What Gmail's New TLS Icon Really Means: Email Encryption Is Still Broken 129
An anonymous reader writes: On Safer Internet Day Google announced that Gmail will display warning signs for missing encryption and authentication, a great initiative indeed! Now that it's live we've taken it for a spin, only to find that the warning when composing email is quite slow (for new domains), and that they fail to mention that the non-authenticated TLS encryption that the currently sad state of SMTP encryption leaves us with is really poor, and vulnerable to almost anything (except passive wiretapping). I rather wish they took a stance on how we could move on to proper email encryption.
Crypto infrastructure is too frigging hard! (Score:2, Insightful)
The problem here is that crypto infrastructure in general is too fucking hard for anyone but dedicated security professionals to work with. Hell, even they have a shitload of trouble with it, as we've seen from the many OpenSSL bug debacles lately! This technology is way beyond what average, or even above-average, computer users are capable of dealing with. Some people will probably reply saying, "But it's not that hard! I can understand it!", yet those are the kind of people who understand this technology
Re: (Score:3)
Not quite. The core beef seems to be that the commonly used STARTTLS method of SMTP transport encryption is essentially optional, which allows hackers to use a variety of methods to force-downgrade target connections (in situations where mature implementations of HTTPS would have safely blown up). In other words, the authors are seeking a world where you install your mail server cert just like you install your web server cert, and it all works fairly securely out of the box. The reality is that it's earl
easy encryption (Score:1)
Here is a script that I use to pass sensitive content from outside email. I should probably redo it to use keypairs on both sides.
#!/bin/sh #openssl genrsa -aes256 -out ~/.prv.key 8192
#openssl rsa -in ~/.prv.key -pubout -out ~/.pub.key
PVK=~/.prv.key
PBK=~/.pub.key
SESSION_KEY=$(mktemp -t crypter-session_key-XXXXXX)
case $(basename $0) in
encrypter)
openssl rand -base64 48 -out ${SESSION_KEY}
openssl rsautl -encrypt -pubin -inkey ${PBK} -in ${SESSION_KEY} |
openssl base64
echo ___:
for f
do
Re:easy encryption (Score:5, Insightful)
Imagine if you could actually write good clean documented code!
Good example of how not to code.
- no useful comments
- the only two comments conflict with each other
- no line breaks before "if" constructs or after "else" constructs
- assumes existence of files for which it doesn't check existence
- doesn't check status for execution of openssl commands
Not bad for a six-year old.
M
Re: (Score:3)
As someone who just inherited a huge repo full of uncommented code with nondescript variable names (A, B, C...) and no error handling, I have to say that the parent comment isn't scored high enough. Posting crap like that on the internet does nobody any good. Even if it is short enough to understand, poorly written code is especially intolerable if the subject is cryptography.
(Anyone who says that their code documents itself hasn't tried waiting a year and then trying to figure out why their undocumented co
Re:Crypto infrastructure is too frigging hard! (Score:5, Informative)
Re: (Score:2)
"smtp fixup" is the worst PIX/ASA default configuration ever. So obvious what The Problem is once you see a bunch of asterisks censoring the SMTP conversation.
Re: (Score:1)
Posting anonymously for several reasons.
I am a cryptosystems implementation expert, and I can tell you that the user interaction with cryptography is ALWAYS the reason modern cryptography fails to be adopted.
The truly frustrating thing is that it's relatively easy to abstract the user from the cryptography, but for some reason, hardly anyone does this for email, principally because it requires a great deal more work on the infrastructure side initially. A company like Google could easily develop such a sys
Re: (Score:3)
Google actually takes security very seriously.
They want to make sure no one but them can read your email.
Re: (Score:1)
Furthermore, even if Google *could* do so and *said* they did so, would you believe them?
I'm not actually sure what they think of one of my addresses. It has never sent, nor received, anything but encrypted emails. I don't actually use the website. I'm not sure that I've used the website at all - except for the initial setup. That email is quite private and gets very specific use. I've never even gotten any spam/UCE at that address. Hell, some folks use their email service as an online backup. They can even
Re: (Score:2)
Whoa. A TLS icon on the website. How cute is that ?
