Engaging Newbies In Email Encryption and Network Privacy

reifman writes: All six parts of my series introducing beginners to PGP encryption and network privacy are now freely available. I hope it's useful for Slashdot readers to share with their less-technical acquaintances. There's an introduction to PGP, a guide to email encryption on the desktop, smartphone and in the browser, an introduction to the emerging key sharing and authentication startup, Keybase.io, and an intro to VPNs. There's a lot more work for us to do in the ease of use of communications privacy but this helps people get started more with what's available today.

I'm OK without privacy.

[Anonymous Coward]

I just make sure not to send any sensitive information, account #'s, etc through e-mail. Until they make privacy and security easy and transparent to the user, that will be my defense. I don't have time to become an expert in this shit just to send a simple communication. Until then this will be a niche market with very few people using it.

Re:

[dcollins117]

Didn't the FBI, less than a year ago, declare that people who know, or talk about VPNS or encryption potential terrorists that should immediately be reported as such to their local law enforcement...?

No, that's complete bullshit. VPNs and encryption are perfectly legal to use and considered to be essential security tools. Especially useful if you live under a repressive anti-privacy government like the US.

Re:

[q4Fry]

No, that's complete bullshit. VPNs and encryption are perfectly legal to use and considered to be essential security tools. Especially by the government of the US.

Corollary

Re: S/MIME

[RR]

Not necessary. Startcom, a company in Israel, is happy to generate and store a key [startssl.com] that you can use to certify that you are you, for free. I think this also demonstrates the insane brokenness of the certificate authority system.

Re:

[allo]

Which makes startssl untrustworthy for your friends. So, you signed this? Did you, or is your key leaked and you did not revoke it, because its to costly?

Re:

[gl4ss]

yeah why wouldn't you trust a company in Israel to generate and store proof of that your site is yours and your messages are yours..

Re:

[heypete]

Not necessary. Startcom, a company in Israel, is happy to generate and store a key [startssl.com] that you can use to certify that you are you, for free. I think this also demonstrates the insane brokenness of the certificate authority system.

Sure, they offer the option (by default, which is annoying) for them to generate a private key for you (they claim not to store it) but you're welcome to generate your own private key and CSR [startssl.com] and submit it for signing -- that way they never see your private key.

Re:

[heypete]

Apologies: I mis-read the earlier comment. My comment about StartSSL generating a private key for the user applies only for SSL/TLS certs (where users can, as I mentioned, skip that and submit their own CSR).

When one generates a client certificate such as used in S/MIME, the key generation takes place entirely in the browser using keygen tags [mozilla.org] -- the private key is stored locally and the public key is sent to the server for signing.

Put simply, StartSSL (and other CAs around the world) are happy to issue cert

Re:

[CronoCloud]

Yeah, you just need 200 pages of "how to get a certificate"

https://www.comodo.com/home/em... [comodo.com]

Comodo gives out free ones.

Re:

[allo]

seems like they generate the key on the server side (tried with fake mail, and they said they send me how to download it).
startssl at least uses firefox' builtin keygeneration.

No ... Email privacy is NOT 'broken'

[Zero__Kelvin]

"Email privacy is broken. Working around this broken email system is worthwhile and it's past time. Here's how to get started with PGP encryption."

You are off to a bad start. As sensational as your statement is, and with the full understanding of your desire to immediately capture the readers attention, you really ned to change it. E-mail privacy isn't broken. E-mail is by design not a private communication system. What you have written is not unlike claiming that DC-10s are broken because they cannot fly to the moon. You immediately caught my attention though. I'll grant you that! :-)

Re:

[Anonymous Coward]

I think what he means is that e-mails are being scanned/saved without our consent, so you can either encrypt the email or leave it as is if you don't care that someone else will read it. I think most people want their e-mails to be private.

Re:

[known_coward_69]

i'm sure there is a ministry of something out there with tens of millions of people doing nothing but reading people's emails. all billion or so that are sent daily. they must be the ones responsible for the Toll Brothers ads I see after registering with Toll Brothers and having them send emails to my gmail

Re:

[aaaaaaargh!]

You don't need millions of people, just a couple of computers with [insert your favourite heuristic data mining technology here] to filter out the uninteresting stuff. The remaining thousands of emails are then read by analysts.

