Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Encryption Privacy Security

Engaging Newbies In Email Encryption and Network Privacy 83

reifman writes: All six parts of my series introducing beginners to PGP encryption and network privacy are now freely available. I hope it's useful for Slashdot readers to share with their less-technical acquaintances. There's an introduction to PGP, a guide to email encryption on the desktop, smartphone and in the browser, an introduction to the emerging key sharing and authentication startup, Keybase.io, and an intro to VPNs. There's a lot more work for us to do in the ease of use of communications privacy but this helps people get started more with what's available today.
This discussion has been archived. No new comments can be posted.

Engaging Newbies In Email Encryption and Network Privacy

Comments Filter:
  • by Anonymous Coward
    I just make sure not to send any sensitive information, account #'s, etc through e-mail. Until they make privacy and security easy and transparent to the user, that will be my defense. I don't have time to become an expert in this shit just to send a simple communication. Until then this will be a niche market with very few people using it.
  • by Zero__Kelvin ( 151819 ) on Thursday August 20, 2015 @04:54PM (#50357433) Homepage

    "Email privacy is broken. Working around this broken email system is worthwhile and it's past time. Here's how to get started with PGP encryption."

    You are off to a bad start. As sensational as your statement is, and with the full understanding of your desire to immediately capture the readers attention, you really ned to change it. E-mail privacy isn't broken. E-mail is by design not a private communication system. What you have written is not unlike claiming that DC-10s are broken because they cannot fly to the moon. You immediately caught my attention though. I'll grant you that! :-)

    • by Anonymous Coward

      I think what he means is that e-mails are being scanned/saved without our consent, so you can either encrypt the email or leave it as is if you don't care that someone else will read it. I think most people want their e-mails to be private.

      • i'm sure there is a ministry of something out there with tens of millions of people doing nothing but reading people's emails. all billion or so that are sent daily. they must be the ones responsible for the Toll Brothers ads I see after registering with Toll Brothers and having them send emails to my gmail
        • You don't need millions of people, just a couple of computers with [insert your favourite heuristic data mining technology here] to filter out the uninteresting stuff. The remaining thousands of emails are then read by analysts.

          The problem is that this kind of surveillance replaces initial reasonable suspicion by automated methods that have many false positives.

      • "I think what he means is ..."

        It is the opening sentence for a text intended to teach others. It is unacceptable that one has to "think what he means." What he said is wrong, regardless of what he meant. In a live conversation this sort of "you know what I meant" thing may make sense, but for a carefully reviewed teaching text it is entirely unacceptable.

    • by Anonymous Coward

      It wasn't designed with privacy in mind to protect against telecommunications carriers, hosting providers, email providers, and all-knowing adversaries. I think it's wrong to make the assumption though that it wasn't designed to protect ones privacy. When you sent an email it is destined to a particular place, not some mailing list, or public forum short of that being your intended target. I think we should make sure people understand that it isn't safe to assume that nobody can read ones email unless addit

    • by Anonymous Coward

      DC-10s are broken because they can't fly with two engines [wordpress.com]! And they're pretty hard to keep right side up [airlinesafety.com]. The pitch is way too sensitive... Damn things always were junk.

    • by Anonymous Coward

      While there is perhaps some truth in what you write, I also understand, from a user perspective why some might believe there is privacy with email.

      1. You address email to a particular user, and each user has his/her own mailbox
      2. In order to retrieve mail from a particular mailbox you need a password which at least to some extent implies that not everybody can read it.
      3. Email is used commonly for account reset and confirmation.

      • Yes, you can understand why there is confusion. The solution to this is not to exacerbate the problem by reinforcing the ignorance of the proletariat, which is what happens when one makes the blatantly false statement that "email privacy is broken". Again, the document purports to be educational, not to reinforce mis-conceptions.,
  • by swb ( 14022 ) on Thursday August 20, 2015 @04:56PM (#50357445)

    There's a lot more work for us to do in the ease of use of communications privacy

    Why is there? Why hasn't private key ala GPG/PGP become a totally integrated feature in mail clients? Even years ago when there was still a decent free Windows PGP with all the add-ons they had it integrated pretty well into Outlook and basic clipboard operations.

