to tell them what they want to know. Cat burglars and BIOS hackers are far more expensive than two goons and a baseball bat.
Re:Encryption should be well-regulated (Score:1)
"That's too bad. Here, see if this contempt charge and year in jail helps jog your memory. If you remember the passphrase, we might let you out."
Re:Bad encryption is just fine... for the average (Score:1)
How do you know what needs I or anyone else for that matter may have? Sure I don't want people poring over my letters to my wife, neither do I want my wife accidentally finding out what I'm getting her for Christmas. Or someone sniffing my new Secret Recipe for Coka-Kola that I whipped up in my kitchen and am sending a friend to try out. Or any of dozens of other things that yes I damn well have a right to protect.
What's going to stop the FBI from peeking through the window
Um. closing the curtains, perhaps. Also a little thing called the law[0].
You are saying on the one hand that the little guy has no need for privacy and therefore deserves none. On the other you say that since we can't protect our privacy completely anyway, why bother trying? What's your argument here? If you don't want to use encryption, or protect your privacy, fine. But don't seek to prevent others from doing so.
No, there is no such thing as perfect privacy. However we should do all we can to protect what little we have, because once it's gone it'll be much harder to get back.
[0] - standard disclaimers apply.
Best free e-mail service ... (Score:1)
It offers:
Secure IMAP
Secure SMTP
Secure Web Based
POP3
Forwarding
POP3 Collection
Auto Replying
No Ads--at all (it's run by Novell, they make their money showing off what their product can do, I think)
Pretty much everything. I've been using it's IMAP for several months now, and so far it's been teriffic.
Re:Encryption is the key. (Score:1)
Re:Encryption should be well-regulated (Score:1)
You are confusing the issue here. Covert interception of messages vs. Court-ordered handing-over of emails. Encryption has nothing to do with the second case.
domc
Re:Inherent system flaws (Score:1)
I quote: Yahoo's free encryption option handles outgoing email messages in a multi-step procedure that the portal warns is not foolproof.
"Not foolproof" is actually an euphemism for "absolutely useless".
Apparently you and most people fail to see that only HALF of the transmission is encrypted. That's equivalent to nothing in practical terms.
The fact you must trust the recipient doesn't even begin to be an argument against encryption.
Flavio
Re:Yahoo! Right? (Score:1)
That doesn't matter much, since 95% of the world uses one basic hardware platform, and the other 5% using 20 others... If you compromise the 95%, you've done an excellent job.
Re:Yahoo! Right? (Score:1)
Re:Good (Score:1)
I agree. Alas (maybe I'm reading it wrong) it looks like this isn't encrypted email traffic; it looks like it's just encrypted storage at the mailbox. That's better than nothing, I guess, but still doesn't help much.
---
Re:Bad encryption is just fine... for the average (Score:1)
And just for fun, they insert a back door which gives them remote access (BackOrifice, etc).
And then, since this is some "script kiddie" (your words), they get boored some day and decide to delete the hard drive.
Now do you still say "Big freakin' deal."? Because I don't. And I've seen it happen, so this is NOT a hypethetical example.
EVERYONE needs security.
If you said that we need an APPROPRIATE balance between security and other issues, then I would agree. And the balance is different for the president and for Joe User.
But in MY OPINION, Joe User should have encrypted email. It's easy (to implement), automatic (with the right tools), doesn't impose much CPU load (emails aren't very long and CPUs are fast these days), and requires no special knowledge on the part of Joe User. So there's hardly any downside. The ONLY reason it's not there is the lack of widely-distributed clients.
-- Michael Chermside
Re:Completely Useless (Score:1)
Though, it is still possible to intercept through the connection from user to Yahoo! (unless SSL is used, of course)
The government still can tap into it, by tapping into the Yahoo server / SecureDelivery.com server.
It's still more problematic then it seems: people thought that it's safe when indeed there's a big loophole
Re:Court order == no crypto. (Score:1)
--
"But I'm still like a little kid, see?
I just don't know when to quit."
- Rei
Re:Encryption should be well-regulated (Score:1)
Worthless (Score:1)
Re:Why no encrypted upload? (Score:1)
If Yahoo was to offer SSL and _decent_ encryption, I think the slashdot crowd wouldn't bash it as much as it apparently does here
Horribly expensive is relative. Once it is avaiable everywhere else, they will have to switch, too. Not to do so would be more expensive in the long run since they'd loose customers
Re: (Score:1)
Re:Good (Score:1)
Re:Inherent system flaws (Score:1)
YDD
Not so new (Score:1)
TeamOn.com [teamon.com] has had an encrypted secure mail function for years now.