The problem is that this kind of surveillance replaces initial reasonable suspicion by automated methods that have many false positives.

Re:

[Zero__Kelvin]

"I think what he means is ..."

It is the opening sentence for a text intended to teach others. It is unacceptable that one has to "think what he means." What he said is wrong, regardless of what he meant. In a live conversation this sort of "you know what I meant" thing may make sense, but for a carefully reviewed teaching text it is entirely unacceptable.

Re:

[GuB-42]

Except i imagine when e-mail was designed it wasn't with the knowledge that the US government and its subsidiaries have full, unfettered access to the inbox of every single person on the planet, whether legally or illegally.

ARPANET, the precursor of the internet and perhaps the first global network to support e-mail was a US military government initiative. So of course they had the knowledge they could read anyone's mail as they pass through their network. Like everyone else who studied the question.
They didn't access everyone inbox. They were probably cleaned regularly anyways considering the storage costs. However, security didn't matter that much back then. The internet was considered public. The need for security started m

Re:

[Anonymous Coward]

It wasn't designed with privacy in mind to protect against telecommunications carriers, hosting providers, email providers, and all-knowing adversaries. I think it's wrong to make the assumption though that it wasn't designed to protect ones privacy. When you sent an email it is destined to a particular place, not some mailing list, or public forum short of that being your intended target. I think we should make sure people understand that it isn't safe to assume that nobody can read ones email unless addit

Re:

[Anonymous Coward]

DC-10s are broken because they can't fly with two engines [wordpress.com]! And they're pretty hard to keep right side up [airlinesafety.com]. The pitch is way too sensitive... Damn things always were junk.

Re: No ... Email privacy is NOT 'broken'

[Anonymous Coward]

While there is perhaps some truth in what you write, I also understand, from a user perspective why some might believe there is privacy with email.

1. You address email to a particular user, and each user has his/her own mailbox
2. In order to retrieve mail from a particular mailbox you need a password which at least to some extent implies that not everybody can read it.
3. Email is used commonly for account reset and confirmation.

Re:

[Zero__Kelvin]

Yes, you can understand why there is confusion. The solution to this is not to exacerbate the problem by reinforcing the ignorance of the proletariat, which is what happens when one makes the blatantly false statement that "email privacy is broken". Again, the document purports to be educational, not to reinforce mis-conceptions.,

Why is there so much work to be done?

[swb]

There's a lot more work for us to do in the ease of use of communications privacy

Why is there? Why hasn't private key ala GPG/PGP become a totally integrated feature in mail clients? Even years ago when there was still a decent free Windows PGP with all the add-ons they had it integrated pretty well into Outlook and basic clipboard operations.

Why isn't it just a completely vendor-integrated feature, with address books having default fields for public keys, smartphone integration, etc. On a phone it could be totally automated to send PGP encrypted mail by default with only a prompt for your thumbprint to authenticate access to your private key. (This may or may not be a great security practice, but it's already widespread and well integrated and the post was about ease of use to begin with.)

Is it patents on PGP? "Meh" public attitude? Vendors pushing other solutions (S/MIME) or other certificate-driven solutions or "enterprise" authentication systems not wanting to give any room for what could be a free cross-platform solution?

Re:

[Anonymous Coward]

Because the great unwashed have no idea that they need it so vendors are not building something people don't think they want/need.

Re: Why is there so much work to be done?

[RR]

The fundamental problem is that SMTP was not designed for security, and there's no provision to change over everybody at some point.

Also, privacy adds significant usability problems. You need to generate and copy your private key manually, instead of having your machines provision it among themselves. And privacy means webmail providers can't monetize the contents of your email, and you can't search through past emails efficiently.

Re:

[tlhIngan]

Why is there? Why hasn't private key ala GPG/PGP become a totally integrated feature in mail clients? Even years ago when there was still a decent free Windows PGP with all the add-ons they had it integrated pretty well into Outlook and basic clipboard operations.

Why isn't it just a completely vendor-integrated feature, with address books having default fields for public keys, smartphone integration, etc. On a phone it could be totally automated to send PGP encrypted mail by default with only a prompt for y

Re:

[gwolf]

People are often satisfied with using "S3krit" as an encryption key. Explain why you need a key with decent entropy/randomness and so large there's no use in trying to remember it... Users will store the key in the same medium as the encrypted data. So much for crypto strength.

