[Freedombox-discuss] Email Encryption Basics

Jonathan Wilkes jancsika at yahoo.com
Tue Nov 20 01:19:34 UTC 2012





----- Original Message -----
> From: Michael Rogers <michael at briarproject.org>
> To: Jonathan Wilkes <jancsika at yahoo.com>
> Cc: Russell Edwards <russell at edwds.net>; "freedombox-discuss at lists.alioth.debian.org" <freedombox-discuss at lists.alioth.debian.org>
> Sent: Monday, November 19, 2012 6:34 PM
> Subject: Re: [Freedombox-discuss] Email Encryption Basics
> 

[...]

> The alternative would be to wash our hands of email because we can't
> make it perfectly secure. I think that would be a mistake, because
> people will use it anyway.

I'm not sure how to get from a to b, where a is no FBX and b is FBX as
described in those sentences I quoted from the website.  If it's the
case that (spam-free, non-blacklisted) email in its current incarnation
can be done without configuration hell, then "plug box in, click
some buttons, email your friends" may be a very nice feature on the
way from a to b.  I'd use it!

It is clearly _not_ b, however, and it's very important to keep that in mind,
mostly for the reason that all of us posting on this list know how to use
GPG or other tools to get end-to-end-encryption if we _really_ need it,
and the only way to get that feature for other people is to get FBX all the
way to the goalpost.

> 
> "Making it as secure as possible" could mean many things. It could
> mean running SMTP and IMAP servers on the box, with a PageKite-style
> proxy to ensure the servers are reachable on any home ISP.

This by itself doesn't "enable private conversations online", so that would
be insufficient on its own.

> It could
> mean automatically encrypting outgoing email if the recipient has a
> PGP key.

Yes, that might be a nice feature.

> It could mean deleting email from a provider's server and
> storing it on the FBX.

This does virtually nothing to protect the users' privacy  nor keep their
data secure.  It'd actually be better if the FBX has a "delete from server"
button that triggers the following virtual conversation:

FBX: Are you sure you want to delete the messages from the server? Yes or No
USER: Yes
FBX: Do you own the server? Yes or No
USER: No
FBX: Then how can we be sure they're deleted when you click delete? Yes or No
USER: Help
FBX: Was that one of the options I gave you? Yes or No
USER: Quit
FBX: I'm sorry you must answer Yes or No
USER: <ctrl-c>
FBX:  Wow I'm still here.  Annoying, isn't it? Yes or No
USER: Yes
FBX: Luckily I'm just a script on your machine. Do you want me to go away forever? Yes or No
USER: Yes.
FBX: Ok, this script is now disabled and you can check my veracity by looking at ~/mailfrontend/config.txt.
That's a file that lives on your _own_ machine.  That _you_ control.  And can _verify_.  Got the hint? Yes or No
USER: Yes
FBX: deleted mail on server: done.

> Hopefully there are some other suggestions. :-)

Same here.

-Jonathan

> 
> Personally I like the PageKite approach, as I've said before, but I'm
> interested in other possibilities too.
> 
> Cheers,
> Michael
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> 
> iQEcBAEBAgAGBQJQqsHrAAoJEBEET9GfxSfMX8UH/izFsmUpZPEvoC3XXo9Lh/8Z
> RjYLzrHQPzYM9jsIAU6aBeBvUaS0dsR4c3EOVfjarAT9YnG8MuUXFCCumm/DMeuP
> w9nFnGkcXtKqN5LYjqB3ix0Z6GCy+6XArsqHbxDnhurW/tw7LwXvPWWoHjFmL4ch
> O7TYsrTAV6woCR2Ugqs+RnsElrurpzTEn9nYRNbzP2H6NIJbwQVTPGfXKpqnrTGR
> Xmm0kPXtJyKF9sctPx+Fgr69wtLAIDtKG8lZHm9PmOfm/IF4AAANk1WIXHlVD8N1
> gGVH63Ba2I1P9g3wTWpKYXjml2FHU+vlzwSjljnadj2PR1U21lJLERiphclUsSs=
> =9VB+
> -----END PGP SIGNATURE-----
> 



More information about the Freedombox-discuss mailing list