• Safester, anyone?

    From August Abolins@2:221/1.58 to All on Thursday, January 27, 2022 09:19:00
    * Originally: PUBLIC_KEYS
    * Xposted: FSX_CRY, ARK_CYBER

    Anyone familiar with Safester? A friend of mine just wrote to me..

    "While doing some early morning surfing, I came across yet another "better way to do email encryption" called "Safester".

    "It is available for windows, linux, macOS, iOS and android.

    "They publish their C# code on github so theoretically their stuff is open source.
    The free option has unlimited inbox size, but outbox is limited in size to 500MB.

    "They apparently use openpgp for end to end encryption, and they use your existing email address, but their own servers for storage of the encrypted email content (ie. they are a cloud email storage server).

    "They do NOT allow you to use your own PGP keys, though!!!

    "Have you heard anything good/bad/ugly about it?



    --- OpenXP 5.0.51
    * Origin: Key ID = 0x5789589B (2:221/1.58)
  • From Wilfred van Velzen@2:280/464 to August Abolins on Thursday, January 27, 2022 15:30:00
    Hi August,

    On 2022-01-27 09:19:00, you wrote to All:

    Anyone familiar with Safester? A friend of mine just wrote to me..

    "While doing some early morning surfing, I came across yet another "better way to do email encryption" called "Safester".

    "It is available for windows, linux, macOS, iOS and android.

    "They publish their C# code on github so theoretically their stuff is open source. The free option has unlimited inbox size, but outbox is limited in size to 500MB.

    "They apparently use openpgp for end to end encryption, and they use your existing email address, but their own servers for storage of the encrypted email content (ie. they are a cloud email storage server).

    So it's not a universal "solution", just a business model for them...

    "They do NOT allow you to use your own PGP keys, though!!!

    Which makes me not want to use it.

    "Have you heard anything good/bad/ugly about it?

    This is the first I hear of it...

    Bye, Wilfred.

    --- FMail-lnx64 2.1.0.18-B20170815
    * Origin: FMail development HQ (2:280/464)
  • From August Abolins@2:221/1.58 to All on Friday, January 28, 2022 09:11:00
    I'm giving it a go. It's actually not too bad. It's almost
    like Protonmail (they generate a key/pair in the background,
    they claim the passphrase is never on the server, and the
    messages and attachments are stored encrypted on their server.)
    But unlike Protonmail, you operate the system with a standalone
    DT program that they provide, and get to use your existing
    email address of your choosing. (Protonmail creates an
    @protonmail.com address for you). And, ofcourse there are
    Android and iOS versions too.

    Unlike Protonmail, there is no export of the keys to share or
    adapt to another OpenGPG system.

    You basically have to trust that all the security concerns on
    the FAQ are legit.

    They do however store the passphrase using a SHA-1 hashcode. I
    thought SHA-1 was depricated. I wonder if that could be an
    issue if their database of SHA-1 hashes ever leaked.

    One neat thing about Safster is that it allows S)earches of the
    messages that you retain on the system and in your folders.
    You can organize your messages into folders.

    Safester *is* different operationally. It doesn't use the
    internet email system. Messages are only between client/server/
    client.
    --- OpenXP 5.0.51
    * Origin: Key ID = 0x5789589B (2:221/1.58)
  • From Wilfred van Velzen@2:280/464 to August Abolins on Friday, January 28, 2022 16:51:15
    Hi August,

    On 2022-01-28 09:11:00, you wrote to All:

    I'm giving it a go. It's actually not too bad. It's almost like Protonmail (they generate a key/pair in the background, they claim the passphrase is never on the server, and the messages and attachments
    are stored encrypted on their server.) But unlike Protonmail, you
    operate the system with a standalone DT program that they provide, and
    get to use your existing email address of your choosing. (Protonmail creates an @protonmail.com address for you). And, ofcourse there are Android and iOS versions too.

    No Linux DT version?

    Unlike Protonmail, there is no export of the keys to share or
    adapt to another OpenGPG system.

    You basically have to trust that all the security concerns on
    the FAQ are legit.

    They do however store the passphrase using a SHA-1 hashcode. I
    thought SHA-1 was depricated.

