ixquick Secure Email

[smithmb001]

If the RB team have not already done so, it might be worth taking a look at the new email service in beta by ixquick. And, if possible, matching the features.

https://beta.startmail.com/

RB already supports PGP via RC. That only leaves a handful of other security features to offer.

1. Two factor authentication
2. Client controlled mailbox store encryption. (like LavaBit)
3. Disposable email addresses. (We sort of have the ability to do this manually, but why not add the ability to select disposable one time email address.)
4. Secure Vault. We have a file vault, but it could use a refresh with some added security features.
5. Some form of notification that lets users know whether their message was encrypted end to end (server to server) or was sent in the clear. RunBox may be nice and secure, but say Google does not allow for an encrypted connection. Why not let the user know?
6. Inform users if there are back doors that are accessible to government for any encryption or security measure implemented.

[dantheman]

Just curious, but is ixquick email a Runbox affiliate?

(btw. wonder how Fastmail compare to this new ixquick service?).

[drew]

Wow thanks indeed for telling us this.
I will follow this thread hope somebody
will test and report how it behaves and looks
and what is pro et con with the service.

[smithmb001]

ixquick is not affiliated with RunBox. I am simply hoping RunBox will match their features, many of which they already have implemented. And, if they take users away from Google, YaHoo, and Microsoft that is a plus for everyone.

[orelz]

Hello,

Thanks for this link/service. I've sign-in to the beta, wait and see

orelz

P.S.: fun case: the email was identified as spam in my runbox mailbox.

[emebrs]

This indeed interesting. My concern about the new service is simply that unlike Runbox, there is too much risk of it disappearing just as quickly as it came into being.

After more than a decade, Runbox has stood the test of time. This is proven simply because of the fact that Runbox is still operational. Given the tendency for internet businesses to come and go, that means a lot.

[dantheman]

With NSA able to spy on practically anyone (including Germany's Chancellor) - why bother with securing emails?

[17pm]

Quote:

Originally Posted by dantheman

With NSA able to spy on practically anyone (including Germany's Chancellor) - why bother with securing emails?

That is stupid... I would expect different posts from someone that has been here for too long...

NSA spying on your e-mails and your neighboor spying on your e-mails are not the same thing. Securing e-mails help with avoiding "regular" people getting your information... It also protects in case of a security breach, etc etc.

Also, NSA spying is not impossible to avoid. As far as we know, they don't have the capabilities to decrypt e-mail (not well encrypted e-mail atleast). End to end encryption would probably stop NSA.

[dantheman]

Pardon my digression, but since 9/11 and the Snowden story (+ others), i just kind of get wary about all these people who worry so much about security when its done over the web.

During WWII, people who were against Hitler had to convey their messages person to person, nothing written, no phone calls etc.

So, are you telling me in this day and age, that NSA (or similar) have improved the "non-personal" means of communicating important secrets without the risks of them being compromised?

[jl66]

About NSA (I think it's another discussion...) it only works strong encryption (gpg) and a secure and open source operative system (some gnu/linux, openbsd, etc).

[Geir]

Quote:

Originally Posted by smithmb001

If the RB team have not already done so, it might be worth taking a look at the new email service in beta by ixquick. And, if possible, matching the features.

Thanks for the tip about ixquick -- it looks like an interesting service and we wish them the best of luck getting their email service off the ground.

Let me reply to your questions one by one.

1. We have started initial planning of two-factor authentication, which should be pretty straight forward to develop and implement. We are also going to need global text message support if we are to use mobile phones for authentication.

2. Runbox is unlikely to implement encryption of data stored on our servers without the ability to decrypt the data. That would render us almost helpless in fighting abuse and fraud, and enforcing our terms of service in general. What we will do is whatever we can -- both with concrete security measures and by helping our customers make informed decisions about privacy -- to ensure that your data is stored and transmitted as securely as possible.

