Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Encryption Security

Phil Zimmerman and PGP at CNN.com 141

rick_campbell writes "CNN is carrying an article about Phil Zimmerman and the fact that Network Associates is dropping support for the commercial version of Pretty Good Privacy. The article includes a little bit of Phil's take on the situation, a little history and some discussion of why this happened and what alternatives exist."
This discussion has been archived. No new comments can be posted.

Phil Zimmerman and PGP at CNN.com

Comments Filter:
  • PGP can be saved (Score:5, Informative)

    by lw54 ( 73409 ) on Monday April 22, 2002 @12:24PM (#3388244)
    PGP inventor Phil Zimmermann says PGP can be saved, and has outlined how in this interviw [theregister.co.uk].

    "Anyone interested in helping should contact me," he added.

  • If Adobe was so concerned about encryption, they may have picked up on this bargain from NA.

    ... but wait a second. We already know they're only concerned as far as it doesn't cause bad PR.
  • "Though a free version remains available elsewhere, the company won't update it or make it compatible with newer operating systems, like Windows XP."

    Im "starting" to get worried about XP privacy! :))
    • by jayant_techguy ( 441933 ) on Monday April 22, 2002 @12:44PM (#3388400) Homepage
      Do you know the biggest problem is the end user just doesn't care about E-mail security or won't know how to handle it.
      If you are really concerned, there still exist free s/w while do pretty decent job with RSA encryption algorithm. Though mind you they might not integrate into Outlook etc. as PGP did.
      The crux is it'll be a long while before encrypted E-mail is the norm of every human. I have to handle mails from 100 different people professionally daily, some containing sensitive information of the sender, but they don't care to encrypt it using PGP or any other tool, and send me their sensitive info. like anything.
      • there still exist free s/w while do pretty decent job
        I've found GPG to be very difficult to use, even as someone who uses the command line a lot, I've neither got the Windows nor the Linux version to encrypt anything yet.

        they might not integrate into Outlook
        Does anyone know a decent Windows email client (i.e. not Pegasus or Outlook) which does handle PGP messages?
        • Try The Bat! (Score:3, Informative)

          by marm ( 144733 )

          Does anyone know a decent Windows email client (i.e. not Pegasus or Outlook) which does handle PGP messages?

          Might I suggest The Bat! [ritlabs.com]?

          Funny name, yes, but it's rapidly become my second-favourite MUA (after KMail) and certainly my favourite on Windows. It has support for both PGP and S/MIME encryption and signing (although it uses its own built-in PGP implementation which I'm not entirely happy about). It's not free in any sense of the word either (it's 30-day trial shareware), but hey, this is Windows we're talking about.

        • WinPT (Score:2, Informative)

          by MagicFab ( 7234 )
          WinPT [winpt.org] is a great toolbar application, a front-end for GnuPG. It lets you ecnrpyt/decrypt from/to any application, including email of cours. That's one of the end-user applications that support OpenPGP that we've been telling our customers to use, when we install our product on their site so they can process forms and encrypt results via email.
        • PGP (freeware) integrates nicely with Eudora-- just right-click a message and type in your passphrase to encrypt or decrypt it.

          About as easy as it gets.
      • I find that most people don't understand encryption very well. I would use encryption everyday if I knew other people who actually had PGP or GPG. People would rather just talk over the phone as if that was actually secure, but it's even less so with todays cellular phone network. I think another problem is most people are more afraid of forgetting their passphrase. PGP requires a very long passphrase for adequate encryption.
    • PGP actually is compatable with XP. Well... compatabile enough anyway. I had a relative install 6.5.8ckt on XP WITHOUT the e-mail plugins and without PGP Net and it works fine.
      It is very easy to click on the tray icon and encrypt or decrypt the "current window".
      From what I understand, 6.5.8ckt works better with XP than any other PGP version. I undersatnd the plugins and possibly PGP Net causes issues in XP.
      • 6.x does not support power management. Try to suspend that PC. You'll get an error saying the keyboard driver (it's actually PGP's hook into the keyboard driver that's the culprit) is preventing the machine from entering standby.

        7.x solves this issue.
  • by joshtimmons ( 241649 ) on Monday April 22, 2002 @12:26PM (#3388259) Homepage
    Can't we just give the poor guy a little privacy?

    That's all he wants.
  • by fabiolrs ( 536338 ) on Monday April 22, 2002 @12:28PM (#3388269) Homepage
    "But so far, PGP is limited primarily to niche markets, like human rights and organized crime -- authorities say mob suspect Nicodemo S. Scarfo Jr. used it to encode gambling records."

    Nice, nice! :)) I never knew they were SO organized!!
  • by cbensinger ( 127227 ) on Monday April 22, 2002 @12:28PM (#3388272) Homepage
    I looked at PGP a while back and actually installed it. Unfortunately -- and perhaps because of my own carelessness -- it started causing issue(s) with my network connection and I ended up removing it. As the person responsible for the web/email servers where I work I know first hand how unsecure and public email is; yet I've not found a solution that I'm comfortable using. PGP seemed (at least to my knowledge) to be the most widespread, but even at that I couldn't name 3 people who I regularly exchange emails with who use it -- in fact I'm not sure if I could name anyone other than my wife who did. The only way I could ever see something like this widespread were if it were integrated into Outlook/Outlook Express/AOL/etc. and I don't see that happening. :(
    • by cduffy ( 652 ) <charles+slashdot@dyfis.net> on Monday April 22, 2002 @12:33PM (#3388320)
      That would be an issue with the IPsec adapter included with NAI's product. It's a separate and disablable component -- and GnuPG has nothing like it, so you need not fear any problems stemming from use of the latter product.

