{"id":313,"date":"2009-01-09T10:16:24","date_gmt":"2009-01-09T09:16:24","guid":{"rendered":"http:\/\/www.thomaskeller.biz\/blog\/?p=313"},"modified":"2009-01-09T10:16:24","modified_gmt":"2009-01-09T09:16:24","slug":"read-encrypted-emails-via-webmail","status":"publish","type":"post","link":"https:\/\/www.thomaskeller.biz\/blog\/2009\/01\/09\/read-encrypted-emails-via-webmail\/","title":{"rendered":"Read encrypted emails via webmail?"},"content":{"rendered":"<p>I was recently asked how to read encrypted emails securely in some untrusted environment via webmail. Imagine you&#8217;re sitting on someone else&#8217; computer and absolutely need to check your inbox for this one encrypted email which contains a password without which you can&#8217;t continue. Or you&#8217;re in some internet cafe and got an important encrypted email &#8211; how would you do that?<\/p>\n<p>Actually, the only thing which comes into my mind here is a combination of <a href=\"http:\/\/portableapps.com\/apps\/internet\/firefox_portable\">Portable Firefox<\/a> and <a href=\"http:\/\/getfiregpg.com\">FireGPG<\/a> on an USB stick (possibly encrypted). This, of course, bears a couple of problems:<\/p>\n<ol>\n<li>If you don&#8217;t know which OS your &#8220;target&#8221; computer has, you need to have this &#8220;tandem&#8221; in at least three different binary versions, Mac OS X, Linux and Windows. While this doesn&#8217;t sound too hard (three partitions on the same drive), it&#8217;ll probably harder to encrypt all three and have something like &#8220;plug-and-mail-ready&#8221; for the target OS.<\/li>\n<li>If you use a non-standard webmailer (i.e. no public service, but an own setup, like I have with <a href=\"http:\/\/roundcube.net\/\">roundCube Webmail<\/a>), you won&#8217;t have a really good integration with FireGPG (i.e. no interface buttons, auto-decryption and other stuff) unless the webmail software plans support for FireGPG. (roundCube targeted it for &#8220;<a href=\"http:\/\/trac.roundcube.net\/ticket\/1440396\">later<\/a>&#8220;.)<\/li>\n<li>And maybe the greatest show-stopper is the question: Is it really secure in untrusted environments? After all, GnuPG needs to load your private key into RAM to decrypt your message, and if it resides unprotected there (does it?), it could be, at any time, be read out by some hidden daemon and boom, your private key would be compromised&#8230;<\/li>\n<\/ol>\n<p>How would you solve this dilemma? A VPN to a trusted PC from which you send and receive emails?<\/p>\n<p>If there are no other good solutions then I guess people will have to choose between accessibility from everywhere and email security. And I bet they don&#8217;t choose security&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I was recently asked how to read encrypted emails securely in some untrusted environment via webmail. Imagine you&#8217;re sitting on someone else&#8217; computer and absolutely need to check your inbox for this one encrypted email which contains a password without which you can&#8217;t continue. Or you&#8217;re in some internet cafe and got an important encrypted &hellip; <a href=\"https:\/\/www.thomaskeller.biz\/blog\/2009\/01\/09\/read-encrypted-emails-via-webmail\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Read encrypted emails via webmail?<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,10],"tags":[],"class_list":["post-313","post","type-post","status-publish","format-standard","hentry","category-free-software","category-life"],"_links":{"self":[{"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/posts\/313","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/comments?post=313"}],"version-history":[{"count":1,"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/posts\/313\/revisions"}],"predecessor-version":[{"id":314,"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/posts\/313\/revisions\/314"}],"wp:attachment":[{"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/media?parent=313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/categories?post=313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thomaskeller.biz\/blog\/wp-json\/wp\/v2\/tags?post=313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}