----
Wind and temp at my house [halcyon.com]
ZixIt: Zero Security Encryption (Score:2)
It's snake oil, pure & simple. The more popular this becomes, the worse for the future of digital communications.
Re:Why no encrypted upload? (Score:2)
Sorry, no dice. There is
In a way they are lying to customers as well. What happens when random-megacorp decides to do all their email through yahoo now, sends all sorts of stuff that should be private, only it's sniffed or stolen from yahoo. Or something like that.
The end result is they say that it's encrypted but in fact it's unencrypted on the server, and in the transaction on upload.
Encryption is good but (Score:2)
My friend (Score:2)
But what if I think that someone is intercepting my friend's mail?
__
Re:Why no encrypted upload? (Score:2)
You've answered your own question. It's a sales ploy, and it's relying on the fact that by definition, half the population is of below-average intelligence.
-
Re:Why no encrypted upload? (Score:2)
Yahoo makes more money than all the webmail services that allow SSL combined. If they "caught up", they'd be making far less profit. Their shareholders would probably sue them.
They have 125 million registered users. How many do you honestly think they'd gain by offering SSL? How many do places like MailandNews.com [mailandnews.com] have combined? A few thousand? A million?
-
Re:Good (Score:2)
It's even worse (Score:2)
There's a reason Zixmail's paying yahoo to offer this service, not vice-versa.
Re:Yahoo! Right? (Score:2)
That Sux. (Score:2)
This scheme is very good for protecting your mails from coworkers scanning tools - as would POP over SSL. On the other hand, almost every mail sent to that server is bound to be 'interesting'. If you don't encrypt by default, to the recipient, you'll only be sending sensitive information that way.
A good first step towards protecting emails around the world would be SMTP delivery through SSL (or SSH or IPSec or...), that way intermediate hosts cannot sniff effectively anymore. The next good thing would be SSL connections to POP/IMAP services.
That would definitely annoy most government listening services. The only Bad-Thing about SSL is the server certificates, which everybody whould then need to have. If we drop server authentication, we run the risk of man-in-middle attacks by governments. Which would be very costly indeed, because of the CPUs needed to do that.
Just my 0.02 EUR
Re:Bad encryption is worse than no encryption!!! (Score:2)
-Ben
Re:Good (Score:2)
If the encryption isn't interoperable with
other email encryption standards, it's not
going to do a lot of good, and it's going
to be annying to receive messages from these
people. I think Yahoo would love to send out
messages all over the place saying "you have an
encrypted email from a Yahoo! user. Please visit
Yahoo to retrieve it, and look at a bunch of ads while you're there".. That's what this boils down to for me..
Re:Good (Score:2)
Re:Good (Score:2)
They aren't.
They're using Zyx, or whatever it's spelled as.
It's a server-side encryption.
Yahoo holds the keys..
Licq offers encryption too... (Score:2)
Re:Bad encryption is just fine... for the average (Score:2)
So a script kiddie... breaks into my system with a well-documented hole that I haven't plugged up yet.... Big freakin' deal.
Well, yeah, it would be a big deal if they erased your hard drive, as Mike pointed out. But if you take into account how many people "the average user" accounts for, then what happens when they are all used as part of a DDOS? It's a big deal, especially if you are on the recieving end.
Re:Good (Score:2)
The real difficulty is retrieving only your messages securely. The brute force method of retrieving all headers pending on the server and asking for the bodies of those you understand seems... wrong.
Ah: if the salt were generated in some known way (minutes past 1970, or something) I could send the mail server a set of ids (from when I last read mail or the oldest mail still on the server, whichever is later) that could feasably be me. The server then send me all headers from all matches, and I ask for all that really are me.
Because of salting, it is possible that some I will be sent headers that are not adressed to me; these I'll be unable to decrypt, thus won't ask for the message body.
As far as I can tell, this leaks no information.
Can anyone tell me if mixmaster does something similar?
Not worth it (Score:2)
Sure, encrypting your transmission en-route is better than sending it in the clear, but given how frequently Yahoo is taken down by skr1pt k1dd13s, I would say the server is the greater vulnerability.
If you are sincerely interested in encryption, only a client-side solution provides adequate protection.
-konstant
Yes! We are all individuals! I'm not!
Re:Yahoo! Right? (Score:2)
What you're doing with Yahoo here is more closely similar to tossing your letter in your outbox. Then it sits there in plain sight for a little while before your secretary picks it up and puts it in an envalope for you and then mails it. Certianly more secure than sending a postcard (at least it's in an envalope on the receiving end), but not as secure as sealing an envalope yourself. One of the big uses that I've found for crypto e-mail is sending a heads-up the the receiver that the content of the message may not be suitable for reading when a roommate is looking over your shoulder. This yahoo scheme is certianly going to be effective for that purpose.
