Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Communications Encryption Privacy

After Lavabit Shut-Down, Dotcom's Mega Promises Secure Mail 158

Lavabit may no longer be an option, but recent events have driven interest in email and other ways to communicate without exposing quite so much, quite so fast, to organizations like the NSA (and DEA, and other agencies). Kim Dotcom as usual enjoys filling the spotlight, when it comes to shuttling bits around in ways that don't please the U.S. government, and Dotcom's privacy-oriented Mega has disclosed plans to serve as an email provider with an emphasis on encryption. ZDNet features an interview with Mega's CEO Vikram Kumar about the complications of keeping email relatively secure; it's not so much the encryption itself, as keeping bits encrypted while still providing the kind of features that users have come to expect from modern webmail providers like Gmail: "'The biggest tech hurdle is providing email functionality that people expect, such as searching emails, that are trivial to provide if emails are stored in plain text (or available in plain text) on the server side,' Kumar said. 'If all the server can see is encrypted text, as is the case with true end-to-end encryption, then all the functionality has to be built client side. [That’s] not quite impossible but very, very hard. That’s why even Silent Circle didn’t go there.'"
This discussion has been archived. No new comments can be posted.

After Lavabit Shut-Down, Dotcom's Mega Promises Secure Mail

Comments Filter:
  • Links? (Score:5, Informative)

    by chill ( 34294 ) on Sunday August 11, 2013 @08:33AM (#44535263) Journal

    Are those actual links, or just the <a> tags?

  • Article (Score:5, Informative)

    by chill ( 34294 ) on Sunday August 11, 2013 @08:35AM (#44535273) Journal
    • If you go to https://silentcircle.com/ [silentcircle.com] they shut it down "preemptively".

      Yesterday, another secure email provider, Lavabit, shut down their system less they "be complicit in crimes against the American people." We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.

      Why oh why? Are there no hosters outside the US?

      Also, if they (e.g. La

      • Having a service hosted in one country but with admins from another seems like the worst of both worlds since either the government of the country the admins reside in or the government of the country the servers reside in could attack things.

        • Well in all the controversy and even our learning in the Trust No One mentality, we are looking four someone to trust.
          That tells you something about humanity. And the fact that encryption its not just a game means we must trust someone our our work from scratch will be cracked by the experts we were up against. I for one believe some source would be good but four all we know NSA could honeypot anything as fair game, and post backdoored code on the domains we currently still trust, especially Silent Circle (

  • by Max_W ( 812974 ) on Sunday August 11, 2013 @08:41AM (#44535305)
    The should be developed an international mechanism of verifications of the Article #12 of The Universal Declaration of Human Rights. Many countries have signed it. The should be international inspections of data centers, telephone companies, etc.

    http://www.un.org/en/documents/udhr/index.shtml#a12 [un.org]

    Article 12. No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
    • by JanneM ( 7445 )

      "No one shall be subjected to arbitrary interference "

      Nothing arbitrary about the mass surveilance. It's all quite deliberate and systematic. Your rights are well protected.

    • by rossdee ( 243626 )

      So what makes this declaration "Universal ?
      Doesit apply on other planets or even all parts of this one?

      • by Max_W ( 812974 )
        Exactly. It means that it applies to all humans in the universe. Even if a human is in space, on an orbit, or at, say, a moon.

        When I hear as the president says that the US citizens are not being snooped upon, I always think: "And what about us, who did not happen to be US citizens." Are we a too easy target?

        We are also protected by The Universal Declaration of Human Rights. The USA has signed it by the way, the same as China, Russia, and many other countries.
        • by Arker ( 91948 )

          You are also "protected" by the US Constitution to the same degree. The Constitution talks about the rights of people, not of citizens. Unfortunately both documents are simply being treated as toilet paper by the people entrusted with their enforcement.

    • Yeah, except none of those are followed by the majority of the countries that signed it.

      Articles 2, 3, 5, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 25, 26, 27, 28, and 29 certainly do not apply to the USA.
    • Snooping is not interference. You still get your messages. It's just that the government knows what you're doing. The US 4th Amendment is stronger, but it's ignored.
  • Ok I actually tried to read the article and those links don't work. A low day for Slashdot editors.

