[liberationtech] the 14th reason not to start using PGP is out!

carlo von lynX lynX at time.to.get.psyced.org
Fri Nov 22 09:24:46 PST 2013 

On Thu, Nov 21, 2013 at 12:27:03PM -0800, Micah Lee wrote:
> On 11/20/2013 07:30 PM, carlo von lynX wrote:
> >    These days mail tools are too complicated. Here come enigmail
> >    that is in charge of encrypting mails before they leave Thunderbird.
> >    But wait, didn't Thunderbird just store a draft? Yes, and since I
> >    happen to have IMAP configured it stored the draft to my server. Did it
> >    bother that I had checked the flag that I intend to encrypt the mail?
> >    No, the draft is on the server in the clear.
> 
> I haven't  been following this thread, but I just wanted to point out
> that this isn't true. Enigmail encrypts drafts before saving the
> messages to the server over IMAP.
> 
> You just need to make sure you toggle encryption to be on before the
> draft of the email gets auto-saved. Try it. Go start writing a new
> email, toggle encryption, and save a draft. Then go look in your draft
> folder and press Ctrl-U to view the source. The draft is PGP-encrypted.

I hope it does in newer versions. My version doesn't. Even now that I
have "encrypt & sign" as the default setting and pick a mail address
that I have sent encrypted mail a few minutes ago.. I start editing
the mail text, click the "Save" button and it pushes an unencrypted
copy by IMAP to my server. I logged into the server and went into its
.maildir/.Drafts/cur where it sits, happily unencrypted.

> Enigmail's about:config pref for saving encrypted drafts is
> extensions.enigmail.saveEncrypted.

Have no idea how to open about:config in Thunderbird. I see at
https://www.enigmail.net/documentation/userprefs.php that the
setting can only be accessed by Javascript and that it should
by default be "on." I presume the default has been changed
recently. This is good, better late then never, but I wonder how
many people for how many years have been saving their PGP
correspondence on their Gmail or other IMAP server including
citation of the incoming mail? How many people maybe still have
their extensions.enigmail.saveEncrypted configured to FALSE
because they started using enigmail before enigmail fixed the
setting? How many people are sending PGP mail day in and day
out and have no clue that they've been sharing their secrets
with their mail ISP for years? How many have enigmail just like
me? And I just used whatever I have.. it's not like I go hunting
for broken PGP implementations in my spare time.

Excuse me if I will laugh at anyone who dares to say it is
dangerous to use new software because it isn't guaranteed
to be safe. Can't easily be worse than PGP. The foundations
of our security are on shaky grounds all over and this
conservative attitude just reminds me of politics.


On 11/21/2013 05:23 AM, Ali-Reza Anghaie wrote:
> As it pertains to your response to me from over a month ago (below) -
> we're just on different pages. I'm not arguing the strategic problem
> statement, I'm saying you've made a tactical decision that was
> damaging. *shrug*

History will tell who is damaging the most, those who promote new
solutions or those who, just like politicians, try to cling to a
broken status quo.

> Matters little now - so many new entrants into the ecosystem we're
> already fighting the good fight against the bad fighters. Good luck,
> Cheers, -Ali

Fight? I didn't come to fight. I try to reduce the damage being done.


On 11/21/2013 01:13 PM, Julian Oliver wrote:
> Indeed, but there's a wide gulf between asserting that people should not use (or
> start to use) PGP at all until a better solution is available - as he does - and
> developing (and testing) alternatives in parallel. After all, any alternative
> might prove to be more or equally as vulnerable as PGP.

There are two strawmen here. I am saying (a) PGP is better than nothing
and (b) Pond and other better solutions ARE ALREADY AVAILABLE. And
considering how badly PGP/SMTP/IMAP are vulnerable, it isn't so easy
to make a software which is worse. Of course you can fumble around
with the random number generator or try to otherwise "optimise" the
crypto. But if you are aware of what you do, you be careful not to
mess up the crypto.

I am using Pond and other alternate mail systems each day. They work.
I didn't get all nervous because I forgot to flag "sign" or "encrypt"
before I hit the SEND button. It's funny: Thunderbird would rather get
back to me because I forgot to fill out the subject (which for PGP mail
should actually be abolished) then to ensure that I didn't mean to send
this encrypted. As if encryption is something you do on rainy days.


On 11/21/2013 09:31 AM, elijah wrote:
> I don't need to beat a dead horse, but nearly every email from carlo

You should neither beat me nor call me a dead horse. I don't know
in which culture it is legitimate to say something like that because
it probably means something else but I don't care. You are in an
international mailing list here and you must not subtly insult by using
your local culture's funny idioms.

> contains one or more logical fallacies. This email contains two: the
> strawman fallacy (enigmail has poor security, so no usage of OpenPGP can

That is your strawman interpretation. The fact that two random mail
clients are doing it wrong shows that their is a serious tendency
to do it wrong - and that has to do with reason #1: the fact that it
is normal for e-mail to be unencrypted. That is the mistake, and the
only way to avoid all of the problems that are the consequence of that
is to have a communication system that CANNOT send unencrypted. Such
as all the modern ones in the making.

> have good security) and the composition fallacy (hkp keyservers are part
> of how OpenPGP works, and they leak metadata, so you can't protect
> metadata with OpenPGP).

Another strawman you are pulling here. I didn't say you can't fix
keyservers - on the contrary - I said that it is being fixed and
which manuals to consult - I am saying that this technology is so
damn old and inadeguate, that inappropriate aspects keep popping up
all the time. So why should we do the effort of introducing it to
new users, which has barely worked for twenty years anyway, if
there are new technologies that are MUCH easier to use and DON'T
have all off these flaws.

> [...]
> I don't agree that these properties are absolutely required.

Social graph protection is essential in order to respect the
constitutions, which themselves exist for the sake of democracy.
It is not only old politician's talk to want to keep old things
and just do some maintenance, it is a dramatic misjudgment of
priorities, if maintaining the old doesn't respect the basics
of the constitution.


On 11/22/2013 12:16 PM, Julian Oliver wrote:
> ..on Fri, Nov 22, 2013 at 11:16:31AM +0000, Nick wrote:
>> I use PGP, and I am very very glad to have it, but (against my 
>> expectations) Carlo has completely won me over to the position that 
>> it's better for everyone if we start again with email, rather than 
>> try (and largely fail) to convince ordinary people to change their 
>> mail habits, providers to change their setups, etc.
> 
> Fair enough. I understand the reasoning.

Glad you do. I just see the odd parallels between our community
and big world politics: The economy battered, built on the broken
ideologies of growth and labour, the ecology collapsing under the
egotistic needs of even more economic growth, and here are the
politicians who want to somehow keep everything as it is while
everything is falling apart exactly by trying to not change
anything. And I see how the community of Internet politicians is
acting similarly in the face of the greatest collapse of civil
rights this planet has ever seen.

Let me put on that old album from the Human League.
It has a name. It is called...

DARE

More information about the liberationtech mailing list