Whiteout.io is a chrome app for email, plus an android app with key-synch between the two. It's still early stages, so it has some issues (like indexing all your emails, since forever, and overheating your computer). But it's very promising.
Most people want to continue using webmail though. That's why Mailvelope is so awesome. Continue using webmail, but just have an extra button added which opens up an editor with a bit "encrypt" button. Pretty easy, and pretty safe.
Yeah, I use mailvelope with my close friends and family. It's not yet easy enough for my parents generation to "get it" but if it's set up for them they can muster through it.
The problem with plugins though is that very few people go out of their way to install browser plugins. Having an integrated option is way more useful. So some people have to encrypt/decrypt in-browser using Javascript (like, how tutanota and protonmail do it, or like whiteout.io does, or like anybody can do now using the keynote.io API). I know it's not ideal, but it is way better than nothing. It won't stop the NSA, but it will stop hackers, email leakers, doxxers, and big-data email-mining algorithms.
I do know a team whom you should work with: keybase.io
Keybase.io have an early-level product which would help with your keyserver issue. It has a CORS-enabled API, a commandline tool, an online interface for encrypting, signing, verifying, etc. and a "ring of trust" tool that follows the modern social network model (where, you can "track" somebody and it auto-signs their keys each time they upgrade.
This post assumes that GoGo are doing a MITM simply to block YouTube in order to prevent their network from being congested. My assumptions would be that
1) GoGo are blocking youtube in favor of their in-flight paid media services not just for badwidth
2) GoGo's MITM attack has little to do with media content but rather more about being able to read all the communications of passengers for "national security" purposes.
If they are decrypting and logging your traffic (including passwords) and communications, then I assume their scheme can be defeated by a VPN. If you want to send intimate messages to your lover, or discuss a political protest while in flight, without some nosy GoGo employee reading it, then probably using OTR (like Cryptocat or pidgin/adium), PGP (like mailvelope, enigmail), and ZRTP (Redphone/Signal) are a pretty good idea.
But there's no evidence that either of your assumptions is true. Gogo has said publicly[1] that they're trying to "shape bandwidth" to YouTube and other streaming sites. Let's not spread conspiracy theories about "national security" on HN when the truth about the NSA's domestic surveillance hijinks is disturbing enough.
I say this even though I've criticized Gogo[2] and suggested ways in which they may be legally liable as a result of their fake *.google.com cert.
For those who may not be familiar with his work, David Reed, the author of the linked post, helped with the early development of what would become the modern Internet. That includes UDP and IP signaling, which is one reason (I believe) he won an ACM hall of fame award.
"In designing its existing network, Gogo worked closely with law enforcement to incorporate functionalities and protections that would serve public safety and national security interests"
"Although FCC rules “do not require licensees to implement capabilities to support law enforcement beyond those outlined in CALEA…,” Hastings noted, “[n]evertheless, Gogo worked with federal agencies to reach agreement regarding a set of additional capabilities to accommodate law enforcement interests. Gogo then implemented those functionalities into its system design.”"
The Snowden documents explicitly point to heavy effort going into monitoring internet use by passengers on airplanes, including using information about connecting flights to connect passengers to MAC addresses. It wouldn't surprise me in the least if they were doing a bit of work to make sure that the actual content is readable. It's barely a conspiracy theory.
Why would Gogo need to MITM YouTube to shape traffic? Can't they just cap each passenger's traffic, regardless of the website or whether it is encrypted?
Fair point. It's most likely nothing nefarious, but who knows, maybe they log everything and will one day face a data breach like Sony? Maybe they data mine it?
IRL if somebody intercepted all of your mail, opened the envelope and then put your private letters and bank statements in their own envelope to re-send it, then told you they were doing this to shape postage traffic because they physically cannot handle certain kinds of packages to your location, then you can both A) Believe them that they cannot handle such packages and B) worry about what goes on during the process of opening and repackaging your mail. You don't know the employees doing the repackaging and what if one of them moonlights as a thief. The post was about A, my response was about B. Sorry if it's off topic but you can and should take steps to protect yourself without interfering with their bandwidth shaping.