_____________
Encrypted? Yeah, right... (Score:2)
1. Email user writes email.
2. Email user sends email to Yahoo *over an insecure channel*
3. Yahoo sends email to
In short: if I can get your (unencrypted) email before it gets to Yahoo, I can know whatever it was that required encryption in the first place.
P. Zimmermann had a name for that kind of solution. He called it 'snake oil'. 'Nuff said.
Re:Encryption should be well-regulated (Score:2)
The question then becomes: *who* do you want to have more power over you - gov't or coporations?
why is this even an issue? (Score:2)
That's like setting out to get a Formula 1 caar and coming home with a Le Car...
Re:Not so good really (Score:2)
"They" have always been able to listen in on us once they have their eyes on us. Unencrypted mail suddenly gave "them" the power to listen in on *everything* a priori suspicious or not.
the SSL alternative: Hushmail (Score:2)
Why not go the whole way? (Score:2)
Now, Yahoo recieves your email in cleartext, from you, through your ISP and only then encrypts it, to be sent on, and is collected by the recipient via SSL.
Why not go the whole hog and provide SSL from you to the Yahoo servers?
Call me crazy, but I see little benefit to these partially secured systems.
A system is only as secure as it's weakest link - and in this case there is a point where cleartext messages are transmitted by the system.
Is this truely the great innovation it's supposed to be? Yes, it will open up crypographic email to many people, but these are probably the same people that do not appreiciate the issues involved, and might blindly trust a system with what appear to be obvious shortfalls.
Why the fuss? I've had hushmail for months. (Score:2)
I personally am a fanboy of this service, which can be found at http://www.hushmail.com [hushmail.com], so you may want to take my comments with a grain of salt. However, I must say that I have found Hushmail to be a superior email service.
1. The service is free, unlike some solutions that offer encryted mail.
2. You can choose a user name, and supply a very small amount of personal information (mainly first and last name), OR you can create an anon######@hushmail.com account and supply NO personal information.
3. You check your mail through a java applet that encrypts traffic to and from their servers.
4. You can select a passphrase of arbitrary length. I think mine is 40 or 50 characters.
5. Your inbox on their servers is encrypted. If your inbox is ever subject to subpoena, Hushmail will happily supply the legal authorities with unintelligible, heavily encrypted junk. Drawback: if you forget your passphrase, there is no way to recover your account.
6. If you send an email to another Hushmail user, your message is never converted into plain text; it goes encrypted straight from your Java applet to their inbox.
The one issue I feel Hushmail still needs to address is PGP integration. If you receive a PGP encrypted message in your Hushmail, you have to copy the text and paste it into Notepad to decrypt it, and if you send a message to a user that is not on Hushmail, there is no choice but to send it in plaintext. However, this issue has been acknowledged, and will be addressed in a future service upgrade.
All around I'm happy with Hushmail, and I wouldn't hesitate to recommend it to the Slashdot community.
-inq
Re:Coooool. (Score:2)
Encryption strength (Score:2)
What is a normal condition?
What is the encryption algorithm?
Does anyone else see a problem here? One of the more widely used email services using shoddy encryption?
To truly encrypt, you need lead walls (Score:2)
For more on this, see The Code Book, by Simon Singh.
I watch the sea.
I saw it on TV.
Re:Bad encryption is just fine... for the average (Score:2)
Bad encryption is just fine... for the average use (Score:2)
I've always argued that the general geek/Open Source community it very paranoid when it comes to things like encryption. If we're talking national security, yes, I think the president should have strong encryption. The average user has no need, and the only thing that encryption does to that user is make him look suspicious.
And if you're going to argue that "everyone has a right to privacy"... give me a break. So I, Joe User, encrypt my email on my home machine. What's going to stop the FBI from peeking through the window and looking at the screen. Or monitoring the disk transactions while they are plaintext. Or, for the paranoid, monitoring my keystrokes. There is no such thing as perfect privacy people... get over it. If I truly wanted to get a person's writing, I can.
Re:Bad encryption is just fine... for the average (Score:2)
Secondly, what would they care if you store a firearm in a particular place (I can just as easily overhear you by listening over your shoulder in a supermarket)?
Thirdly, if you were concerned (which would be ludicrous) why would you send the information to a friend over email anyway? Why not talk to him directly?
Re:Bad encryption is just fine... for the average (Score:2)
So a script kiddie (or even an elite government hacker) breaks into my system with a well-documented hole that I haven't plugged up yet. So they see my pictures of my dog, a letter to a girlfriend and some poetry I've written. Big freakin' deal.
