To clarify as others have stated, even if someone gets your private key in mailvelope, they can't read your mail unless they crack your passphrase. If a sophisticated government entity like the NSA seized your key, and your passphrase was under 12 characters (give or take), it can probably be cracked within a couple days (according to Snowden in "Citizen 4"). If someone less sophisticated got your private key (i.e. your boss/family member/nosy neighbor) there is little they could do with it. Unless you're up to some serious espionage, it's pretty unlikely you'll use Mailvelope and find that it was inadequate for protecting the content of your messages.

You're right. That means that you'll need a strong passphrase to defend your PGP key against someone having access to your box, physical or remote.

I think I would still recommend MailVelope, and just hope that not many malicious people are as smart as Rob Fuller. I also agree with Darren Kitchen that MailVelope actually does a good job. After all, private keys have to be stored somewhere. So, of course, someone who makes every endeavour to find the private keys will eventually find them.

On June 12, 2015, this video will be two years old. Allow me to ask, WHAT is the current 'better' approach than using this Chrome extension and version of mailvelope? Has this exploit - access to the private key by a smart guy like Rob - been resolved? Frankly I believe that a Chrome extension would be more likely than not to just simply (quietly, secretly, illegally?) 'hand over the keys' to Pentagon/GCHQ/5Eyes as part of the whole surveillance entitlement attitude that they have in order to - ahem - protect us against evils. What should a guy use to encrypt (without backdoor access). PS this mailvelope encryption 'tool' didn't download as a Firefox extension ... and that has me equally leery now.

Well thankyou for replying to my email Thomas, I will stay tuned for updates.

So... Where exactly should a plug-in store the sensitive data? I mean, it has to store the passwords somewhere. Even if you encrypt the keys you generate another key to remember in a never ending key chain. So what's all this "in plain text" thing?

I am not surprise, I have argued before that as long as our private key still store in our system we are vulnerable. But the risk is very remote to ordinary users.

I'm pretty sure extensions can't communicate with each other and unless there is a back door, a person has a better chance at winning the top payout of a lottery than having their private key stolen.

I also noticed mailvelope for instance only stores the private keys if you have a private / public pair ... when you look in the openpgp-public-keys in the sqlite file you only have the public keys for email that you don't have the private one. (logic I know now, but before I learned about pgp thanks to hak5's videos, I always thought I needed to import both my public and private keys :P ahhh technology ... btw Darren: -----BEGIN PGP MESSAGE----- Version: GnuPG v1 hQIMA+BZPuCxO7TAAQ//SeNBXj0F/4vjI9chBd+kV/M1w596uXixuw9XvtZ/uCf6 zy3ssLc07y1h3k4+8043QE13sxlEMKtHK1LuPtISr2UNtjBjzS8tWN8hPUoQB9HL CdnhyU83HM7YAIatiKgF/zBRFowyWp+qEsJsbzRL+hO35yW8w++Zao3boGFY3ESg 94H3qf1f4OFe1StXyfgAAnJs9UqpYSd/hOGoxOokfmkB2ee4LzWw2hDZZ9FoZktg a7WPPveRJXiTNdJZVpQjAq2Vw8Q2ExY4CVqqSUqyapI6qMWVccFj9jLp/z2T/9rT AU0z2sT6D2VnykRj1mK5h9huN0f7rax5RCnSnu+oS902qRM9jdDrym0jlDSyWScn GwD07KRX5dsPatw9t0gjICH6SxapxdplvHv31iLWucrFs38mzbavyq7jFH+0ig79 G2+7q3V7/709ArJY32ZAfz9P7Xv/eM7Qfd9D/qykjQ9+ICumMydzm5px83CCfGyz d8q4ryX/SVv9un990rmddEMNGivgmH4ZGyzPGnQoj/GsjqbP10xUVDFUTWgz6iM3 HFJf+pp+Svyh5L+TgisnWMbNqdEsdfX+B425L8lnbINsG2YCrfMYGp3kFLT88/31 LnVCyhAyFKaK4O+iVdXFwAPAiRPE2nrx9kNZl6zWXELbnoLpmcrSJwZS6FtYhLfJ wAEcm8D31iTVftKkhbFZfOIiHQ3dpIESSD/wMI+CeQHJLHK6Xa/mywRWVgmtGpBs XiXlISNXNAdEpcCU+jXHLY1Lygi/xS3gzWyYAuALf61IGQvvu0mQOif9vnE4OXJP uwsorgvPfZPj2zpDra1uzupmk9sEzD87CVy0Ht7U9K4NbI8NYda/yBi+3r8k5014 paYNc3MzYQBTY/++Zr7p9Nj4gBLAUK5Z78gjzzlMxsGkgeBPFC7vwleIb+UPWn9n bSoS =8GRR -----END PGP MESSAGE-----

The private key is not in plain text. You did use a strong pass phrase didnt you? That is the key for the symmetric encryption of the private key. If you used a blank password true the key is unencrypted. This attack is no worse than having any implementation of encryption on your system. There is always a key somewhere that you can pull of you own the box. Put the attack into perspective, you still have to brute force the encryption. Go read the gnupg docs on protecting the private key.

thanks

now i'm using adobe and microsoft stuff, for every single feature they charge you 1000 looking for a good screen capture+live streem webcam+audio that works on windows and linux(ubuntu or debian based)

cant wait to kick it on the 22nd Darren

@rob fuller, what is your screen recorder program?

ok. so what your saying is using the PK is worth ZERO?

it's still encrypted, but the private key is in "plain text" that it can be accessed IF YOU HAVE THE PASSWORD. so relax

i was building my own python script for that but it's already in msf?! awesome!

Pardon my ignorance, but don't you still need the passphrase and the private key to impersonate someone.

Mailvelope did a security audit, they had a post on their blog mailvelope. com/blog/security-audit-and-v0.6-release) here is the report : cure53. de/pentest-report_mailvelope.pdf so I think they are actively working on security if they have suggestions.

Wow 6 months and the vuln hasnt been fixed. This could be fun.

Sorry, this doesn't pass the "So what?" test. Of course, one should protect the private key, but that's just good physical security. Any local attack, including stealing your PC, will achieve the same goal--the bad guy has your private key. That's why you protect your private key with a non-trivial password...and that's the way it is in the real world.

Yes the local storage file contains the private key but this is useless without the passphrase ? However, the file contains also the "Security Token" (see concept: www.mailvelope.com/help) which is supposed to help the user in detecting an attempt to fake the plugin page and to steal his passphrase. So, could an attack scenario involve someone: 1) Getting access to target's filesystem to retrieve passphrase + security token 2) Sending phishing mail to the target, faking plugin interface + security token 3) Successfully getting the passphrase from the target 4) Being able to spoof identity of target and decipher his mails ?

No big deal, if someone has access to your computer you have bigger problems. Use whole disk encryption.

Luckily I use an openpgp card to encrypt my mail. So, my private is nowhere on my system.

Why are you calling him Rob Fuller? Mubix for the win.

Try using "xsplit"

The 'Cure53' review is a looong way down -- github.com/mailvelope/mailvelope/blob/master/Changelog.md

Gotomeeting