[leot]

Google, Yahoo, and Microsoft could all make the vast majority of email vastly more secure by implementing PGP-by-default. Send: You enter an email address, a little key appears beside it if it's recognized as having an associated public key, and a warning appears that the email can't be encrypted if an additional email address is entered that doesn't have an associated key. Receive: email encrypted with your public key is colored "green" (for "secure") and the from address is colored "green" if it's been appropriately signed. With (and, I'd argue, only with) a webmail client can PGP be rapidly deployed and almost completely transparent.

But, this would make "intercepts" far more difficult, now, wouldn't it ...

[sliverstorm]

this would make "intercepts" far more difficult

Yup, Google is doubtless completely in cahoots with the NSA.

... Really? Is that what you are thinking? Apply some rational thinking here. It's simpler than that. Google advertises to you based on the contents of your email. It is not in Google's interests to prevent themselves from being able to read your email, and if they can read it so can the NSA.

[leot]

I don't understand why everyone seems to think this is an issue. It's as though the only alternative to the status quo is local host browser-level crypto.

The implementation I'm referring to doesn't preclude Gmail from reading emails it has of yours. It just means that only Gmail can read them, because only Gmail has your private key, a private key that's associated with two-factor authentication, and a private key you could optionally use elsewhere, too.

[sliverstorm]

That would work fine, if all the NSA did was sniff traffic on the backbones.

[leot]

The idea that the biggest reason to have PGP is to protect ourselves from some nefarious gov't entity is silly, though in the longer-run it can definitely help make this happen. PGP/PKI affords incredible technological advantages. If webmail providers offered it, OpenID (etc., etc.) would become quickly redundant (e.g.).

[adventured]

This will only work for average email users if you can pull it off without ever using any of the industry language, or requiring anybody to ever actually do anything with a key. Find other descriptive language to use, and make it require zero extra effort, and you've got a winner.

[leot]

We learn all the time how to do complicated things on the internet. Facebook isn't instantly trivial to use (though it seems that way now that we know how to use it). Neither is Google+.

The whole problem with PGP is that it's not worth learning to use because it depends necessarily on network effects. If Gmail deployed it, the network effects problem would immediately disappear. At first it would only work within the online webclient, obviously, and enabling it would have big consequences for how/whether client-based access (IMAP and POP) worked.

[6d0debc071]

Most people aren't going to get themselves into webs of trust - and certificate authorities and webmail servers and the like can be compromised. The only thing you can vest any significant trust in, with NSLs and so on flying around, is what's on your computer.

And, if you want to be really sure, what's on a computer with no radio protected by an airgap into which you never insert removable media....

[leot]

I'm not talking about deploying/using PGP to be secure from gov't (or Gmail) monitoring. I'm talking its use in the context of 99% of normal interactions online. Yes, we wouldn't have tinfoil-hat-level security if it was managed by Gmail, Yahoo, etc. But we'd be lightyears further ahead in our ability to interact securely with others online.

[6d0debc071]

Okay, I'll bite for that - what's your threat scenario here?

[leot]

These aren't threat scenarios. They're advantages to having PGP

Eliminate most spam. Talk with your bank/do trades over email. Talk with your physician. Sign documents.

With webmail-based PGP, people are strongly incentivized to use this to avoid requiring users to sign in to other websites.

[6d0debc071]

I don't think having to sign into other websites is that much of a bother, nor that people are that motivated to talk to their bank or physician on a regular basis that would drive adoption of this sort of thing.

And in return you have to stick all your eggs in one basket, get what would probably end up being a single persistent online identity that goes under your real name (if it's tied to an email address you use for business stuff), and that's owned by a company and may not even be willing to give them back to you (would you even own the private keys if it was being implemented on the server?)

[leot]

There's really an amazing lack of imagination here, both from a threat avoidance perspective and a potential awesomeness one.

The deployment model is this: one large webmail provider starts doing PGP by default via its webclient. Maybe it provides your with private keys, maybe it doesn't. Fact is that it doesn't much matter, because as soon as a large webmail provider starts doing PGP/PKI, the two biggest problems with adoption (namely, that there's no one to use it with, and it's kind of a pain to use anyhow) are basically solved. And as soon as this happens, there starts being a competitive market where providers can begin improving on each other's implementations. Any provider that doesn't give users their private keys won't have much of an ethical argument for doing so, and so it probably would, anyway. There will, as always happens, be a feature war, except with PGP involved some of that war will involve privacy/encryption/reliability concerns.

(PGP also makes spear phishing much harder).

[guelo]

That would probably break email search and ads.

[andreyf]

Where would the private keys be stored? How do you handle the use-case of a non-technical user losing their laptop?

[leot]

I'm talking about the non-extreme-security case of where the online email provider stores your private keys.

[magic_haze]

So, in practical terms, how would this be more secure than what we have now? The main crux of PRISM is that they have highly automated mechanisms of accessing user data from many major internet companies. If you store your private keys alongside that, what are you trying to protect against?

[leot]

The point isn't to hide data from the NSA. The point is that widely-used PGP would be really useful for all kinds of reasons, but that we don't have it because it would be inconvenient for the NSA if we did (they wouldn't be able to read the world's email, e.g.).

In practical terms, it would mean we could talk with physicians, brokers, banks. We could sign documents. We could get rid of nearly all spam. I mean, the advantages of widely deployed PKI are MASSIVE. And the quickest way to get there is to have webmail providers deploy it.

[andreyf]

Where would the private keys be stored? What happens if I lose my laptop?