    Check out the new Slashdot iPad app [apple.com]
  • by Anonymous Coward

    I find this farcical, so the NSA is going to start playing whack-a-mole with a what will be in the near future, a plethora of alternative secure email providers. Ask the RIAA how well that works out.
    AC.. because I can.

  • by Ricardo ( 43461 ) on Sunday August 11, 2013 @08:51AM (#44535361)

    According to Security Now/Steve Gibson, the encryption/security on the MEGA file site is not very sound

    https://www.grc.com/sn/sn-390.htm [grc.com] (search for "Java Crypto" to get about 3/4 way through the show) or listen to the podcast..

    MEGA is well intentioned Im sure, but the Javascript code in MEGA does not cut it for serious security, and they need to dp waaay better for an email service.
    Remember that ALL THE DATA is being retained now, so one crack in the system and there is a way in.

    Air tight security is do-able, but needs to be serious - I wish Mega lots of luck.

    • by Teckla ( 630646 )

      search for "Java Crypto" to get about 3/4 way through the show

      It's hard to tell if he's talking about Java or JavaScript -- he bounces between the two as if they're interchangeable, when they're not.

  • by Anonymous Coward on Sunday August 11, 2013 @08:52AM (#44535379)

    The problem is that private key, in server solution, are available on the server. Even in Mega, the private key is located server side and the password/passphrase is supplied by the end user over SSL. So, the weakpoints are SSL and the domestic machine, as well as an intercept placed on a server at Mega.

    What we require is a private key that a person hold, on a smartcard type arrangement. From this we derive a personal certificate authority and a public key. We issue certificates through our personal CA for particular roles and upload them to our provider. This then acts as our transport encryption, digital signatures, email encryption and so forth. The private key never enters the network and everyone has a unique encrypted layer, rather than a common SSL certificate.

    Decryption is performed by streaming the contents through the smartcard. We can add additional factors to this authentication such as biometrics, pin, etc. In fact, the user should be able to determine the amount of factors, their order, etc. The decrypted output can either be sent back into the machine (if you feel it is secure), or forwarded to a secure offline machine.

    We only need to make sure that this forwarding eliminates the possibility of an exploit and that means a limited stack that only provides certain features. Such as text and/or video.

    There is no reason that a standard mobile phone could not have two physical portions, one connected to the web and another for secure comms.

    • by gl4ss ( 559668 )

      ..so we don't actually need a new encryption scheme, just a system to make using what exists feasible in normal communications.

    • For webmail, what would be wrong with: encrypt/decrypt via client side javascript, private key is stored in html5 storage thing, and is encrypted via user's password. The server never sees the user's private key, nor their password (authentication with server can happen via public/private keys (e.g. have the client digitally sign username/request, server can verify the signature, no need for passwords on the server).

      • by DarkOx ( 621550 )

        One word: search.

        If you can figure out how to do server side search in a way that is reasonably efficient (storage and compute), does not require the server side to know the key, does not otherwise compromise the secrecy of the cipher text (user documents); I suspect you can make a great deal of money licensing your patent.

      • About search : maybe you can permit some parts (mail addresses ? some words ? tags ?) to be indexed on the client, in an encrypted form ? To what extent it will compromise the security of a message if you know some words in it ?

        Anyway, a part of a security system is simply a good memory. The most you can remember (in your head only) the better.

        Still, that's simplified, but things to think about.

      • For webmail, what would be wrong with: encrypt/decrypt via client side javascript,

        The big problem is that the website can change the client side javascript that it sends to a version designed to send the key to the server. If the version designed to grab the key is only sent once per user and only to users of interest it is unlikely that users will notice this behaviour.

  • Jabba Dotcom protecting us from the empire? Sign me up!
  • Don't all email clients do this?
    Are those people so infatuated with web applications that they don't realize true applications do everything on the client?

    • It seems so. I've talked to people that are shocked when I can get my email without internet access (alt-f2, "thunderbird")

    • Oh yes, they are completely infatuated with web apps.

      The problem is, if you want to read mail on more than one platform - phone, tablet and PC - you need one or more of them to use a remote message store. Otherwise you can't see and search the mails received on one platform when you're on the other. Unless you sync all mails between devices, which is going to cost you in battery lifetime and possibly in mobile data bills.

