Necessity of GPG when using SSL

Janusz A. Urbanowicz alex at bofh.net.pl
Mon Feb 27 10:32:40 CET 2006


On Fri, Feb 24, 2006 at 06:06:17AM -0500, Henry Hertz Hobbit wrote:
> Benjamin Esham <bdesham at gmail.com> wrote:
> 
> >On Feb 22, 2006, at 6:22 AM, Janusz A. Urbanowicz wrote:
> >
> >> And there is really no point in ecryptiong the whole access since the
> >> contents, the emails usually travel the rest of the net unencrypted.
> >
> >But wouldn't it be much easier for an attacker to intercept all of
> >your e-mail by listening in on an unencrypted webmail session than by
> >trying to intercept each e-mail individually somewhere else?  I think
> >there certainly is a benefit to having SSL-encrypted webmail for
> >exactly that reason:  less determined attackers will not have access
> >to the plaintext of the messages. (Although granted, it would be kind
> >of foolish to depend upon SSL webmail if the messages are sent in
> >plain text.)
> 
> Last then first.  Generally, it is very difficult to intercept email
> en-transit.

No, it is not. You only need to get a intercept warrant against the
uplink provider.

> How do you say this packet from WAN IP address 92.23.4.107 is Bob's
> and not Bill's when up to 100 people share that WAN IP address?

There are commercial products to do so. It costs money, but most of
the telcos have deployed them to comply with law regulations.

> Where your email is most easily compromised is on the mail server.
> There it sits until you start to pull it down.  SSL isn't even a
> factor.  All SSL does is secure the transmission, not the data at
> the end points.

So?

> In fact, a hacker can pull down your email using SSL to cover their
> tracks - and that is usually exactly what they do. It is usually
> pretty easily done too, since ALL of the messages are usually in
> just one file.  They just have to suck down that one file and now
> they have ALL of your messages.  Now, if the email on the server is
> in plain-text, how secure is that?  On the other hand, if it is
> encrypted with some OpenPGP package like GnuPG with strong
> encryption, how secure is that?  Pretty darn secure.

Against what? Put the recipient in the Guantanamo or equivalent and
s/he will divulge all his passwords. And it is all legal. We have a
war going, after all.

> So, I repeat - SSL is not good enough unless all of your messages don't
> convey financial information or anything else important.

95% of the web commerce doesn't agree with that statement (the other
5% doesnt use crypto at all).

> If they are important, use GnuPG or other strong end-point
> encryption and the only thing you have to watch for now are those
> pesky key loggers.  But even then if they get your passphrase, they
> still need your keyring, but if they have a keylogger working for
> them, then they probably have all your GnuPG DB files.

Again, you haven't defined the attacker, the threat model, or
anything, you just put some out of context statements to support your
four legs good two legs bad slogan.

It is impossible to answer the question asked in the subject of the
thread without defining the type of threat and the resources of the
attacker you want to protect against. This was not done even in the
form "will my email be secure against the big evil governement?" or
"will my email be secure agains my brother's snooping?", so the
question of SSL/OpenPGP cannot be answered.

A.



More information about the Gnupg-users mailing list