      Plugins exist for Outlook integration, FYI.
      • Yes, but it's not widely used. Akin to being the only person around with a phone - what's the point if you can't call anyone?
        • Did I ever say PGP was useful for general communications? I said that the specific problems with PGP that this fellow was describing don't affect GnuPG -- a rather different thing.

          Anyhow, I don't encrypt my email, except when corresponding with the few other folks for whom I have keys. However, I do sign every message I send -- and this is, in my opinion, a worthwhile activity even if 99 out of 100 times that signature isn't checked. The reason is simply this: If someone forges a message in my name, and it doesn't bear my signature, I'll be able to deny it with a great deal of credibility -- even if the headers are such that it appears to be coming from my ISP, &c. By making forgeries easily detectable after-the-fact, I'm prevented from being held liable for any false statements made in my name. Ditto for documents I create which are later modified by a malicious third party: It can be determined with certainty whether a version has been modified after-the-fact or is the document I actually signed. These are useful attributes, and in my view more than justify my use of GnuPG.
          • I do the same. Go back and read the whole thread, and re-consider the context.
            • Uhh, frankly, your message was the thing that struck me as out-of-context.

              This fellow discusses some technical issues he'd had with NAI PGP; I address them; and you pop in with a comparison of PGP use to being the only person in town with a telephone.

              If there's a wider relevant context... well, I haven't been looking at it.
              • Forgive me - the message was out of context. I seem to have made a mistake. That message should have been below in the thread list. It was in response to how e-mail was only encrypted to the few people with keys. Or something like that. May have been way too early in the morning, or late at night, or something.


          • However, I do sign every message I send -- and this is, in my opinion, a worthwhile activity even if 99 out of 100 times that signature isn't checked. The reason is simply this: If someone forges a message in my name, and it doesn't bear my signature, I'll be able to deny it with a great deal of credibility -- even if the headers are such that it appears to be coming from my ISP, &c.


            Actually, I don't sign everything I send just for the same reason.


            Most of my email correspondence is of a conversational nature. But it is a conversation in written form. Thus, there is more than ample opportunity for one's words to come back to haunt one - off-hand jokes, out-of-context comments, temporary stupidity, etc. Because of this, email presents a possible risk.


            Because of the insecure nature of email, there is a certain degree of deniability to it. However, even this slim margin is lost when one signs the potentially offensive email.


            I do include my PGP ID and fingerprint in my signature. And I sign anything official or requiring protection from forgery. Though I have to admit, it is not as much a conversation starter as a PGP signature text added on a regular basis.

  • by Greyfox ( 87712 ) on Monday April 22, 2002 @12:30PM (#3388290) Homepage Journal
    The biggest problem is the end user just doesn't care about E-mail security. You'd think with corporate privacy concerns and all that crap that they'd at least look into the technology.

    I was talking to a company about orders the other day and one of the ways you could place an order with them was to E-Mail them your credit card number. I told them I wasn't sending my credit card number over the open internet and asked if they had a PGP key I could encrypt to. They had no idea what I was talking about. After that I wasn't particularly willing to entrust my credit card number to them at all...

    The old US Crypto regulations did a pretty good job of stunting crpto-enabled mailers in the US, too. Since you couldn't export encryption or even an "Encryption enabling API" there wasn't a lot of integration work going on. Sure you could get a set of scripts to use PGP or GPG with Pine, Mutt or XEmacs, but most of the people using those mailers didn't even go to the effort. We won't even go into the happy fun GUI mailers that Joe Average User wants to use. PGP did do a good job of integrating into Outlook, at least.

    The upshot of all that is I think it'll be a long while before encrypted E-mail is the norm.

    • by Lumpy ( 12016 ) on Monday April 22, 2002 @12:45PM (#3388408) Homepage
      GPG integrates to Outlook, Slypheed(linux GTK email client that BLOWS AWAY KDE mail) and I believe there's even a pegasusmail plugin now.

      It makes signing and encrypting AND decrypting email pretty darn easy. If a user cant figure it out today they need to be beaten over the head with the keyboard... the HARDEST thing about GPG is creating your own private key.
      • There is also a Windows Eudora plugin [goose24.org], though it's still a little buggy. I'm working on it, give me time... ;)

        However, with email encryption, there is still the problem of validating keys. Most people don't understand why they have to check fingerprints and sign keys, and they get lost when you try to explain a "man in the middle" attack.

      • Ximian Evolution [ximian.com] (available in debian/woody "apt-get install evolution"), a really nice email client for Gnome supports gnupg too. Mail verification, encryption, signing etc is as simple as one or two clicks.

        So I don't know what David Del Torto means when he says "and it's really not there yet,", but it probably means that when he clicks on "Start" he doesn't see it yet. Maybe he should switch to Debian.

    • by -tji ( 139690 ) on Monday April 22, 2002 @12:49PM (#3388438) Journal
      No, the problem is that it is still too difficult to use secure e-mail.

      If they select a check box to "Secure E-Mail" when sending e-mail to someone, and the details of how it happened were hidden, people would do it.

      But, if it requires you to exchange keys with someone & manually manage the process, only the techies will do it.

