PDA

View Full Version : Privacy on Facebook, Twitter, etc.



Spider
05-26-2011, 09:17 AM
Thought you chaps would like to see this, from the arch-villain (or whistle blower extraordinaire, depending on your politcal POV), Julian Assange:


Facebook in particular is the most appalling spying machine that has ever been invented. Here we have the world’s most comprehensive database about people, their relationships, their names, their addresses, their locations and the communications with each other, their relatives, all sitting within the United States, all accessible to US intelligence... Facebook, Google, Yahoo — all these major US organizations have built-in interfaces for US intelligence....

Reported in The New American : May 4, 2011 - Julian Assange: Facebook Providing Information to American Intelligence (http://www.thenewamerican.com/usnews/politics/7351-julian-assange-facebook-providing-information-to-american-intelligence)


The New American went on to say that the New York Times ran a story in September of last year that described the symbiotic relationship between social network media and the government:

"Federal law enforcement and national security officials are preparing to seek sweeping new regulations for the Internet, arguing that their ability to wiretap criminal and terrorism suspects is “going dark” as people increasingly communicate online instead of by telephone.

"Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages. "

vangogh
05-26-2011, 11:37 AM
Interesting article. I'd need to see something in the way of proof before believing Facebook and the CIA are that symbiotic, but I wouldn't be surprised if I do see that proof.

There are dangers to having so much data about us collected in a small handful of places. It's one of the reasons I our growing loss of privacy bothers me. Om the other hand I really don't think companies like Facebook or say Google are collecting our data so they can hand it over to the government. I think they collect our data because it's a profitable part of their business model. I'd sooner see Facebook selling that data than handing it over to the government.

You always have to keep in mind that where Facebook is concerned Mark Zuckerberg has stated many times he believes everything should be open and shared. If you are concerned about privacy, Facebook isn't the place to be. You should probably assume anything you do there will eventually become public as it's the stated goal of the owner.

Having said all that I think it's inevitable that much of what we once considered privacy no longer will be private. It's easy to see how generations behind me aren't concerned and simply accept and even relish their lessening privacy.

tylerhutchinson
05-26-2011, 06:32 PM
Interesting article. I think that people should assume they are releasing their privacy when signing up for social media. People can hide and protect some of their information to a point. I can see both sides of the argument.

greenoak
05-26-2011, 06:46 PM
to me its smart to assume anything you put on line isnt secret...theres probably a way someone could get to it...or some robot thats collecting it..

Spider
05-26-2011, 08:09 PM
If you put it into a public medium, it is public.

vangogh
05-26-2011, 10:20 PM
Part of the issue with some social sites is they have private areas that later become public. When you join and start using the site it's with the assumption that certain things you do are private. Twitter has direct messages for example which are only viewable by the sender and receiver of the message. When Facebook started it was much more of a private space and people posted with the expectation that what they said wouldn't be publicly viewable. You can still set part of your profile to be private.

However Mark Zuckerberg has made it clear he doesn't think any of those parts should be private. There are likely people right now posting what they reasonable think are private conversations within Facebook that might later become public.

DeniseTaylor
06-16-2011, 04:01 PM
Hi Spider

Don't get me started on Julian Assange, but there is evidence to show that Facebook (and Google, for that matter), can and is gathering data on us. Just do a Google search on Facebook privacy and Google privacy, grab a cup of coffee and get ready for some eye-opening information. This is quite real and covered by some major media outlets.

Since I don't go around breaking the law, I'm not personally concerned about the FBI, CIA, etc. What I don't like is the fact that information is being gathered and there is not enough clarity on what information that is specifically, and what is really being done with it. I also don't like that neither FB or Google are forthright about the fact that we are automatically opted-in, without our knowledge.

That's why free "ain't really free," my friends. They have to make money somehow and it's creepy what they can do and the fact that it's not completely out in the open.

My advice: find out how to opt-out and do so, if you don't feel comfortable. Then stay apprised of developments in the news and speak out to protect your rights. Actively support measures that seek to rectify the situation.

Google is here to stay, and so is Facebook, for now.

