No Such Thing As Secure Email, Secure Provider Claims

No Such Thing As Secure Email, Secure Provider Claims

image

Silent Circle shut down its secure service, and now it claims such a thing is a pipe dream.

A short while back, when the email provider used by NSA whistleblower Snowden was brought down, another secure email provider, Silent Circle, shut down its service. At the time it claimed it had seen "the writing on the wall," and it has since elaborated on that statement. There's no such thing as security, it claims, not where email's concerned. Even with encryption, there's still a lot of data out there for the mining. There's no point pretending that encrypting the body of an email is enough, not in the age of PRISM.

The content can be encrypted, Silent Circle admits. It might be cumbersome, and the technology needed to make it really secure could be beyond pretty much anyone except large companies, but it can be done. Trouble is, that only protects the content. If the content is the only important thing about the email, then you're fine, but what if you also wanted to make sure nobody knew who was sending it, and to whom? Or when, and in what timezone? No hope, says Silent Circle, as the email provider blurts out all that data as soon as the message is sent, in the routing information. "None of this can be encrypted if you want to be compatible with current email protocols." All that information, including the subject -stored in plain text at the beginning of the message - is in the email's metadata, which is transmitted without encryption or any kind of protection. Sometimes knowing who's talking, to whom, and when, is more important than the content of the message, Silent Circle points out.

That's why Silent Circle's no longer in the game. It knows it can't promise a service it has no hope of providing. "With the tapping of backbone internet providers, interested parties can now see all traffic on the internet," it says. "The days where it was possible for two people to have a truly private conversation over email, if they ever existed, are long over."

Source: Silent Circle

Permalink

there was a campaign about 15 years ago that screwed with us government access to email and that was simply to flood it. people were encouraged to put in a list of key words guarenteed to get picked up in pretty much every email they sent no matter the subject

wombat_of_war:
there was a campaign about 15 years ago that screwed with us government access to email and that was simply to flood it. people were encouraged to put in a list of key words guarenteed to get picked up in pretty much every email they sent no matter the subject

yeah that only works until the techs take the inclusion of too many hot words. There is no such thing as security. every lock has a key, ever door can be opened. Someone always has the key or the means. Even if the system is unbreakable , the people who can access it aren't.

The reason certain headers can't be encrypted is simply because the system requires quick access to that data to function. Encryption basically would require time and processing to decrypt, never mind that the key would have to somehow be sent securely to the routing servers anyway and that would have to be unencrypted. Imagine sending a letter where the address and name is all done up with a cipher; it would be undeliverable since there is no way for the PO to figure where the heck it's going... unless you give your PO the encryption cipher and your local PO would have to distribute said cipher to all its branches and offices. So your super secret cipher is now in the hands of many many, many people you don't personally know. When everyone has the key to your door, it doesn't make sense to lock your door.

Goes back to the old rule, never put anything in writing that you wouldn't want your Mother to see. This holds true for email.

Well this only makes sense. I mean think about it.

"I have a letter I need sent."
"To who?"
"I can't tell you that."
"OK, where is it going?"
"I can't tell you that either."
".....when can I pick it up to deliv-"
"I can't tell you that either!"
"Then HOW am I supposed to deliver it?!"
"Well you're the mail service, aren't you?"

.....sounds like something that could appear on NotAlwaysRight...

Chessrook44:
Well this only makes sense. I mean think about it.

"I have a letter I need sent."
"To who?"
"I can't tell you that."
"OK, where is it going?"
"I can't tell you that either."
".....when can I pick it up to deliv-"
"I can't tell you that either!"
"Then HOW am I supposed to deliver it?!"
"Well you're the mail service, aren't you?"

.....sounds like something that could appear on NotAlwaysRight...

More like,
"I have a letter I need sent. Here's who it is and where it's going. Respect my privacy and the privacy of the recipient and do not share this information with anyone."
"Sorry, the government won't let me do that~! Wah wah wah."

Or more like they're spying regardless of what the ISP wants. It's just disgusting, in my opinion. Like most people, I don't really have anything to hide, but that doesn't mean I want everyone to know about it. If I wanted to share information with the world, I would make it easily available.

So... couldn't people build a "net" of inter-connected mailboxes that automatically forward emails between each other (including to fake adresses), make several copies, push the emails to another mailbox of the same provider (one of the "safe" ones) and somewhere on the way run an additional encryption over the content, change the header etc.? Maybe even split the email up somewhere along the way so that its sum only arrives in several different mailboxes of one person who can then manually copy the fragments into a decryption tool. It wouldn't be impossible to track, either, but it would probably cause some hellish headaches.

