Not because it’s a GOOD IDEA to let Facebook (!!) broker your key exchange and see your metadata - yes, Signal protocol can’t keep metadata away from third parties either, not entirely - but because they had the chance to improve security in an imperfect but good way for millions of people. Which is why the people who made Signal put their crypto into WhatsApp. Just crying out to be fixed.Īnd they’re on Twitter DMs and Facebook and god help us Slack. Shitty, plaintext by default, metadata leaking email. And where they are, to a massive massive unstoppable undeniable extent, is on fucking email. Security professionals need to meet users where they are. As many systems as possible that they use need to be secured, so that WHEN they mess up - meaning, have the gall to say something potentially sensitive outside of infosec-land blessed tools - the consequences are mitigated. Guess what? People suck at knowing what communications need to be secure, and they suck at keeping mundane conversations from veering into sensitive territory, and they suck at moving conversations from one platform to another. Yet HTTPS is hugely valuable.īut the biggest issue with your critique is that it proposes treating secure messaging as a special case for which people should just use a special tool. Your dimissive post boils down to “less than 100% perfect security is not ‘practicable’ so let’s leave a massively used, default communication platform utterly unsecure.”Īt least three of your critiques of encrypted email could be made of HTTPS: it leaks metadata (what sites you visit and when), it is plaintext by default, and the archives of the secured material are persistent and searchable. We should stop trying to push this particular boulder up this particular mountain and instead just get people to adopt serious secure messengers. If you can stipulate a special mail client that is extra-careful, why not stipulate a forward-secure advanced messaging system and stop bothering with email?Įverything that makes email effective in the real world makes it inhospitable to secure messaging. And again, what matters here is the behavior of the overwhelming majority of clients. Again, if you're using a secure messaging system to keep secrets from a state-level adversary, that's exactly what you don't want. * Most email clients are searchable-archive-by-default. Unless you make them install something on all their computers - and at that point, just get them to install Signal, WhatsApp, or Wire - "encrypting" their email involves schemes in which those websites can get their plaintext mail. * Most email users get their email from a website. We would never accept a new secure messaging system that behaved like that. In fact, some of what we call email "metadata" isn't even metadata - stuff like subject lines are simply content. That's a terrible property for a secure messaging system. Lose that key, ever, and not only is every message you send in the future unsafe, but every message you've ever sent in the past is too. The most popular standard, OpenPGP, involves a long-term key that is the root of secrecy for all messages from a particular person. * Email encryption is never forward-secure. We don't generally love the way websites ensure they're viewed securely, but email doesn't even have the basic mechanisms HTTP has to prevent secrets from accidentally being sent in the clear. Email is itself archaic, and there aren't good reasons people should use it for routine peer-to-peer communications that need secrecy. Unpopular but very probably true fact: email can't practicably be made secure, and people should stop trying.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |