So it turns out that SHA-1 might be broken. If not broken as such, it’s certainly bruised and its ability to be relied upon is in a significant amount of doubt. But why should that matter? We can just use SHA-256 or SHA-512 for more security, can’t we? Well yes we can… but does that actually help the wider issue?

Think about this in another way: If you receive a signed email from a contact of yours and it verifies correctly, do you check what method of signature was used on the email? I’d suggest that unless you’ve fitted yourself for a tinfoil hat, you’re unlikely to do this. Seeing as the signature process is employed to provide verification, we need a method that can use in a widespread manner and that we can rely upon. Is it time to revoke SHA-1 and DSA signatures? Should encryption and signing packages refuse to verify messages and files signed using these methods? Perhaps. However, it’s extremely unlikely that this would be implemented – md5 was broken some time ago and yet it’s still used for verification of file downloads etc in a farily widespread manner. So what should we do to protect ourselves from potentially forged digital signatures?

In my opinion, it requires a bit of common sense. The chances are that if you receive a signed email from a friend asking what you have planned for the weekend for example, it’s fantastically unlikely that this kind of signature would be forged and therefore the use of SHA-1 is really not going to compromise anything. However, if you are communicating with contacts regarding a multi-million pound (or multi-million dollar, multi-million Euro… I think you see what I mean) contract, perhaps it would be far better to use a more reliable signature algorithm. SHA-512 would be preferable, and there would be no issue requesting that contacts use this to sign their communications. If you receive an email requesting millions of <insert currency here> that is signed using SHA-1 or DSA, perhaps you could request that they confirm and sign the message using a more secure method.

I’m not advocating the use of tinfoil hats at all and really do think it’s a case of common sense. I wonder how many people have considered this? If you think about it and others think about it, perhaps SHA-1 will be retired naturally by lack of use rather than an official announcement that it’s no longer secure enough…

From the article:

National Intelligence Director Mike McConnell is drawing up plans for cyberspace spying that would make the current debate on warrantless wiretaps look like a “walk in the park,” according to an interview published in the New Yorker’s print edition today.

McConnell is developing a Cyber-Security Policy, still in the draft stage, which will closely police Internet activity.

“Ed Giorgio, who is working with McConnell on the plan, said that would mean giving the government the autority to examine the content of any e-mail, file transfer or Web search,” author Lawrence Wright pens.

“Google has records that could help in a cyber-investigation, he said,” Wright adds. “Giorgio warned me, ‘We have a saying in this business: ‘Privacy and security are a zero-sum game.’”

A zero-sum game is one in which gains by one side come at the expense of the other. In other words — McConnell’s aide believes greater security can only come at privacy’s expense.

Please read the whole article on the Raw Story website and some user’s comments about the story on Slashdot to see how this may affect you. Personally, I find this frightening – the laws of the United States shouldn’t affect me directly, but if the US administration decides that privacy is no longer important and their “crime prevention” methods of monitoring every email they wish go though, you, me and virtually everyone globally will be affected directly with little we can do.

Perhaps it’s time you thought about encryption…

Wrong. Until very recently, I was unaware of the availability of Hardware Keyloggers just like the ones shown in the pictures on this page. How often do you use a shared computer? When you do use one, do you look at the cables to see if a nasty little device has been clipped to the keyboard input? I’m guessing not – but if you did, do you think you would spot something as small and unobtrusive looking as this?

These things really could be a concern for those of you who use internet cafes, or computers in any shared environment – think schools, universities and even work! All it takes is some unscrupulous person to try to make some money out of these, and you could find your financial details are compromised, usernames and passwords stolen and you may even find that your bank accounts and life savings have been emptied. All because your password was intercepted.

Here’s a quote from a site that sells hardware keyloggers:

[our] hardware keylogger is the smallest and most compact hardware keylogger on the market! [it] is a small device that connects between your keyboard and computer on the back of the PC and directly records every keystroke typed: bar none. [the keylogger] can store up to 64,000 keystrokes, which equates to weeks worth of data.

• Holds 64KB worth of keystrokes (roughly 64,000 typed keystrokes).
• Compatible with all IBM/PC Computers.
• Compatible with PS/2 Keyboards.
• Undetectable by AntiVirus and other third party detection programs.
• Captures passwords, usernames, chats, e-mails, websites, and more!
• Completely Plug-And-Play – installs in seconds

These things are available to buy, and are used much more than we think. Personally, I find it frightening and can think of no legitimate use for a hardware keylogger whatsoever. It is designed to be undetectable by security software and the untrained eye.