      Also, you don't really want to search email on a phone: That would be slow and run down

      • The problem is, if you want to read mail on more than one platform - phone, tablet and PC - you need one or more of them to use a remote message store.

        Both POP3 and IMAP are protocols to access a remote message store.
        IMAP has more advanced features, like keeping track of what has been read and what hasn't.

        which is going to cost you in battery lifetime and possibly in mobile data bills.

        This is nothing compared to the average consumption of a smartphone like what the Facebook application requires.

        Also, you do

        • Checking for new mail via IMAP every 30 minutes or so(I check every 5 minutes on my business account so I can react immediately for extra brownie points) is sufficient and doesn't drain battery too much.
          Who in his right mind would do Webmail on a phone/tablet? Also what does the used application protocol have to do with security? Wether you send unencrypted IMAP/SMPT or unencrypted HTTP doesn't make any difference. Also if your email is on some harddrive anywhere and it is unencrypted or somebody you can't
  • by DeathGrippe ( 2906227 ) on Sunday August 11, 2013 @09:30AM (#44535553)

    The problem is that email is managed from a central location.

    If email clients opereated as fully encrypted standalone, "peer to peer" entities, the central mail server would be eliminated, and snoops would only be able to grab the encrypted content, and perhaps the locations of sender and receiver.

  • by DerekLyons ( 302214 ) <fairwater@gmai l . c om> on Sunday August 11, 2013 @09:30AM (#44535557) Homepage

    I've said it before and I'll say it again, this concentration on encryption is fiddling while the house burns. Encryption is sexy, and easy, and kewl, and l33t... but it won't protect against the real threat - traffic analysis.

    • Why is traffic analysis more of a threat than the ability for the government to read the contents of your emails?
      • by memnock ( 466995 )

        Sometimes it's more important who you know and not what you know.

        • Sometimes it's more important who you know and not what you know.

          Not only this, but there's also, in theory, a greater threat between the combination of the two. Suppose I have three friends, Alice, Bob, and Carol. I send cleartext e-mails to Alice and Bob, but Carol gets encrypted messages, then those who are sniffing the traffic can discern the following information:

          1.) I know Alice, Bob, and Carol.
          2.) Since Alice and Bob get standard e-mails, I'm selectively encrypting my messages.
          3.) I'm selectively encrypting messages to Carol, and Carol is selectively encrypting me

        • by DarkOx ( 621550 )

          If you are trying to disrupt a terror cell, yes. If you are looking for dirt to stop the "wrong" guy from wining an election less so.

      • by Anonymous Coward

        Because if they can't directly read your e-mails, traffic analysis will be used to determine who you're talking to, what you're using to talk to them with, any number of bits of information that could identify one party or the other in a secure conversation. Once they have their hands on someone who holds a key, all they need to do is employ some "enhanced interrogation techniques" freshly passed as totally-not-torture by Bush and Obama.

        Traffic analysis isn't just a fall-back plan, it's just as powerful a w

    • by m00sh ( 2538182 )

      Traffic analysis can be easily foiled by data poisoning. For each valid e-mail, generated 10,000 fake e-mails that are sent at random (or some other criteria).

      After the receiver decrypts the messages, the fake e-mails will say they are fake and the client discards it. Add in some forwards too to make the problem harder.

      Getting a list of e-mail addresses to send to is the problem. But, can be done with a client side solution.

      So, even if the server is compromised, there is still possibility of secure e-

  • by Anonymous Coward

    The amazing thing to me is that using any of these encrypted mail services will automatically flag you as a suspect for the NSA. Just like when detect patterns used by Tor and store all of the traffic in a special place.

    How long until the FBI and NSA keep files on everyone that they can identify using these services? Like a new era of McCarthyism but instead of a public trial you have a secret trial where the government has all of the cards. This is essentially what the guy Aaron Swartz and the Lavabit g

  • May be all the worlds email traffic should go through (and stay at) archive.org this way one would at least know where ones emails end up,...
  • Just use mail on FreeNet,

    Sure, FreeNet, which would be the more secure option we have currently, doesn't have any outside gateways, but if you are concerned about security, you don't want one anyway.

