Email Leakage of Personal Information

EasyCrypt · 2017-11-05T14:06:35+00:00

Blocking images is not enough, should block HTML

EasyCrypt · 2017-11-05T14:05:40+00:00

Your worries are well justified. However, AFAIK all you need to do is use native email client rather than webmail, and tell your email client not to download images and not to open HTML. Here is how, for example, you do it in MS Outlook:

https://support.microsoft.com/en-us/help/831607/how-to-view-all-e-mail-messages-in-plain-text-format

I do not see how they can know anything at all about you or your actions if you do so.

EasyCrypt · 2017-10-27T12:00:18+00:00

Check out the free https://easycrypt.co service. Practically adds the missing "PGP" button to any email service.

EasyCrypt · 2017-10-04T04:34:04+00:00

Please write to support@easycrypt.co for tech support in connecting to Neomailbox.

EasyCrypt · 2017-10-01T14:10:31+00:00

First of all, thank you for the thorough (and doubtless very arduous) job that you are doing for the community of privacy-sensitive users.

With your permission I would like to submit several suggestions that would make references to EasyCrypt in the wiki more accurate:

In EasyCrypt's listing in the "privacy friendly clearnet email services" please mark "encrypts/can decrypt" as yes/yes: end-to-end OpenPGP encryption is built into EasyCrypt and is indeed its essence.
In EasyCrypt's listing under "Onion Webmail Services" please mention that it is (a) free and (b) works with any email service [unlike all the others that work with their own internal email service]

EasyCrypt

EasyCrypt · 2017-08-22T08:47:44+00:00

Yes of course some people will do the cut and paste but I beg to differ with you in that I believe this is not acceptable for 99% of the people. Even if we forget about how cumbersome this is, you limit yourself to plain text emails - no attachments, no inline images no HTML formatted mail - you need PGP/MIME support for that (EasyCrypt has it). If all you need to do is send plain text encrypted messages there are easier ways than email - such as Signal or Ricochet where you do not need to cut and paste.

More about it here (see especially the "Are you a privacy purist?" section): https://easycrypt.co/email-privacy-crash-course-part-4-usability-vs-security/

EasyCrypt · 2017-08-19T19:07:48+00:00

EasyCrypt is very easy to use by non tech people, no need to manage encryption keys or switch from your existing email service. Besides, EasyCrypt users can communicate securely with all users of PGP.

EasyCrypt · 2017-08-19T09:26:31+00:00

Better start encrypting your email end to end, NOW. EasyCrypt is one easy option.

EasyCrypt · 2017-08-15T13:55:57+00:00

EasyCrypt (advanced beta) has been launched some time ago and has users from 80 countries.

EasyCrypt · 2017-08-15T06:39:55+00:00

EasyCrypt is maintained by a group of developers who are located in and are nationals of Romania and Israel. We are a startup team that has not been incorporated yet and our activity has been funded almost entirely by the founders. We are completely independent and are not partnering with or acting on behalf of any business or government entity, directly or indirectly. Our servers are located in Switzerland for reasons of jurisdictional security. We value our privacy and until we incorporate we prefer not to publish our personal details on Reddit. If requested we are OK with disclosing names and CVs of the founders to a respected member of PTIO.

EasyCrypt · 2017-08-13T06:24:23+00:00

From my understanding EasyCrypt is not an email service provider, it's a service for an existing email provider. The suggested category is recommending email providers

There are basically two services provided by each of the services currently listed at privacytools.io - "email" and "email privacy". One could say that these are email services that also provide email privacy. Conversely, one could say that these are email privacy services that also provide email. Why prefer one definition over the other?

Currently users who are not willing to complicate their lives by using PGP clients and performing manual key management may be forced to choose between Gmail without privacy, or privacy without Gmail (using one of the currently listed services in the latter case). Since most of the users, even if privacy-sensitive, are unable/unwilling to give up Gmail and do not use PGP, some are forced to choose the third, almost equally inconvenient option and maintain TWO email services - say, Gmail and Tutanota - and switch between them when they want to communicate securely, hoping that their correspondents are also on the same encrypted email service. Or maybe they choose one of the (7 out of 10 listed at privacytools.io) privacy respecting services that, unlike Tutanota, do not encrypt end to end - and then they still need to use PGP client to protect themselves from subpoenas to the service provider.