It's kind of like the old addage: "Don't take candy from strangers."

It's not like you'll never ever eat candy. Just be informed, be wise and be alert to what you're doing.

Spider
06-16-2011, 04:22 PM
Opt-out? Forget it! STAY out, is better. Don't open a FB account, don't search on search engines - there's only one that I know of that doesn't record your IP address. Don't go on the internet at all. Go live in a cabin in the mountains!

Yeah, that's going to happen.

We live in a public realm. Our stuff is public, whether you opt-out or not.

1964 arrived, on time - in 1984! The genie is out of the bottle.

greenoak
06-16-2011, 08:34 PM
you are so right spider....
..we have to adjust to this new world....and realize its all recorded...... how can you opt out of google or facebook? ....just keep it clean and dont go to the bad places iunless you want everyone to know....i kind of like how they puT some of the right aDS ON MY PAGE....

vangogh
06-17-2011, 12:04 AM
I agree that we live in an ever more public world, yet at the same time there are places online where people have a reasonable expectation of privacy. For example most of us likely access our bank accounts online. Does that mean the information there is public? I don't think so and don't think anyone else would think it's public information. Banks have to protect the information or none of us would use the sites.

It's true that the sites could be broken into and the information stolen, but that's a different issue. The bank itself could be broken into and your money stolen too.

If you join a site and the site specifically says your information won't be shared then I think it's reasonable to expect that information to remain private. Someone could break in and get the information, but again that's a separate issue. Sadly what happens is sites like Facebook get people to sign up with the promise of a certain level of privacy and then remove that privacy without letting anyone know in advance. I'm sure they can legally do it, but it comes across like a breech of contract.

I'm saddened by how our privacy is being taken away and more so about how so many seem to accept it everywhere. I think we should all be entitled to some level of privacy. When you mail a letter you should reasonably expect it will arrived unopened on delivery. I don't see why that should be any different when you send an email.

Spider
06-17-2011, 09:56 AM
I can understand the expectation - but what we expect and what we get isn't always the same!

Two particular points -
...It's true that the [bank] sites could be broken into and the information stolen, but that's a different issue. The bank itself could be broken into and your money stolen too...It is true that a bank's records could be broken into online and information stolen. A cyber-thief could actually steal my money by accessing my account and making an improper transfer. But a real-world thief could not break into a bank and steal my money. The money they would steal would be the bank's money, not mine. The real-life thief is far less of a danger to customers than a cyber-thief. (Unless you happen to be IN the bank when he turns up!)


...I'm saddened by how our privacy is being taken away and more so about how so many seem to accept it everywhere. I think we should all be entitled to some level of privacy. When you mail a letter you should reasonably expect it will arrived unopened on delivery. I don't see why that should be any different when you send an email.Here's a can of worms waiting to be opened!

1. When you mail a letter, it passes into government hands for its entire journey until it reaches it's destination. Here you are entitled to expect it to be unopened.

2. What about something you send via a private company - UPS, Fedex, private courier service - can you expect, and are you entitled to expect, a similar level of prvacy, and if so how will that be enforced?

3. To expect, and be entitled to expect, that your e-mail receives the same level of security as a government service can offer, you would have to accept government taking over all e-mail services. Hands up thos who want that!

IOW, I don't think we can expect, nor are we entitled to expect, that our e-mail is as private as a government-controlled physical mail service. At least, not until we agree to a government take-over of all e-mail services. (Which I am not advocating, btw!)

KristineS
06-17-2011, 11:17 AM
I think the issue of online and real world privacy is one that will be debated for years. It's a completely different world now. When I was a kid, if you left the house and weren't home, and someone called, they left a message and you called when you got back. Today, I can be reached where ever I am at whatever time someone wants to call. True, I can choose to turn the phone off or ignore it, but the possibility of finding and reaching me almost anywhere now exists.

One of the things I most want to drum into people is that anything you do online is forever and you can't hide it and trying to stay anonymous usually doesn't work. The best way to make sure you don't get into trouble is not to do or say anything you wouldn't want the entire world knowing about.

vangogh
06-17-2011, 12:36 PM
But a real-world thief could not break into a bank and steal my money. The money they would steal would be the bank's money, not mine.