Absolutely useless, though.
Blog slashvertising ... (Score:2)
The story is from an author of utterly unknown email server software ranting about something he thinks he understands but doesn't, and the proceeds to tell us that the method he supports is the right one and all others suck ... If he weren't biased I might have ... Oh who am I kidding, dude doesn't know what he's talking about and utterly fails to understand how and why email is in the star it's in: hint ... Your shiny new feature breaks compatibility with far too many PAYING CUSTOMERS, so some random no
WTF? End-to-end encryption not even mentioned!?!? (Score:5, Informative)
Use S/MIME, PGP, etc...
All the transport level stuff isn't going to protect your email or ensure it's not modified in transit (or at the destination or origin).
Gmail's help on their new icon:
If you see the red padlock while composing a message
Don’t send confidential material, like tax forms or contracts, to that email address.
Fuck that... if you're sending confidential email without encrypting the content, you're already screwed.
For semi-important information, one should at least digitally sign the content to prove it wasn't modified in transit (ex. this should be used for any contracts, and if it's very sensitive, it should also be encrypted, and not just on the transport layer).
Re: (Score:2)
Second, Google is unwilling to provide such a plugin because it would interfere with the company's ability to scan e-mail and build advertising profiles.
Actually they were working on a PGP plugin for Chrome [github.com], though it's moving very slowly, possibly dead.
Re: (Score:2)
The point is not to encrypt email during transit. The point is to encrypt e-mail at all points between the correspondents. The mail should be encrypted clientside and remain encrypted while at rest on the servers as well as during transit. S/MIME and PGP/GPG do that. Encrypting only during transit means that plaintext is sitting around waiting to be hoovered up by Google (for ad profile building) and whatever other parties (NSA, hackers, etc) have access to Google's servers.
In an ideal world yes, but for now having mail thats encrypted whenever it traverses the internet and is cryptographically signed so you can verify the recipient is an improvement. Yes this requires trusting google (which users already have to do anyway), or not - you're free to use a different email provider and/or do all the crypto client side if you want.
Re: (Score:2)
In an ideal world yes, but for now having mail thats encrypted whenever it traverses the internet and is cryptographically signed so you can verify the recipient is an improvement.
Not really. With SMTP you have no control over which MTAs the email gets queued on before it gets to the recipient. If the content is not encrypted, it will be on those untrusted servers in plain text for some (hopefully very short) period of time before it gets routed to the next server.
Re: (Score:2)
They could at the very least provide signing, and verification of externally signed messages... If people started getting used to all messages being signed then phishing scams would become a lot less effective, and the presence of a signature doesn't have any negative side effects on anything else.
Re: (Score:3)
How are you going to implement that for web mail exactly? Will you let the sever do it? That means Google gets to assert your identity, and if they ever get compromised we have a whole mess of people sending signed mail with signatures that may or may not be valid and we are back to a more or less unauthenticated situation.
You could have the client do with JavaScript but that still leaves the door open, if the server is compromised and sends an altered script how can you know?
You go the traditional instal
Re: (Score:3)
nobody should be using web based email.
At first I thought you were being sarcastic, but then realized that sarcasm makes no sense here. So you must be serious.
It's quite simple - use email for the 99.9% of your communications that does not need to be secure. Send your tax forms through a secure web site. Problem solved. Web email is still useful.
Re: (Score:3)
How are you going to implement that for web mail exactly?
End to End with something like Mailvelope?
You go the traditional install plugin route, but then web mail is no more portable than a fat client. There just isn't actually a good answer for this. You can have secure E-mail or portable E-mail but not both.
People SHOULD be using "webmail" via IMAP with proper e-mail clients Then it's portable because there are mobile mail clients that can support PGP. So yes you can have portable secure e-mail, even on a phone or tablet.