      It's a tough nut to crack.. To do it right, you need a trusted authority to manage identities & keys. I don't see any sign of this happening.
      • Win2k makes steps toward making encryption better, but you need to do like they are doing and build in an encryption system into the operating system so its available to any application (mail, web, filer/filesystem, office stuff, etc) that wants to use it -- and then make it the default behavior to encrypt stuff.

        Even if you use encryption, I worry that the gubmint is going to threaten me with 20 years of ass-pounding in a federal penetentiary unless I give up my keys.
    • by no_l0gic ( 136634 ) on Monday April 22, 2002 @12:50PM (#3388442) Homepage
      "They had no idea what I was talking about. After that I wasn't particularly willing to entrust my credit card number to them at all..."

      I used to carry the same sentiment, complaining if a merchant provided no "secure" means of credit card information transfer.

      The problem is that although email may be a much less secure method of transfer than other commonly accepted means, the generally accepted methods are almost as insecure.

      e.g. - when you patronize the local drive through, realize you don't have enough cash on hand to cover your embarrassingly large order and are subsequently forced to pay with your credit card, do you know what goes on behind the window once you hand your card over? What number of pimply-faced purveyors of fast-food goodness are given the chance to jot down your card number, just as if they were to brows through the inbox of your unsecured merchant?

      Likewise, when you make a purchase at a store such as CompUSA, where they take an imprint of your credit card for their records - how do you know that the storage of the receipt is anything approaching secure; that they shred the receipt sufficiently after its use is fulfilled???

      While I agree that online merchants with decent security policies on buyer CC information may make me fell more secure, it is really only semantics... For all I know, the person receiving my encrypted CC info just decrypts it, jots it down on a sticky note, and sticks it on his monitor for anybody to see so that he remembers to complete my order in the morning. (Very unlikely, yes - but very possible as far as I can tell...)
      • They don't let us pay w/CCs at any fast food joint around here. McD's doesn't take it. BK doesn't, KFC neither, etc. etc. etc.
      • This is so true and such a good point that rarely comes up in discussions of online payment security.

        People are perfectly comfortable handing over there credit card and letting it out of their site for extended periods of time.

        Just think about when you use your credit card at a gas station. Some of those franchise owners are not the most reputable people.

        The list goes on and on.

        .


      • The problem is that although email may be a much less secure method of transfer than other commonly accepted means, the generally accepted methods are almost as insecure.


        A very valid point. But I can't help but think that sending credit card information unencrypted would be like standing out on a street, hailing down someone heading in the direction of McDonald's, handing them your card, and asking them if on their way they wouldn't mind picking up a couple burgers and drop them off on their way back.
      • Thats pretty funny that you mention that, because I was a pimply-faced teenager working at an electronics store. I used to work at radio Shack and we took imprints of credit cards that gave ample oppurtunity to copy them. Well, we used to place ours in a large bucket that was handed to the manager at the end of the day. In the six months of my employ, we never had any dealings in credit card fraud. We were simply too busy to copy numbers down, but the idea did cross my mind a few times. We did have an incident involving fraud, but it was from an outside source.
    • "..it'll be a long while before encrypted E-mail is the norm."

      It makes me wonder. Maybe by the time encryption becomes the norm, it's most useful forms will be obsoleted by Moore's law.

    • Suddenly all of his e-mail was publicly readable at some site that simply lifts it off the internet mail servers?
    • It's easy. I go to VeriSign's site [verisign.com] (or Thawte [thawte.com], or any of the other root CAs that offer S/MIME certificates - hell, Thawte even offers a limited, free S/MIME certification program, and a network of virtual notaries... but, I digress) and install an S/MIME certificate.

      Then, I go to Outlook, or Outlook Express, or Netscape Communicator, or Mozilla, and I install the certificate. Then, I click the "Digitally sign this email" checkbox to automagically send my certificate to sign the email, and additionally click the "Encrypt this email" once I receive a certificate from an end-user to encrypt the email.

      Sure, there are scalability issues, but any good PKI implementation can take care of those for corporate use. And, with a Network of Trust like Thawte is creating, you get the PGP-like ease-of-use with the PKI-class trust-level of a real PKI. All for the home user.

      And no, I don't work for VeriSign or Thawte. I did work for a company that used certificates. A lot...

    • An easy to use interface and pgp/opengpg compatibility are included in the free email service Hushmail [hushmail.com]. It does encryption as transparently as I've seen it done. Their tech support sucks for fixing problems because they never respond to queries from their paying members (I hope they're reading this), but other than that, it is a relatively good service.
    • I think that while the end user doesn't care, businesses will.

      I think that Open Source/Free Software is the proper thing to solve the problem of insecure e-mail. Once a free and open standard emerges, businesses will be more inclined to get behind it. The idea that other companies can read their e-mails will scare companies enough to get behind it.

      I'm optimistic about the future of crypto in the long term.

  • the icon (Score:1, Funny)

    by Anonymous Coward
    does anyone else think that the censorship icon on slashdot kinda look a guy playing a harmonica?
  • by Fastball ( 91927 ) on Monday April 22, 2002 @12:37PM (#3388356) Journal
    A lot of vendors we deal with have significantly raised pricing for their support services, and a few others have quit supporting their software altogether. Struggling to stay in the black, a lot of companies are no longer developing and supporting software for the small shops and home office folks and are instead steering their efforts towards the big corporate money.