Only because of the way the banking business is set up. The bank has safeguards in place. Naturally there's security to hopefully prevent break-ins in the first place, but should one occur the bank is still protecting you with their policy. Online policy certainly can't protect you if someone breaks-in to access your data, but security measures could be in place to prevent the break-in. I think we all have a reasonable expectation that data will remain private. The only way it should become public is if someone breaks in and steals it, but that's not a privacy issue, it's a criminal issue.

With mail and email it's not about who delivers it. Whether it's the government or a private company it's illegal to open someone else's mail. It's also illegal to intercept and read someone's email. Sender and receiver should be allowed reasonable expectations of privacy. I realize where the technology is concerned your email or your physical mail could be read without you knowing on the other end, but it doesn't change that we should be allowed the reasonable expectation of privacy.

We all have a right to life and yet at any moment any of us could be killed by some lunatic. That doesn't mean we no longer have a reasonable expectation of right to life.

It's true that anything that passes through publicly accessible places either offline or online can potentially be stolen, read, etc. The laws of physics say if we move anything through a publicly accessible place we do so with the understanding that someone could get their hands on it and make it available to others. However the privacy issue isn't really about the laws of physics. It's about social laws and there I think there are still places offline and online where we should have reasonable expectations of privacy.

Spider
06-17-2011, 01:03 PM
Okay - I'll grant you all that. Expectation is in the mind of the expector. We have a government that will physically and mentally torture people into revealing what they know. I don't know about you, but I do not expect a government entity - or even a non-government entity, for that matter - to baulk at opening my mail, if they want to.

vangogh
06-17-2011, 01:48 PM
My point is there are 2 sets of laws operating here. I think most of us would agree that if you're home alone in your house that you own with all the doors and windows locked and the shades or blinds down, that you could take a shower with reasonable expectations that no one is going to be watching you. Physical laws say someone could break into your home at that moment or someone could have broken in previously and installed a camera. It's the social laws we have in place that make it reasonable to expect privacy while taking a shower.

When you put something online the physical laws say it can be accessed by a number of people. The reality is if you put it online someone else can gain access. Social laws though say no one is allowed to do this. It's the social laws that set the reasonable expectation of privacy. That's no different than expecting privacy in the shower. Only the social laws suggests that privacy should reasonably be expected. The laws of physics suggest something different about your privacy.

If I send an email I know it can be intercepted and made public, but that doesn't mean I shouldn't have reasonable expectations that won't happen. If I sign up for a site like Facebook and in signing up Facebook guarantees me part of my account will remain private I also know the laws of physics suggest my private information could be made public without my knowledge or consent. That doesn't mean I shouldn't have a reasonable expectation it won't be made public.

The whole privacy issue is never about the physical laws that tells us nothing can be made 100% secure and anything could be stolen or its guardian could stop guarding it. The privacy issue is about the social laws that tell us despite what's physically possible we can reasonably expect our privacy will be safeguarded.

Spider
06-17-2011, 04:12 PM
I agree with all that, too, except that I do not think we can reasonably expect our privacy to be safeguarded, because there is no-one there to safeguard it. In my home, I control the windows, the curtains and the shower door. Online I have no such equivalent control, therefore, I do not expect some un-named, unknown person to protect my privacy for me. I do the equivalent of closing my windows, curtains and shower door - which is not posting pictures of myself in the shower.

You may choose to post pictures of yourself in the shower and expect what you will. I choose to not post the pictures. Representative Anthony Weiner should have been so distrustful.

Harold Mansfield
06-19-2011, 02:50 PM
Law Enforcement has always wire tapped. Used financial records. Traced Cell phone activity and locations. GPS units in cars.
Even divorce attorneys use computers and computer searches as evidence. Just recently in the Casey Anthony trail, prosecutors used evidence for searches for "neck breaking" and "Chloroform" as evidence in their case. And Jared Laughners My Space page could be easily used as evidence against him. They already have access to social media accounts and frequently get subpenas to access even private accounts. What else is left?