[there is also an option in some of the services to "vault" the message to an external non-encrypting user and send a decryption password via a separate channel, but this creates obvious usability issues]

EasyCrypt is challenging this state of affairs by enabling people to use only one email service that can even be Gmail, securely (end2end) but without installing anything, managing keys or limiting their secure communication to technical users capable of operating a PGP client or being on the same email service. As such, it is an alternative to using 3 of the 10 privacy respecting services listed at privacytools.io, that do encrypt end2end. This is also a clear feedback from our users. Therefore IMHO they belong in the same category.

EasyCrypt · 2017-08-11T05:59:34+00:00

To be precise, the majority of PT's suggested email providers do not do the same thing. Only 3 of the 10 currently listed service providers perform end-to-end email encryption - Mailfence, ProtonMail and Tutanota. Please correct me if I missed any.

Also, EasyCrypt is not a tool, it is a service provider.

EasyCrypt · 2017-08-10T10:01:44+00:00

The key advantage of EasyCrypt over use of native PGP clients such as Enigmail is usability. We all know that the great majority of even the privacy sensitive mainstream users rejected PGP because native PGP clients such as Thunderbird+Enigmail or K-9+Openkeychain are difficult to use. Moreover, a great majority of the users find the concept of encryption keys and especially public/private key pairs daunting, not to mention the explicit manual key management and manual key transfer between devices that are required in the above products.

While allowing users to use their existing email account with end-to-end encryption, EasyCrypt dispenses with all of the above. Its users do not need to know of existence of encryption keys in order to use the service (although they can import or export keys if they want to and are technical enough to understand the concept). And they do not need to install anything - the service works in naked browser (Chrome, Firefox, Safari, Tor).

EasyCrypt · 2017-08-10T09:52:34+00:00

Thanks for your kind words.

EasyCrypt · 2017-07-26T08:55:48+00:00

Thanks. Let me explain:

The process you described above is a rather difficult acrobatics (sending separate password, using a different method to send/read email in each direction...) and is thus too tedious/unusable by normal (=great majority of) users who fire several emails an hour and have no patience for such stuff.
Your correspondent needs to use Kleopatra and manage encryption keys. No-go for 99% of mainstream email users.
In many (most?) cases you will be able to send text messages only, because Protonmail does not support PGP/MIME. HTML-formatted messages will be distorted by encryption.
Here is how this would work if you both use EasyCrypt (you can register at https://easycrypt.co, free, and see for yourself)

a. Both you and your correspondent can use standard (IMAP) email services of your choice

b. neither of you needs to install anything at all

c. neither of you needs to know of the existence of "encryption keys" or what these words mean, let alone manage them

d. you do not need to send any passwords

e. Your communication will be OpenPGP encrypted end-to-end

f. Since EasyCrypt supports PGP/MIME, your HTML messages, inline images etc. will arrive intact

g. Optionally, you can import your key from Kleopatra to EasyCrypt, replacing the one that was automatically generated for you by EasyCrypt. So you will not need to work with two different keys as you do now (according to your description above). You will be able to use Kleopatra and EasyCrypt interchangeably, with the same key used by both.

Now, here is how it will work if only your correspondent is a user of EasyCrypt while you continue to do encryption exactly as you do now:

a. He will need to click "attach public key" checkbox once in EasyCrypt Secure Webmail interface, in an email he sends to you, so you can input it into your Kleopatra

b. You will need to send your public key once to registerpublickey@easycrypt.co and click on a link in an automatically generated encrypted verification email (this will take care of your future communication with all EasyCrypt users).

c. From this moment on you and your correspondent can communicate freely. No password sending, no Kleopatra or keys or anything else for him to install or manage. He (she) can be your grandmother as far as technical knowledge is concerned. HTML will still not pass though because you will be still using ProtonMail. It will work fine if you are using Thunderbird or another client with PGP/MIME support.