    To which I say fine. Alternatives for most of the stuff we use here, messaging systems, web based stuff, etc. can be found in open source projects or written in house. This is just another golden opportunity for open source software. Maybe my boss will hear my pleas now.

  • This is a really sad day. Most of the slashdot community can continue using encryption, but their PGP package was the only one I've seen easy enough for my mother to use. The integration with outlook/etc made it so easy to use. Hopefully they'll do the Right Thing (tm) and make it open source, so that we can continue making it compatible with OSes like XP -- which unfortunately people are using.
  • Curiosity... (Score:4, Interesting)

    by L-Wave ( 515413 ) on Monday April 22, 2002 @12:40PM (#3388377)
    Do many people truly use this technology? I understand many "geeks" use it, just for the cool factor, but I have yet to send email to someone who refuses to read/accept it because it was not PGP encrypted. I understand the use is for encrypting email and validating that it is, in fact, from the person who sent it...but really, does anyone use this for anything more than sending thier friends email that doesnt really need to be encrypted?
    • I certainly use it, but sparingly, only when I have to communicate something that might be "sensitivy" and only to those people that have/understand PGP. Ontopic------------------ The public does need to be aware of things like this, many people send personal information via email all the time, not understanding what they are basically doing is pretty much putting a sign around their neck with that information, where anyone who really wants to know just just look. Alas, not until someone dies or it comes out in Jerry Springer will the public make any huff about it.


      dam()
    • The Department of Defense has mandated that all email must be signed starting...sometime in 2003 (I think). They are using PKI though. As for PGP specifically, I have seen some good uses for it. My favorite is signing email from the dice server [pbm.com] for play by email games. Now you can't be sure it wasn't fixed to begin with, but at least you know where it came from!
    • http://www.cryptorights.org

      There are people in countries with really bad governments who are using PGP to communicate.
      • Right on. Access to strong cryptography and anonymity tools is very important for human rights workers. In addition to CryptoRights [cryptorights.org], the Science and Human Rights Program of the American Association for the Advancement of Science has done some PGP training and awareness-raising on this topic. Here' a link [aaas.org].

        Phil Zimmermann's website has some nice testimonials [philzimmermann.com]. This crypto stuff really does save lives, and I hope the geeks of the world are up to the challenge of keeping PGP alive.
    • I've heard of/know of a few companies that require their executives to use PGP when communicating via email. Usually this is sped along if one of the more enterprising young/disgruntled employees diseminates something that perhaps wasn't supposed to be diseminated...
      • To quote Schneier (who may have been quoting someone else) -- "it doesn't matter how much it costs to crack your firewall, it only matters how much it costs to buy your sysadmin"

        Presumably, some top-management are uphappy about the idea of their network-support people having access to their private email.
    • Re:Curiosity... (Score:3, Interesting)

      by thrillbert ( 146343 )
      I have yet to send email to someone who refuses to read/accept it because it was not PGP encrypted.

      Then you have never attempted to submit a vulnerability or links to fixed software to CERT.

      I believe their approach is "if we make it hard for them to email us, we won't have to work so hard!"

      ---
      I'm not an expert, but I play one at work.
    • There's a discussion [greenend.org.uk] on how terrorists use steganography (or not)
    • ...I have yet to send email to someone who refuses to read/accept it because it was not PGP encrypted.

      I do by using a combination of procmail [procmail.org] and mail-bounce [spots.ab.ca]. Here's how [bogosian.net].

  • Uhhh PKI? (Score:3, Insightful)

    by Conare ( 442798 ) on Monday April 22, 2002 @12:41PM (#3388383) Journal
    Encryption is difficult for average users to grasp, - It's like a secret code.
    products aren't all that easy to use - Most email encryption I have seen is implemented as simply depressing a toolbar icon. Is that really that difficult?
    and the threats of not protecting e-mail from prying eyes aren't all that easy to explain, Hill said - Hill can't be serious. How about two words? Intellectual property. or how about these two: National Security. Or how about these two: Excessive litigation
    Also in an article that supposedly discusses alternatives for encrypting email, PKI isn't even mentioned. What a terrible article.
    • Re:Uhhh PKI? (Score:3, Informative)

      by Xylantiel ( 177496 )
      Exactly!!

      For those who don't know, PKI=Public Key Infrastructure. It's how you know that a public key you have for someone is actually the right one. Having a working (i.e. secure) PKI is what makes "using" encryption difficult. Everyone always assumes that explaining PKI to anybody is too difficult, so reporters like the one who wrote this article say things like "products aren't easy to use" when really they are and all the difficulty is in having a secure PKI.

      It is probably telling that most widespread PKI, used for web certificates is pretty much completely broken in practice. Do YOU look at the company name listed on the certificate before you send you submit your credit card info? I've never seen a browser that by default gets you to at least verify that the company name on the cert is right. This makes man-in-the middle attacks almost easy.
      • Indeed. borwser implementation of SSL is pretty broken, but since the credit card companies are mostly limiting the card holders liability, it doesn't much matter to the average joe. For secure email, however PKI implementations are (or at least can be) much tighter. The initial outlay to run your own Ceritifcate Authority is expensive however, so this is best suited to large coms/orgs/govs.
        Three companies that sell these systems are:
        Entrust Inc. [entrust.com]
        RSA [rsasecurity.com]
        Baltimore Technologies [baltimore.com]
        • You can create a CA yourself fairly easily (see OpenCA [openca.org] for one example). The real problem is how to get your root certificate onto users' machines. In a "closed" environment, it's simple to install the root cert on all machines that may need it; in the more general case, even though it is simple to create a link that will install the root cert, persuading Joe User to push on past the scary messages is a different matter.