Re: (Score:2)
Well by portable i guess they mean that it can be accessed from any device without needing to install a client (ie from your work desktop)... From a mobile device that you control is entirely different as you can install whatever encryption tools you want on there.
While webmail can be convenient, it's also dangerous not only because of the lack of end to end encryption but also because its primary utility (ie logging in from a random place) is its biggest danger - how do you know who's monitoring any given
Re: (Score:2)
Great questions, and they all have answers already.
Webmail s/mime, pgp, gpg encryption: See https://www.mailvelope.com/ [mailvelope.com], or https://www.penango.com/produc... [penango.com], or similar products.
Alternatively (or in addition to that), Google could provide a javascript based solution. The private key storage would be an issue, but it could be held server side via zero knowledge encryption (ie. enter password on client side, get blob from gmail, decrypt client side). JS validation is also a solved problem, though it's ugly -
Re: (Score:2)
The two products you pointed out are essentially plugins, they won't be installed on your friends computer and they wont be on the computer in the Hotel business center. Try again. People like web mail because they don't have to carry their own laptop everywhere they go.
For this to be even partially true, you would have to assume that all received email is encrypted (rather than just signed).
No, if you are not in a position to verify the signatures, and sign your replies we are back to essentially have no identity or integrity assurance at all. Only now the non technical person has to remember different rules are in effect wh
Re: (Score:2)
You dont need a plugin, just implement encryption via JavaScript where the private key pairs are stored on the server but encrypted with a secret key derived from a password the server never sees. Server sends an encrypted blob to the client, client inputs a special password which then decrypts their keys.
All of the communication happens over HTTPS so man-in-the-middle replacement of the JavaScript cant easily be done.
Is it as secure as having a dedicated setup with keys stored in the client and a plugin on
Re: (Score:2)
If you're concerned about google reading your mail then such a system wouldn't work, while in theory the javascript performs all its work client side there is nothing stopping them changing the javascript to submit your passphrase to the server. Unless you're going to thoroughly inspect the javascript every time?
Re: (Score:2)
Not if the passphrase is manipulated using something like argon2 or scrypt that are specifically designed to make brute-forcing the password/key difficult and computationally expensive.
I doubt even the NSA has the computational horsepower to crack the best of these schemes in a reasonable space of time (if you have the parameters set really high that is)
Re: (Score:2)
Because the key is a private key with a public key counterpart, while the passphrase is a symmetric key for decrypting (in this case the main private key)... If you have the public key its easier to attack the private key, so the private key generally needs a much larger keyspace to provide an equivalent level of assurance to a symmetric key.
Re: (Score:2)
I still see it as either portable or secure, not both.
There are a million shades of grey between the absolutes.
Phones are portable, and can be secure, as you noted (and in so far as a phone can be secure).
Moving yourself between random 3rd party computers with who knows what running on them and checking your webmail from them... yeah, that's never going to be very secure.
Moving between multiple devices you own... you can certainly use a local mail client, or a plugin, or a javascript implementation with zero knowledge encryption holding the private bits.
Moving
Re: (Score:2)
You can as a minimum implement verification of signatures into a webmail client, as that can all be done server side...
Users already have to (or should) remember that there's different rules when accessing webmail, in fact you shouldn't be accessing the webui from random machines if you value security at all. You should always carry your own portable device, and access your mail from there.
Re: (Score:2)
When it comes to mobile, apple already implement s/mime on ios although configuring it is not as simple as it could be (ie even if you have mail accounts synced from a mac it can't automatically transfer your keys).
Re: (Score:2)
So you're saying that...
1, users would need to trust google (but clearly they already do or they wouldn't be using their mail service)
2, the worst case (google getting hacked) would be no worse than the current status quo.
So basically email signed/encrypted by google would be better than what we currently have, but not ideal. And users are free to pick a different provider and/or do proper client side crypto but most simply don't bother. If gmail started implementing pgp or s/mime even server side and start
Re: (Score:2)
Use S/MIME, PGP, etc...
