A Preposterous Preponderance of Prominent PGP Ponderings
Let me start this out by killing any speculation this post might raise: no, this has nothing to do with work. I am not doing anything related to GMail right now, nor do I know anyone working on GMail. Anything I write here should in no way be affiliated with Google.
Having said that, here are my thoughts: after talking to sneaselcouth about it recently, I've been thinking a lot about PGP (a public key encryption system for email). It seems like the vast majority of email users would love to have PGP figure more prominently in their lives. If it were used moderately, we could eliminate phishing scams, and if it were used by almost everyone, we could eliminate spam.
The main idea behind the above two claims is that if companies signed all their emails with PGP, we could tell what email is really from, say, eBay or Paypal, and what email is from phishers pretending to be eBay or Paypal. Certainly, this would take a slight amount of effort on the parts of the companies, but I'm pretty confident you could sign the text of a single email and then send it out to everyone on your mailing list without signing it many times over. If these companies would take an extra half-second per unique message, we could eliminate all phishers (assuming people verified their PGP keys at the websites where the keys purport to be from). This doesn't require a web of trust; just email clients that can handle PGP.
If, on the other hand, almost everyone used PGP and we had a nice web of trust, anyone either not in the web or not within, say, 3 degrees of separation from you should have no business emailing you, and is likely a spammer. The difficulty here is getting new email addresses into the system. However, I'd be willing to bet that anyone who gets an email account has a friend with an email account too, and they could call up their friend and ask them to sign their key. Although this wouldn't work in the near future because very few people use PGP right now, this would eliminate spam if it ever caught on.
So here's the thing: Why haven't people done this already? Certainly, there's no economic incentive for companies to use PGP until their customers can verify their keys. But if a large email system like Hotmail or GMail started offering PGP support, I'd bet that other online email services would follow suit shortly (remember when GMail came out and offered several times more storage space than anyone else at the time, and overnight Hotmail, Yahoo, and several other companies doubled and tripled the space allocated for each account). There is already PGP support in Thunderbird, Evolution, Sylpheed and Sylpheed-Claws, if people only bothered to use them. I don't believe Outlook or Outlook Express supports PGP, but Microsoft would likely include it in future releases if this started to take off. But the way I see this going, the simplest way to start is with webmail, where the end user doesn't need to configure anything, and all the keys are stored on a central server at Hotmail/GMail/Yahoo headquarters. The keys themselves are worth little more than the passwords to these accounts, and since you never hear of anyone stealing all the passwords to all the Hotmail accounts, I don't anticipate there being any major security problem here (certainly a minor one, but you'll always have those in webmail).
Here are the problems I see right now, and tentative solutions:
By the way, my PGP fingerprint is D7C4 3ECD 7C59 BA37 F817 AA82 C1AF 7E9F 1648 0B4B and my keyID is 16480B4B.
Having said that, here are my thoughts: after talking to sneaselcouth about it recently, I've been thinking a lot about PGP (a public key encryption system for email). It seems like the vast majority of email users would love to have PGP figure more prominently in their lives. If it were used moderately, we could eliminate phishing scams, and if it were used by almost everyone, we could eliminate spam.
The main idea behind the above two claims is that if companies signed all their emails with PGP, we could tell what email is really from, say, eBay or Paypal, and what email is from phishers pretending to be eBay or Paypal. Certainly, this would take a slight amount of effort on the parts of the companies, but I'm pretty confident you could sign the text of a single email and then send it out to everyone on your mailing list without signing it many times over. If these companies would take an extra half-second per unique message, we could eliminate all phishers (assuming people verified their PGP keys at the websites where the keys purport to be from). This doesn't require a web of trust; just email clients that can handle PGP.
If, on the other hand, almost everyone used PGP and we had a nice web of trust, anyone either not in the web or not within, say, 3 degrees of separation from you should have no business emailing you, and is likely a spammer. The difficulty here is getting new email addresses into the system. However, I'd be willing to bet that anyone who gets an email account has a friend with an email account too, and they could call up their friend and ask them to sign their key. Although this wouldn't work in the near future because very few people use PGP right now, this would eliminate spam if it ever caught on.
So here's the thing: Why haven't people done this already? Certainly, there's no economic incentive for companies to use PGP until their customers can verify their keys. But if a large email system like Hotmail or GMail started offering PGP support, I'd bet that other online email services would follow suit shortly (remember when GMail came out and offered several times more storage space than anyone else at the time, and overnight Hotmail, Yahoo, and several other companies doubled and tripled the space allocated for each account). There is already PGP support in Thunderbird, Evolution, Sylpheed and Sylpheed-Claws, if people only bothered to use them. I don't believe Outlook or Outlook Express supports PGP, but Microsoft would likely include it in future releases if this started to take off. But the way I see this going, the simplest way to start is with webmail, where the end user doesn't need to configure anything, and all the keys are stored on a central server at Hotmail/GMail/Yahoo headquarters. The keys themselves are worth little more than the passwords to these accounts, and since you never hear of anyone stealing all the passwords to all the Hotmail accounts, I don't anticipate there being any major security problem here (certainly a minor one, but you'll always have those in webmail).
Here are the problems I see right now, and tentative solutions:
- I guess part of it is a chicken-and-egg or hydrogen economy sort of problem. At the same time, starting an effective war against spam should give you good enough PR that it would be worth doing this (especially since all the tricky software has already been written).
- We need a way to get keys from companies without getting keys from phishers pretending to be companies. For large companies and banks and things, you could get the webmail sysadmin to spend an hour and download the keys of the 1000 most popular companies, and this would solve this problem for 99.9% of phishing attacks (they're almost always about eBay, Paypal, Bank of America, or US Bank). Smaller companies with fewer customers offer a much smaller target for phishers, and although this system isn't perfect it would get rid of almost all phishing.
- Getting people to sign each other's keys could be tricky, since it might be viewed as an inconvenience. However, if you could pair this with some sort of social networking site (such as Facebook or MySpace), it could be a fun sort of thing. If signing a key was as easy as inviting someone to be your friend on Facebook, creating a web of trust would be pretty simple. The trick here is to make sure people realize that they shouldn't sign keys of people they don't actually know. Perhaps the right system is to make sure that both the signor and the signee were in the same room when this happens, by asking for both passwords in a single form? This could be problematic for lots of people, though (I wouldn't be able to sign the vast majority of my friends' keys if this were the case).
- Typical users wouldn't know what to do with a key with an expiration date, but typical users wouldn't want these anyway, so I don't think it's a big issue.
- Getting the same key onto both a webmail server and a personal computer with an email client would be next to impossible. Perhaps... there could be a way to transfer the message from the email client to the webmail server and sign it there, in such a way that the messages can still only be sent by the correct user with the correct password? I don't know of such a system already (APOP might work for this), and this could get pretty tricky.
By the way, my PGP fingerprint is D7C4 3ECD 7C59 BA37 F817 AA82 C1AF 7E9F 1648 0B4B and my keyID is 16480B4B.