Again, the only people who need absolute security are those who have something to hide. Namely drug cartels, terroist groups and kiddie porners.
Re:Encryption should be well-regulated (Score:2)
I fear that corporatism will continue to grow more and more powerful if they are able hide their stealing with encryption that the government can't crack. It will make it even more possible to take advantage of the people.
I worry about corporatism also, but the current system would have been more than adequate for your Microsoft/DOJ example. The DOJ used open legal proceedings to obtain access to Microsoft's email. They didn't snoop through their mail before deciding to bring charges against them - they didn't need to.
If the email had been encrypted, the court could have required them to provide the key then, with legal penalties for refusing to comply.
I have no problem with the authorities demanding access to encrypted materials if they do it in a legal, open, above-board manner. I have a major problem when they want to be able to read anything at a whim, just in case they find something they might want to prosecute for.
Innocent until proven guilty, due process, etc. etc.
Besides, do you think the government will use any law enforcement tool to attack corporatism, given how much corporations pay to put their people in charge of the government? You're dreaming if you think the government works for us against big biz.
Coooool. (Score:2)
Please note that Yahoo! isn't really an "evil corporation" - corporation, yes - but what do they do? Provide free service and information, lead the way (or at least make considerable progress) in the field of network-portal services and office apps, and offer the whole thing for free to anybody? Provide a wide variety of free community-building communication services?
Sorry. Hadda get my rant on.
Not a snowball's chances in Hades... (Score:2)
- I sure as heck wouldn't send anything that needed to be encrypted via a webmailer in the first place.
- Yeah, I'm gonna trust third party, non-opensource encryption schema on a site that I have no access to, and no control over my keys.
- If I desire the privacy of encrypted mail, I'll use PGP or GnuPGP where I have control over the encryption/decryption process.
Sheesh.Re:SSL question and other problems (Score:2)
Don't forget another really common problem. Trojans. Since the majority of people using Yahoo! email would be using windows 95/98/ME they would be succeptible to those stupid email attachments and such. I would imagine that the majority of these people are not even doing something as simple as running ZoneAlarm [zonelabs.com] and do not have an Antivirus program [avp.com] so their machines are wide open. I would think that the client is the least secure part of the puzzle. Hushmail definitely works much better, providing the people sending and receiving the messages have not had their computers compromised.
Also, to answer your questions, they technically do use SSL according to the article:
Yahoo's new system works like this: Once a message is composed, it travels, unencrypted, to Yahoo, which sends it through a secure connection to SecureDelivery.com. There, the message and any attachments are scrambled. SecureDelivery then sends the recipient the address to a Web page, secured by Secure Sockets Layer ( SSL) and hosted by SecureDelivery.com, where the message can be picked up and descrambled for up to seven days.
So they use SSL in a somewhat half-assed way.
Strange...Yahoo! isn't paying for this? (Score:2)
Under the terms of the deal, Zixit will pay Yahoo at least $5.7 million during the next two years. On top of that, Zixit will give Yahoo a cut of revenues "associated with Yahoo users."
I find it kind of strange that Yahoo! is the one who is getting paid in this deal. It seems to me that Yahoo! should be paying Zixit to use their service. Can anyone explain why? Just exposure?
Do not meddle in the affairs of dragons,
Good (Score:2)
if theres only a few encrypted mails theres more chance they will look suspicious.
Re:Encryption should be well-regulated (Score:2)
Are you trying to say that Microsoft's emails talking about their tactics is harmful, and therefore not protected speech?!
Some of the most harmful speech we have right now are the lies that Microsoft has told consumers.
Uhhh, please. It's not harmful in the same way as someone yelling fire in a crowded theatre. (Possibly the stupidest example of unprotected speech.)
How do you think they became a monopoly?
I can assure you, not by merely TALKING about it via email!
The government has a responsibility to protect regular citizens from the lies of corporatism.
Where is that in the Constitution?
You voted for Nader, didn't you?
-thomas
"Extraordinary claims require extraordinary evidence."
Re:Completely Useless (Score:2)
"Extraordinary claims require extraordinary evidence."
Re:Encryption should be well-regulated (Score:2)
It's just like saying you believe in free speech, but tell those goddamn KKK people to shut up!
Freedom goes both ways. Love it or leave it.
-thomas
"Extraordinary claims require extraordinary evidence."
Encryption is the key. (Score:2)
Penguin better have my money! The Linux Pimp [thelinuxpimp.com]
for security: need a trusted client (Score:2)
A Java applet with well-known source code might begin to give you that kind of trust (if you trust your Java application). A C or Perl program, small enough to be reviewed, might as well.