All the transport level stuff isn't going to protect your email or ensure it's not modified in transit (or at the destination or origin).
Gmail's help on their new icon:
If you see the red padlock while composing a message
Don’t send confidential material, like tax forms or contracts, to that email address.
Fuck that... if you're sending confidential email without encrypting the content, you're already screwed.
S/MIME & PGP do not hide the sender, receiver or the subject of the email (nor where you sent it from). That information is in the header, and only TLS or STARTTLS will hide it.
By the way, the TLS-SMTP problems are related to STARTTLS and stupid client software, but not TLS (but cert verification requires DNSSEC for either).
Re: (Score:1)
You're telling me that PGP is a serious contender for non-technical people to secure their communications? Seriously?
Re: (Score:2)
what about Bill Gates/Microsoft promise? (Score:3)
Bill Gates said they would solve the spam problem a few years back. Yet my inbox under office365 that my employer uses is a chum bucket of spam, while good cron and batch job emails end up in "junk" half the time. wtf, Gates. billions and you couldn't at least have pushed domain a authentication/verification system?
Re: (Score:2)
you're lucky, some of us got the update without even wanting or asking for it, talk about the spam dumptruck unloading in your lap....
Re: (Score:2)
great unless device drivers don't exist or software just doesn't run on 10; some people/business were screwed
Re: (Score:2)
Re: (Score:2)
yes WSUS exists to allow click-and-point weenies who know nothing about security or how computers actually do things or what real operating systems do, to fuck me over for those things I have to use windows
Re: (Score:3)
Well, I'm sure than one went pretty quickly into the "too hard" round file in the corner.
Especially when they found out that it was hard to monetize...
It's amazing the crap people put up with, (spam, unsecured email)
It's probably our fault; we've done a reasonable job managing the spam, (which is visible to the user) and a crap one convincing our users and managers to demand secure, encrypted email.
how we could move on to proper email encryption. (Score:2)
Please, this has been available since 1991. 25 years and now there's concern?
PGP https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:2)
Using GPG seems pretty painless, at least on OS X.
The real problem with GPG is the same one you'll run into with S/MIME... almost nobody else is using it, which means all you can really do is sign your own messages.
Re: (Score:2)
While usage of gpg is low, signing does show people that you use it and can help them find your pubkey if it's on a keyserver.
gmail is what has broken email. (Score:5, Insightful)
I consider gmail to by my biggest threat to the privacy of my email.
If I want end to end security, well there is a standard for that [ietf.org]. I use it. It works.
But gmail is close to having a monopoly on email. It isn't quite yet, but almost everyone I know uses exclusively gmail now. That means if I want to email them, Google IS the man in the middle. I can't easily email my friends without giving Google the contents of my email, which they will use to build a profile of me - and I've never signed up for any of their services or estasblished any kind of business relationship with them.
Furthermore, most small to medium businesses are using gmail.
Think about this: we used to have a decentralized, non-censorable, email standard that no one entity could control or pervert for their own ends. But the whole world said, "Fuck that, we want one advertising company to see everybody's email!.
Google is the main threat to the privacy of email today. Like Bruce Schneier observed, they want you to have email privacy from everyone except them.
Re:gmail is what has broken email. (Score:5, Insightful)
Well if anyone else had wanted to provide a reasonable amount of storage, allow attachments bigger than 4MB, provide both pop3 and imap access, not inject advertising into your outgoing mail, for "free".
They could have been the largest email provider.
But no one else wanted to do that for "free".
Re: (Score:1)
Well if anyone else had wanted to provide a reasonable amount of storage, allow attachments bigger than 4MB, provide both pop3 and imap access, not inject advertising into your outgoing mail, for "free".
They could have been the largest email provider.
But no one else wanted to do that for "free".
google won't do it for "free" either if they can't scan your email.
Re:gmail is what has broken email. (Score:5, Interesting)
Well you have to look at the whole story though.
