* Originally: PUBLIC_KEYS
* Xposted: FSX_CRY, ARK_CYBER

Anyone familiar with Safester? A friend of mine just wrote to me..

"While doing some early morning surfing, I came across yet another "better way to do email encryption" called "Safester".

"It is available for windows, linux, macOS, iOS and android.

"They publish their C# code on github so theoretically their stuff is open source.
The free option has unlimited inbox size, but outbox is limited in size to 500MB.

"They apparently use openpgp for end to end encryption, and they use your existing email address, but their own servers for storage of the encrypted email content (ie. they are a cloud email storage server).

"They do NOT allow you to use your own PGP keys, though!!!

"Have you heard anything good/bad/ugly about it?



--- OpenXP 5.0.51
* Origin: Key ID = 0x5789589B (2:221/1.58)

Hi August,

On 2022-01-27 09:19:00, you wrote to All:

Anyone familiar with Safester? A friend of mine just wrote to me..

"While doing some early morning surfing, I came across yet another "better way to do email encryption" called "Safester".

"It is available for windows, linux, macOS, iOS and android.

"They publish their C# code on github so theoretically their stuff is open source. The free option has unlimited inbox size, but outbox is limited in size to 500MB.

"They apparently use openpgp for end to end encryption, and they use your existing email address, but their own servers for storage of the encrypted email content (ie. they are a cloud email storage server).

So it's not a universal "solution", just a business model for them...

"They do NOT allow you to use your own PGP keys, though!!!

Which makes me not want to use it.

"Have you heard anything good/bad/ugly about it?

This is the first I hear of it...

Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

I'm giving it a go. It's actually not too bad. It's almost
like Protonmail (they generate a key/pair in the background,
they claim the passphrase is never on the server, and the
messages and attachments are stored encrypted on their server.)
But unlike Protonmail, you operate the system with a standalone
DT program that they provide, and get to use your existing
email address of your choosing. (Protonmail creates an
@protonmail.com address for you). And, ofcourse there are
Android and iOS versions too.

Unlike Protonmail, there is no export of the keys to share or
adapt to another OpenGPG system.

You basically have to trust that all the security concerns on
the FAQ are legit.

They do however store the passphrase using a SHA-1 hashcode. I
thought SHA-1 was depricated. I wonder if that could be an
issue if their database of SHA-1 hashes ever leaked.

One neat thing about Safster is that it allows S)earches of the
messages that you retain on the system and in your folders.
You can organize your messages into folders.

Safester *is* different operationally. It doesn't use the
internet email system. Messages are only between client/server/
client.
--- OpenXP 5.0.51
* Origin: Key ID = 0x5789589B (2:221/1.58)

Hi August,

On 2022-01-28 09:11:00, you wrote to All:

I'm giving it a go. It's actually not too bad. It's almost like Protonmail (they generate a key/pair in the background, they claim the passphrase is never on the server, and the messages and attachments
are stored encrypted on their server.) But unlike Protonmail, you
operate the system with a standalone DT program that they provide, and
get to use your existing email address of your choosing. (Protonmail creates an @protonmail.com address for you). And, ofcourse there are Android and iOS versions too.

No Linux DT version?

Unlike Protonmail, there is no export of the keys to share or
adapt to another OpenGPG system.

You basically have to trust that all the security concerns on
the FAQ are legit.

They do however store the passphrase using a SHA-1 hashcode. I
thought SHA-1 was depricated.

It is considered no longer safe, afaik...

I wonder if that could be an issue if their database of SHA-1 hashes
ever leaked.

An attacker with enough resources could in theory find some or all passwords. And of course that becomes progressively easier in the future...

Safester *is* different operationally. It doesn't use the internet
email system. Messages are only between client/server/ client.

So you can only exchange messages with other Safester users.

You're not a good sales person for Safester! Because all the things you mention make me not want to use it! ;-)

Bye, Wilfred.
--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

Hello Wilfred van Velzen!

** On Friday 28.01.22 - 16:51, Wilfred van Velzen wrote to August Abolins:

No Linux DT version?

Yes.. there is.
See https://safester.net/install_linux/
[Debian 7+, RHEL 5.5+, Ubuntu 12.04+]

They do however store the passphrase using a SHA-1
hashcode. I thought SHA-1 was depricated.

It is considered no longer safe, afaik...

But does it matter so much if the keymanagement is local on the
client?

However, it is somewhat astonishing that SHA-1 was/is even used
in the design.

An attacker with enough resources could in theory find
some or all passwords. And of course that becomes
progressively easier in the future...

I am not impressed with the reports that people can process
millions of hashes per second using dedicated GPUs. So what if
the hashes are decoded. They can't do anything with them to
target millions of people enmasse anyway. I think they would
have to target SPECIFIC accounts and run the passwords one by
one.

In Safester, the decoded hash would reveal the passphrase, but
the decrypting of the messages would be useless without the
user's key which would reside in the local Safester prog or
app.

Safester *is* different operationally. It doesn't use
the internet email system. Messages are only between
client/server/ client.

So you can only exchange messages with other Safester
users.

Yeah. :( But it's not as bad as it sounds! ;) I think that
may be better than forcing people to try DeltaChat as a 1st-
time venture into secure communications.