Re:

[gwolf]

You can look sat thereasoning in the 1999 article Why Johnny can't encrypt: a usability evaluation of PGP 5.0 [acm.org]. It's quite sad how little progress we have seen in 16 years.

Re:

[AmiMoJo]

What that paper demonstrates is that perfection is the enemy of progress. GPG/PGP is a pain the arse if you want to use it properly, with keys exchanged in person or via a trusted intermediary, and all mail being encrypted at rest on your hard drive etc.

If all we wanted to do was block the spies at the NSA and GCHQ, as well as stop email providers and ISPs looking in, we could do it in a fairly transparent but not perfect way. Generate a key from the user's password. Attach the public part to every email, a

Re:

[cbhacking]

Bumping AC's comment, because yeah, this is stupid. The whole article on email encryption for smartphones talks about exactly one app, available for the second-most-popular smartphone OS, and nothing else. It doesn't cover encryption support for other platforms, other apps, or other encryption methods. It talks about the need for platform support, without mentioning any platform support found on any smartphone platform.

There were smartphones before iOS, and there are still other smartphones. In fact, iPhone

6 part series?... for newbies????

[under_score]

The fact that this is so long means that by default it's too much for newbies. Communications privacy is not ready for newbies. If you can explain it in 500 words or less (or 2 minutes of video or less) without any further help... that's when it's ready for newbies.

Re:

[under_score]

Okay - perhaps I should qualify a bit: We're 20+ years into PGP and other comm privacy tools. If you're still a newbie you're either really young or you really don't care about comm privacy. So maybe what I meant is that comm privacy is still complex enough that it takes a lot of text and reading to learn it vs. an iPhone which takes about 5 seconds to learn to use it. That's unacceptable for most people who are still in the newbie category of comm privacy.

Re:

[westlake]

The fact that this is so long means that by default it's too much for newbies.

This post about privacy for newbies has drawn a bare 60 responses as I write. Six have been modded +3 or higher, including your own.

This is the best the pro-encryption side can offer:

"I'll be the first to agree that GnuPG is a usability nightmare. " "Anything is better than nothing."

In my humble opinion, if you don't have anything usable, you don't have anything at all.

No to PGP. Let's develop something better

[RR]

When activists like Moxie Marlinspike are calling for the end of PGP, it's probably time to look into alternatives. [thoughtcrime.org]

PGP's problems are endemic to its design. It cannot be fixed, and increased adoption won't help.

Yes and no, but mostly no.

[rjh]

Yes and no, but mostly no. (ObDisclosure: I help out with Enigmail.)

• Could we do better? Maybe. Probably. But first you'll have to define what "better" means. Some people say it means stronger crypto. Some say it means a simpler RFC. Some say it means a better user interface/user experience. And some people -- idiots who don't understand that optimizing one of these may necessarily mean pessimizing another -- smile and say, "Yes!" Honestly, when it comes to "we can do better" style criticism, my response is simple: I know we can do better -- but first you have to tell me what 'better' means.

• But that doesn't matter. When it comes to communications security the world is divided into two camps. The first one doesn't need it right now and the second one does. If you don't need communications security right now, that gives you a great amount of luxury to sit on the sidelines and wait for something better to come along. If you do, though ... then GnuPG and Enigmail are pretty much the best thing going right now, at least when it comes to email.

• Alternatives? What alternatives? The only alternative right now for email security is S/MIME, and that's far worse than OpenPGP. If you want to communicate using Silent Circle, go for it. Want to use OTR, be my guest. But if you need email security... "it's probably time to look into alternatives" is the kind of advice that sounds good only until you realize just how few alternatives there are, or how lousy they are.

I'll be the first to agree that GnuPG is a usability nightmare. Absolutely. If you like I'll point you towards several references in the peer-reviewed literature that show why it's so bad. But when people start talking about alternatives, I want to know which alternatives they're suggesting; when people start talking about doing it better, I want to know what better means.

Re:

[thegarbz]

but first you have to tell me what 'better' means.

Why don't we start with the things that all these people say and work on all of them. In regards to the state of GPG this isn't a trade-off story. This is a story where each item can be improved upon at the same time without sacrificing another.