    Why isn't it just a completely vendor-integrated feature, with address books having default fields for public keys, smartphone integration, etc. On a phone it could be totally automated to send PGP encrypted mail by default with only a prompt for your thumbprint to authenticate access to your private key. (This may or may not be a great security practice, but it's already widespread and well integrated and the post was about ease of use to begin with.)

    Is it patents on PGP? "Meh" public attitude? Vendors pushing other solutions (S/MIME) or other certificate-driven solutions or "enterprise" authentication systems not wanting to give any room for what could be a free cross-platform solution?

    • by Anonymous Coward

      Because the great unwashed have no idea that they need it so vendors are not building something people don't think they want/need.

    • The fundamental problem is that SMTP was not designed for security, and there's no provision to change over everybody at some point.

      Also, privacy adds significant usability problems. You need to generate and copy your private key manually, instead of having your machines provision it among themselves. And privacy means webmail providers can't monetize the contents of your email, and you can't search through past emails efficiently.

    • by tlhIngan ( 30335 )

      Why is there? Why hasn't private key ala GPG/PGP become a totally integrated feature in mail clients? Even years ago when there was still a decent free Windows PGP with all the add-ons they had it integrated pretty well into Outlook and basic clipboard operations.

      Why isn't it just a completely vendor-integrated feature, with address books having default fields for public keys, smartphone integration, etc. On a phone it could be totally automated to send PGP encrypted mail by default with only a prompt for y

    • by gwolf ( 26339 )

      You can look sat thereasoning in the 1999 article Why Johnny can't encrypt: a usability evaluation of PGP 5.0 [acm.org]. It's quite sad how little progress we have seen in 16 years.

      • by AmiMoJo ( 196126 )

        What that paper demonstrates is that perfection is the enemy of progress. GPG/PGP is a pain the arse if you want to use it properly, with keys exchanged in person or via a trusted intermediary, and all mail being encrypted at rest on your hard drive etc.

        If all we wanted to do was block the spies at the NSA and GCHQ, as well as stop email providers and ISPs looking in, we could do it in a fairly transparent but not perfect way. Generate a key from the user's password. Attach the public part to every email, a

  • by under_score ( 65824 ) <mishkin@[ ]teig.com ['ber' in gap]> on Thursday August 20, 2015 @05:10PM (#50357539) Homepage

    The fact that this is so long means that by default it's too much for newbies. Communications privacy is not ready for newbies. If you can explain it in 500 words or less (or 2 minutes of video or less) without any further help... that's when it's ready for newbies.

    • The fact that this is so long means that by default it's too much for newbies.

      This post about privacy for newbies has drawn a bare 60 responses as I write. Six have been modded +3 or higher, including your own.

      This is the best the pro-encryption side can offer:

      "I'll be the first to agree that GnuPG is a usability nightmare. " "Anything is better than nothing."

      In my humble opinion, if you don't have anything usable, you don't have anything at all.

  • by RR ( 64484 ) on Thursday August 20, 2015 @05:10PM (#50357541)

    When activists like Moxie Marlinspike are calling for the end of PGP, it's probably time to look into alternatives. [thoughtcrime.org]

    PGP's problems are endemic to its design. It cannot be fixed, and increased adoption won't help.

    • by rjh ( 40933 ) <rjh@sixdemonbag.org> on Thursday August 20, 2015 @06:04PM (#50357851)

      Yes and no, but mostly no. (ObDisclosure: I help out with Enigmail.)

      • Could we do better? Maybe. Probably. But first you'll have to define what "better" means. Some people say it means stronger crypto. Some say it means a simpler RFC. Some say it means a better user interface/user experience. And some people -- idiots who don't understand that optimizing one of these may necessarily mean pessimizing another -- smile and say, "Yes!" Honestly, when it comes to "we can do better" style criticism, my response is simple: I know we can do better -- but first you have to tell me what 'better' means.
      • But that doesn't matter. When it comes to communications security the world is divided into two camps. The first one doesn't need it right now and the second one does. If you don't need communications security right now, that gives you a great amount of luxury to sit on the sidelines and wait for something better to come along. If you do, though ... then GnuPG and Enigmail are pretty much the best thing going right now, at least when it comes to email.

      • Alternatives? What alternatives? The only alternative right now for email security is S/MIME, and that's far worse than OpenPGP. If you want to communicate using Silent Circle, go for it. Want to use OTR, be my guest. But if you need email security... "it's probably time to look into alternatives" is the kind of advice that sounds good only until you realize just how few alternatives there are, or how lousy they are.