You're not a good sales person for Safester! Because all
the things you mention make me not want to use it! ;-)

As you, I was convinced that it is not a good system (compared
to operating an OpenGPG-based system like gpg manually,
Kleopatra, WinGPG, etc.) and having total control. But now,
giving it a bit of a go, it seems to be a fine "environment" to
introduce people to the value of secure/private comms. It
looks like regular email (subject, full dates, address book
management, wordprocessing tools like bold/italic, bullets,
printing, creating subfolders, blocking "forwarding", ..and my
favourite: S)earch by subject or body.

--
../|ug
--- OpenXP 5.0.51
* Origin: Key ID = 0x5789589B (2:221/1.58)

Hi August,

On 2022-01-29 09:12:00, you wrote to me:

They do however store the passphrase using a SHA-1
hashcode. I thought SHA-1 was depricated.

It is considered no longer safe, afaik...

But does it matter so much if the keymanagement is local on the
client?

It always matters!

However, it is somewhat astonishing that SHA-1 was/is even used
in the design.

Indeed. Which makes you question if they made other mistakes.

An attacker with enough resources could in theory find
some or all passwords. And of course that becomes
progressively easier in the future...

I am not impressed with the reports that people can process
millions of hashes per second using dedicated GPUs. So what if
the hashes are decoded. They can't do anything with them to
target millions of people enmasse anyway. I think they would
have to target SPECIFIC accounts and run the passwords one by
one.

In Safester, the decoded hash would reveal the passphrase, but
the decrypting of the messages would be useless without the
user's key which would reside in the local Safester prog or
app.

Well if your life depended on it, would you rather use Safester or Opengpg?

So you can only exchange messages with other Safester
users.

Yeah. :( But it's not as bad as it sounds! ;) I think that
may be better than forcing people to try DeltaChat as a 1st-
time venture into secure communications.

The biggest drawback to me is you depend on a commercial company for your secure mail. What if someone pays them a big sum for being able to eavesdrop on your conversations, will they make a backdoor? What if they go bankrupt? Is your mail lost forever?

Bye, Wilfred.
--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

On 2022 Jan 29 09:12:00, you wrote to Wilfred van Velzen:

An attacker with enough resources could in theory find some or all
passwords. And of course that becomes progressively easier in the
future...

I am not impressed with the reports that people can process millions
of hashes per second using dedicated GPUs. So what if the hashes are decoded.

you're missing something here... it isn't the hashes being decoded... they're just a large number... it is the use of them to decode messages that is the goal... the faster you calculate hashes to beat against the encoded message to see if there's anything legible in the result, the faster you can gain access to that information...

They can't do anything with them to target millions of people enmasse anyway. I think they would have to target SPECIFIC accounts and run
the passwords one by one.

if something is found in passing, then specific accounts may gain closer looks at their traffic...

In Safester, the decoded hash would reveal the passphrase, but the decrypting of the messages would be useless without the user's key
which would reside in the local Safester prog or app.

if i were to intercept an encoded message and want to decode it, i wouldn't be worrying about the passphrase or the key... i'd concentrate on throwing hashes at the message and seeing if anything legible appeared at the end of the decode phase... if there was nothing, then throw another hash at it and look again...

)\/(ark

"The soul of a small kitten in the body of a mighty dragon. Look on my majesty, ye mighty, and despair! Or bring me catnip. Your choice. Oooh, a shiny thing!"
... Cats are not dogs! -P.G. Wodehouse
---
* Origin: (1:3634/12.73)

Hello Wilfred!

** On Saturday 29.01.22 - 17:24, you wrote to me:

However, it is somewhat astonishing that SHA-1 was/is
even used in the design.

Indeed. Which makes you question if they made other
mistakes.

Or.. purposeful compromises based on poor judgment.

In Safester, the decoded hash would reveal the
passphrase, but the decrypting of the messages would be
useless without the user's key which would reside in the
local Safester prog or app.

Well if your life depended on it, would you rather use
Safester or Opengpg?

Every email doesn't need to originate on the basis that my life
depended on it. But I get your point. A journalist or a
reporter communicating a breaking story may like to steer away
from Safester, that's for sure.

The biggest drawback to me is you depend on a commercial
company for your secure mail. What if someone pays them a
big sum for being able to eavesdrop on your
conversations, will they make a backdoor? What if they go
bankrupt? Is your mail lost forever?

The backdoor matter is pretty cool. It would seem unethical,
but it's not unlike a locksmith's ability to unlock any door he
wants with a manufacturer's master key and get into your house.

Re: Bankrupt... all messages would certainly be *poof*. In
that case, Protonmail, Startmail, Tutona would also fit in that
category. But those 3 seem to offer pop/smtp options inorder to
pull your mail off the servers.

However, Safester still seems like a good way to get people who
are opengpg-illiterate accustomed to appreciating private mail.

I am surprised how difficult it is to accomodate private mail
in iOS! There are some free opengpg apps that come close to
working well, but those have been a frustrating experience for
a friend of mine. There is one app that he agreed to try (after
I sent him a $25 creditcard giftcard) for 1.99USD. ipgmail.
That one finally proved to be better than any of the free ones.
He's also testing Safester for a while longer too.
--
../|ug
--- OpenXP 5.0.51
* Origin: Key ID = 0x5789589B (2:221/1.58)