[Freedombox-discuss] Email Encryption Basics

Jonathan Wilkes jancsika at yahoo.com
Fri Nov 16 17:42:09 UTC 2012 


----- Original Message -----
> From: Nick M. Daly <nick.m.daly at gmail.com>
> To: Michael Rogers <michael at briarproject.org>; Eugen Leitl <eugen at leitl.org>
> Cc: freedombox-discuss at lists.alioth.debian.org
> Sent: Friday, November 16, 2012 8:04 AM
> Subject: Re: [Freedombox-discuss] Email Encryption Basics
> 
> Michael Rogers <michael at briarproject.org> writes:
> 
>>  On 16/11/12 07:35, Eugen Leitl wrote:
>>>  Most attempted delivery from dynamic user space will bounce, and
>>>  requiring smarthosts clashes both with the zero administration
>>>  requirement and adds an additional point of attack.
>> 
>>  I think this is way too pessimistic. Yes, it's unrealistic to run an
>>  incoming or outgoing mail server on a dynamic home IP address, but a
>>  PageKite-style proxy would work.
> 
> For no reason I can explain, my box can send outgoing mail without issue
> (I haven't purchased or defined an MX record or smarthost, IIRC).  It
> can't receive anything at all, but mail goes out without problem, which
> allows service signups and the like.  I'll try to figure out why I can
> send mail one of these days.
> 
>>  Alternatively, the FBX could act as a PGP proxy for an existing email
>>  account: the FBX would encrypt email before sending it to the existing
>>  account's SMTP server and decrypt it after collecting and deleting it
>>  from the existing account's POP/IMAP server. No email would be stored
>>  long-term on the provider's servers, which is a legally important
>>  distinction in the US. The FBX would use Tor to store and retrieve PGP
>>  public keys on multiple independently operated keyservers, making it
>>  difficult for any keyserver to replace a user's key with a MITM key
>>  without detection.
> 
> Very interesting!  As long as we tie ourselves to someone else's
> infrastructure, re-serving as a client becomes easy.

That might be the easiest way for a user to get up and running with
reliable service.  Just keep in mind that the metadata is still very much
subject to collection and mining-- who you are sending to, when you are
sending, subject line?, and probably a lot else which is stored on the server
after being deleted for a fairly long period according to many TOS I've
seen.

In the case of Paula Broadwell, owning a FBX with such a setup would have
changed nothing at all: the recipient of some of her messages started
the investigation, metadata identified her as the sender, and the content of
her email/documents was revealed by physically removing her machine.

If she had used Tor, or a FBX that goes through Tor or some other anonymizing
overlay, identifying the sender by metadata would have been much more difficult.

-Jonathan

More information about the Freedombox-discuss mailing list