      I'll be the first to agree that GnuPG is a usability nightmare. Absolutely. If you like I'll point you towards several references in the peer-reviewed literature that show why it's so bad. But when people start talking about alternatives, I want to know which alternatives they're suggesting; when people start talking about doing it better, I want to know what better means.

      • but first you have to tell me what 'better' means.

        Why don't we start with the things that all these people say and work on all of them. In regards to the state of GPG this isn't a trade-off story. This is a story where each item can be improved upon at the same time without sacrificing another.

        Better means better all around. Stronger, simpler, more widely used, integrated by default, and with a simple user interface is by definition "better" than what we have now. It should be as simple and transparent as SSL/TLS.

        • by rjh ( 40933 )

          Quoting myself:

          And some people -- idiots who don't understand that optimizing one of these may necessarily mean pessimizing another -- smile and say, "Yes!"

          You're one of those idiots: I get it. But so long as you're saying "improve everything!" I'm going to ignore you, because some of these things are incompatible.

          • Except they are not. They start getting incompatible only when we start squeesing out the last of perfection for each requirement, but the current very sad state of GPG means that ALL of them have great room for improvement.

            • by RR ( 64484 )

              No, rjh is correct. The problem with cryptography is that it is incredibly tricky. If you don’t do it just right, then you compromise your security. If you get it really wrong, then it’s as good as not having cryptography at all. GnuPG has to be complicated to be compatible with the design-by-committee OpenPGP standards, including its clunky manual key system.

              rhj is probably also correct that OpenPGP gives the best security for email. My problem is that no security system is useful if nobody use

      • If you like I'll point you towards several references in the peer-reviewed literature that show why it's so bad.

        Yes please.

      • by RR ( 64484 )

        Right, that’s why I said, “develop” something better, and not just look into alternatives. If you want to leak secrets to journalists right now, or if you want to sign your distribution releases right now, then OpenPGP is the best alternative. If you want to communicate securely with family, probably S/MIME is better, because it’s way more compatible and less hassle to use. Already, security is bifurcated into incompatible solutions.

        For practical use, probably the biggest improvement

        • by rjh ( 40933 )

          The biggest problem with OpenPGP is that it doesn't protect the metadata.

          It's about to. :)

          Daniel Kahn Gillmor had a novel idea for how to use PGP/MIME in a creative way to extend protection to virtually all the email header information. Enigmail is implementing this, as are a few other groups. Metadata protection is coming to OpenPGP -- and very soon!

  • Is there a chapter on convincing people why they need to go to all of this extra effort to secure their e-mail?

    Most people say "yeah, whatever, too much work" when I try to tell them their e-mail is like sending a postcard in the postal system and what they need to do to not make it like that. Even when I ask if they'd put account and credit-card numbers on a post-card.

  • >> PGP is a system of encryption that operates with a pair of keys that operate symmetrically.

    Stop, go back and rewrite this stuff for newbies...if that really is your audience.

    • PGP is software that encrypts e-mail messages (or files) so that only the recipient can read them. It does this by using a system of two keys for each user. One is a secret key that each user keeps secret and private, the other is a public key that you can give to other people or publish on the internet.

      If someone wants to send an encrypted message to you, they use your public key to encrypt it so that only your secret key can decrypt it They then send that message to you and you decrypt with your secret

  • I think if you want encryption to work, what you need is not a clever little article that explains it, nor is it a startup company that stores public keys in a novel way. First, you need standards. Open, free, and universally supported.

    For example, if you want to encrypt email, you need a standard way of encrypting email that's supported and endorsed by pretty much everyone-- Microsoft, Google, Apple, Yahoo, and random IMAP/POP/Webmail providers. You need them all onboard so that you can trust that, if you want send an encrypted email to someone, the recipient will be able to read it in whatever webmail or mail client they're using. This implies that they already have all the necessary software installed, keys generated, and public keys stored in accessible places.