    • by Clsid ( 564627 )

      Your solution is definitely the most sound technique of everything I have read so far on how to deal with this issue. So I guess you can establish a Darknet with your friends and family and some sort of encrypted e-mail using regular Thunderbird, and keep plain text e-mail for initial contact only. For business mail this would be tough though, and I guess you can set up a ticket support system to get in touch with your customers instead, but as dealing with providers and such, plain text e-mail will have to

  • by m.pala ( 19682 ) on Sunday August 11, 2013 @10:06AM (#44535743)

    The matter of protecting your e-mail is a simple one - there are standards (S/MIME). What you need to look in a provider is:
    (1) They SHOULD NEVER have copies of your private keys
    (2) They should follow published standards
    (3) Allow S/MIME e-mails
    For example, if you want to use your Gmail account with military-grade security that neither NSA can read, just install Penango in your browser and send messages encrypted - this solution is also used by US military and corporations. Penango does not hold any of your private information and/or your keys - so they can not be forced by anybody to give out your secret.. simply because they do not have it!!!! For more info, go to http://www.penango.com/

    • For example, if you want to use your Gmail account with military-grade security that neither NSA can read, just install Penango in your browser and send messages encrypted - this solution is also used by US military and corporations. Penango does not hold any of your private information and/or your keys - so they can not be forced by anybody to give out your secret.. simply because they do not have it!!!! For more info, go to http://www.penango.com/ [penango.com]

      Except that penango is not really compatible with any current browser releases except Internet Explorer. Firefox is supported, but only up to version 20. The current release is version 23.

  • Look at it this way: everyone's all "we gotta have email encryption" and we've completely lost interest in "OMG 99% of all email is spam and we can't get rid of it." It's the NSA's way of encouraging Internet Businesses.
    (please please PLEASE don't make me bring out the whoosh or sarcasm tags m'kay?)

  • Privacy in 2 years (Score:5, Insightful)

    by Okian Warrior ( 537106 ) on Sunday August 11, 2013 @10:13AM (#44535781) Homepage Journal

    This whole thing about privacy will be a non-issue in about 2 years.

    There's currently a mass-exodus away from US-based cloud services, and (within the US) away from all cloud services.

    Cloud services will have to provide privacy or go out of business. The only way to ensure privacy is client-based encryption keys and open-source software. Since it's impossible to control the distribution of open-source software, the client-side package will end up being free.

    This is a good thing, IMHO. Cloud services will focus on the actual service, they won't be able to rummage around in our lives (both corporate and personal), they won't be able to "monetize" their customers as products to advertisers, and the NSA will be shut out of much illegal snooping.

    People are already thinking about how to encrypt existing web-based mail services, and I'm even hearing rumors about replacing SMTP altogether with a more secure protocol.

    Expect a lot of wailing and gnashing-of-teeth from the government, proposals to make this or that protocol "illegal" or to require government backdoor access, but in the end it will come down to simple economics.

    There is an enormous market-driven push towards more privacy. Edward Snowden has had a measurable effect on the world, and probably deserves the Nobel peace prize he was nominated for.

    • by gclef ( 96311 )

      I'm even hearing rumors about replacing SMTP altogether with a more secure protocol.

      There have been "rumors" and "proposals" to replace SMTP for almost a decade. It'll never happen. SMTP will die slowly, the same way NNTP is slowly dying. And that will only happen when there's a way to communicate that surpasses it. Web discussion boards basically killed NNTP. I don't think there's anything out there yet to kill SMTP.

      Also, encrypting your mail misses the point. Groups like the NSA can still do traffic analysis on the SMTP envelope to know who you're talking with even without reading the co

      • There have been "rumors" and "proposals" to replace SMTP for almost a decade. It'll never happen...

        Um... there is now an enormous economic incentive to do this.

        Are you saying that the current situation is exactly like it was in the last decade?

