[liberationtech] PGP is hard to use and needs stuff installed on your computer. Use PassLok instead.

Fri Jul 26 14:29:00 PDT 2013

Francisco Ruiz <ruiz at iit.edu> writes:
>Scenario: you, Alice, realize you're under NSA surveillance. You need
>to get a crucial bit of information to your friend Bob, right away.
>You've been using PGP, but now you suspect the NSA may have installed
>a bug on your machine. Your keystrokes are being recorded.
>
>What can you do? Use PassLok instead.
>
>I wrote PassLok with three guiding principles in mind:
>1. Absolutely nothing should be installed or even written in the
>computer. Alice should be able to go to the local library or borrow
>someone else's smartphone, and leave no traces behind.
>2. Best security available. No compromises.
>3. Graphical interface. Only one screen, as clean as possible.
>
>Therefore, PassLok is written entirely in javascript. Once you load
>the page at https://passlok.site44.com (http://passlok.com redirects
>you there), you can save the file and you have PassLok even offline.
>You can view the source and convince yourself that it is not
>connecting with any server. If you know some cryptography, you can see
>that it is using the well-known SJCL routines for AES
>encryption/decryption and elliptic curve functions. Since the elliptic
>curves implemented in the current version of SJCL only go up to the
>384-bit NIST curve, I added the 521-bit NIST curve (equivalent to a
>15000-bit RSA key in predicted security) so that PassLok uses that as
>a default. Even at 521 bits, the public keys are small, as you can see
>from my lock (public key) below.
>
>PassLok performs public-key cryptography using the Diffie-Hellman key
>exchange rather than RSA, so you can use whatever secret key you want.
>Hopefully something that is both very hard to guess and easy to
>remember, so you never have to write it down. PassLok will help you to
>come up with a strong key, but won't force you in any way.
>
>PassLok can sign and verify signatures, too (many PGP implementations,
>such as Mailvelope, cannot), and can also include a second secret
>message under a separate key, to beat the "rubberhose attack." If you
>are not sure about the authenticity of something, PassLock can make a
>short ID that you can read over the phone. All of it from a single
>screen.
>
>I want people to use PassLok and uncover any bugs it might still have,
>before I move on to a Gmail plugin based on its engine. I believe it
>is already very secure and easy to use by those who know a little
>cryptography. Hopefully the metaphor used throughout PassLok, about
>locks and keys rather than private/public key pairs, will also make it
>usable by novices.
>
>I'll appreciate any feedback you can give me. The link is repeated at
>the bottom.
>
>Thanks!

Francisco, thanks for posting this.

At the PassLok site, some text can be clicked on to cause
expandable/contractable instructions to appear.  It would be nice if
there were an icon (like a turnable triangle icon or something) that
made this more obvious -- otherwise, the title words just look like
normal text and one might not think to click on it.

(Yes, you say so at the top, but I think users tend to only read text
that looks like it's relevant to the immediate task at hand, not general
instructions that appear at the top of the page, far away from the
targets to which they apply.)

Also, it will not be obvious to many people that "View Source" on the
page is how they get the code for inspection and possible self-hosting.
Maybe you could put up an explicit instruction about that, in the same
place where other sites might have (say) a GitHub link?

-Karl