So, you think “It’s ok. I only ever bank online at home, so I’m totally safe…” Well, you may be safe from hardware keyloggers (it would be unlikely that someone you allow into your home would have the ability or inclination to hook one of these up to your computer), but trust me… you may be just as vulnerable, if not more vulnerable at home!

Do you have a Wireless Keyboard and mouse? If so, it most likely runs using Bluetooth. Unencrypted.

This may not be a concern if you live in a detached house, or if you really trust your neighbours. However, how many of you live in a flat or apartment block? How many neighbours are within 10m of you? By simply “listening” for bluetooth traffic, a hacker could theoretically capture every single keystroke that you make on your computer. Full usernames, passwords, personal items, websites visited, search terms… this could be an absolute disaster.

I, personally, don’t use a wireless keyboard or mouse, but I can say that this is absolutely no the reason for it. If I had a desktop, I would certainly consider it. But after reading an article in a magazine recently, my eyes were opened to the potential disaster that would be data interception. While wireless technologies have made our computer experiences far more convenient, I suspect that this has been at the cost of data security. I have two simple pieces of advice:

1) If you use a shared computer, pull the keyboard cable out and have a look at it.

2) If you are entering sensitive information, use a wired keyboard.

mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw

In summary, Mobility Email is a distribution of Mozilla Thunderbird that can be run without installation from a USB Flash Drive, iPod or hard disk for example. It has been authorised for release by the Mozilla Corporation.

Mobility Email allows you to transport your entire email inbox simply on a USB stick, allowing you to plug it into any computer with a USB port and an internet connection, and communicate easily by email.

One of Mobility Email’s key features is that it comes with support for both S/MIME and OpenPGP Signing and Encryption features built-in, allowing users to digitally sign and encrypt their emails wherever they are. It includes a new, cutting-edge CVS version of GnuPG allowing users to utilise the new, more secure DSA2 and SHA224 technologies not yet available in any other standard release email client. Mobility Email truly is a plug-and-go solution, requiring no lengthy set-up procedure. Simply give Mobility Email your email account details, and you are ready to communicate securely using an excellent, portable email solution. Mobility Email removes the single most significant obstacle to the use of encryption: complexity.

It also includes several other advanced security features including the ability to “lock” and “unlock” your mail profile – this encrypts all your emails when you are not using them, meanin that ig you lose your USB Flash Disk for example, your emails are all safely encrypted and therefore can’t be read by anyone who may have found or stolen your disk.
Crucially, Mobility Email is fully compatible with Mozilla Thunderbird (1.5) extensions and themes since it is built on Thunderbird 1.5.x code. It comes with its own theme (that you can disable if you don’t like it) and several of the best extensions pre-installed. These extensions include Enigmail, Contacts Sidebar and Webmail. The Webmail extension allows users of web-based email services (such as Hotmail, Yahoo! Mail, Lycos email, Mail.com etc) to access their email from a mail client, meaning that you don’t have to spend hours going from website to website, entering different usernames and passwords – Mobility Email does it all for you, and you don’t have to pay for the webmail companiy’s POP service either! Mobility Email does it for you for free, and it’s even compatible with Gmail accounts. By integrating webmail accounts to Mobility Email, it allows users to use S/MIME or OpenPGP signing and encryption features with their existing accounts – this was previously not possible without specific software and an in-depth knowledge of GnuPG. Mobility Email removes yet another boundary!

Mobility Email is also available with an optional subscription to Mobilityemail.net – this provides users with their own @mobilityemail.net email address, provides a mailbox with at least 250Mb storage, and has full POP / SMTP / IMAP / Webmail access. It also protects you from spam and email viruses.

The Mobilityemail.net service starts at just $24.95 for a year’s service, but it is not necessary to sign up to this to get the Mobility Email software. Mobility Email is Open Source and will always be free.

Full details and free downloads are available at http://www.mobilityemail.net

So first thing’s first: Why is S/MIME built-in to email programs but OpenPGP isn’t?

Well, there are two possible issues. The first one I believe to be most likely: money. In most cases, you need to pay around $20 per year for an S/MIME certificate. There is therefore an incentive for companies to push S/MIME and make money out of it. The second, “slightly” less-likely reason is Government intervention. If you get an S/MIME certificate, the issuer of the certificate will have a copy of it, allowing them to decrypt your email if the government decide they want to read what you’ve been sending. OpenPGP is based entirely on “certificates” generated by you, so the Government (or any other party) would probably not be able to get a copy of it and decrypt the emails.