Before the electronic trail, there was the paper trail. We have never had complete privacy. If it's out there, someone has always been able to find it.

I don't agree that the government can use "terrorism" as an excuse for everything. People participating in criminal activity have always used code, and alternative forms of communications. Passing regulations to give Federal Law enforcement access to encryption technologies only serves to spy on law abiding citizens, because as soon as the criminals learn of it, they move on to something else. But you can't tell the Feds that because they are on the defensive always playing catch up.

Also it is illegal for the CIA to conduct investigations inside the U.S. on American citizens.

kerrylinux
08-19-2011, 05:53 AM
I'm saddened by how our privacy is being taken away and more so about how so many seem to accept it everywhere. I think we should all be entitled to some level of privacy. When you mail a letter you should reasonably expect it will arrived unopened on delivery. I don't see why that should be any different when you send an email.

Very true. And the means to ensure that email cannot be read in transit are here available to everyone since about 1991. The interesting part of the question is why almost nobody uses them. Partly I think because people have (wrongly) made their peace with the notion that "nothing can be kept secret online".

vangogh
08-22-2011, 11:52 AM
With the email I assume you mean encryption. I think part of the reason that's not more widely adopted is it's not easy for the average person to set up. If it were something as simply as click a button to send encrypted emails I think most people would click the button once they were made aware of its existence.

I agree though that many just accept that nothing can be kept secret and they learn to lead their lives with that notion. In a few generations it'll be the norm and no one will talk about privacy. There are pros and cons on both sides of the issue, but I think there are a few things we lose by giving up privacy that are worth holding onto.

kerrylinux
08-22-2011, 05:43 PM
I don't think that not using encryption is a "usability issue". The Gnu Privacy Guard (formerly known as PGP) has long been integrated in Email programs like Thunderbird and Evolution, where it's just a mouse click away. It has more to do with ignorance. People tend to think that it's not worth the effort to protect their communication, something that I cannot understand because they throw away a part of their personality. We all know that in a private conversation you can talk in a more open way because you needn't fear that your vulnerabilities will be exposed. Without this kind of privacy there's room only for superficiality. And that's a real danger for society.

vangogh
08-23-2011, 11:18 AM
Don't forget most people don't use Thunderbird or Evolution. Is that button also in Outlook? Does Gmail have a simple button to click? Also if I'm not mistaken the person on the other end of the email also needs to have turned PGP encryption on. Or is that not true?

I'd guess most people don't realize they can encrypt their email, which is the main reason more people don't encrypt email. If they think it's not worth the effort it's because they think getting it to work is too difficult. Many people still have trouble adding attachments to an email. You and I can talk about encryption, but most people probably don't know what it is. I'd bet many people think their email is private by default.

What we really need is for the encryption to happen automatically without the end user having to do anything different than they do right now.

kerrylinux
08-23-2011, 11:51 AM
Of course encryption requires that the other end of the communication has setup the standard as well. And it would require that people do something called key management, that is accepting the public key of their communication partner once. After that it's mostly one-click stuff, except maybe in Outlook I'm afraid. But I won't really judge that because I'm no windows expert,




What we really need is for the encryption to happen automatically without the end user having to do anything different than they do right now.

Unfortunately I do not see that happen in the foreseeable future, because the minimal necessary user interaction with encryption is to enter a secret when reading an encrypted message, it wouldn't go without that. And to get started a key pair has to be created, a process in which the secret is put into action. Then there is the issue of encryption key backup that has to be addressed. So I'm afraid encryption will stay "a little complicated" because of its nature.

But then I cannot see why people will not learn the basics of encryption if they see the value of it for their business. We need to get to grips with other things that are equally complicated (like tax or marketing or marriage or, .. you name it). Once you know you'll need it it certainly becomes less scary.

Over the last two decades I've constantly tried to encourage people to use encryption, and if anyone wishes me to explain anything on this forum, please just ask.

Ralph

kerrylinux
08-23-2011, 12:52 PM
Of course there is a solution for Microsoft Outlook users: It's called gpgp4win (http://www.gpg4win.org) and it has an Outlook plugin.