Yes but the government NEEDS to see that information. How on earth do you expect the government to protect your civil liberties, privacy and rights if they don't read and watch everything you say or do?

Course only the terrorists would be hiding something and not want all their business viewed and stored for any and all eventualities.

And if your sarcasm meter didn't just launch itself to the moon then it was probably broken.

rofltehcat:
So... couldn't people build a "net" of inter-connected mailboxes that automatically forward emails between each other (including to fake adresses), make several copies, push the emails to another mailbox of the same provider (one of the "safe" ones) and somewhere on the way run an additional encryption over the content, change the header etc.? Maybe even split the email up somewhere along the way so that its sum only arrives in several different mailboxes of one person who can then manually copy the fragments into a decryption tool. It wouldn't be impossible to track, either, but it would probably cause some hellish headaches.

There's certainly plenty of ways you could communicate over the internet in a small group. But that's not really email, and it would be restricted within that group anyway.

The closest you can ever get to secure electronic communication is an encrypted, direct point-to-point transmission. Needless to say, this isn't possible over the internet. The best we can do over the internet is establish an encrypted connection with the recipient after verifying the recipient is who he says he is (and that's another can of worms...) and trade messages through that link. Every layer 3 network device along the path will know A.B.C.D is talking to W.X.Y.Z, but that's just unavoidable.

Jenny Jones:
Yes but the government NEEDS to see that information. How on earth do you expect the government to protect your civil liberties, privacy and rights if they don't read and watch everything you say or do?

Course only the terrorists would be hiding something and not want all their business viewed and stored for any and all eventualities.

And if your sarcasm meter didn't just launch itself to the moon then it was probably broken.

Sad part is, there are people who actually believe that. :/

Honestly, the government doesn't even need to try that hard anymore with people blindly using facebook in combination with email services. =p

I've got to wonder if IRC isn't gonna make a big comeback, in light of recent privacy/security revelations; that is, if the masses had any idea what it was

Look, the only secure computer is one that's unplugged.
And buried.
In the middle of a remote desert.

As soon as people figure that out and stop expecting impossible, we'll all be much happier.

Kwil:
Look, the only secure computer is one that's unplugged.
And buried.
In the middle of a remote desert.

As soon as people figure that out and stop expecting impossible, we'll all be much happier.

Still not secure, archaeologist dig around in the remote parts of the desert all the time.

Applicable (or timely) Security is real.
Absolute security isn't.

This is nothing new.

Kwil:
Look, the only secure computer is one that's unplugged.
And buried.
In the middle of a remote desert.

As soon as people figure that out and stop expecting impossible, we'll all be much happier.

I've said this a couple days ago on this site, and I got viciously attacked.

So... people don't wanna hear that, so they'll never stop expecting it.

[shrug] Life goes on, I suppose.

I am staring down the barrel of implementing an email like service, and these developments of late have raised the specter of how you'd go about it ethically.

PRISM aside (if governments can spy may as well assume that they will spy) the problem to my mind seems to be that the law deems 3rd parties to be a breach of legal privacy. Therefore it seems to me like the simplest thing to do would be for the service to be a match maker, and potential plan B, while the end users would just need a NAS drive with some kind of daemon running on it.

This way legally the communication takes place between a first party and a second party and is legally untouchable from the POV of the service provider. Telecoms aside. Only illegal eaves dropping could spy on it. And the match maker deletes any metadata as soon as possible...

Which for most communications would be virtually instantaneous. No time to serve a warrant. If your NAS drive is stuck, then the service holds onto the communications until your remote storage runs out and then informs the original party unless they've opted out and dumps the body, eventually everything else.

This way if the gov't wants your mail, they have to break into your house, or have a warrant. Just take them at their word. Everyone should have a NAS drive (network connected storage) in this day and age anyway. The drive is always online if your internet is always online, so you have webmail as long as your internet services are not offline or your drives are not all in fail states.

At any rate, it seems like the service provider would not be left off the hook if people would just do things directly instead of "in the cloud" and that can be made really easy to do. It's basically the same thing PC games with P2P multiplayer have been doing for a long time.

Mick P.:
I am staring down the barrel of implementing an email like service, and these developments of late have raised the specter of how you'd go about it ethically.

PRISM aside. If governments can spy may as well assume that they will spy. The problem to my mind seems to be that the law deems 3rd parties to be a breach of legal privacy. Therefore it seems to me like the simplest thing to do would be for the service to be a match maker, and potential plan B, while the end users would just need a NAS drive with some kind of daemon running on it.

This way legally the communication takes place between a first party and a second party, just like private discussion, and is legally untouchable. Only illegal eaves dropping could spy on it. And the match maker deletes its metadata as soon as possible...