Better means better all around. Stronger, simpler, more widely used, integrated by default, and with a simple user interface is by definition "better" than what we have now. It should be as simple and transparent as SSL/TLS.

Re:

[rjh]

Quoting myself:

And some people -- idiots who don't understand that optimizing one of these may necessarily mean pessimizing another -- smile and say, "Yes!"

You're one of those idiots: I get it. But so long as you're saying "improve everything!" I'm going to ignore you, because some of these things are incompatible.

Re:

[thegarbz]

Except they are not. They start getting incompatible only when we start squeesing out the last of perfection for each requirement, but the current very sad state of GPG means that ALL of them have great room for improvement.

Re:

[RR]

No, rjh is correct. The problem with cryptography is that it is incredibly tricky. If you don’t do it just right, then you compromise your security. If you get it really wrong, then it’s as good as not having cryptography at all. GnuPG has to be complicated to be compatible with the design-by-committee OpenPGP standards, including its clunky manual key system.

rhj is probably also correct that OpenPGP gives the best security for email. My problem is that no security system is useful if nobody use

Re:

[Fnord666]

If you like I'll point you towards several references in the peer-reviewed literature that show why it's so bad.

Yes please.

Re:

[rjh]

Enjoy!

• Secrecy, flagging, and paranoia: adoption criteria in encrypted email [ucsc.edu]
• How to make secure email easier to use [simson.net]
• Why Johnny Can't Encrypt [berkeley.edu] and Why Johnny Still Can't Encrypt [cmu.edu]
• Views, reactions, and impact of digitally-signed mail in e-commerce [mit.edu]
• Usability of security: a case study [dtic.mil]

Re:

[rjh]

One, the spec is positively Byzantine. It makes OpenPGP look like a marvel of clarity. It's a very hard spec to implement correctly, and for that reason I distrust most of the S/MIME out there.

Two, S/MIME has some hardwired dependencies on SHA-1. (So does OpenPGP; S/MIME has more of them.) SHA-1 isn't looking very healthy right now. OpenPGP is migrating away from SHA-1 and the working group is actively developing a new spec. The S/MIME community isn't.

Re:

[RR]

Right, that’s why I said, “develop” something better, and not just look into alternatives. If you want to leak secrets to journalists right now, or if you want to sign your distribution releases right now, then OpenPGP is the best alternative. If you want to communicate securely with family, probably S/MIME is better, because it’s way more compatible and less hassle to use. Already, security is bifurcated into incompatible solutions.

For practical use, probably the biggest improvement

Re:

[rjh]

The biggest problem with OpenPGP is that it doesn't protect the metadata.

It's about to. :)

Daniel Kahn Gillmor had a novel idea for how to use PGP/MIME in a creative way to extend protection to virtually all the email header information. Enigmail is implementing this, as are a few other groups. Metadata protection is coming to OpenPGP -- and very soon!

The chapter convincing people of the problem?

[Anonymous Coward]

Is there a chapter on convincing people why they need to go to all of this extra effort to secure their e-mail?

Most people say "yeah, whatever, too much work" when I try to tell them their e-mail is like sending a postcard in the postal system and what they need to do to not make it like that. Even when I ask if they'd put account and credit-card numbers on a post-card.

Stop and rewrite for newbies.

[xxxJonBoyxxx]

>> PGP is a system of encryption that operates with a pair of keys that operate symmetrically.

Stop, go back and rewrite this stuff for newbies...if that really is your audience.

Re:

[CronoCloud]

PGP is software that encrypts e-mail messages (or files) so that only the recipient can read them. It does this by using a system of two keys for each user. One is a secret key that each user keeps secret and private, the other is a public key that you can give to other people or publish on the internet.

If someone wants to send an encrypted message to you, they use your public key to encrypt it so that only your secret key can decrypt it They then send that message to you and you decrypt with your secret

We need standards, not startups

[nine-times]

I think if you want encryption to work, what you need is not a clever little article that explains it, nor is it a startup company that stores public keys in a novel way. First, you need standards. Open, free, and universally supported.