  • by blankmange ( 571591 ) on Monday April 22, 2002 @12:42PM (#3388387)
    It seems that NA had a great concept/product on their hands and through whatever passes for sense,let it go. How many applications has this happened to? An individual or small startup has a great idea, or maybe even the elusive 'killer app' and then is quickly bought up or out by a larger corporation. The application is quickly diluted, sent through several revisions that only seem to add complexity/bugs, and then the company drops it, but keeps the 'trademarked' name.... Now we can still get copies of and continue to use PGP, but now we will have to call it something else. Here's to Zimmerman; stick to your guns!
  • You have to wonder if there was anything going on between the government and Network Associates decision on PGP. Since September 11, the demands of the government to read email have skyrocketed.
  • If Microsoft were serious about their "Trustworthy Computing" initiative, they'd buy PGP and integrate it into Outlook/Outlook Express and their Mac equivalents and make it mind numbingly easy to use. Within just a few years millions of people would be using PGP.

    Now who wouldn't celebrate something like that?
    • You really want a company known for "Embrace and Extend" and "decommotized protocols" strategy, to push a standard for email encryption?

      "Oh, your Sylpheed and gpg can't read my email? Well, just upgrade to Outlook. Outlook users can read my email just fine." -- Overheard in 2005.

  • What's this bs about it not being compatible with XP? I'm using my old 6.5.8 (the last version I saw before the price jumped way up) just fine in XP. There are some minor niggles but those were present in W2K as well (which, according to the documentation, is supported by 6.5.8).
  • The PGP application for Outlook was really nice, users could understand it, and the price was fair. We tried to buy another pile of copies, and was told, "Sorry...".

    Sigh...
  • well, so long PGP... I guess I'm a nitpicker but it seemed to me that not long ago The GNU was hacking many more projects than just a PGP clone and a "command-line utility" wtf? Hello! Someone call the stupid police. I seem to have these vague sort of runins with this program called emacs... come to think of it it happens pretty much every day at work. GNU's only a privacy/command line utility maker. Deh fo the GNU that made my Emacs must be a different GNU than the one this article talks about. I'd like to meet this GNU guy on the block sometime. sorry for the pun, just had to. aight, over an out.
  • by stoolpigeon ( 454276 ) <bittercode@gmail> on Monday April 22, 2002 @12:49PM (#3388437) Homepage Journal
    HIPPA is some legislation that has portions going into effect now and in the next few years. It requires those who handle medical information electronically to do so in a secure manner.

    I work for a collection agency and since we collect for hospitals sometimes we have been looking at this. We were going to use PGP as clients have specifically mentioned that they require it. Now I am not sure what we will do. Much of what is available out there has restrictions on being used for business.

    The movement towards being more secure information delivery seems slow but it is moving forward.

    I am just real interested in seeing what kind of alternatives surface for businesses like ours.

    .
  • What worries me about this is that, by getting encription deeper into its niche, the time when massive operating systems (Windows the first one) and applications (Outlook for example) integrate encryption functionality just out-of-the-box is being more and more delayed.
    I am deadly sure that, just after MS includes the "Encryption Wizard" application for managing your keyring (with a nice animated paperclip, of course) crypto be quickly adopted by everyone.

    I don't think Mr. Gates cares about educating the masses, though.

    Just my humble opinion, but I'm serious at it.
  • It's hard to use. Period.

    Until it gets simpler, easier, better integrated with email systems, it won't be widely accepted.

    Come out with a local system proxy that resides on the local machine, and have all email route through there. Have IT check to see if there is a public key for the email address, and let IT encrypt and forward onto the "real" email server. Have it handle simple text mail ... and voila ... you have a simple system that EVERY email system could use (POP3/IMAP servers in the proxy) ... and it would be simple, since regardless, it gets sent out encrypted.

    BTW, I came up with this system a couple of years ago ... company folded ... I wouldn't want to work on this again since I'm "tainted" ... but ideas are free ...

  • by Beryllium Sphere(tm) ( 193358 ) on Monday April 22, 2002 @01:01PM (#3388500) Journal
    Hushmail (http://www.hushmail.com) is web-based OpenPGP mail. I'm a customer and sent Crypt-o-Gram a review, but have no other connection.

    The closest thing to the dream of "just press a button" is the S/MIME in Outlook. That still requires users to get a certificate ("a what?!", they will ask). And S/MIME has drawbacks.

    Pushbutton encryption is a delusion anyway. The details of key management are indispensable to security and require out-of-band verification. Unless you've checked a key fingerprint, or totally trust a key signer, you can be attacked by feeding you a fake public key and all the crypto wizardry is irrelevant.
    • The closest thing to the dream of "just press a button" is the S/MIME in Outlook. That still requires users to get a certificate ("a what?!", they will ask). And S/MIME has drawbacks.

      Working for a security firm, we decided to use Outlook and S/MIME. We had a policy that we would sign all messages by default, and use encryption where possible. After over a year of problems, we have stopped the default signing. We still use encryption, but not as much. The problems included:

      * People not being able to read a S/MIME signed email - includes Hotmail and certain combinations of Outlook/IE (since Outlook gets most of it's crypto libraries from IE, the version of IE is important). Sending people messages that can't be read is a serious barrier!

