[dlss]

Cool project, you seem talented... I'm just a bit confused here.

If we basically know several governments already have copies of your historical gmails, and you're not securing the incoming channel (which we basically know has a beam splitter on it), what good does encrypting the historical files do?

[etherael]

We don't know for certain that several governments have archived stored copies of all cloud based email in existence, it's hazy as to what they do and do not have access to, what isn't hazy is that they have the right to demand the content of any given gmail account with effectively zero recourse available.

The very fact that they actually do make these demands indicates on balance of probability, they don't actually just have an archived permanent copy of the content of every gmail account in existence. Why ask for what you already have?

Of course, that's an assumption and it may be incorrect. However on the downside if it is incorrect, you're back in the exact same position you started in and you've lost nothing anyway. And as previously stated, it might get people in the habit of understanding how PGP works if mailvelope and products like it see wider adoption.

In a network of correspondents where everyone is running something similar to mailvelope + phoneme, it becomes an obvious thing to do to simply implement proper end to end PGP, so I also hope it might be a solution to the chicken and egg problem which has plagued PGP deployment for so long.

It can never hurt to fight, even if you might lose, especially when if you don't fight, you'll definitely lose.

[kamjam]

While I agree with the sentiments, Google most likely does not delete the unencrypted mail, so even if the government hasn't stored the content of the mail they will just request copies of all your deleted mail too.

Certainly going forward it would be a good thing to do, but really (as you say) end to end encryption is required. It's a shame Hushmail was compromised [1], this is the type of thing if it was built into GMail would push encryption to the masses - I realise it's not in Google's interest or business model though.

With the smart phones being SUCH an integrated part of our lives now, this also makes it VERY difficult to keep your email with you on the go since the mailvelope plugin is only desktop based.

Shame. We have the tools, I hope we get better integration soon.

[1] http://en.wikipedia.org/wiki/Hushmail#Compromises_to_email_p...

[etherael]

once again on the "most likely" front, it's possible, sure, but according to their own statements, they do actually delete it when you delete it;

http://www.smartplanet.com/blog/thinking-tech/does-8220delet...

http://productforums.google.com/forum/#!topic/gmail/QZh2Ce75...

Note response; Unfortunately, once you have permanently deleted a message from Trash or Spam using "Delete forever," it cannot be recovered. Google complies with data privacy legislation. As a result, our systems are configured in a way that it is infeasible to restore user-deleted data.

Sure, they could be lying, but they could also be telling the truth, and if we assume they are then there is an advantage in keeping a fully encrypted store rather than plaintext. Google has given us no reason to believe that they are directly untrustworthy unless they are actively compelled by law to act in user hostile fashion, and they do not seem to enjoy it.

Personally I'm far more concerned about the state as a hostile entity than Google.

> With the smart phones being SUCH an integrated part of our lives now, this also makes it VERY difficult to keep your email with you on the go since the mailvelope plugin is only desktop based.

I make reference to this on the project page, there's APG which is PGP for android, makes reading / writing / signing PGP possible on mobile http://www.thialfihar.org/projects/apg/.

> Shame. We have the tools, I hope we get better integration soon.

I hope the same, I kind of see this as pushing the issue, we'll see where it goes.

[kamjam]

Ok, let's err on the side of Google for now (although, still not sure I can fully trust them, esp with all this news).

Still, great work and thanks for the additional info. Here's to hoping one day EVERYTHING will be encrypted by default!

[mverwijs]

I was hoping someone far more talented than me would write a browser plugin that would encrypt everything I type in a TEXTAREA with GPG, and then prompt me for a list of friends I'd like to have read that text.

Everything, from Facebook to Gmail, would be encrypted that way. And I would be in control of the list of people that could read that text.

[reeses]

This is a solved problem, including the problem that you're haven't anticipated, which is the helpful "autosave" of drafts.

http://www.emacswiki.org/emacs/Edit_with_Emacs

I'm sure something similar exists for vi, sublime, etc., but emacs (of course) has great gpg support (http://www.emacswiki.org/emacs/EasyPG).

This moves the burden to your local machine, which, while not guaranteeing privacy, helps reduce the amount of data that you're just handing to the bastards.

[mverwijs]

Hardly solved. I want it to be so simple the average Facebook user will want to use it.

Emacs hardly fits that bill. Nor does popping up any other editor I think.

I would just like to use the native browser interface and right before doing a POST, have the browser do a pop up and ask me which of my friends I would like to share the text with.

[mverwijs]

Also, there is the decription part. The browser would need to auto-decrypt on the fly all the encrypted messages that are meant for your eyes only. Without asking for a password every time. And without having to open a new application. Rendering pages might prove difficult, as the page can only be rendered properly after decription.

[Torgo]

Just a small quibble, if you're typing in the textarea the website or any other extensions you have in your browser could spy on the plaintext as it is being typed. A secure browser extension would have to call an external program, let you type and encrypt your message in there, and then deposit the encrypted message back into the textarea.

[sp332]

Wouldn't you have to encrypt the text repeatedly, once for each recipient?

[reeses]

gpg handles this natively.

http://www.gnupg.org/gph/en/manual.html#AEN111

"multiparty encryption" is what you're looking for.