A web browser with SSL just doesn't do the right thing since the mail arrives in cleartext on the web server, and a closed source client like Outlook simply can't be trusted to be free of backdoors or other problems at all.
Login hack (Score:2)
-
Best ISP in Europe: Xs4all.nl (Score:2)
My own ISP, XS4ALL in The Netherlands, has some nice security-services:
- Maximum privacy guaranties. In the pas even some courtorders didn't make xs4all give away userdetails.
- They've never removed content that would imply a violation to the freedom of speech
- Encrypted webmail.
- Free registered versions of Mcafee Antivirus and PGP-suites. (all platforms)
- static IP, subdomain and bSMTP for a small fee
All for just about 12,- a month. check www.xs4all.nl
(I don't own stock of these guys, nobody does. This ISP doesn't do it just for the cash)
Paul K
Repeat after me (Score:3)
Carnivore is a traffic analysis program, designed to figure out who is talking to whom, be that http, smtp, etc.
The Feds want to know who is talking to _INSERT SUSPECT HERE_, and to whom _INSERT SUSPECT HERE_ is talking. Encrypting doesn't thwart that analysis.
Yahoo! Right? (Score:3)
That's an oxymoron. They'll encrypt it until they're asked by the LEA to decrypt them. Do you really think they won't comply with Carnivore?
Re:Why no encrypted upload? (Score:3)
To do so on their scale would be horribly expensive.
Handling a non-SSL web transaction doesn't require a fraction of the CPU power that an SSL transaction requires.
Even with dedicated-SSL hardware, they'd have to increase their number of servers.
-
Inherent system flaws (Score:3)
1. Your data travels unencrypted to Yahoo, including your passphrase.
2. There's no guarantee they'll decrypt it if asked, but I'm assuming YES, they will.
3. What's exactly "encryption" here?
So there.
Flavio
Re:Bad encryption is just fine... for the average (Score:3)
Except for the fact that the average user... have absolutely no need for high-encryption in everyday email transfers.
The average user has no need, and the only thing that encryption does to that user is make him look suspicious.
That's one of the main reasons for widespread, everyday email encryption. So that when you do need to encrypt something, it doesn't stick out like a sore thumb.
I've always argued that the general geek/Open Source community it very paranoid when it comes to things like encryption.
Paranoia is necessary if you are to consider anything secure. Otherwise, it's just 'obscure something and keep your fingers crossed'.
So I, Joe User, encrypt my email on my home machine. What's going to stop the FBI from peeking through the window and looking at the screen...
Can they do that for every person in the country at the same time?
an interesting idea, but will it be used? (Score:3)
Send an email to a person via SecureDelivery.com and the recipient gets an email saying "You've got a secure email, click here to view it"
After creating a passphrase you can go back and click the link _again_ to view the email. However, SecureDelivery doesn't save any
Ummmm... why no SSL? (Score:3)
Yahoo's new system works like this: Once a message is composed, it travels, unencrypted, to Yahoo, which sends it through a secure connection to SecureDelivery.com. There, the message and any attachments are scrambled.
Unencrypted between end-user and Yahoo! ? So a sniffer either at the local network (the norm, I'd think, at many institutions) or a crack at Yahoo! would still work?
Strange decision.
Protocol (Score:3)
About three weeks ago I contaced Zix through a series of e-mails asking for detailed information on their protocol and algorithms. They, impressively, sent me back a marketingese "white paper" (I only put it in quotes because it was more brochure than real technology white paper) within two hours. They started out on good footing, customer service has a quick turnaround.
Upon examination of this "white paper" I sent back a few more questions looking at glaring holes in thge paper - what hash algorithm they use for signing all of the data going back and forth from securewhatever.com while establishing the session key for the Triple-DES encrypted message (running on memory of their protocol here as I threw out their white paper at the end of this).
Anyway, I shot that (easiest answer) and a couple others (the plaintext over http as many people have pointed out) questions back figuring I misunderstood something, and they again replied right away.
They sent me yet another copy of their marketing "white paper" and didn't answer any questions. I replied once more, stating in clear terms my questions were not answered in that white paper, and were vaild questions to ask before entrusting my data to their service. No reply that time.
It downright scares me when they won't tell you what algorithm they use for anything other than their primary body encryption (triple-des). It seems their protocol can be attacked fairly easily to spoof messages, and in fact relying on the one server (though a standard pki solution as well) that is under their control and, er, not that I would ever test this, but have "heard" from people, looks to have some unpatched holes in certain daemons allowing for buffer overflow attacks, and probably is quite suscepable to DDoS attacks, well. Anyway.