That's what the documentation says:

The Outlook plugin GpgOL is compatible with Microsoft Outlook 2003 and 2007. Outlook 2010 is not supported.

So no excuse for not using encryption.

vangogh
08-23-2011, 10:31 PM
I have a hard time seeing most people setting up encryption on their own, unless it's a simple button click and awareness is increased. I guess we're at or near the button click so maybe it'll just take more awareness.

If we can encrypt http though why couldn't something similar be done with email? It's a different protocol, but couldn't it also be set up to be secure without the end user having to do anything?

kerrylinux
08-24-2011, 03:48 AM
HTTPS is a blessing. You click on a link and a cryptographically secure connection is established behind the scenes without you having to do anything, perfect. The reason why this is "easy" is that all the preparation I mentioned is done already. An encryption key pair is already established on the webserver that offers https, and because a machine must be able to decrypt the messages sent, the secret key has to be stored in clear text. Obviously every possible care has to be taken on the server to protect this information. For the server this is not "easy".

On the other side, the user's side, the browser already has a number of certificates installed that are used to check whether or not the server's public key is valid. This is not "easy" too, because you have to get a signature on the server key to make this validity check work. Signing a key isn't the user's job though, it must be done when the webserver is set up.

But as you see this is quite a one-way solution from the user's perspective. If a user chooses to do nothing in the process it's only possible to send encrypted messages to the server. That's it.
The server could store the message (after decryption) for a human being to read but this person will be unable to send a message back encrypted to the user.

But you can go one step forward, though.

In fact I have a contact form on my website that uses this one-way encryption, so that anyone typing a message into the input field can be assured that this message will be sent via encrypted email to me. This is a step forward because normally form fields are collected by some web server script and send to a person's email address unencrypted. I use my own public key on the server to encrypt the message that has arrived via https (encrypted) before it is sent via email to me.

My solution good for customers who wish to send me some confidential information with no hassle. And it would be even better if the client had a website with a similar encryption-enabled form on his own website, so that two one-way solutions would do nearly what you imagine.

If anyone on this forum is interested to establish a communication form with encrypted email delivery, I'd be happy to assist, setting it up for you.

vangogh
08-24-2011, 11:20 AM
Interesting solution.

Do you think something similar to https could be set up through smtp or imap or any email protocol. Something where the user doesn't have to do anything to benefit by encryption even if it's not a perfect solution?

kerrylinux
08-24-2011, 11:56 AM
Sure there is IMAPS and POP3S the secure variations of our unprotected email protocols which both will use key pairs to secure the data while it travels from the Internet Service Provider's machine where your inbox is stored to your local laptop. But these require that you present a valid certificate and secret key to the server in order to be able to fetch your email from the provider. There is a blog posting about this here. (http://linuxcoaching.ie/linux_coaching/2009/11/fetch-your-email-through-a-secure-tunnel.html)

It is a good solution to prevent anyone who does not possess your secret key to fetch your email or to spy on your email while you fetch it from the ISP, but it does not guarantee that the email travels encrypted all the way from the sender to you. It's only a solution for the last mile, the email travels.

And it requires a bit of configuration on the server and on the laptop as well. There will never be a simple switch in the protocol and everything is suddenly encrypted so that only you can read it without your interaction, I'm afraid.

But again, I don't think that learning what you need to is too complicated for the average user, because we are dealing with complicated things all the time in life and it strikes me, how good most people are at managing complex tasks in life and suddenly fall into dummy mode once encryption (or other computer related issues) is concerned.

vangogh
08-25-2011, 11:20 AM
Yeah if you need the certificate it's probably not the best option. I was forgetting about them. That would be even more complicated for the typical user.

I'm still not sure setting up encryption is easy for the average though. To get everyone using it you need it to be as simple as click one button to turn on or better be on by default. Something like a checkbox inside every email to encrypt along with a link to a settings panel to always encrypt.

