Greetings. I've written a simple cgi form that has recaptcha and gpg encrypts the mail it sends. https://github.com/thedod/whatmail/ Demo: https://swatwt.com/whatmail/ It's short, uses gpgme, and tries not to be "too smart for its own good", but anything could have vulnerabilities.
Peer review is welcome, as well as inputs like "there's a tried and tested tool that does it already" (I simply couldn't find one). I need this for something very specific (I help people with their sites, and sometimes they need to send me passwords), but I have other ideas for it (that also require peer review): An encrypted mail-form is not as good as "real" encrypted mail for 2 reasons: 1. There's no authentication of the sender (although you get sender's IP# for what it's worth). The receiver should always bear in mind that the sender's identity is in question, and if it's important - verify it out-of-band (e.g. phone). 2. There's no threading of conversations (the sender doesn't even get a copy of the sent text), so it's not good for discussions where history is important Nevertheless, the form has one advantage over "real" encrypted mail: anyone can use it. Idea #1: reducing signal/noise In the 90s, folks hoped that encrypted mail would become popular enough to substantially reduce signal/noise ratio. It never happened, because both sides needed tools, skills, etc. in order to do proper encryption. People like my mom couldn't be bothered with all that, and they are the 99.99%. Now suppose Bob the site builder has a gpg mail form. He can tell his granny Alice to send him all her gossip and cat-movie links via the form. For Alice, it's even easier than regular mail, and she also gets to be a good citizen by reducing signal/noise ratio (in general, and in Bob's inbox). Idea #2: Replies I'll now try to take it one step further: can Bob send Alice an encrypted reply? He could tell her to invent a "reply pass phrase", include it in her encrypted message, and remember it (this can even be a double password field in the form). Now that Alice and Bob have a shared secret, can Bob send a symmetrically encrypted message to Alice? A self-decrypting archive is a bad idea (could be replaced with a phishing trojan and we'd never know), so Bob would have to use something that Alice can decrypt with existing tools she already has on her machine (password-protected zip archive, pasword-protected word doc, etc.). Bob->Alice messages won't be a as hard to crack as the Alice->Bob gpg-encrypted ones (Bob knows that, and wouldn't write anything sensitive there), but hopefully hard enough so that if there are many of them, it would produce a significant workload for Eve (am I being naive here? How weak are these things?). To sum up my questions: 1. Are there vulnerabilities in my code (or is there another tool I should use instead)? 2. Is it wise to encourage laypeople to use this in order to reduce signal/noise? 3. Is my idea of using password-protected zip/doc/etc. as "better than nothing" encryption valid? If so, what's the toughest layperson-decryptable format [that can be created under linux]? Thanks, The Dod -- "Power to the people doesn't come with a standard plug" -- Abu-Zeresh
_______________________________________________ liberationtech mailing list [email protected] Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