1) They are not blocking (completely) Youtube. But still plausible.
2) Then why would they be doing it only on video streaming websites? [1] Also, if they are so obvious about their methods from now on, one nice thing is that we won't need whistleblowers anymore.
As a frequent user of in-flight internet, I can tell you their login page has a big reminder saying that streaming video is not supported and giving examples like Netflix and HBO Go.
The technical reason -- which is sound -- is that there's not enough bandwidth between plane/ground.
Strictly speaking, GoGo's service isn't capable of handling streaming, but it's not clear to what extent bandwidth is the limiting factor. Really bad bufferbloat does horrible things to goodput. With proper QoS, it's likely that they could sustain at least one or two low-resolution YouTube streams, just not a whole plane full. Terrestrial ISP's can't handle everyone watching video at the same time, either.
Jim Gettys reported on the CeroWrt-devel list that he tried to benchmark the in-flight Internet connection on a United flight to Hawaii last November, and it apparently crashed the connection. The routers and accompanying software being used for these systems are probably of exceedingly low quality.
I would expect that even if it wasn't mentioned, I mean it's a freaking internet access in a fast moving object 30,000 feet above ground! I don't like what Gogo just did, but kudos for undertaking this challenge. barnaby mentioned they have in-flight paid media services, of what sort/diversity/quality? I suppose it's a selection of movies stored on a server in the plane.
Yes, in-flight streaming services tend to have a bunch of stuff on a little server on-board, and the in-cabin routers can more than handle that. It's the plane<->ground link that's the chokepoint; on a lot of planes that bandwidth isn't much better (and sometimes worse) than a 4G cellular link, but shared among everyone on board.
2.) Makes a lot of sense. I think it is the most likely explanation for the MitM.
1.) GoGo doesn't need MitM on video streaming to aid in law enforcement, but it's an opportune time to mention that video streaming has been a target of the intelligence apparatus as recruiting videos and indictments of US imperialist activity is condemned there (for example Al-Awlaki's videos were censored from youtube for being seditious; to give context here Al-Awlaki was a US citizen assassinated without a trial and is one of four American citizens killed by drone strikes - while never engaging in violent actions himself he was given the moniker 'The Osama Bin Laden of the Internet' for his recruiting efforts). Another relationship video streaming services have with intelligence efforts is that logins and cookies (associated with Google Accounts in the case of Google) are good identifiers. In this case a MAC address could be associated with online accounts (I'm not saying this is done).
I think its (probably) wrong to kill US citizens without trial. I won't use the word "assassinate" since it perhaps dignifies the action too much. Also I highly respect John McCain's position against torture, aka "enhanced interrogation".
However, the US isn't fighting against opponents who are playing by Marquess of Queensberry Rules. And the average American is willing to descend a little way down a "slippery slope". To quote a White House official:[1]
"If Anwar al-Awlaki is your poster boy
for why we shouldn't do drone strikes,
good fucking luck."
Yeah, sometimes right and wrong isn't completely black and white. There are shades of gray. There is a dark side that tries to seduce everyone.
Interesting quote and a good article by Michael Hastings (before his mysterious death) for those interested in the controversial subject of drone strikes. Thanks for the link!
Given the use of the quote in the article to cast the CIA as dismissive of Constitutionality and of fundamental human rights would you say that you diverge from Hastings in your understanding (i.e. the CIA are 'right'?). I might be: I'm much more upset at the death of 76 children and 29 adult bystanders accidentally (?) killed while trying to target Ayman al Zawahiri (who is still reportedly at large) or in general the estimated 28:1 ratio of untargetted causualties to successful targets (themselves suspect in international law). Then again, even while Anwar al-Awlaki was no cupcake if his case were applied as a standard of justice in America any true sense or illusion of justice in the legal system we have would be lost.