Think about what Apple is doing with iOS where they're removing direct access to the file system. They're doing that because the average person gets confused by the file system. You and I and any advanced computer user probably thinks that's crazy, but most people get confused by all the different files and folders on their computer. Remember too that most people never could figure out how to program their VCR to record something. Tech stuff seems easy to those of us who spend time doing tech things, but it's not easy to most people.

I would agree most people aren't aware they can encrypt emails in the first place and greater awareness would lead to more people using it. To get more people using it though I think it needs a button click setup and the only way it's every going to be used by all is to have it be the default.

kerrylinux
08-25-2011, 11:52 AM
To get everyone using it you need it to be as simple as click one button to turn on or better be on by default. Something like a checkbox inside every email to encrypt along with a link to a settings panel to always encrypt.

I understand what you wish to have, clicking a box and ensuring encryption all the way. If I had only one shot, I'd say this is not managing ones online privacy, because if you wish to ensure privacy you'd like to make sure that some message you sent can only be read by the intended recipient and nobody else, even if the message falls into the wrong hands during transmission. If that is what you want, then you have to use the recipient's public key (that could be automated to a click on a key list) but the recipient has to create a key pair, he has to use his secret key to decrypt the message, there is no way around this. And it is not that scary as it sounds.

I'd love to guide a few interested people through that process, after setup is done it even becomes fun.

vangogh
08-25-2011, 09:12 PM
It's not about my wishes. I'm more than capable of setting everything up. It's simple reality. Most people aren't going to go through any process more than a few simple clicks. You and I are tech savvy. The masses aren't.

Most people use a free email address like gmail or hotmail or one from their ISP. Wouldn't it be possible for Google and Microsoft and the ISP to get security certificates required for encryption and build encryption into their email systems. Person 1 sends an email that's encrypted on it's way to Google's servers no different than visiting Google via https. The email continues on it's way to it's destination where person 2's email client can process the Google certificate and decrypt the message.

For those people who set up emails through a domain they own they'd have to set everything on their own, but that's no different than site owners now having to purchase a certificate.

Is something like that possible?

billbenson
08-25-2011, 11:46 PM
Interesting conversation fellas!

alphadore
08-26-2011, 05:42 AM
I figured out something interesting recently. If you use facebook application for blackberry, facebook downloads all your contacts to your account. Next time try to log in a pc and check your account, contacts, then will you be seeing all your phone contact numbers in your facebook account... They probably ask for permission to do it at somepoint during the installation of the application but I dont think many of us actually read the terms and conditions anyway.

kerrylinux
08-26-2011, 05:59 AM
There are actually two very different approaches to secure email.

The old concept is based on unencrypted transport that is very fast. It burdens the user to encrypt his message because there are no safeguards in the transport system, just unencrypted transport. And the recipient of the message has the burden to decrypt and to decide whether or not he will trust the senders public key. The means to do it are encryption software on the end-points and standard email clients for the transport.

The newer (not necessarily better) approach is more cloud based. Users logging into their online account via https to make sure their message travels encrypted to the cloud server (whether that's Google or "your own cloud" IMHO does make a huge difference, more on that later). As users won't do anything for their own protection they rely entirely on measures other people do for them. And they choose to store their valuable information on the cloud server (Google's or your own). Once the email message arrives at the cloud server it will be turned into plain text. It's then the email service provider's responsibility to make sure the message is re-encrypted with a key depending on the destination to be sent to the recipient's ISP where - according to today's standard - it is stored in clear text waiting for the recipient to log in and read it.
This approach is entirely based on the trust in the cloud operators to do proper work and to make sure the clear text message can never be spied on during its travel to the destination and that is is secure while sitting (for ages) on the recipient's cloud server.
It's interesting to note that email clients are no longer necessary for this approach, forget them! You'll need a browser to reach out to your cloud server and the rest is either done by "opportunistic TLS" which means that ISPs use one time encryption keys for secure transport or - as time may show - the universal use of next generation IP protocol (IPv6), fortunately nothing an ordinary user has any control over.

Why email clients don't play any role here is easy to see:
Imagine all email is safely encrypted while traveling between ISPs, there are still two problems left to be solved.