      * Random false-negatives for signed messages. Once in a while, a message would indicate it had an invalid signature, but we could discern no change from the proper message. It does not build confidence to tell people, ignore the error message saying the email has been tampered with!

      * Outlook is really lousy when it comes to acquiring and managing certificates. I'm guessing they designed it with Exchange in mind (assuming some corporation puts certificates in Exchange for a closed system). Initializing and managing certificates was a real pain, even for those who knew precisely what they were doing.

      * Outlook did not have a "use encryption only if person has certificate" option, which meant that you had to manually select encrypted email every time you wanted to use it. Also, there is no good way to send a single message with encryption to people who have the certificate and ability to read it, and no encryption for people who don't.

      * Occasionally we could not read encrypted mail because of a variety of errors. The most common was obscure certificate issues (actually bugs, since most of these errors should not have been transient).

      * The level of S/MIME encryption would vary, according to obscure and undocumented reasons (probably bugs too). I always selected 3DES, but more than half of my messages went out with some other form of encryption. Even worse, Outlook does not give you any warning that your message is going out with weak encryption!

      Not all of these are S/MIME problems, but as you can see, we are still very far from "just press a button".

  • It works just fine!

    Many ask "how can I use this?" and etc. I suggest getting a Hush-mail account and getting your friends to do the same.

    Hush-mail has no problems with adding in PGP keys - and I've e-mailed my buddies who have Hush-mail with my PGP'd mail.

    I think the software needs to be maintained, but of course it's far from dead. I'd just like to see PGPhone 'grow-up'. It's an awsome app.
  • It's hard to request that friends use encryption when (a) it's extra work for them, and (b) their email clients don't generally support encryption. This means that in my workplace, I have to assume that all of my POP mail may be read by IT co-workers (and given the draconian terms of employment foisted on me and others, I find the scenario probable). However, there is a solution to this situation: a POP client, in combination with a bit of supporting software on my mail server, that encrypts mail as I receive it on the server and decrypts it only when it reaches my machine (and does the reverse when sending). This solution will prevent anyone at my workplace from knowing the contents of my private email, and will not require that I educate and equip any of my friends with encryption software.

    By the way, if there is existing related work then please mention it.

  • by iabervon ( 1971 ) on Monday April 22, 2002 @01:46PM (#3388869) Homepage Journal
    Encrypted email will probably go through essentially the same stages as HTTPS.

    First, it will get integrated into mail clients, for those users who insist on it, in a half-hearted way. Then mail clients will pop up a warning when you send something unencrypted, which most people will just click through for most messages, but people might notice when they're sending a message which they wouldn't send by plaintext HTTP. Then it will become normal for sites with HTTPS servers to have PGP keys for email. It probably won't get much beyond that any time soon, though.

    As far as implementation, I anticipate PGP and similar software dying out, in favor of PGP-like crypto functionality being supported in OpenSSL. Why OpenSSL? Because it has become the standard security library implementation. OpenSSH uses OpenSSL, even though SSH competes directly with telnet-over-SSL. OpenSSL also has all the cryptographic functions, it's BSD-licensed, and a lot of security-conscious projects beat on it. Once OpenSSL has support for PGP-formatted stuff, it will be easy for email clients to integrate it. Also, since many email clients are integrated with browsers, which need SSL support (and so use OpenSSL already), it's simply a matter of calling the decrypt function when you get an encrypted message, storing public keys in the address book, and encrypting messages to anyone who has a public key in the address book.

    It is no longer necessary to have a separate program for encryption. Writing crypto code is hard, but OpenSSL does or will do almost all of it, so you're left with managing the user's private keys (just like managing client certificates), managing other people's public keys (just like managing site certificates), and distributing the user's public key (just like business-card attachments). The only tricky thing is in signing other people's keys, but if you're not worried about active attacks with people who you don't talk to out-of-band and who don't aren't corporate sites, you don't need to bother.
  • Inventor? (Score:2, Interesting)

    by mc6809e ( 214243 )

    "PGP inventor Phil Zimmermann says PGP.. "

    What about Rivest, Shamir, and Adleman? Some guy puts a wrapper around their invention and suddenly he's the inventor -- R,S, and A don't even get a mention.

    "Thanks for the technology...now get lost."

    • Oh yeah, you're right. And Henry Ford didn't really invent the first automobile. He should not be credited, because Hoobajooba invented the wheel in 13480 BC. He deserves the real credit! Come on man. Phil invented PGP. Period. RSA is just one of many algorithms used by PGP.
    • I guess you are trolling. What Phil and the others did was to introduce the concept of a decentralised web of trust in a software implementation. The RSA thing is just the key exchange and signature protection algorithm.

      Phil did V1.0 himself. Many others helped afterwards, but the main ideas and driving force came from him. Amongst the others involved with the early releases were Branko Lancaster, Colin Plumb, Pete Gutmann, Jean Loupe-Gailly (of zlib fame) as well as many others. My contribution was just one of the early ports. Phil only really took a back seat in the development when the feds started giving him problems.

      What he did was to make a combination of public and private key algorithms in a form that could be used. The stuff from RSA labs was definitely not so easy to use or integrate. Maybe he was only able to reach out to geeks, but a lot of people who were outside the military/govt world suddenly started using high-end crypto. Thank Phil for that even if didn't invent RSA.

