[liberationtech] safe-mail.net

Sat Jul 20 10:47:45 PDT 2013

On Wed, Jul 17, 2013 at 1:03 AM, A.Chukin <achukin at riseup.net> wrote:

> Some of my current partners use safe-mail.net for secure messaging.
> Does any of you have any information about maintainers and what is you
> opinion about security of this mail service ??

Based on 5 minutes looking at the web site, I see no reason to trust it.

"  Using SSL (Secure Socket Layer), which is a component of all
current browsers, for all data transmissions and strong proprietary
encryption for server security, it offers the highest possible
protection for all email communications and file attachments.

The SSL encryption itself is generally thought to be secure, but it
relies on X.509 certificates to identify the players so anyone who can
subvert the certificate infrastructure can easily conduct a man-in-the
-middle attack. If I can give you a bogus cert that says my machine is
safe-mail.net, you will send me your not-yet-encrypted data, I save a
copy and send it on to safenet.

This is a real threat, at least against some enemies. Common browsers
currently trust several hundred Certificate Authorities (CAs). Some
have been subverted; a Dutch one was hacked & credentials stolen there
used by the Iranian government to attack dissidents. Others having
admitted selling bogus certs that let corporate IT monitor employees.
Several are controlled by governments I'm not inclined to trust:
China, Syria, ....

Then there is:
" and strong proprietary encryption for server security,

That sets off alarm bells; basically "strong proprietary encryption"
is an oxymoron. There's a link earlier in the thread to a Wikipedia
explanation. Here's a different link to much the same thing:
http://en.citizendium.org/wiki/Kerckhoffs%27_Principle

This claim is worrying in two ways. First, it indicates that their
system has not been published and independently analyzed, so it should
not be trusted. Second, it shows that they are either ignorant of or
ignoring a basic principle that has been well--known in the field for
100-odd years, so they should not be relied on to have designed their
system well.

Even if their proprietary encryption is secure, the encryption is done
on their machines and they hold the keys. How safe is that? Not very
if you are trying to protect against government agents who might show
up with a warrant, or appeals to patriotism, just threats. Or if you
are involved in high-stakes litigation where the opponent might use
private detectives and large bribes. If they find a safe-mail system
administrator who will co-operate, they read all your correspondence.

The correct solution is end-to-end encryption such as PGP; encrypt on
the sender's machine and decrypt on the receiver's. Even that is
easily breakable if one of the machines involved has been subverted
(downloaded a trojan horse or someone broke in and installed a key
loggger or ...) and it does not stop someone like the NSA from seeing
who you are talking to, but except for that it appears secure.