On a completely different note - why anyone would bother with a fancy, fallible, protocol in order to support a session based key for symmetric encryption is beyond me when the encryption decryption process instead of using something like ElGamal (now free! woot!) and using private/public key authentification is beyond me. Their clients are not going to be major corporations sending large documents, but rather many many individuals sending small documents. Message size (plaintext*2) and encrypt decrypt speed (*(10..100) depending on implementation) are still not enough hassle for e-mail sized documents that it seems silly to me. Ah well. It just leaves the door open for when i finally put SecureJMail up on sourceforge.
Frums
Re:Good (Score:3)
Re:Good (Score:3)
If Deep Crack doesn't work, maybe they could run it through Secret Sphincter!
...
Ok, back to work
Re:Good (Score:3)
So you're assuming that the need for encryption is directly related to technical competence? My guess is there are plenty of people living in places with truly oppressive governments who would be fooled into thinking "secure" Yahoo email really is secure. Web-based email is very popular in less developed countries, especially for less technically sophisticated people.
And there are countries where saying the wrong thing in an email message can get you imprisoned or killed without a trial.
But I do agree with your basic argument that the more encrypted traffic there is, the better. It would be really nice if encrypting your email had the same lack of stigma as putting a letter in an envelope instead writing a postcard.
Re:Why no encrypted upload? (Score:3)
The short answer is we're talking about Yahoo here.
The slightly longer answer is that we're talking about a site that, when you select a secure login for e-mail, switches to SSL just long enough to give you the page where you enter your user-id and password, only to immediatly redirect you back to regular, unencrypted pages. I wouldn't trust these people to protect a piece of pocket lint.
Yahoo: The Standard In Excellence (Score:3)
...And just for the record: I know what you're thinking, Hotmail, and that goes doubly for you.
crib
Really confuse them... (Score:3)
Every once in a while, I imagine myself writing a script to automatically generate pseudo-encrypted appearing emails. I imagine sending said non-sensical non-meaningful messages to large corporation mailers. I expect on occasion, I would receive e-mails asking not to send them any more messages, and then I would reply - "Message received - the owl hoots at midnight..."
Government organizations are also another good target for said messages!
And then I imagine either lawyers or Authority knocking on my door, seizing my equipment, and getting locked up for nuisance reasons...
Until then: "Sdfd wersl. Jdibg aty qpolacvcc!"
Next Yahoo Ad: (Score:3)
Not so good really (Score:3)
Hushmail [hushmail.com] or no-id's anonymous remailer [no-id.com], preferably accessed via anonymous proxy server [anonymizer.com] is better
Re:Yahoo! Right? (Score:3)
Actually, you have a much better chance of keeping your mail out of the hands of law enforcement than you do hackers, crackers (oh my)
Hackers and crackers are a risk we all have to take, because there is no such thing as a system that cannot be broken.
However, I greatly object to allowing law enforcement (government) reading my e-mail. The 5th Amendment is supposed to be absolute protection against self-incrimination. Not that I do anything incriminating, I'm just paranoid. I've seen government become more intrusive and more corrupt in the last 15 years, and it's only prudent to feel some degree of paranoia. Particularly when your political beliefs do not jibe too well with government/establishment types.
I will be setting up my own POP3 server using Sendmail as soon as I get my own permanent internet connection (DSL/cable, etc). That alone is a lot of protection. However, I will also encrypt my data so that even if some FBI goon seizes my computer because I happened to visit a website that was hacked, they won't be able to read anything. Even if all that is there are portions of my still incomplete sci-fi novel.
It's the principle of the thing. I believe government has no right to read what is on my computer, so I will take all technical measures within my ability to deny them this.
This will do more harm than good. (Score:3)
Furthermore, the fact that it IS encrypted will fool many of the less technical users into thinking that it's safe. It isn't.
Of course, there is no such thing as a totally secure communications system. But, the most secure that can be used by most of us is to use PGP yourself on your own machine. Then it doesn't matter WHICH e-mail service you use.
Of course, the safest possible way is to run your own Sendmail server on your Linux box (possible if you have DSL/Cable/ISDN), that way you defeat Carnivore and the UK's RIP law.
Remember though, your "secure" e-mail is also only as secure as the recepient treats it.
Offering encrypted e-mail service is a good idea. But I'd think that a company that had policies refusing to use Carnivore, and deleted their logs every half-hour would inspire more confidence.