    If you haven't figured it out yet, I'm not just talking about encryption algorithms. Saying, "We have a standard, and it's PGP!" doesn't address the issue. Even if you get everyone to agree that PGP is the correct method for encrypting email, you still have a series of problems-- Do they have PGP installed on their computer? Do they have a way to read PGP-encrypted emails on their phone? Do they have a way to read PGP-encrypted emails on their webmail, when they want to check their email from a friend's house? And how are you anticipating that people will manage their keys so that they're secure, backed up, an pretty much impossible to lose?

    Someone needs to work out a vision for how this is supposed to work, and then pretty much everyone needs to get onboard. Until this is just built into every email client (including webmail), it's not going to work.

    • "I think if you want encryption to work, what you need is not a clever little article that explains it, nor is it a startup company that stores public keys in a novel way. First, you need standards. Open, free, and universally supported"

      Somebody should invent Open PGP [openpgp.org]!

  • by mlts ( 1038732 ) on Thursday August 20, 2015 @05:31PM (#50357665)

    Anything is better than nothing in this department. Without encryption, there is zero privacy.

    I'd say the first problem is teaching people why they want privacy in the first place. I either run into the attitude of "I don't care about what I do, I'm doing nothing illegal", or the attitude of "the bad guys will get it anyway."

    It is a similar attitude I see where people don't bother taking basic precautions with computers, assuming malware and reinstalling every few weeks to months is a fact of life.

    After actually getting users to back up and secure their systems (install patches, run an adblocker, enable some "click to play" functionality), the first part is getting them to make and securely store a PGP [1] key, making sure to remember the key's passphrase and keep a good backup in offline sites of the key [2]. From there, it is setting up a web of trust (I tend to respond to messages in kind. Encrypted messages get an encrypted response, for example.)

    The basics are not really hard to get down, but do take some time and thought, especially guarding one's private key, managing one's web of trust, and sending/receiving encrypted content. One of the advantages of OpenPGP is that the encryption format and the messaging format are independent. An encrypted message can arrive via SMS, SMTP, AIM, FB Messenger, a USENET post, file stashed on a USB flash drive, or many other ways.

    [1]: Technically OpenPGP format, be it done by PGP, netpgp, GPG, Symantec Encryption Desktop, APG, or another utility.

    [2]: I'd probably recommend buying three hardware AES encrypted USB flash drives. IronKey has the best reputation, and they have some cheapies that are not FIPS compliant that are relatively expensive ($35 for 4 GB)... but have a proven track record and are relatively reliable. Once a user copies their key to all three, the USB flash drives should be stashed in separate locations, as they shouldn't need to be accessed often.

    • "Anything is better than nothing in this department."

      This is a common misconception. When people have "anything" instead of nothing they have a false sense of security and will send information they would never send if they know they have nothing.

    • by houghi ( 78078 )

      I would much more be interested in the signing part than I am in the private part. Why do I not get signed emails from my bank? The ones that say my bill is available online?

      Why does virtually nobody use signing of their emails? And again, I am not so much interested in secrecy. What I would LOVE to see is people signing their emails with a secure and verifiable signature.

      If that is used, people will find out that encryption is an option that they could use. I am sure GMail and Microsoft could implement it

  • I've had great success with mailvelope plug-in https://www.mailvelope.com/hel... [mailvelope.com] it has support for firefox and chrome. It makes PGP encrypting mail secure and integrates well with existing mail accounts rather seamlessly. I'm a longtime user of PGP and mail encryption and this was one of the first times I've seen it done correctly and easy to use.
  • by manu0601 ( 2221348 ) on Thursday August 20, 2015 @09:10PM (#50358699)
    How many would-be beginners fled away when they saw they would have to read a six parts series?
  • Cool! I want privacy for my Facebook, Twitter, Tumblr, and Instagram, and text messages, how do I get that? I use email to communicate with my grandparents, but how do I get it for the stuff I use, like, every day?

  • Ok, I look at your series, and I'm thinking: my father would stop after reading the first paragraph. Security, encryption, privacy, they all suffer from people trying to educate the general public on TLAs, hard math, installing utilities.

    When will the security community learn that we don't need all those explanations, we need it to just work. We need encryption by default and unless this is available mainstream it's not gonna happen.

    Same thing for programmers. Nobody wants to learn about security, and espec

  • has already anyone tried it?

"Consequences, Schmonsequences, as long as I'm rich." -- Looney Tunes, Ali Baba Bunny (1957, Chuck Jones)

Working...