    It is considered no longer safe, afaik...

    I wonder if that could be an issue if their database of SHA-1 hashes
    ever leaked.

    An attacker with enough resources could in theory find some or all passwords. And of course that becomes progressively easier in the future...

    Safester *is* different operationally. It doesn't use the internet
    email system. Messages are only between client/server/ client.

    So you can only exchange messages with other Safester users.

    You're not a good sales person for Safester! Because all the things you mention make me not want to use it! ;-)

    Bye, Wilfred.
    --- FMail-lnx64 2.1.0.18-B20170815
    * Origin: FMail development HQ (2:280/464)
  • From August Abolins@2:221/1.58 to Wilfred van Velzen on Saturday, January 29, 2022 09:12:00
    Hello Wilfred van Velzen!

    ** On Friday 28.01.22 - 16:51, Wilfred van Velzen wrote to August Abolins:

    No Linux DT version?

    Yes.. there is.
    See https://safester.net/install_linux/
    [Debian 7+, RHEL 5.5+, Ubuntu 12.04+]


    They do however store the passphrase using a SHA-1
    hashcode. I thought SHA-1 was depricated.

    It is considered no longer safe, afaik...

    But does it matter so much if the keymanagement is local on the
    client?

    However, it is somewhat astonishing that SHA-1 was/is even used
    in the design.


    An attacker with enough resources could in theory find
    some or all passwords. And of course that becomes
    progressively easier in the future...

    I am not impressed with the reports that people can process
    millions of hashes per second using dedicated GPUs. So what if
    the hashes are decoded. They can't do anything with them to
    target millions of people enmasse anyway. I think they would
    have to target SPECIFIC accounts and run the passwords one by
    one.

    In Safester, the decoded hash would reveal the passphrase, but
    the decrypting of the messages would be useless without the
    user's key which would reside in the local Safester prog or
    app.

    Safester *is* different operationally. It doesn't use
    the internet email system. Messages are only between
    client/server/ client.

    So you can only exchange messages with other Safester
    users.

    Yeah. :( But it's not as bad as it sounds! ;) I think that
    may be better than forcing people to try DeltaChat as a 1st-
    time venture into secure communications.

    You're not a good sales person for Safester! Because all
    the things you mention make me not want to use it! ;-)

    As you, I was convinced that it is not a good system (compared
    to operating an OpenGPG-based system like gpg manually,
    Kleopatra, WinGPG, etc.) and having total control. But now,
    giving it a bit of a go, it seems to be a fine "environment" to
    introduce people to the value of secure/private comms. It
    looks like regular email (subject, full dates, address book
    management, wordprocessing tools like bold/italic, bullets,
    printing, creating subfolders, blocking "forwarding", ..and my
    favourite: S)earch by subject or body.

    --
    ../|ug
    --- OpenXP 5.0.51
    * Origin: Key ID = 0x5789589B (2:221/1.58)
  • From Wilfred van Velzen@2:280/464 to August Abolins on Saturday, January 29, 2022 17:24:58
    Hi August,

    On 2022-01-29 09:12:00, you wrote to me:

    They do however store the passphrase using a SHA-1
    hashcode. I thought SHA-1 was depricated.

    It is considered no longer safe, afaik...

    But does it matter so much if the keymanagement is local on the
    client?

    It always matters!

    However, it is somewhat astonishing that SHA-1 was/is even used
    in the design.

    Indeed. Which makes you question if they made other mistakes.

    An attacker with enough resources could in theory find
    some or all passwords. And of course that becomes
    progressively easier in the future...

    I am not impressed with the reports that people can process
    millions of hashes per second using dedicated GPUs. So what if
    the hashes are decoded. They can't do anything with them to
    target millions of people enmasse anyway. I think they would
    have to target SPECIFIC accounts and run the passwords one by
    one.

    In Safester, the decoded hash would reveal the passphrase, but
    the decrypting of the messages would be useless without the
    user's key which would reside in the local Safester prog or
    app.

    Well if your life depended on it, would you rather use Safester or Opengpg?

    So you can only exchange messages with other Safester
    users.