Encryption should be well-regulated (Score:3)
I know this isn't going to be a popular opinion around here, but encryption should be regulated by the government. The smoking gun that caught Microsoft was the e-mails that they sent. Imagine if they had been all encrypted. Microsoft would be even more powerful right now.
I fear that corporatism will continue to grow more and more powerful if they are able hide their stealing with encryption that the government can't crack. It will make it even more possible to take advantage of the people.
--
Re:Yahoo! Right? (Score:4)
That same holds true for the internet. Chalk email up to the current level of privacy you get from radio... Now, if all those web based email services adopt encyption of your messages in one form or another, you'll get an added level of security. Yes, law enforcement will still in all likely hood be able to get at your messages, but they'll stay out of the hands of "hackers, crackers and bears (oh my!)".
Not too shabby, i'm thinking. If you're really intent on keeping your messages away form the govenrnment, you can still use PGP.
In the end though, i don't see why people have come to expect privacy on the internet. Yes, i do feel it's wrong that companies like doubleclick can track users across various websites. But you've read over and over that sending plaintext email is equivalent to mailing postcards. Yahoo's now giving their users an envelope. Nothing more, nothing less. If you want more than that, you can roll your own.
Completely Useless (Score:4)
It's more problematic then it seems: people thought that it's safe when indeed there's a big loophole.
Re:Lokmail (Score:4)
This may not be encryption for data-security (Score:4)
First it is clear that this cannot be a serious attempt at the "traditional" problem of encryption--for the reason pointed out in many posts (unsecure channel between sender and Yahoo!) as well as a deeper one--this system requires you to give full trust to both Yahoo! and Zixit, as there is no proof whatsoever that they will even bother to encrypt your email when passing it between themselves. (And if you would trust a potentially life-and-death secret to two companies named "Yahoo!" and "Zixit" then you deserve what's coming to you.) Finally, there is a huge problem with verification: the recipient merely needs to "verify" that they actually hold the email address the sender specified. And how, pray tell, do they do that? Likely they instead need only temporary access to that account to recieve a (plaintext??) email giving them a temporary password. Good lord.
Instead it appears to implement an access control restriction--your recipient can only access the email for 7 days before it is gone forever. Of course, this fails for the same reason all access controls fail--the message must finally be displayed in plaintext on an untrusted machine, namely the recipient's. Assuming "Zixit" has implemented some (hackable) fix to the "copy-and-paste attack" (ala the International Lyrics Server), there is still the ever pernicious "screenshot attack". And as always, even if the recipient's machine could somehow be entirely trusted, there is the final undoing of any access control restriction--the digital-to-analog conversion. Just as I can always tape-record the SDMI music coming out of my speakers, and videotape that DVD playing on my TV, this scheme falls rather easily to a pen-and-paper.
Meanwhile, it doesn't even do the trick of "increasing the amount of encrypted emails the FBI has to look through", because all this traffic is presumably just SSL, and there's a whole bunch of that around. Besides, chances are the FBI/CIA/NSA/KGB/alien invaders would rather just install a keyboard sniffer or run a TEMPEST analysis on your computer than have to solve the FACTORIZATION problem or build huge special-purpose number seives and spend several times the lifetime of the universe waiting around to read your email or invent a quantum computer. (Maybe the aliens would rather do the latter.) Or just bring a warrant to Yahoo!/Zixit, who *both* have full plaintext access to your "encrypted" email and will likely be very happy to comply with the FBI. (Or aliens pretending to be the FBI--has no one noticed how unsecure and spoofable search warrants are?)
Um, I think what I'm saying is, this appears pretty lame. The only "useful" thing I can think of that this does is destroy the message if it is not accessed within 7 days. Of course, trusting this means trusting that 1)Zixit actually destroys the message; 2) Yahoo! destroys their copy of it; 3) no one intercepted it when it was passed in plaintext from the sender to Yahoo!; 4) any logs or copies of it as it propogated (in plaintext) across the Internet between the sender and Yahoo! were destroyed; 5) it was actually encrypted between Yahoo! and Zixit...
Why no encrypted upload? (Score:4)
Does anybody have any idea why they are not using SSL to upload the original message? It seems silly not to...
Somebody mentioned that the message will still be stored in plain-text on Yahoo's servcers. I have never used Yahoo mail, but don't they have an option NOT to store a local copy? Most mail clients have this, and I guess you can always CC yourself to get access to a (more) secure copy of your own mail on the SecureDelivery encryption server.
Why Yahoo isn't paying for this (Score:4)
Step 1:
Get 'large dot.com' company that people know of with fun and well known name to 'use' your product, no matter how flawed their implementation is.