There are many people who feel that the large amount of collateral damage from drones only inflames people against us. There's a lot of truth in that. But still, take the case of Bin Laden. He was living down the block from Pakistan's West Point. It seems logical to conclude that quite a few important people in Pakistan knew he was there.
So maybe it doesn't matter? Maybe the additional people we are alienating already hated us before we greatly increased the number of drone strikes?
Aside: the cynical me would bet even money that 95% of the 3rd world people who profess to "hate" us would jump at the chance to immigrate to the USA.
As for "justice", in order to remain happy living in the USA I have to believe that, overall, this country is basically good, that we're perhaps the best country in the world in terms of allowing people "Life, Liberty and the pursuit of Happiness". I do believe that.
I'll leave you with the title of a book that was published about 19 years ago:[1]
Pick a Better Country:
An Unassuming Colored Guy
Speaks His Mind about America
Ken Hamblin's basic point in that book is that we might not be perfect, but it's hard to find a country that, overall, is better than the United States of America.
While I'm not likely to agree with most of the speculation here, you might find me agree that there are much, much worse places in the world than America. We are lucky to have inherited this wealth that America has.
America is extremely wealthy (it is 4% of the world population and has 25% of global wealth). With great prosperity and opportunity the conditions are laid for great freedoms. This is nearly universal. The contention for the means to survive and thrive creates strife that interrupts peace, and furthermore muddling (as was laid around the 'third' world by imperialists and globalists and proxy war - in the Middle East by Sykes-Picot, Palestine by British Mandate, Korea by General Order 1, Vietnam, Malaysia, Laos, Cuba, and Tibet all by proxy war, Africa, Philippines, countless others by colonialism) exacerbate this strife.
America did not merely innovate herself to her prosperity. Nor is 95% of the third world to blame for their poverty.
I also would bet that 95% of slaves, who would have professed to 'hate' their masters, would have jumped at the chance to become one. The two need not mutually exclusive.
America is blessed to have been culturally couched on the opportunity to steal an unstripped continent through the marginalization and genocide of millions of established native peoples, outsource the labor of its major national products to an enslaved race of kidnapped peoples and separated families up until (and to large degree after) industrialization, to have been a war profiteer of two of the world's most deadly wars (and used this leverage to establish itself as the primary gold lender of the world), and to have established itself as the world's primary protector by being the only country to have used a nuclear bomb against a civilian population and by banning the development of such weapons by others, and today by pulling strings around the world to engineer its own success.
Thank you for the Ken Hamblin book. It's now on my queue. I'll trade for a quote from a speech by Mr. President John Quincy Adams:
"She has, in the lapse of nearly half a century, without a single exception, respected the independence of other nations, while asserting and maintaining her own. She has abstained from interference in the concerns of others, even when the conflict has been for principles to which she clings, as to the last vital drop that visits the heart. She has seen that probably for centuries to come, all the contests of that Aceldama, the European World, will be contests between inveterate power, and emerging right.
Wherever the standard of freedom and independence has been or shall be unfurled, there will her heart, her benedictions and her prayers be. But she goes not abroad in search of monsters to destroy. She is the well-wisher to the freedom and independence of all. She is the champion and vindicator only of her own. She will recommend the general cause, by the countenance of her voice, and the benignant sympathy of her example."
I remember when people used to make these arguments with Java and PHP. "You don't need a framework, just write your JSP templates to have database calls with SQL and tons of Java code". BLEH! I'm glad Struts, then Spring, the Play, came out and made life more sane.
I wrote javascript before there were frameworks when it was just libraries like mootools and dojo and jQuery sitting on server-side templates. Today I write CORS apps with Backbone.js+Marionette.js+require.js+grunt+qunit and it solves all kinds of problems and I love it! I'd never go back to javascript without frameworks. As soon as this project is over I am gonna try AngularJS to see what the hype is about.
