Toast442.org

Well, it’s official. It looks like newer versions of PGP are just going to suck and there’s nothing you can do about it. Their ridiculous new email (sorry - messaging) system is here to stay. The official word from a posting by Earle Lowe, a Dev Manager at PGP from June 11, 2006:

Obviously there is a philosophical (and fundemental) disagreement about the nature of email encryption. The current technology was felt as clearly the best path forward for PGP as a software product. It solves numerous issues with integrating into the various email applications that people want to use. It supports PGP/MIME. It supports centralized policy management. It enables a much simpler experience for the user (we have not yet achieved this obviously). The list continues.

The way you want PGP to work where you actually see the ciphertext was and continues to be simply not possible in any number of email clients. The old architecture was neither maintainable nor extensable. As an example, Outlook Express, for all its obvious faults is a popular email client. Prior to PGP 9, the PGP rip-in for this email client was a significant amount of tricky code requiring substantial developer expertise (and was prone to break frequently - particularly with MS updates). PGP 9, on the other hand, has zero specialized code to handle Outlook Express.

OK - I can completely understand the problems with keeping up with email clients. It’s a pain in the butt. But removing security so it’s easier for the end user? What a dumb statement. Why not just remove all encryption from the product? That will make it even easier. In fact, this is basically what they have now anyhow.

Their craptastic “easy to use” messaging proxy defaults to settings so you don’t have to change anything in your email client to make it work. Seems like a convenient feature. All emails could be encrypted/signed on their way out. Except if the proxy ever fails, that email you just sent doesn’t get encrypted - it just gets sent because your mail client doesn’t know the difference. It just uses the same old settings it always did. This failure mode is completely unacceptable. I can’t even believe they offer this as an option. Dumber than hell.

The really screwed up part about this is that their proxy does fail for non-obvious reasons, mostly because it’s a pain in the ass to set up and get working properly, even with their auto detection running. In my case, emails from one account went out signed, another didn’t - all because my SMTP port wasn’t something they were expecting and were trapping (and there is no way to change this either, apparently.)

My advice? Don’t even think to use this hunk of junk for email on the Mac (or anywhere else for that matter.) It’s not worth it. Stick to using GPG. It actually does the right thing, despite lacking the nice key management front end. I didn’t even test anything else in their software. What other crap doesn’t work or is broken in non-obvious ways?

I feel sorry for all those n00bs out there running this crap and thinking they are secure in any way.

Update: I posted to their forums about these concerns. Despite tons of “views” no one has answered. Based on the posts they actually answer on their forums, it looks like their target market has changed to be those customers who think running something called “PGP” magically makes them secure.

PGP just released a beta version of PGP 9.5 that has universal binary support. I used to use PGP back in the day on Windows, but didn’t really keep up with it, eventually moving on to GnuPG for my encryption needs. However, after seeing the note about this new release, I thought I’d give them another shot. I always loved their nice key management (something GnuPG doesn’t have a great front end for at the moment.)

I was browsing through their user’s manual while downloading, and came across a paragraph titled “Memory Static Ion Migration Protection” in the “Special Security Precautions Taken by PGP Desktop ” section. This thing goes on about how an attacker could theoretically retrieve key or passphrase information from your machines memory - after it’s already been turned off - by reading the static charge left over from memory that has had the same information stored for long periods. This is some deep stuff here, and they go on about how they help to protect you against this remotest of possibilities. Cool stuff.

So the download finishes, and I install the thing, import my keys from GnuGP, and go to send an email, and realize that they’ve done away with the plugin model for mail, instead relying on a network proxy that intercepts mail and encrypts and decrypts it automatically, based on rules you set up. This works similarly to their Universal Server product. So now Mail.app (and any other mail client) sends mail to the proxy, where PGP will encrypt it. On the other side of things, incoming encrypted mail is automagically decrypted and then handed to the email client. Works OK (though with some pain trying to get everything set right.)

Then I realized that all the encrypted and signed email that I’d be receiving, would now be stored in PLAINTEXT in my freaking email folders, on a public IMAP server. In addition, there doesn’t even seem to be a way to turn this off or any alternate mechanism aside from not using the email proxy portion of the product. This breaks about 90% of the functionality that I use PGP for.

Without storing the encrypted/signed version of incoming mail, I can no longer guarantee that someone hasn’t messed with it on the server. All that’s left is some text pasted at the top of the mail that says it was signed and verified at some point. No indication of what that may have been, of course. At that point, someone could just as easily change the contents to whatever they like, completely bypassing any security that at one time existed.

This also goes for sent mail - it’s no longer stored in your sent folder encrypted - it’s sitting there in plaintext too. Still worse, there’s no indication of what you did to the email when you sent it. Did I encrypt it? Sign it? Who knows now - that information is gone now that we’re not storing the encrypted/signed copy of the message.

And still worse, someone could easily - MUCH TOO EASILY - forge a message that now looks like it’s been verified by the proxy, when it has, in fact, done no such thing.

They do still have a legacy mail plugin that permits decryption of older emails that you may have received and didn’t pass through the digestive tract of their new product. But get this - on the message boards someone was complaining that the plugin didn’t successfully decrypt messages from certain people. The response? “Oh, that plugin only works with some message types. Use the proxy.”

What a junker.

Yes, they protect you from some arcane attack that requires an electron microscope and a clean room to make work, but they’ll happily decrypt and store your email in the most unsafe way possible. What in the world were they thinking? This isn’t even limited to the new Mac product apparently - this is an across the board product line change that screws everyone.