Which for most communications would be virtually instantaneously. No time to serve a warrant. If your NAS drive is stuck, then the service holds onto the communications until your remote storage runs out and then informs the original party unless they've opted out and dumps the body, eventually everything else.

This way if the gov't wants your mail, they have to break into your house, or have a warrant. Just take them at their word. Everyone should have a NAS drive (network connected storage) in this day and age anyway. The drive is always online if your internet is always online, so you have webmail as long as your internet services are not offline or your drives are not all in fail states.

They'd still be able to see who you're sending your mail to since anything you send over the internet goes through your service provider, which is a third party.

Of course, you can encrypt the content allowing you to hide those reasonably well, although as computers become faster and faster many older encryption methods that used to take decades to decrypt can now be cracked fairly quickly. On top of that, as noted by the article, much of the meta data would still be exposed and most likely tracked. Which you can't hide since that data is part of the protocols to which your packets must comply in order to be passed on.

Using proxies and such you'd be able to hide that to a certain degree, especially if said proxies serve as an in-between for many different senders and receivers. But even then given sufficient surveillance of all involved service providers it'd be entirely possible to piece together a decent bit by comparing all incoming and outcoming packets for exact times, sizes etc.

Not to imply what you're getting at is useless, it's certainly very useful. But more by virtue of making it extremely difficult for casual spying to track you, once some effort is put into it it's very, very difficult to really hide your tracks.

Hagi:

Mick P.:
I am staring down the barrel of implementing an email like service, and these developments of late have raised the specter of how you'd go about it ethically.

PRISM aside. If governments can spy may as well assume that they will spy. The problem to my mind seems to be that the law deems 3rd parties to be a breach of legal privacy. Therefore it seems to me like the simplest thing to do would be for the service to be a match maker, and potential plan B, while the end users would just need a NAS drive with some kind of daemon running on it.

This way legally the communication takes place between a first party and a second party, just like private discussion, and is legally untouchable. Only illegal eaves dropping could spy on it. And the match maker deletes its metadata as soon as possible...

Which for most communications would be virtually instantaneously. No time to serve a warrant. If your NAS drive is stuck, then the service holds onto the communications until your remote storage runs out and then informs the original party unless they've opted out and dumps the body, eventually everything else.

This way if the gov't wants your mail, they have to break into your house, or have a warrant. Just take them at their word. Everyone should have a NAS drive (network connected storage) in this day and age anyway. The drive is always online if your internet is always online, so you have webmail as long as your internet services are not offline or your drives are not all in fail states.

They'd still be able to see who you're sending your mail to since anything you send over the internet goes through your service provider, which is a third party.

Of course, you can encrypt the content allowing you to hide those reasonably well, although as computers become faster and faster many older encryption methods that used to take decades to decrypt can now be cracked fairly quickly. On top of that, as noted by the article, much of the meta data would still be exposed and most likely tracked. Which you can't hide since that data is part of the protocols to which your packets must comply in order to be passed on.

Using proxies and such you'd be able to hide that to a certain degree, especially if said proxies serve as an in-between for many different senders and receivers. But even then given sufficient surveillance of all involved service providers it'd be entirely possible to piece together a decent bit by comparing all incoming and outcoming packets for exact times, sizes etc.

Not to imply what you're getting at is useless, it's certainly very useful. But more by virtue of making it extremely difficult for casual spying to track you, once some effort is put into it it's very, very difficult to really hide your tracks.

Yeah my post is from the point of view of the email service provider. Not because the clientele has to have the ability to communicate in absolute secrecy. But just what does it mean to provide email? How can you do that in a way that doesn't compromise the privacy of your users either wittingly or unwittingly.

I thought about going into details. But I'm not paranoid. It's just an ethical question. I do think if encryption P2P and anonymity become the normal mode of operation, then that will diffuse the whole scare of public and or private spies.

To my mind the big problem is moving to distributed solutions. Take care of that and most things should solve themselves. If you had to actually be 100% secure for whatever reason. Like what you are doing is illegal. Then you'd want encryption of course. We can assume that is done for everything anyway. Might as well unless you have to send mail or something to a server that isn't. Then TOR or whatever to at least introduce as much noise as possible if everyone was doing it.

BTW: I did later revise my post that is quoted above. EDITED: Also I assume there are probably laws that require services to hold onto metadata. I think that could be minimized by the matchmaker only being bothered if a lookup fails or something. Probably the end users could be anonymous to the matchmaker too.

Alar:

Or more like they're spying regardless of what the ISP wants. It's just disgusting, in my opinion. Like most people, I don't really have anything to hide, but that doesn't mean I want everyone to know about it. If I wanted to share information with the world, I would make it easily available.