    Yeah. :( But it's not as bad as it sounds! ;) I think that
    may be better than forcing people to try DeltaChat as a 1st-
    time venture into secure communications.

    The biggest drawback to me is you depend on a commercial company for your secure mail. What if someone pays them a big sum for being able to eavesdrop on your conversations, will they make a backdoor? What if they go bankrupt? Is your mail lost forever?

    Bye, Wilfred.
    --- FMail-lnx64 2.1.0.18-B20170815
    * Origin: FMail development HQ (2:280/464)
  • From mark lewis@1:3634/12.73 to August Abolins on Sunday, January 30, 2022 05:04:48

    On 2022 Jan 29 09:12:00, you wrote to Wilfred van Velzen:

    An attacker with enough resources could in theory find some or all
    passwords. And of course that becomes progressively easier in the
    future...

    I am not impressed with the reports that people can process millions
    of hashes per second using dedicated GPUs. So what if the hashes are decoded.

    you're missing something here... it isn't the hashes being decoded... they're just a large number... it is the use of them to decode messages that is the goal... the faster you calculate hashes to beat against the encoded message to see if there's anything legible in the result, the faster you can gain access to that information...

    They can't do anything with them to target millions of people enmasse anyway. I think they would have to target SPECIFIC accounts and run
    the passwords one by one.

    if something is found in passing, then specific accounts may gain closer looks at their traffic...

    In Safester, the decoded hash would reveal the passphrase, but the decrypting of the messages would be useless without the user's key
    which would reside in the local Safester prog or app.

    if i were to intercept an encoded message and want to decode it, i wouldn't be worrying about the passphrase or the key... i'd concentrate on throwing hashes at the message and seeing if anything legible appeared at the end of the decode phase... if there was nothing, then throw another hash at it and look again...

    )\/(ark

    "The soul of a small kitten in the body of a mighty dragon. Look on my majesty, ye mighty, and despair! Or bring me catnip. Your choice. Oooh, a shiny thing!"
    ... Cats are not dogs! -P.G. Wodehouse
    ---
    * Origin: (1:3634/12.73)
  • From August Abolins@2:221/1.58 to Wilfred van Velzen on Monday, January 31, 2022 01:20:00
    Hello Wilfred!

    ** On Saturday 29.01.22 - 17:24, you wrote to me:

    However, it is somewhat astonishing that SHA-1 was/is
    even used in the design.

    Indeed. Which makes you question if they made other
    mistakes.

    Or.. purposeful compromises based on poor judgment.


    In Safester, the decoded hash would reveal the
    passphrase, but the decrypting of the messages would be
    useless without the user's key which would reside in the
    local Safester prog or app.

    Well if your life depended on it, would you rather use
    Safester or Opengpg?

    Every email doesn't need to originate on the basis that my life
    depended on it. But I get your point. A journalist or a
    reporter communicating a breaking story may like to steer away
    from Safester, that's for sure.


    The biggest drawback to me is you depend on a commercial
    company for your secure mail. What if someone pays them a
    big sum for being able to eavesdrop on your
    conversations, will they make a backdoor? What if they go
    bankrupt? Is your mail lost forever?

    The backdoor matter is pretty cool. It would seem unethical,
    but it's not unlike a locksmith's ability to unlock any door he
    wants with a manufacturer's master key and get into your house.

    Re: Bankrupt... all messages would certainly be *poof*. In
    that case, Protonmail, Startmail, Tutona would also fit in that
    category. But those 3 seem to offer pop/smtp options inorder to
    pull your mail off the servers.

    However, Safester still seems like a good way to get people who
    are opengpg-illiterate accustomed to appreciating private mail.

    I am surprised how difficult it is to accomodate private mail
    in iOS! There are some free opengpg apps that come close to
    working well, but those have been a frustrating experience for
    a friend of mine. There is one app that he agreed to try (after
    I sent him a $25 creditcard giftcard) for 1.99USD. ipgmail.
    That one finally proved to be better than any of the free ones.
    He's also testing Safester for a while longer too.
    --
    ../|ug
    --- OpenXP 5.0.51
    * Origin: Key ID = 0x5789589B (2:221/1.58)