End-to-end encryption of email by Yahoo

>>47038809
No interest?

>>47038809
if it is US based, it is literally shit

File: 1367148323161.jpg (3KB, 125x125px) Image search: [Google]

3KB, 125x125px

tfw gmail will never do this because it would cut into their profits if they can't scan your email and sell info to the highest bidder whenever they see fit.

FUCK
the last of my contacts that used yahoo just switched to outlook

>>47038871
This. Placebo crap.

>>47038855
>>47038885
literally meaningless as long as NSA has backdoor access

https://github.com/yahoo/end-to-end

>>47038924
NSA cannot access emails that are encrypted on the client side. Unless you are implying that 2048 bit PGP has been somehow defeated.

I remember reading somewhere that in order to beat PGP you need to run our current computing power for millions of years or something ridiculous like that.

>>47038871
>>47038911

I think you don't understand how this works. The encryption is done completely by an open source plugin which _will_ be audited. The session key, private key and public keys will be stored in localStorage, and a list of public keys will be stored in a federated manner.

There is no way that anyone other than the intended recipients can see what's being sent.

>>47038909
If you look at the hacker news comment from the engineering director at Yahoo - this is just the start.

There are plans to figure out client side search of email, multi-device support and federated key servers - meaning yahoo and google and outlook can all talk to each other as long as they decide on a common protocol.

reminder
http://matasano.com/articles/javascript-cryptography/

>yahoo

is this 2005 or something? fuck

>>47039049

I think a lot of those points are addressed.


> Secure delivery of Javascript to browsers is a chicken-egg problem.
The software is open source - so if yahoo attempts to scam users with this they will get caught very easily. Also, it will be downloaded using TLS encryption - so there is no chance of a MITM attack.


>Browser Javascript is hostile to cryptography.

Not 100% sure why he thinks this - but maybe it's got to do with the fact that it cannot generate cryptographically secure random numbers. My guess is that they will use something like NaCl or something... but in any case this is an obvious problem. Not sure if there are other primitives which he thinks javascript is hostile to.

How will key signing work? I don't think people are going to verify the identity of the one they're encrypting to even if they know them personally. They generally won't care enough to understand why signing is important, and why you can't trust Yahoo when they say that a key belongs to a mail address (which is what it looks like is going on in the gif on the blog).

>>47040060
Good question. I am thinking that identity verification might be a part of the federated service.

For example - you would be sending an encrypted email to the person identified and verified as [email protected] by this federated service.

At least, that's how I think it would work.

>>47040172
>and why you can't trust Yahoo when they say that a key belongs to a mail address

Another good question. I think the engineering guy at Yahoo answered that:

"Along those lines, we will work with industry peers to build public key registry software that interoperates with other federated providers, is open source, and is transparent in the cryptographic sense. I.e. Yahoo and Google users should be able to send encrypted email to one another with ease, and if either company was forced to lie about the public keys of our respective users we would be caught because math."

>>47038885
I'm pretty sure Yahoo makes money the same way.

>>47040172
And then of course, the problem would be how would this service identify and verify? Would it be done by a handful of corporations? What is the criteria to become a corporation that participates in this?

Maybe the owner of the mail server would just assume the verification / identity of the email holders.

>>47038977
i'll never understand all the hype for secure e-mail services you have no away of verifying when PGP has been around for 20 years

>>47038885
gmail actually did this almost a year ago
http://www.informationweek.com/mobile/mobile-business/google-previews-gmail-encryption/d/d-id/1269433

>>47040239
>>47040239

But they _are_ using PGP. The "innovation" to make the whole thing more accesible to joe@xyz is the addition of the federate key server.

>>47040251
I think he's referring to Lavabit/Protonmail and such.

>>47040239
Until using PGP is as easy as pulling up your gmail account and clicking 1 or 2 extra buttons in the Compose tab before sending, it will never be used by anybody except journalists and drug dealers.

>>47040251
they'll even store your keys for you, how convenient

>>47039019
their point (I presume) is that Yahoo will have to comply with requests from government agencies for access which was one of the reasons Lavabit closed down.

>>47040265
Ah got it. Didn't lavabit shutdown - because they did server side encryption - but he was given an ultimatum to handover keys by NSA?

>>47040267
Just the public key of course, so that people can send you emails.

>>47040275
>>47040267

Want to expand on this >>47040282 for the sake of clarity.

In PGP, there are 3 keys associated with an email:

1. The session key - which is a one time secret key for the email.
2. The public key of the receiver (which is generally assumed to be available by everyone who has the receivers email) - which is used by the sender to encrypt the message AND session key.
3. Private Key - this is the secure key that only the receiver has - and this is used to decrypt the message on the receivers client side.

How public / private key pair encryption works on a high level is -> you encrypt a message with the public key of joe@xyz. Now only joe@xyz can decrypt this message because ONLY he has the private key which can be used to decrypt. The two keys are kind of like complements to each other.

The reason that Lavabit failed was that they had the private and public keys on their servers. We only had their "good faith" to believe they would not snoop or do something malicious. But in this case, only YOU will have the private keys, so no one - not even the NSA - would be able to read your emails without issuing YOU a warranty directly.

>>47040375
hushmail said the same thing, problems arise when you start doing that in a browser

>>47040375
>The reason that Lavabit failed was that they had the private and public keys on their servers.
And many newer mail services fail because they implement OpenPGP in Javascript and serve it to the user every session. The private key is in the user's control, as long as the script doesn't do anything malicious. But since the script can change at any time and, if required, only for a specific user, they key is just one national security letter away from being compromised. Even if you think the owners of the service will refuse to comply with such a letter, you will still need to trust SSL enough to take the risk of a MITM, and that the owners won't decide to fuck with you on their own accord.

Plain Javascript cryptography is a very bad idea, but the approach with browser extensions (possibly interfacing with lower level cryptography libraries) seems promising.

>>47038809
>end-to-end encryption of email done in js by the browser
Yeah, it's totally trustworthy. Also openmailbox.org done this before, not that I would use it. Protonmail does this, tho it uses some non-standard encryption scheme I guess.

>>47039130
>The software is open source - so if yahoo attempts to scam users with this they will get caught very easily.
They can replace the js code per session. Are you implying that people will verify the code against the hosted one every time they download the JS code? Not that it wouldn't be possible with some plugin and AFAIK LibreJS working on it, but there is no working solution right now.

>>47040536
Fun fact: the NSA probably can MITM the https communication and serve you malicious js code to steal your priv key. Certificate pinning could solve this though?

>itt: stupid fags that still use mainstream emails piped straight through to the NSA

My ProtonMail email just came through.
Feels good man

Yahoo offers a pretty decent service. Disposable addresses. A terabyte storage.
While Outlooks unlimited storage is actually 5gb that grows if you dont receive too much mail, otherwise you reach their limit.

But the inbox ads of Yahoo are really terrible. And I dont like how you need to use txt message for two step verification.