Consider all the vulnerabilities that have been found in MTAs, MDAs, and clients over the years. Then consider all the trojans and spam with tracking stuffs, etc. Google filters almost all of the later quite successfully, as to the former for many people and organizations it replaces all those things and so far the infrastructure has been well maintained and resistant to breaches (that we know of). Its also pretty carefully monitored. I suspect the ancient Sendmail install on that old SGI box at your ISP, could have sat compromised for weeks or months before anyone would have noticed in the years before GMAIL.
When you look at it from all sides its not so clear cut.
Re: (Score:3)
Google is the main threat to the privacy of email today. Like Bruce Schneier observed, they want you to have email privacy from everyone except them.
I have an ancient gmail account which dates back to the early, early beta days (back when we had to swap invites on Slashdot). Somehow, every few months somebody new is able to register with the same user name, and I get all their messages delivered to my inbox. Their sent mail doesn't appear in my account, but everything else does.
Every facebook status message
Re: (Score:2)
That means if I want to email them, Google IS the man in the middle. I can't easily email my friends without giving Google the contents of my email,
Who says you can't use PGP with gmail?
Re: (Score:2)
Are you joking? GMail is big but it if far from a monopoly. I'm not sure it is even the biggest.
In my personal contact list, about 20% have an @gmail address. At work there are almost no @gmail.
This doesn't cover gmail addresses hidden behind a domain name but most of the companies I worked with were self-hosted or worked with a related provider. For the rest, the biggest one seemed to be Microsoft, with Google as a distant second.
That's lots of anecdotal evidence but seeing this, I can't believe in a monop
Re: (Score:2)
I disagree. Email is broken. Not Gmail. Snowden has shown that all email sent through the internet will be archived by at least two government agencies. Others, government or non government, may also save a copy. Email is inherently unsafe.
But if you use the same service on both ends, no one, except for the service itself, will ever see the mail. Or the fact that you send one at all. If you send something from one provider to the other, at least the NSA and two providers will have all the info. In Europe we
Re: (Score:1)
Unfortunately just because all your friends use Gmail, doesn't mean that Google have a monopoly.
It's a few years old (I couldn't find anything newer), but at least among users who have signed up to mailing lists with Mailchimp Yahoo, Gmail and Hotmail were pretty much neck and neck in 2011.
http://blog.mailchimp.com/majo... [mailchimp.com]
Wait, what? (Score:5, Insightful)
Some of you will have a hard time with this, but... why is the problem here with SMTP? Is it really that hard to understand that MAIL TRANSPORT is not compatible with HIDE MY STUFF? Good grief people, you can't truly be that ignorant.
Do you trust that anything you mail through the Post office, FedEX, UPS, or any other mail service is "Secure"? Do you believe it's impossible for people to know what's in your boxes because you use those services? I can provide you a list of drug dealers who thought so too, but they are jailed for that thought.
Want secure, use secure. Lotus Notes was friggin awesome for securing content. Nobody wanted to pay for it though, and all the cool kids were using Outlook because you could drag-n-drop audio files right into your email (also read fart noises). Many Writing applications have encrypt/decrypt features. Zip has it too, but generic standard email? Come on now.. it's a MAIL TRANSPORT and works very well as a mail transport.
If you somehow believe "Generic Transport" can also be "Secure", I got some ocean side property you may be interested in buying.
Re: (Score:2)
Agreed! I'm no email expert, but I've OFTEN wondered why we can't use decent endpoint encryption rather than trying to encrypt the transport... since 99% of all emails I send and receive are to the people I already know... it wouldn't be that hard to exchange keys with them in person. For all others, I can still choose to read email that isn't encrypted, and I can choose to reply, but it would be much easier to know secure vs. insecure if my mail client simply says "you haven't exchanged keys with this re
Re: (Score:3)
You used "Lotus Notes" and "friggin awesome" in the same sentence. Are you trying to cause Skynet's brain to melt down through a logic bomb?
Notes may well have been secure, but it was probably the worst mail client that I have ever used, and that includes using 'mail' from the command line. It was horrific, absolutely horrific. It is one of the few software products that I considered leaving a job for when they employed it. Their usage of that product quite literally convinced me that the company hated
Re: (Score:2)
Well the thing you have to remember about Notes is mail was a bit of an after thought. Notes was really about the 'databases'. You could rather easily develop very complex multi-user applications, with offline replication. That mattered a lot in the early 90's when you did not 'VPN' but dialed into home office. Notes replication was amazing.
From a technical perspective Notes is probably one of the more interesting software systems ever developed. It was born of a time when clients were pretty limited a
Re: (Score:2)
Your personal anecdote makes me believe that you have no knowledge or experience with the product and are just ranting. Comically, by falsely claiming I said "Lotus Notes is Awesome" in a general terms instead of what I said. Which you can go back and read.
Outlook lets you "work" and "Notes" stopped you and made you angry? WTF is your job exactly where you can't type in an editor if it's not the right brand? Don't answer that, I'm not sure we want you on a homicidal rampage having to type in a web clien
Re: (Score:2)
I have both knowledge and experience with the product, unfortunately.
I'm not entirely certain how you go from Point A to Point B with me having no experience with it. Why would I hate it if I had never used it?
No, my experience using it is very, very real. Which leads me to ask if *you* have ever used it, because if you have ever used Notes for mail, you know it isn't the difference between merely an editor. Everything in the mail client was a hassle from adding recipients to actually sending the mail.
It
Re: (Score:2)
Sounds to me like if you used Notes, you used a poorly managed (if it was managed at all) implementation of Notes. I had some admin rights, but was not a Notes admin. The To, CC, BCC were/are no different than Outlook or other Mail clients. In fact, caching names and addresses from received mail was done in Notes long before other mail clients did it. It was simple to send mail to anyone, especially people who sent you mail, unless your admins turned things off or didn't set them up correctly..
Now, how
Re: (Score:1)
Above, I was talking about Lotus. I was tasked with admin duties 'cause, well, it was mine. It was not *easy* to admin? Well, it was highly configurable (for the day) and not exactly always as clear as it could be. There was quite a bit of trial and error, RingTFM, and finding new and interesting ways to break it - albeit unintentionally. It had some neat ways to approach the data, I'll give it that. But I'm not sure I'd call it easy - it might be for people more skilled than I. I did not find it all that e
Re: (Score:1)
As we started to expand, I needed something quick and easy. I was also one of only a few people at that time. So... I hunted around and I even took a peek at a few different products. Lotus it was... It was, indeed, horrible. It also managed to break in some of the most unusual ways. Thankfully, I think I've burned out the brain cells that were devoted to Lotus knowledge.
Oh, it was "okay" when it worked. We didn't need much, small attachments, and the database was handy to access. We mostly abused the hell
Re: (Score:2)
Crypto in Lotus Notes was deliberately debilitated by the US to something ridiculous like a few tens of bits. Don't say that Notes was secure. The principle? Sure. The execution? Not so much.
Re: (Score:2)
Re: (Score:2)
When I send stuff through the post I hide it in an envelope. The envelope isn't very secure, it's not hard to steam open and it leaks metadata that is sent in plaintext on the front. Despite that, it's still useful and effective. It stops the government and the Royal Mail systematically reading every single letter.
SSL to the spam firewall (Score:2)
Great, so this gets you end-to-spam filter encryption. Anyone who has their email delivered to a 3rd-party for spam filtering could appear secure but would only be secure for the first hop. False sense of security.
Re: (Score:2)
STARTTLS broken, like UUCP maps (Score:2)
I had someone contact me about my server -> gmail as I host a number of mailing lists and other technical resources. After much research it seems the only way to fix it is to hard code that gmail and other locations are to be encrypted vs the default opportunistic encryption of "if they offer it, try it".