  • First of all, key exchange is an arduous process. You can't possibly trust a third party to get you keys and whatnot; In fact the ONLY valid way to get a key from someone is in person, face to face. That's it, period. Anything else is questionable. Users just aren't going to do this.

    So basically, reasonable use of encryption is not going to happen until everyone is carrying around PDAs. Maybe that will be because all digital watches will be PDAs, or maybe they'll just become so cheap that every computer user will have one; I can't imagine it would cost that much to make a slim version of the good old palm pro these days, but of course 3com won't want to undercut their market. Until something like this happens, though, only geeks will use crypto.

    There's another problem, too, though a lesser one; You have to make a backup of your key, or you will lose it if your computer decides to throw a disk or just scramble its contents (Windows XP Dynamic Disks, anyone?) And as we all know, only a long passphrase is a good one, but coming up with a long passphrase which is not easy to guess but is easy to remember is tough. We have computers so we don't HAVE to remember things. It would be better if you could use some sort of biometric system to store your passphrase.

  • Marketing encryption (Score:3, Interesting)

    by MAXOMENOS ( 9802 ) <mike@mikesmYEATS ... n.com minus poet> on Monday April 22, 2002 @02:06PM (#3389084) Homepage

    Disclaimer: IANIM (I am not in marketing)

    As I see it, there are two barriers to widespread adoption of PGP (or GnuPG). The first is usability; the second, more important one, is demand. People do not see the necessity of encryption, and in fact, many associate encryption with criminal activity.

    The first problem can be solved through the proper use of technology: create user-friendly interfaces for key generation, key management, etc. The goal should be to make PGP/GPG as easy to use as a word processor, spreadsheet, or video game.

    The second problem can be solved by promoting digital signatures as opposed to encrypted email. Most people don't care that their email is as open as a postcard. In addition, a significant chunk of the population associate encrypted email with organized crime and terrorism. These are the factors we have to work against in promoting encryption as a way to keep email private.

    Digital signatures are a different matter. There is no social prejudice against digital signatures per se, and the need for digital signatures is easy to demonstrate, as detailed below.

    Most people believe the From: headers on their emails without question. Unfortunately, it doesn't take much technical skill to fabricate an email with a fabricated From: header. (Below is a Python script that does just this). It's therefore trivial for a malicious person to send all kinds of forgeries to you, your friends, your co-workers, etc. The social damage can be catastrophic.

    Digital signatures solve this problem neatly: if you have any doubts about who actually sent the email, or the actual contents of the email, the digital signature gives you near mathematical certainty that the message and sender are authentic.

    In my experience, it only takes a couple of humorous demonstrations to get the point across to your intended audience; after which, they become motivated to learn and use PGP/GPG to sign and verify the signatures of emails. Using PGP/GPG for encryption is a logical next step.

    By the way, if you do try to demonstrate the forged From: header trick, please make absolutely sure that your audience is prepared ahead of time, and that you are legally authorized to do this, before you make your demonstration. Otherwise you could unnecessarily end up in a heap of trouble.

    It should be noted that PGP and GPG have an advantage in meeting the demand for digital signatures, since they're both relatively mature technologies. The danger is that the government could push hard for their own scheme, with built-in back doors and/or mandatory key-escrow. Selling secure, non-escrowed encryption is going to be much harder in the present political climate than it was before.

    Hope this helps.



    #!/usr/bin/python
    #NB: some of this code comes from _Python Standard
    #Library_ by Frank Lundh. Buy a copy!
    #
    # Please note: this is for demonstration purposes only. I utterly
    # condemn any use of this code for illegal purposes.
    #

    import smtplib
    import strings

    fakemail = string.join((
    "From: foo@bar.org",
    "To: bar@foo.org",
    "Subject: IMPORTANT",
    "X-FakeMail-Notice: This mail is FAKE!",
    "",
    "I like to pour hot grits down my pants. Thank you.",
    "",
    "This mail is FAKE!"), "\r\n")

    server = smtplib.SMTP("localhost")
    server.sendmail("foo@ba r.org", ["bar@foo.org"], fakemail)
    server.quit()
  • For what I can see in every day life PGP is stron as ever, at least openpgp.
  • ABSTRACT: I think that the goal of having everyone use "strong" encryption the "right" way has made it harder to get people to adopt encryption for e-mail. Today the average web surfer transparently uses public key encryption for web-surfing secure web pages. Why? Because they don't have to worry about any of the complexity. PGP or GPG, while robust and "correct", require too much from end users by way of key management to facilitate adoption. My assertion is that simpler, less robust methods of encryption and identify verification will serve better to kickstart adoption. Finally, consumers must have a valid reason for identify verification presented to them. I propose one: spam stomping.

    Several comments have pointed out that encryption demand just wasn't there. I agree. While we would like to think that every end user would see the need for encrypted e-mail, we all know that hasn't happened. Yes, if MS or AOL made including encryption a standard part of their e-mail packages, that would go a long way, but the complexity of encryption needs to be hidden from the end-user.

    Truth be told, most people really don't need encryption on a message-by-message basis. Encryption activists feel that a world with strong encryption is broadly a better one, but that requires a "network effect" from adoption and the current costs for adoption for end users are just too high in terms of complexity for them to want to go to the effort of adopting it for a vague future goal -- even assuming they comprehend it and agree.