Step 2:
'Mainstream' online news service (*cough* CNet, ZDnet etc *cough*) latch on to the story that 'large dot.com' is using your product, and that the use of this product is vital to stop the 'evil internet hackers' from doing evil things with your children and credit card numbers.
Step 3:
Due to 'informed' userbase, people begin to demand your service for large dot.com's competitors services. Other companies require what the service you provide. Providing service equals more coverate.
Step 4:
IPO you well known service.
Step 5:
Get out before bubble bursts (well, if it hasn't all ready)
Internet 'Profits'. Fun huh?
------
The REAL way to encrypt e-mail (Score:4)
I just send my e-mail in a special Pidgin Pig Latin Esperanto dialect I and some friends developed, then save it to file with WordPerfect 3.0. Then I send the file via e-mail. Don't even need PGP. Sometimes I can't read my own stuff, let the FBI do it's worst.
www.matthewmiller.net [matthewmiller.net]
Re:Yahoo! Right? (Score:5)
You forgot some critical steps if you want to be secure.
Not only do you need open source, you need open source that you have personally understood every line of, compiled on a compilers that you wrote in binary youself.
The last part, compiled on a compiler you wrote youself is very deep: a compromised compiler can destroy all advantage of open source. (See the infamious login hack, which you should look up) If the compiler isn't something you wrote in binary yourself, then you can't be sure that your compiler wasn't compromised. And you really should go deeper, since it is possibal (in theory) for someone to put a little prom in your disk/floppy drive that checks to see if a compiler is being written and compromise it, meaning you have to design your hardware from scratch and make it from silcon you mine yourself. (Note that recignising a hand written compiler and figgureing out how to compromise it might require solving the halting problem, so I don't know if it is possibla in the general case, but it is possibal if everyone works from one binary listing)
It is worth it to be paranoid, but unfortunatly if everyone was paranoid enough nothing could get done because everyone has to invent their own wheel on up through everything civialization has done.
Lokmail (Score:5)
is the only webmail service that actually
uses good old fashioned PGP encryption over
an SSL link. I think promoting PGP use
and not a new proprietary encryption system is
a better way to fly. You can get a free
PGP webmail account at lokmail right now.
Ignore Yahoo.
Re:Yahoo! Right? (Score:5)
It certainly made me think the first time I read it. Highly recommended.
--
Oh Boy! (Score:5)
Take that, Mr. Fed!
--
Re:Good (Score:5)
Look at it math-wise: if 0.1% of the e-mail traffic today is encrypted (which I'm personally guessing would be way high,) if you were to send an encrypted letter to your buddy (whose ISP is being Carnivored,) it'd get noticed. Being only one message out of a thousand, it might even merit a few minutes on FBI's Deep Crack.
Now, add in all the Yahoo e-mail traffic and that number might rise to 1.0%. Include encrypting lots of Hotmail traffic, and it might rise to 2.0% Pretty soon, there's too much traffic to Deep Crack every encrypted message that runs past. And eventually, once encrypted e-mails outnumber regular e-mails, seeing encrypted traffic go past a router won't even raise a flag.
If you're actually concerned about security, of course you won't use Yahoo's service. Let the "commoners" think that they're getting security. But for now, they're providing background cover to help hide the mail that truly needs encryption.
John
Bad encryption is worse than no encryption!!! (Score:5)
...because it gives the user a false sense of security.
The actual encryption algorithm itself here may be fine; I don't know, I can't get the Securedelivery.com site to load. (Not a good sign.) But, as Bruce Schneider is fond of pointing out, it's not just the algorithm, but how it's used. Others here have already noted two problems: one, it's Yahoo's key, so you have to trust them to keep it secure. Two, the message already travels unencrypted to Yahoo, and even Yahoo agrees it's not end-to-end encryption.
So what, you say. It's more encrypted than Yahoo mail was before, so why not use it? The danger is that the public, who, together with politicans, have demonstrated a startling ability not to understand technology and encryption issues, may start touting this as the solution. A real solution (to the technological aspects, anwyay) is to have end to end encryption, with open source tools that at least in principle can be verified to have no back doors, and with your own personal keys you make yourself. Naturally, this makes the folks who run Carnivore unhappy, becuase they can't just go to Yahoo and demand keys. So, probably having given up the battle to competely outlaw encryption, they stand to benefit greatly from systems such as Yahoo's. The public might potentially be convinced that this is as good as encrypting your mail yourself. Indeed, many seem to have trust in huge companies (as is evidenced by the fact that the FUD attacks against Linux ("who will you sue?") took so long to go away), and may think that having Yahoo do it all for you is better.
I'd rather see it done right than implemented poorly in a way that might catch on.
-Rob