There are a lot of things that should be addressed here to ensure data is properly encrypted, this is easy and a solvable problem but at least for postfix I had to enter some custom maps which the softw
Re: (Score:2)
Let me refresh your memory about some aspects of what you're "past", on the perfectly reasonable assumption that I did a lot more UUCP routing than you (and really, more than practically everyone).
UUCP maps were just an out of band and not-very-frequent node-adjacency flood, which let one construct a graph from which one could extract directed acyclic subtrees using Dijkstra's SPF. Just like OSPF. Just like ISIS. T
Re: (Score:2)
My comment re: UUCP is having to manually configure for each site I want to distribute mail to. I'm not worried about STARTTLS stripping, I want to avoid building a full list I have to maintain manually. This is mostly a postfix issue (for me) that it's not aggressive enough in using the STARTTLS offered by the far-side.
Re: (Score:2)
This is going to be bad. (Score:5, Insightful)
Google is trying to force servers to use STARTTLS encryption for port 25 MX traffic, this is all commendable, but they are giving their users a false sense of security. When gmail does not display the broken padlock it simply means that the first hop to the recipient's MX server supports STARTTLS, but mail is routinely stored in plain text queues on multiple servers, transmitted on in additional hops that are not necessarily encrypted, and even the first hop encryption often times uses self-signed certs or certs signed by non-authoritative CAs, so the message being sent, while being encrypted is still vulnerable to man in the middle attacks.
But Google is giving the impression that if that first hop offers STARTTLS, then the message will be sent securely and encrypted. This will result in people putting all sorts of credit card details and other information in their emails thinking (because Google said so) that the message is secure, when nothing could be farther from the truth.
Google needs to stop this right away, it's going to do way more damage than good. There is only one way to hide the content of an email from prying eyes and that is with properly implemented PGP encryption. There is no way to hide the meta (envelope) data from prying eyes. It is really important that people not be misled on this account.
End-to-End (Score:2)
Has anyone any idea what's happening with Google End-to-End ?
Re: (Score:2)
It wouldn't surprise me if the US government or the FBI or the NSA or someone have quietly leaned on Google and said "please stop working on this plugin of yours because it will make it harder for us to catch the terrorists and pedophiles and other bad people" with an implied threat of something more serious if Google didn't just drop it.
You are doing it wrong (Score:4, Interesting)
You are calling for link-encryption. That is obvious nonsense for email. Proper email encryption is end-to-end and does not trust the transport at all.
Incidentally, this problem has been solved since 1991 with PGP.
Re:You are naming it wrong (PGP) (Score:2, Interesting)
The reason people don't use PGP is because of the name Pretty Good Privacy makes it sound amateurish (that and the initialism PGP is too similar to PHP). Maybe they could get more users if they called it Good Privacy or Very Good Privacy, but I know there's a local-maximum trust in there somewhere because I think trust would go down if they called it Excellent Privacy or Perfect Privacy.
IMO, more people would consider using it if it used an animal name or some name from mythology.
Re: (Score:2)
People use computers, which are named like fruit. And operation systems from companies, which are named like some detergent. Their text processor's name implies you may only write one word and so on.
Nope, names aren't important. Ask the novice users, if they even know, what PGP means.
You expected different? (Score:3)
This company lives off of mining your data and violating your privacy. You expect them to allow you to fully protect your communications to the point where they can't figure out how to advertise to you?
Give me a fucking break.
cert fumbling (Score:1)
A really really bad idea (Score:2)
Yeah, start teaching the users, that something is secure, if a lock appears INSIDE the website (or insecure, if its a broken lock). Because err nobody would ever use this to tell the user the fake banking website is as secure as the email on gmail.
Re: (Score:1)
FUCKING PIECE OF SHIT SLASHDOT LOGGED ME OUT. THIS IS MY COMMENT. FUCK YOU SLASHDOT. I'M SICK OF YOUR SHIT.
And fuck you for saying I'm yelling! And fuck you for saying I'm yelling! And fuck you for saying I'm yelling! And fuck you for saying I'm yelling!