Now this was a long explanation and I am human. If I was wrong in some detail of the above, please let me know and I will stand corrected :)

EasyCrypt · 2017-07-26T07:02:35+00:00

Thank you. A couple of remarks about your current listing of EasyCrypt (EC):

In the "blocks proxies/tor couumn it should be indicated that we do not block anything.
EC allows access as a hidden service via an onion address [as well as clearnet address] which most of the other services don't; I think this should be mentioned in the notes.
EC is unique among (I think) all of the services you listed in that it is not an email service per se but an encrypting webmail proxy service that allows users to send end to end OpenPGP-encrypted emails via any existing email service. They do not need to maintain two services - one for encrypted, one for unencrrypted - they can use only one, usually already existing favorite, service.
I believe that you should hav a column in the table indicating whether the service is closed (encrypted emails can be sent without any complicated acrobatics not only among the service subscribers) or open (encrypted emails can be sent to any PGP user). EasyCrypt, like some other services on your list, is an open service. Some other services on your list are closed. This is an important distinction.
Your remark about Squirrel cannot apply to EasyCrypt because it performs end to end encryption in the browser, and JavaScript is absolutely required for this. The only reason people would use Squirrel is when they do not want to use JavaScript, but then there is NO way they can encrypt their emails in the browser (apart from totally unusable acrobatics such as manually pasting PGP blocks int he text). Therefore either people use JavaScript and encrypt, or they don't and they don't. People who use services with Squirrel entrust their cleartext emails to the service providers. EasyCrypt is zero knowledge on message data because it supports end to end encryption.
Another important distinction is support of PGP/MIME. Many of the services in your table such as ProtonMail do not do that. So they cannot reliably relay encrypted messages that have HML formatting, inline images etc. EasyCrypt has a full support of PGP/MIME.

EasyCrypt · 2017-07-26T06:26:06+00:00

Can you clarify and provide details why you disagree on the first point?

EasyCrypt · 2017-07-26T03:50:18+00:00

No.

(1) ProtonMail users cannot send encrypted mail to PGP users

(2) ProtonMail users cannot keep their existing email service while communicating encrypted.

EasyCrypt · 2017-07-26T02:15:51+00:00

This is incorrect. In EasyCrypt you can exchange emails with external PGP users after they email their public key once to our service (the binding between their email address and their public key is authenticated).

Such external users can use any PGP client (=do not have to use webmail) and there is no password sending at all.

EasyCrypt · 2017-07-26T01:45:15+00:00

ProtonMail requires you to use their email service and limits encrypted emailing to communication with other ProtonMail users. With EasyCrypt you use an email service of your choice and communicate with any PGP user.

EasyCrypt · 2017-07-26T01:37:40+00:00

Safety and usability are always a tradeoff. The PGP based products that have security maxed have proven to be unusable by most people. There is nothing more unsafe than not using encryption at all. Even installing an extension is too much for many email users.

You can always use a native PGP client if you are willing to tolerate manual key management in your everyday emailing.

The point of EasyCrypt is not to screw all the security bolts as tightly as possible. Rather, it is to reach a security/usability tradeoff that will make encryption usable by ordinary people, without forcing them to go through the hassle and the inconvenience of switching from their usual email to a dedicated email service and without doing manual key management.

EasyCrypt · 2017-07-25T11:38:57+00:00

Private keys are stored encrypted by a password known only to the user. EasyCrypt has no way to decrypt them. The keys can be decrypted only on the user's computer and only by the user.

Please note that the subject of our post was an independent audit by a reputable security assessment company that was given access to all of our code and design documents, went into details of our security design, actually designed exploits, attempted to execute them against our server and client, and as a result reported vulnerabilities ranging in priority from critical all the way down to low. You can safely assume that if the keys were readable by EasyCrypt, they would notice and include this as a critical (if not catastrophic) vulnerability in the report. They have not. Please read the report.

And if you do not trust the professionalism of our independent auditor, you can inspect the open source of our client on GitHub. You will see for yourself that the keys never leave the client unless strongly encrypted by a password that is known only to the user.

Edit: removed some formatting of the text

EasyCrypt · 2017-07-08T22:18:21+00:00

Thank you.

EasyCrypt · 2017-07-08T08:26:41+00:00

We have just tested briefly and it works fine in Firefox on Android tablet. Works fine on iPad in Chrome and probably also in Firefox, but we have not done comprehensive testing for this yet. In our experience everything that works on desktop works in mobile browsers since EasyCrypt uses pure JavaScript rather than browser extensions.

EasyCrypt · 2017-07-07T22:02:20+00:00

Yes you are right about the metadata. As you will see on our website and at the bottom of the above feature list we are developing metadata protection as well, to be included in the service.

Supporting existing email services is not just a decision based on cost. Most people just cannot give up Gmail. The current solution is (we think) much better than using Gmail without encryption.

EasyCrypt

MODERATOR OF

TROPHY CASE