Good article. I wonder why Mailpile are targeting difficult use-cases such as activists, journalists, etc. It feels like every PGP provider aims for this, but OTR encryption tools aim for a much easier use case: average users who just want to hide their private conversations from big data algorithms which then sell their secrets publicly. OTR is much easier as a result, but it can't do email (that I know of). :-(
In this article mailpile worry about users who need an airgap. What worries me is whether creating features for airgap users makes anti-features for users like me who just use PGP when mailing with my parents, my wife, and some friends. We just want to avoid our secrets being part of "Big Data" and as a side benefit we resist passive surveillance. Mailvelope (which is "easy") is complicated enough for my parents, they would never add the complexity of an airgap. We just want easy encryption, even if it isn't totally NSA-proof.
I mentioned those users as one group that was impacted, not as the be-all-end-all target audience. If you re-read the relevant section you'll see I spend more words worrying about Mailvelope and Google E2E users. They face the same issues.
>> But still. OTR (and the enhanced/modified version of it TextSecure is using) is probably the easiest to use way to communicate in a reasonably secure fashion, and it'd would be fantastic to see it used by hundreds of millions of users all of a sudden -- even if it's sitting on top of insecure mobile operating systems and untrusted-yet-privileged hardware.
Have you had issues getting OTR to connect sometimes?
Myself and about 5 friends have been using OTR with ChatSecure on the phone and pidgin on the desktop. Sometimes the OTR connection just doesn't engage, and we suspect it's because there are multiple instances of the chat client signed in and it like "crosses the streams" or something. CryptoCat has similar issues. Is there a perscribed way of using OTR that won't give us these problems?
TextSecure hasn't given us any problems yet ... though, we never see the encrypted text messages in our SMS, even when we use textsecure over google voice. Does TextSecure just bypass actual SMS channels?
That's a common problem when using OTR with the same account in a multi-device environment. It is fixed by the introduction of instance tags in libotr 4.x [0]. You should check the versions of libotr used by all your clients - if they are all libotr 4.0+, you shouldn't have these problems.
A simple workaround is to use a different account for each device (e.g. me@jabber.com, me+mobile@jabber.com).
TextSecure's developers recognize that a good multi-device experience is essential to provide a comparable experience to other messaging apps. Their approach is different from OTR's, and is described here [0].
OTR with Pidgin was pretty solid when I used it (I don't, anymore). But OTR doesn't deal well with mobile connections, something that the changes Text Secure introduces to the protocol address. I still have had occasional, non-reproducible hiccups with Text Secure. AFAIK Text Secure only falls back to SMS if there's no data available, and they're considering removing SMS support entirely in an upcoming version ([0], I say good riddance).
I don't know how well, if at all, either of them deal with multiple simultaneous logins. XMPP (Jabber) doesn't have a great answer for it (ie. there may be support in the protocol or a protocol extension, but implementation support is terrible). Which is a shame because it's very desirable from a user perspective; both just being able to receive incoming messages on multiple devices as well as the next level of synchronising message session history across devices. Clearly the latter is way easier if you're willing to store the history on the server.
Agreed. Going from a NZ bank to another country's bank isn't that simple anymore. Using an international currency makes it equally simple anywhere in the world.
Bitcoin already has a better user experience than banks. Just give it another year or two, to the point where bitcoin will be invisible to users the same way that Linux is invisible (yet, the world runs on it). These services will be rewritten with bitcoin under the hood and nobody will even know or care.
I assume any "no fees" clause means that they're not taking fees at this time. It doesn't mean "no fees anywhere in the system". So there very likely is a 3% fee to the user, just not from snapchat.
Most people want to continue using webmail though. That's why Mailvelope is so awesome. Continue using webmail, but just have an extra button added which opens up an editor with a bit "encrypt" button. Pretty easy, and pretty safe.