For example, if you want to encrypt email, you need a standard way of encrypting email that's supported and endorsed by pretty much everyone-- Microsoft, Google, Apple, Yahoo, and random IMAP/POP/Webmail providers. You need them all onboard so that you can trust that, if you want send an encrypted email to someone, the recipient will be able to read it in whatever webmail or mail client they're using. This implies that they already have all the necessary software installed, keys generated, and public keys stored in accessible places.

If you haven't figured it out yet, I'm not just talking about encryption algorithms. Saying, "We have a standard, and it's PGP!" doesn't address the issue. Even if you get everyone to agree that PGP is the correct method for encrypting email, you still have a series of problems-- Do they have PGP installed on their computer? Do they have a way to read PGP-encrypted emails on their phone? Do they have a way to read PGP-encrypted emails on their webmail, when they want to check their email from a friend's house? And how are you anticipating that people will manage their keys so that they're secure, backed up, an pretty much impossible to lose?

Someone needs to work out a vision for how this is supposed to work, and then pretty much everyone needs to get onboard. Until this is just built into every email client (including webmail), it's not going to work.

Re:

[Zero__Kelvin]

"I think if you want encryption to work, what you need is not a clever little article that explains it, nor is it a startup company that stores public keys in a novel way. First, you need standards. Open, free, and universally supported"

Somebody should invent Open PGP [openpgp.org]!

Anything is better than nothing...

[mlts]

Anything is better than nothing in this department. Without encryption, there is zero privacy.

I'd say the first problem is teaching people why they want privacy in the first place. I either run into the attitude of "I don't care about what I do, I'm doing nothing illegal", or the attitude of "the bad guys will get it anyway."

It is a similar attitude I see where people don't bother taking basic precautions with computers, assuming malware and reinstalling every few weeks to months is a fact of life.

After actually getting users to back up and secure their systems (install patches, run an adblocker, enable some "click to play" functionality), the first part is getting them to make and securely store a PGP [1] key, making sure to remember the key's passphrase and keep a good backup in offline sites of the key [2]. From there, it is setting up a web of trust (I tend to respond to messages in kind. Encrypted messages get an encrypted response, for example.)

The basics are not really hard to get down, but do take some time and thought, especially guarding one's private key, managing one's web of trust, and sending/receiving encrypted content. One of the advantages of OpenPGP is that the encryption format and the messaging format are independent. An encrypted message can arrive via SMS, SMTP, AIM, FB Messenger, a USENET post, file stashed on a USB flash drive, or many other ways.

[1]: Technically OpenPGP format, be it done by PGP, netpgp, GPG, Symantec Encryption Desktop, APG, or another utility.

[2]: I'd probably recommend buying three hardware AES encrypted USB flash drives. IronKey has the best reputation, and they have some cheapies that are not FIPS compliant that are relatively expensive ($35 for 4 GB)... but have a proven track record and are relatively reliable. Once a user copies their key to all three, the USB flash drives should be stashed in separate locations, as they shouldn't need to be accessed often.

Re:

[Zero__Kelvin]

"Anything is better than nothing in this department."

This is a common misconception. When people have "anything" instead of nothing they have a false sense of security and will send information they would never send if they know they have nothing.

Re:

[account_deleted]

Comment removed based on user account deletion

Mailvelop does this

[devoid42]

I've had great success with mailvelope plug-in https://www.mailvelope.com/hel... [mailvelope.com] it has support for firefox and chrome. It makes PGP encrypting mail secure and integrates well with existing mail accounts rather seamlessly. I'm a longtime user of PGP and mail encryption and this was one of the first times I've seen it done correctly and easy to use.

Six parts series

[manu0601]

How many would-be beginners fled away when they saw they would have to read a six parts series?

For newbies

[Krishnoid]

Cool! I want privacy for my Facebook, Twitter, Tumblr, and Instagram, and text messages, how do I get that? I use email to communicate with my grandparents, but how do I get it for the stuff I use, like, every day?

Alas, useless

[raarts]

Ok, I look at your series, and I'm thinking: my father would stop after reading the first paragraph. Security, encryption, privacy, they all suffer from people trying to educate the general public on TLAs, hard math, installing utilities.

When will the security community learn that we don't need all those explanations, we need it to just work. We need encryption by default and unless this is available mainstream it's not gonna happen.

Same thing for programmers. Nobody wants to learn about security, and espec

PGP on top of gmail

[ruir]

has already anyone tried it?