So why do I prefer OpenPGP?

Well, see the paragraph above. Firstly, you usually need to pay for an S/MIME certificate (although there are some free certificates available), but the main reason is that you are placing your trust in a Certificate Authority (CA) to keep your emails private. What would stop the CA handing the certificate over to the government? Or even an employee being paid off by a journalist so they can intercept potentially sensetive information? OpenPGP puts you in control of your keys and therefore your privacy.

OpenPGP is also more configurable. You can choose which options to use. You can generate a key with loads of bits (more secure) if you like, or you can use a smaller key if you wish. S/MIME generally forces a 1024 bit key on you (the smallest standard key that OpenPGP will generate). You can also use as secure a Hash Algorithm as you like, where S/MIME forces SHA-1 on you – as discussed in this article, SHA-1 is the least secure hash algorithm still in general use.

However, OpenPGP can also be used for more than just email encryption. It uses an encryption program called GnuPG that can be used to encrypt files, you can use it for file signatures and file verification – it is a very versatile tool. More importantly, it’s free, open-source software and is constantly subjected to peer review. This means that any security loopholes or issues are quickly found and reported widely, ensuring you and your data is as safe as possible.

Yes, I know, I’m talking about my emails as if they are the most important thing in the world, when 90% of the encrypted emails I send are general day-to-day emails that say “check out this link” or “I forgot to tell you today…”, but depending on your situation, an email really can be the difference between life and death. For example, if a journalist was sending information from a country with particularly strong secrecy laws (China, North Korea etc), a leaked or intercepted email containing “restricted information” could have him imprisoned or worse. In situations like this, it’s vital that you can have full trust in your encryption systems, and I believe OpenPGP is the way to do that.

But what does this actually mean? Well, it means that someone could potentially “fake” a file or email signature, leading you to download a malicious file (for example they may include a virus or security hole in some software, and this fake file would still be verified by the original md5 sum), or they may be able to send an email with a faked email address and signature, making you think the email is from a reputable source. This could potentailly lead you to give out some sensetive information to someone who shouldn’t get the information. This could compromise businesses through pre-release information etc, or home users if used as part of a complex phishing attack.

So is something being done about this? Well, the short answer is yes.

Currently, there are new, more secure hash algorithms available such as SHA-256 and SHA-512 which do not have the same problems as their predecessors. However, these are no use to anyone who still uses a DSA key. DSA signing keys require the use of a 160 bit hash function – ie. SHA-1 or RIPEMD160. These are not as secure (and in the case of SHA-1 may even be broken) as the newer hash algorithms. The newest cvs versions of GnuPG allow users to make use of DSA-2 – this is a DSA key that enables the use of a truncated hash, meaning you can use, for example, SHA-256 with your DSA keys.

The newest cvs versions of GnuPG also include the new SHA-224 algorithm, specifically targetted at DSA-2 keys. This hash algorithm is, again, much stronger than the older 160 bit hash functions, allowing DSA keys to continue to be useful.

So here’s the Geeky part: How do you use the new SHA functions with your DSA keys? Well, you will need to download and/or compile the latest cvs release of GnuPG. Then, you simply run the program as normal and include the command “gpg –enable-dsa2″. Please note however, unless you know what you’re doing and you’ve used the GnuPG Comand Line before, this isn’t a simple process.

Instead, you could wait a (very) short time for the forthcoming release of Mobility Email which comes with these features pre-installed and active.

Questions or comments? Feel free to add them here.

Secure communications really should be simple to use every time, and I think Phil Zimmermann’s latest effort is commendable, but it suffers from the same problem many encryption products have: complexity. Complex to set up, complex to understand and potentially complex to use. However, based on reputation alone, I’d suggest that users may feel “safer” using zfone than they would using any other encrypted VoIP product. Phil has released the source code of the project for “peer review” meaning that any security issues or “back-doors” would be found and widely reported. This is the key benefit that zfone has over the likes of Skype. Skype uses a proprietary, closed-source method of communication so although they say it’s encrypted, you don’t know who has access to the data, or if a “master key” is stored on a server somewhere.

The bottom line is that Phil Zimmermann’s reputation in encryption will drive this product, and although it’s late to the market, I can see it making a big impact in the way we communicate in the future. The large drive towards VoIP has come riddled with security issues because the traffic is so easy to intercept. This encryption product and others like it will be essential to the future of VoIP telephony. But of course, it’s up to you to decide – what do you think of zfone?