        • by gclef ( 96311 )

          Spam was and still is an enormous economic incentive to replace SMTP....and yet, after a decade of avalanches of spam, we haven't replaced SMTP with something that addresses any of the aspects of SMTP that permit spam to happen. This situation isn't even on the same order of magnitude of economic burden as spam is every single day. So, yes, the current situation *economically* is exactly like it was the last decade: we're paying for the design decisions of SMTP, and will continue to do so until something sh

    • Expect a lot of wailing and gnashing-of-teeth from the government, proposals to make this or that protocol "illegal" or to require government backdoor access...

      There was a classic example of "Think of the terrorists" FUD in NZ last week. The PM of New Zealand, who's cramming his legalized-spying-on-your-own-citizens bill through parliament at the moment, last week trotted out some "facts" about how the NZ government is "monitoring" several NZ residents with ties to Al Queda, several of which are in Yemen attending "training camps" at the moment.

      If that's true, then isn't letting these people know you're watching them a bit of a silly idea? And anyhow, it still doe

  • When you rely on a third party for security, you are placing an enormous amount of trust in them. You're trusting that they have not installed backdoors, that they do not copy your encryption keys and that they really are doing all the things they say they are. There are also external factors that may be beyond their control, like government demands, as we saw with Lavabit.

    Now, if Mega is going to do something like build plugins, extensions or local proxies for popular web and local mail clients that make

  • by Hizonner ( 38491 ) on Sunday August 11, 2013 @11:02AM (#44535983)

    If you want secure email, don't put it in the cloud. People who try to set up new cloud services to get attacked aren't helping, and can't deliver on what they want to make people believe they can.

    1. Webmail can never be secure even if the decryption is done in the browser, because the decrypting JavaScript comes from the provider, who can change it at any time.
    2. If your email comes to your cloud provider in the clear, it doesn't matter if they then encrypt it, because they can be forced to start keeping the plaintext.
    3. Even if the crypto works, if everybody uses the same few providers, it's easier to do traffic analysis. Which was already uncomfortably easy. "Metadata", anyone?
    4. If your cloud provider is honest and doesn't want to get subverted, they may have to shut down at any instant, leaving you unable to communicate. As we've seen twice just this freaking week.

    It's not hard to set up a mail server. It's not hard to use PGP. Be at least a little harder target.

    Just say no to the goddamn cloud, already.

  • 'If all the server can see is encrypted text, as is the case with true end-to-end encryption, then all the functionality has to be built client side. [That’s] not quite impossible but very, very hard."

    Why not let user the compromise on security in order to search, etc., by giving the server permission to decrypt for N minutes or seconds? Then client software sends the key, Mega promises to destroy the key and the unencrypted text at the allowed time. Standard legal advice in advance explains the resu

  • Comment removed based on user account deletion
  • Kim Dotcom as usual enjoys filling the spotlight,

    you can put a period there, that's all there is to say about it.

    If you trust an e-mail service run by Kim, you are a stupid idiot. The guy ratted out people to the authorities before, when it served him.

    One thing is right about this idea, though: If you want a secure e-mail provider, it absolutely has to be located outside the USA. Nothing on US grounds can be considered secure anymore.

  • Truly anonymous email needs to be both encrypted and efficiently hide communication patterns.

    If the system is based on a central server that maps addresses and you have the ability to listen to inbound and outbound mail you can fairly easy generate a map that will link real and anonymous email addresses if the system runs in real time. Mails to be relayed should be delayed a random time and sent out in random sized pools. That would hide the link.

    An alternative would be a private bulletin board system where

    • by doccus ( 2020662 )

      An alternative would be a private bulletin board system where no messages ever leave the server and both sender and recipient must log in to send or receive mail. It will also hide the patterns provided the database is completely encrypted, including relations.

      You're quite correct, and THIS (the BB system) is the method professional agents use the most.

  • Wow. All these brilliant ideas on encrypting communication like snail mailed rubber envelopes wax seals etc Nothing screams "I have a secret" as loud as obvious encryption attempts. And nothing is as tempting for CIA or DHS operatives to try and circumvent. Security services in *other* countries don't waste their time trying to crack "encrypted email" or rubber envelopes in snail mail. Why? Becaus professional agents don't ever use an *obvious* encryption method at all!. A REAl spy's email might look like "

It is clear that the individual who persecutes a man, his brother, because he is not of the same opinion, is a monster. - Voltaire

Working...