3. As you know we already offer plus/sub-addressing (username+anystring@runbox.com will be delivered to username@runbox.com), and we hope to extend this with true disposable email addresses in the future.

4. The Runbox Files area is accessible over encrypted connections (SSL) and is just as secure as the email service, when accessed at https://runbox.com/files. We'd be interested to know which security features you'd be interested in.

5. Notifying the sender about whether the message was transmitted securely is a good idea, but it would of course only let you know that it was encrypted until the receiving server accepted it. What happens to the message thereafter is impossible for the sending server to know -- it might be downloaded in any of a number of insecure ways, or forwarded to another server unencrypted. For true end-to-end encryption you need something like PGP, which is available in the alternative webmail interface we're currently testing (Roundcube). By the way, Runbox always attempts to connect to receiving servers over TLS, and Google is one of the few services that accepts it.

6. To our knowledge there are no back doors to any of the security measures implemented on the Runbox system, and we would of course never accept such an intrusion.

- Geir

[gecko]

Quote:

Originally Posted by Geir

1. We have started initial planning of two-factor authentication, which should be pretty straight forward to develop and implement. We are also going to need global text message support if we are to use mobile phones for authentication.

Hello Geir,

While I am looking forward to seeing two-factor authentication being implemented, I am much averse to having to use a mobile for that purpose for two reasons. First, it will entail costs -- either for the users or for Runbox (and I do not assume that Runbox will not levy them from their customes in one way or another). Second, I do not want to have to use my mobile every time I want to sign into my email account, even less so when travelling as this may entail even more fees for me.

My favourite would be something that works 'offline' like the already often-mentioned grid of one-time passwords that one can print off from their trusted private computer.

Regards,
Gecko

[jl66]

When I was using lastpass I used the grid of codes and sometimes one time passwords. You could change the grid of codes everytime you want with a master password, and after some time using this grid you were obliged to change it to a new grid of codes. You could also use one time passwords and create new ones when you want.
The problem was using that master password. So, we are in the same problem "with a normal password". But at least we could use this master password 1 time every month or more. With this password you could also enable or disable the double authentication. When trying to use this master password you should confirm using another email of your choice.

[gecko]

Now I seem to understand what you mean by 'grid of codes' -- I was thinking of a list of one-time passwords. But if I understand you correctly, you are referring to something like

Code:

  || 1 | 2 | 3 | ...
=================
A || a | b | c | ...
-------------------
B || d | e | f | ...
-------------------
C || g | h | h | ...
-------------------
................

In case of a 15x15 grid, there would be 225 random characters.

There could then be two login options: 'Normal' with your normal password (from a trusted computer) and 'Secure' with a second, static password plus 8 random chars from your grid as requested by the web interface, i.e. one would enter MyStaticPassWhichIsNotMyNormalPass + A3;C12;F2;[...].

@RB: Do you think it's feasible to implement something like this in the near future?

Regards,
gecko

[jl66]

Yes, that is a grid of codes
I used it before with lastpass (lastpass.com) and I also use it in my online Bank. Normally it gives you 3 numbers, for example: "A1" could be "567" and every grid is different to every client.
Regards

Quote:

Originally Posted by gecko

Now I seem to understand what you mean by 'grid of codes' -- I was thinking of a list of one-time passwords. But if I understand you correctly, you are referring to something like

Code:

  || 1 | 2 | 3 | ...
=================
A || a | b | c | ...
-------------------
B || d | e | f | ...
-------------------
C || g | h | h | ...
-------------------
................

In case of a 15x15 grid, there would be 225 random characters.

There could then be two login options: 'Normal' with your normal password (from a trusted computer) and 'Secure' with a second, static password plus 8 random chars from your grid as requested by the web interface, i.e. one would enter MyStaticPassWhichIsNotMyNormalPass + A3;C12;F2;[...].

@RB: Do you think it's feasible to implement something like this in the near future?

Regards,
gecko