1) How would you ensure that only the authorized person 1 is able to send the email to the cloud server (ISP1)? The answer is not "with something like https" because as things stand today https (with no user action) only makes sure that the server you reach is really the one you wish to connect to (preventing you to deliver your clear text message to the wrong (Nigerian) server) Why? Because the server has a certificate to be checked, the users doesn't. Everyone can securely connect to a https server, his identity is irrelevant.

2) How would you ensure that only he authorized person 2 is able to read the mailbox stored at the ISP2? The usual answer is "by a password". And that's another problem because our email clients send our passwords to the email server in clear text, totally unprotected for (nearly) everyone to read. Don't blame the email program for this, as we assume that the user does nothing to establish encryption. He would need a certificate and a secret key to get the password from an email client to the server via IMAPS/POP3S, we won't burden him with that, do we?

What does all this amount to? Personally, I'd say it's much more reliable to use encryption software on the laptop, to take security in your own hands than to wait until there is a waterproof transmission infrastructure that is reliable enough to send clear text into one hole, expecting it pops out at the correct other end after an invincible travel around half the globe.

Ralph

kerrylinux
08-26-2011, 06:13 AM
If you use facebook application for blackberry, facebook downloads all your contacts to your account.

They could of course pop up an alert box asking "Do you wish to download all your phone numbers to your FB account", leaving you with the decision. But as they do it quietly just because you connect from a different device, I'd say it is this conduct that causes distrust in (big) cloud service providers.

vangogh
08-26-2011, 07:24 PM
You just clarified something for me. The possibility that anyone could still receive the email and if the client could decrypt all email it kind of defeats the whole purpose.

I agree that setting up the encryption/decryption at the end points only is the better approach and maybe the only real way to ensure security. At the same time I don't see the average user doing this unless it's mostly set up for them. With enough awareness of the issue you can get people to click a button or two, but realistically the end user shouldn't need to do anything, since most of them aren't going to do anything.

Would it be possible to have the email client (or browser if we're talking webmail) be where the encryption starts and ends and have the keys necessary to encrypt and decrypt be based on the email addresses of the sender and receiver? That way everything could be set up automatically. I'm guessing there are a ton of security holes in that approach. Anyone intercepting the email would know both sender and receiver email address and so would have the information needed to decrypt the message.

I'm assuming any email client could be built with the ability to encrypt and decrypt messages by default and the stumbling point is the ability to automatically generate the keys and send them out appropriately.

kerrylinux
08-27-2011, 08:19 AM
You can use the hash of the email address or the email address itself as the key but this approach is not only insecure but useless as you can't sent the key with the encrypted message for obvious reasons. It wouldn't help to scramble the email address in any way before it is used as a key, anyone can do that as well.

When we are thinking about a solution we have to understand why there are two different keys in use in modern cryptography, not only one.

So far we made the assumption that Jonnies email client will use one key every time Jonnie sends an email out and that Betties email client (magically) knows that key to decrypt the message for Betty. It doesn't work that way.

A while ago two guys (Diffie/Hellman) invented a process to make a secret shared with another one at the end of the internet when you need to make a shared secret. Still, the problem was that you could not know if the one at the other end is really the one who he pretends to be. So someone could sneak into that process without notice.

This cried for a solution, and three other guys (Rivest,Shamir,Adleman) solved this, insisting that we'd use two different keys, a secret and a public one. That not only simplified encryption, because every person would only need one single public key everyone can use to send him encrypted emails, but it also allows for making a signature, using the secret key. So you can do substantially more with a key pair and it makes encryption easier, that's why we use key pairs today.

Now, the user has to guard his secret key and make sure that he is the only one who can use it. The obvious solution is to store the secret key protected, using a passphrase entered from a keyboard. But some people trust their laptop that much that they even use an empty passphrase to "protect" their secret key on their hard disk.


Actually, there are 4 keys: session key (DH), public key, secret key and passphrase. The ordinary user will never see a session key as it is handled by the email software. He will come across public keys occasionally, when someone new initiates a communication and the email software sends his public key. He will never see his secret key that is stored on his hard disk, so eventually all he uses is the passphrase, used to activate his secret key. It's that much he has to do.



the stumbling point is the ability to automatically generate the keys and send them out appropriately


Maybe this could be a good plan?

