How to improve our GUIs (was: We have GOT TO make things simpler)

raf gnupg at raf.org
Mon Nov 4 05:38:36 CET 2019 

Ryan McGinnis via Gnupg-users wrote:

> I might be missing something really obvious here but... what is this
> trying to protect against?

What they say they are trying to protect against, I suppose.
I summarised my understanding of it by saying:

> > It might not address all threats but it certainly seems
> > to solve some very real threats, mainly the threat of
> > someone hacking into your IMAP account and accessing
> > every email you ever received.

> ...Your service provider can
> certainly (and probably does certainly) retain archive or backup copies
> of all emails that enter into and exit your account...

I'm sure they have better things to waste their storage on.
Most IMAP service providers are not the NSA after all. :-)

> ... so encrypting them
> after reception only means that the copy you are accessing is encrypted
> and non-accessible to the provider, but the copy that they archived or
> backed up is just as plaintext as always (or is, more likely, encrypted
> with a key that only they know). 

The point is that it's not accessible to whoever hacks
into your IMAP account. They make it very clear that
that is the problem that they are trying to solve.

> ... E2E is really the only solution that keeps your email provably
> private from all parties concerned other than the recipients. 

Like anything else, E2E is only an actual solution if
it is actually used.

Since E2E for email is demonstrably too hard to achieve
for most people, it doesn't happen except in rare
cases. You can obviously send encrypted emails to all
your correspondents who have accessible keys. E3 allows
you to encrypt the emails that you receive that weren't
sent by senders who are able or willing to encrypt what
they send. The creators of E3 are not pretending that
E3 is an alternative to E2E for the problems that E2E
solves. It complements it (in the sense that it can
encrypt all the emails that weren't encrypted
end-to-end). It's just a tool that solves a particular
privacy problem in an accessible way. It seems like a
good thing.

Of course, making E2E just as accessible must be
possible too but it hasn't happened yet and we've been
waiting a long time. How hard would it be for all email
clients to automatically create a key pair and publish
the public key when you first run it if it can't find
an existing keypair? Pretty soon everyone would have
keypairs. Multiple devices would complicate things,
though.

I expect it would require Google and Microsoft to make
it happen automatically but Microsoft decided to charge
money to encrypt email and Google decided to make money
by analysing email content to improve advertising
effectiveness so I can't see them doing it any time
soon.

cheers,
raf

> On 10/29/2019 7:33 PM, raf via Gnupg-users wrote:
> > Hi,
> >
> > Sorry if this was mentioned before but I've just come
> > across a novel approach to email encryption that
> > doesn't do end-to-end encryption, but rather it
> > encrypts email upon receipt so that an individual can
> > encrypt the email that is stored in their IMAP account
> > as it arrives without the need for every sender to
> > encrypt and without the need for any service provider's
> > involvement (you just need an IMAP account), and it
> > supports reading email from multiple devices, each with
> > their own local private key. Most importantly, it
> > doesn't require the user to know anything about
> > encryption except that they want some.
> >
> > It might not address all threats but it certainly seems
> > to solve some very real threats, mainly the threat of
> > someone hacking into your IMAP account and accessing
> > every email you ever received.
> >
> >   Making It Easier to Encrypt Your Emails
> >   Authors: John S. Koh, Steven M. Bellovin, and Jason Nieh
> >   https://www.usenix.org/publications/login/fall2019/koh [paywall, usenix]
> >
> >   Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management
> >   EuroSys '19 Proceedings of the Fourteenth EuroSys Conference 2019
> >   Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> >   https://doi.org/10.1145/3302424.3303980 [paywall, acm]
> >   http://nieh.net/pubs/eurosys2019_e3.pdf [free]
> >
> >   Easy Email Encryption with Easy Key Management
> >   Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> >   https://mice.cs.columbia.edu/getTechreport.php?techreportID=1639 [free]
> >
> >   Automatically and invisibly encrypt email as soon as it is received on any trusted device
> >   https://www.helpnetsecurity.com/2019/04/01/easy-email-encryption/ [free]
> >
> > I know this doesn't help with the discussion of
> > improving GUIs to make it easier to encrypt emails that
> > you want to send, but it looks like a promising
> > improvement in privacy that could help many more people
> > than just those that want to encrypt emails that they
> > send. And it's still relevant. I expect that those that
> > want to encrypt any emails that they send might also
> > like all the emails that they receive to be encrypted
> > as well.
> >
> > cheers,
> > raf
> -- 
> -Ryan McGinnis
> https://bigstormpicture.com
> Sent via ProtonMail

More information about the Gnupg-users mailing list