This is really the crux of what people are/should be upset about in all this, and sadly many people are still just ignoring the issue. For clarity, I'm an American(just so you know where I'm coming from on a legal standpoint). Many of these programs and new laws are skirting not only current law, but the spirit of the law. Part of the problem lies in that our law is about 10-20 years behind the tech curve, so you get rationalizations like, "e-mail isn't part of the list of things counted by precedent as private personal possessions, so they're not subject to the same protections against search and seizure as say, your car or home"; even though a rational person would clearly equate email with conventional mail as to the same status it should have under privacy law.

The other major problem is we have a government that is flat out simply ignoring the law. For those outside the U.S., the fourth amendment in the Bill of Rights in our Constitution, what is supposed to be the supreme, end-all-be-all, law of the land, forbids such behavior:

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Supreme law of the land. It says that if the government wants to search through your personal possessions, law enforcement must first have a good reason, then must obtain a warrant for a specific thing, time, and place they want to search. It should be noted that this applies to citizens on an individual level, every citizen has this right.

Instead, we have politicians getting secret warrants from the 'Foreign Intelligence Court' (something you'd think by rights wouldn't or shouldn't be involved in massive warrants covering U.S. citizens on U.S. soil) to blatantly violate citizen's constitutional rights by searching their personal possessions without a clear-cut reason for each individual person whose rights they violate; simply on the off-chance one of them is involved in the catch-all 'terrorist activity'. And people wonder why more and more are beginning to hate our government.

but if only the big companies can afford the encryption, could it not be that the encryption key is lcoated at both places and NOT sent via the message? that the key rotates identally in both places without disclosign the roration algoryth to the internet? Then you could easily encrpy the header and sender. the destination and time is harder, but if you use a close system with internet as mere highway, all you need is a way to mark "this ip" and thats it. the rest is hidden and taken care of locally. its not perfect but more than this guy claims possible.

Zombie_Moogle:
I've got to wonder if IRC isn't gonna make a big comeback, in light of recent privacy/security revelations; that is, if the masses had any idea what it was

IRC is not secure at all. the rooms can be seen easily if they so want.

Aitruis:

The other major problem is we have a government that is flat out simply ignoring the law. For those outside the U.S., the fourth amendment in the Bill of Rights in our Constitution, what is supposed to be the supreme, end-all-be-all, law of the land, forbids such behavior:

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Supreme law of the land. It says that if the government wants to search through your personal possessions, law enforcement must first have a good reason, then must obtain a warrant for a specific thing, time, and place they want to search. It should be noted that this applies to citizens on an individual level, every citizen has this right.

Instead, we have politicians getting secret warrants from the 'Foreign Intelligence Court' (something you'd think by rights wouldn't or shouldn't be involved in massive warrants covering U.S. citizens on U.S. soil) to blatantly violate citizen's constitutional rights by searching their personal possessions without a clear-cut reason for each individual person whose rights they violate; simply on the off-chance one of them is involved in the catch-all 'terrorist activity'. And people wonder why more and more are beginning to hate our government.

Thats the thing. Your email and internet posts are not considered your personal possesion or private locations. you dont "own" your email. therefore searching email they do not break the fourth amendment. US needs to completely redefine ownership of immaterial objects, which also ties in in the whole piracy problem.

Aitruis:

Alar:

Or more like they're spying regardless of what the ISP wants. It's just disgusting, in my opinion. Like most people, I don't really have anything to hide, but that doesn't mean I want everyone to know about it. If I wanted to share information with the world, I would make it easily available.

This is really the crux of what people are/should be upset about in all this, and sadly many people are still just ignoring the issue. For clarity, I'm an American(just so you know where I'm coming from on a legal standpoint). Many of these programs and new laws are skirting not only current law, but the spirit of the law. Part of the problem lies in that our law is about 10-20 years behind the tech curve, so you get rationalizations like, "e-mail isn't part of the list of things counted by precedent as private personal possessions, so they're not subject to the same protections against search and seizure as say, your car or home"; even though a rational person would clearly equate email with conventional mail as to the same status it should have under privacy law.

-SNIP-

This is a very well-thought out and... far more detailed explanation of things than I've been able to put to words. Well done, sir, and thank you! I agree wholeheartedly.

Would it surprise you to know that the government has been mining your snail mail?
Not whats in it, but who its going to, and where its coming from.

I know there is a new secure email service, Mail1click , but somebody know if it is really secure? They don't use US server and they are from UAE.

 

Reply to Thread

Posting on this forum is disabled.