    Effecting real change may require backing away from some of the ideal crypto solution as a way of avoiding the complexity costs. People have mentioned several areas of complexity, including e-mail program transparency, certificate management, out-of-band verification, and trust networks.

    However, if we consider web-browsing, these have been effectively hidden from end-users and have thus failed to hinder adoption. Web browsers have public key encryption built in, plus a master set of certificates for verification. Because web browsers don't require two-way verification of identity, users don't have to worry at all about managing their own key. Adoption of SSL has been effectively transparent to users. Those who seek to have crypto email become the standard should seek similar solutions to transparent adoption first, rather than seeking to delivering the most sophisticated crypto. Once adoption has been catalyzed, the technology can be improved as the masses become familiar with it.

    Designers of the next generation of e-mail software should look to make certificates a natural part of the email environment. This should first center on identify verification, not encryption. There are several places this could happen:

    • When first setting up a new email address, the user should be prompted to create (or import) a digital ID for signing the e-mail. This certificate should be automatically (and transparently) sent to a central key-server. This key should be non-expiring. There should be options for upgrading/replacing the digital ID for advanced users. Passphrases should not be used by default, but could be an option for advanced users seeking additional security.
    • Address books or nickname managers should include an icon/notation to indicate which addresses have digital IDs. When nicknames are created or imported, the program should check all e-mail addresses against a keyserver and import the public keys.
    • When sending mail, signing should be the default.
    • When receiving mail, the return address should be checked against the nickname file or against they keyserver automatically. Signed mail should be specially flagged as such in the Inbox. Encrypted e-mail should be automatically decrypted on receipt/viewing. (Advanced users might opt to keep encrypted on disk and only decrypt for viewing)
    • For moderately advanced users, options should exist to enable encryption by default. This should automatically encrypt if the e-mail address matches one in the nickname file with a digital ID associated with it. Advanced users could opt to automatically seek a key from a keyserver and send encrypted if found or plaintext if not found.
    Consumers would have to find a reason to upgrade to this kind of system. One possible option is to use the signatures to help spam stomping. Using e-mail addresses alone for filtering may work for a while, but ultimately likely fail due to the ease of forgery. Filtering on signatures either against the ID in the nickname file or a verified key on the keyserver (one signed by a master CA, so that legit companies could send you something without you having to have them in your nickname file) might work very well. With spam being the problem that it is, this might be part of a "killer app" of next generation e-mail programs to deal with the problem.

    What this largely throws out is the element of getting signed certificates and requiring consumers to manage them. However, I'm certain that after people got used to the idea, the notion of having their digital ID certified wouldn't be so complicated. (It would of course need to be affordable.)

    (One could imagine that when governments begin to issue digital ID's these will be signed by the government and could be used for e-mail signatures as well.)

    The question of course is who could make all this happen? It probably still falls to the major e-mail program makers. I'm surprised that MS hasn't started down this path. Building in transparent signatures like this should be beneficial for their corporate business, and they should be able to sell lots of PKI add-ons for corporations to do certificate management. (Ironically, I think Notes has had this built in for ages, but it only works within the Notes server.)

    So, anyone from MS listening? Now's your chance to delivery against your privacy initiative. Best of luck.

    -XDG

  • This is really of relevance to me. The other day I had a client call to let me know her trial version of PGP for MacOS had expired. So, I went to register it, and found out that was no longer possible. Now we need to find a replacement which will work with Eudora under MacOS 8/9, and will not expire. Any suggestions? (No, we are not replacing her desktop machine with Linux)
  • Hey,
    Here are some cool gpg links:
    http://biglumber.com [biglumber.com]

    key Signing Mailing List [alt.org]

    Encrypt!!!
  • I've got GPG, and I have enigmail to integrate it with Mozilla. If everyone I knew had keys, I'd encrypt every email that I sent. But I can't do that, and simply signing it won't do. People that don't know what PGP is get scared when they see my signed message, with those "weird" "-----BEGIN PGP SIGNED MESSAGE----" type things and hash identifiers. People will think I've got a virus, so I can really only encrypt or sign my email to a select few people, and I talk to those people via IRC and AIM far more than I do by email. It's got to be much more seamless for people to not get scared by encryption.
  • In AD 2002, war was beginning.
    Phil: What happen?
    Admin: Someone set up us the bomb.
    Receptionist: We get signal!!
    Phil: What?!?
    Receptionist: Main screen turn on.
    Phil: It's YOU!
    Asscroft: How are you gentlemen !!
    Asscroft: All your file are belong to us!
    Asscroft: You are on the way to destruction.
    Phil: What you say!!
    Asscroft: You have no chance to survive make your time!
    Asscroft: HA HA HA HA ...
    Phil: Take off every 'gpg'
    Phil: You know what you are doing.
    Phil: Move 'gpg'
    Phil: For great crypto!

    Anyone with any sense knows that the Feds have been working for years to stop the public from having strong crypto. They have a great excuse now for pursuing and eliminating easy-to-use crypto. I just can't get the image of Asscroft, spittle spraying from his gob and drooling onto his chin, chanting random passages from the Bible while he plots the next liberty-divesting move that he and his goon-squad comit.

    Paranoid? SURE!!!
    Correct? PROBABLY!!!

If you aren't rich you should always look useful. -- Louis-Ferdinand Celine

Working...