Most secure web-based email (against sniffers in my lan)
GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If only we could get everyone to use strong encryption for their emails. Then we'd cover each other.
Maybe someone nice would have to provide a service like lavabit and do it for free. They might pay for the bandwidth by advertising links at the bottom of each email.
The lavabit site says even their staff can't read the emails of their customers! If that's true, no agency can demand to read people's emails.
On the other hand, there's a law in the UK where if you use encryption for anything, the government has the right to demand the password from you. And you go to prison if you get asked and refuse to give the password. Something smarter is needed, perhaps the plausible deniability tactic of truecrypt with its two passswords, or maybe N passwords. Ever heard of that?
Another concern is, strong encryption might arouse suspicion. What's your take on that?
From this (and your previous posts), I get the impression that you consider the standard SSL encryption currently in use worldwide to be weak. Is that really the case? If so, could you please elaborate on why you see it that way? So far you just seem to be making assumptions. Mind you, I'm not refering to implementation flaws which are well-known thanks to the research of people like Moxie Marlinspike, I'm referring to weaknesses in the algorithms themselves.
The problem with public key cryptography is the CAs (certificate authorities) can't be trusted not to give your private key to the government. In such cases encryption can actually be used for non-repudiation in a court of law. So as to prove that you, and only you, could have sent the email. Which would be the exact opposite of plausible deniability.
Another concern is, strong encryption might arouse suspicion. What's your take on that?
If people encrypted everything, including the unimportant, then nothing would be "suspicious". All your private message would be hidden in a sea of mundane time-wasting random data for "inquiring minds" to sift though.
Another concern is, strong encryption might arouse suspicion. What's your take on that?
If you're talking about BEYOND just your LAN, then my take is that, if you're inside the US, and/or are sending emails to/from the US, and you use an encryption that has been deemed "too strong" by some 3-letter agency, then you *may* arouse suspicion.
NOTE: I'm not a lawyer, not an American, nor do I live in the U.S., but (only)to my knowledge, __very__ strong encryption is not allowed in the U.S. for the very reason that those 3-letter agencies can't break it in a timely manner.
In freer parts of the free world, this isn't an issue-- you can encrypt to your hearts' content.
but (only)to my knowledge, __very__ strong encryption is not allowed in the U.S. for the very reason that those 3-letter agencies can't break it in a timely manner.
We can use strong crypto within the country as much as we want. I think that strong crypto is still viewed as a munition and technically you're not allowed to export software that uses it outside of the country.
People use strong crypto to send message out of the country all day long.
<tinfoil hat>The NSA and friends gave up on trying to crack crypto long ago when they realized it's easier to coerce US companies to inject exploitable vulnerabilities into their OS where they can then capture what they need in plaintext.</tinfoil hat>
From this (and your previous posts), I get the impression that you consider the standard SSL encryption currently in use worldwide to be weak. Is that really the case?
No, I do not consider it weak, just want to know what is the state of the art. I reckon some criminals must have managed to break the standard SSL algorithms, either that or found flaws in the commonest implementations of it. Because it is so widely used, and therefore there is so much return on investment in breaking it.
The crypto in SSL (now TLS) is pretty strong/secure. There have been issues recently with some implementations of ssl libraries that weaken it, but I believe that's been cleared up for now. There have been issues with the logic of processing certificate chains that have created some vulnerabilities. I think those have been cleared up. Crypto is a very complex topic and there are so many things that can go wrong without any sign.
For the average joe that blends in with the rest of society's traffic, it's strong enough and the risks are relatively low.
I'm pretty sure it's been stated earlier in the thread, but there are many points in an email's life that are vulnerable to unauthorized reading. SSL only protects it during transit to your ISP. From there, chances are, it will be related through a number of SMTP servers in plaintext where anyone with admin privileges can read it. Once it's stored on the recipients computer, it can be left in plain text.
PGP offers the most protection in keeping the email private for the duration of it's life.
Maybe there is an email provider that offers a PGP option too, or I install my own email server somewhere and add the best PGP encryption that there is.
Is the best PGP encryption stronger than lavabit's?
PS. I understand what you're saying about PGP, just want to protect the link to the email server only, people would be hard to persuade to use PGP anyway.
Maybe there is an email provider that offers a PGP option too
PGP is a decentralized encryption scheme where each user maintains their own keyrings of people they communicate with. You're the sole owner and holder of your private key that is used to sign and decrypt messages sent to you. It would be ridiculous, for lack of a better word, to allow a third party to have control over your private keys, so no, there shouldn't be an email provider that provides a PGP service - unless it's just there to authenticate you and sign your keys to build the web of trust.
It would be ridiculous, for lack of a better word, to allow a third party to have control over your private keys, so no, there shouldn't be an email provider that provides a PGP service
Would it be ridiculous if an email provider recommended SSL along the link to its user while there's no encryption at all at the other end where the receiver is not using SSL at all? That's what hotmail and gmail are doing - given that you cannot persuade people to swap encryption keys with you, you do the best you can. So why not encrypt this link with PGP, can't you swap PGP keys with your email provider? Remember, my LAN is more dangerous than the receiver's.
Would it be ridiculous if an email provider recommended SSL along the link to its user while there's no encryption at all at the other end where the receiver is not using SSL at all? That's what hotmail and gmail are doing - given that you cannot persuade people to swap encryption keys with you, you do the best you can. So why not encrypt this link with PGP, can't you swap PGP keys with your email provider? Remember, my LAN is more dangerous than the receiver's.
If you want the message to remain private between sender and recipient, the sender will need to encrypt it using the recipient's public key. There's no getting around that (other than using a PSK), and giving keys to your email service provider isn't going to help in that regard. When you're using an SSL email service provider, your link to them is already encrypted, and I'm not sure what exactly you're hoping to gain by giving them your PGP keys. Could you clarify?
When you're using an SSL email service provider, your link to them is already encrypted, and I'm not sure what exactly you're hoping to gain by giving them your PGP keys. Could you clarify?
If typical PGP ciphers are of equal strength to typical SSL ciphers, there's no reason to use PGP between yourself and the email server. But I am under the impression that the best cipher for PGP is stronger than the cipher typically used with SSL, eg by hotmail. If that is so, an email provider can communicate with me using PGP, we'd be like two people using PGP. They would send me data encrypted with my key, and I would send them data encrypted with their key. That's against anyone sniffing our link and only that.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.