First establish from a practical point of view what the ordinary user really needs to do to make encryption work. I hope it will become clear that it won't be too much. If you drive a car you also cannot do nothing, there are a pile of precautions you have to perform in order not to endanger you or your fellow travelers, it's almost the same with encryption.
Secondly work out a strategy how people can be encouraged to take these necessary steps and why they would benefit if they did.
Thirdly, spread the word about success stories.

Anyone interested in this?

Ralph

vangogh
08-29-2011, 11:09 AM
What you're saying makes sense and I agree with you on the security side of things. The major drawback though is you probably aren't going to get the typical end user to set up encryption unless it's a simple as a button click or two. Assuming it can be made that simple then awareness can spread and more people will use encryption. You won't ever get all people using it unless things are encrypted by default.

What you're suggesting with making people more aware is good. I'd like to see more people aware of encryption and the necessary steps to set it up. I think that would lead to more encryption being used. I just don't see the majority using it even if they do become more aware. People learn to drive because the value they get back from it is worth the expense of the effort. I don't think people will view encryption as having enough value to make it worth the expense even if the expense seems very low to some of us.

We live in a world with ever shrinking privacy. More and more people are used to the idea that anything they send over the internet may be read by someone it wasn't intended for. I'm not saying that's necessarily a good thing, but it is how things are and where they're moving. Most emails don't contain anything people think need to encryption. Granted there probably is more in an email than most people think, but most people aren't going to know that or see how intercepting a number of emails over time could be less secure than if any one email is intercepted.

kerrylinux
08-31-2011, 04:52 PM
Another reason why it may be prudent to take security into your own hands and get familiar with encryption surfaced today.

The Mozilla foundation published a new version of Firefox today (6.0.1). This in itself is not great news as we all are waiting for version 7, aren't we?
Seriously, the only noticeable reason for this update was a security issue which made nightmares come true. There had been attempts to use a fraudulent certificate for a Google server that is used to serve encrypted email in Iran. A dutch certification authority (DigiNotar) had issued a false certificate, making it possible for someone to sneak into the SSL secured connection for Google mail in Iran. Mozilla, alerted by Google reacted promptly and removed the dutch CA root certificate from the browser to protect Firefox users falling into this potential trap. This is the first time (as far as I know) that such a possibility existed in such a popular service like Gmail.

Certainly, most people are likely to draw the wrong conclusion from this incident. I can hear them say "This is proof that encryption can be broken, and that the committed hacker will eventually get his hands on everything". Nothing could be as far from the truth as this. Beyond everything else, it shows that using the correct set of certificates is not easy. There has to be trust in what you do, you cannot delegate your security to someone else. Using the right public key is a challenge that isn't done with clicking a button.

And maybe centralized solutions like browser certificates are not as helpful as we thought.

vangogh
09-01-2011, 01:19 AM
I think Google has had several security issues over the years, particularly with Gmail. I'm not sure any were quite the same as this time, but Gmail has been broken into before and information gained was used to access other Google properties.

kerrylinux
09-01-2011, 02:33 PM
... Gmail has been broken into before and information gained was used to access other Google properties.

I think it is not fair to blame Google for this incident, because Google (and their users) are the injured party. DigiNotar is the one who screwed everything up and should be blamed for its stupidity.

As a certification authority DigiNotar's sole reason for its existence is their ability to check a public key for its proper owner and certify it. As a matter of fact they issued a wildcard certificate for Google, a certificate that makes every perceivable subdomain of google (i.e. vangogh.google.com) ultimately trustworthy, because their public key was shipped together with Firefox. Taking their root certificate out of the new version of Firefox will reliably solve the problem, unless some of the other few dozen CAs is going to step into their shoes.

vangogh
09-02-2011, 12:15 PM
True. I've been reading more about the issue since you posted. In this case it certainly wasn't Google's fault, though they have had their share of problems in the past with security. This time is was DigiNotar at fault.

The incident shows how many different companies we sometimes need to rely on for things we take for granted.