It's the site that Soylentils love to hate, and it is now making end-to-end PGP-encrypted email a little easier:
Facebook announced that its users can now add their PGP public keys to their profiles, which should make discovery of people who use PGP much easier. Emailing them will still depend on using your own PGP client, such as GNU Privacy Guard (GPG) or Whiteout. That also means that there's no way for Facebook to intercept those messages in an unencrypted form.
Facebook will also start encrypting the notifications it sends to users via email. Facebook itself will be able to see these messages because it is the one encrypting them "end to end" (from Facebook to the user). The main purpose of this wouldn't be to protect the notifications from Facebook itself, but to protect users against phishing emails (where sites impersonate Facebook).
Despite still being one of the companies that collects the most data about us, Facebook has taken some positive steps to increase the security and privacy (from other entities) of its users lately. It has enabled HTTPS on its site with HSTS protection, it has provided a Tor onion site[1] for its service for those who want to have anonymous profiles on Facebook, and it has enabled STARTTLS encryption for emails going from its own datacenters to other email companies.
[1] Note that researchers recently used Facebook's hidden service to test an attack on Tor users.
(Score: 5, Informative) by kaszz on Tuesday June 02 2015, @08:27AM
And the catch is that Facebook still controls the profile. It's simple to make a profile version where a specific IP range gets an doctored PGP key. Thus without some ability for users to verify the PGP key with an external source, it just feels secure.
(Score: 0) by Anonymous Coward on Tuesday June 02 2015, @09:09AM
So exactly like PGP always is, then. The Man in the Middle can do Man-in-the-Middle shenanigans? You don't say. Tell me, does your ISP process every image with lossy compression and inject JavaScript advertising into every web page for your convenience? How can you tell, if your ISP controls your link.
(Score: 2) by Nerdfest on Tuesday June 02 2015, @12:22PM
Wouldn't this be one of those times where the trust settings on the keys would be fairly useful?
(Score: 2) by kaszz on Tuesday June 02 2015, @09:31PM
How do you mean?
(Score: 2) by lentilla on Wednesday June 03 2015, @06:34AM
Wouldn't this be one of those times where the trust settings on the keys would be fairly useful?
Not if the keys for everybody in your web of trust is sourced from Facebook without out-of-channel verification!
(Score: 3, Interesting) by WillR on Tuesday June 02 2015, @02:35PM
If you have a path across the web of trust that connects your key to everyone you want to talk to, PGP works. If you don't, it don't.
(Score: 2) by kaszz on Tuesday June 02 2015, @09:40PM
Exactly, there has to be something external to Facebook or any other keyserver that can authenticate that service. Preferably from multiple sources.
The problem I find with this FB move is that it's just a publication of the key without any working authentication of that publication.
(Score: 2) by darkfeline on Wednesday June 03 2015, @01:15AM
This is why "trust" exists in PGP. See, when the original designers of a protocol have anticipated such problems decades before they occur, we call it "good design".
You can't man-in-the-middle trust without breaking mathematics.
Join the SDF Public Access UNIX System today!
(Score: 2) by FatPhil on Wednesday June 03 2015, @08:02AM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by darkfeline on Thursday June 04 2015, @12:48AM
That's not MITMing trust, rather that people misplace their trust. There will always be people who make poor decisions on who to trust, but I wouldn't say that's a flaw in PGP's design, since it's impossible, almost by definition, to protect people from trusting an untrustworthy party.
In the case of CAs, the trust chain looks like this:
Person -> Mozilla/Google -> CAs -> mis-signed certificate
Browsers have shown time and again that they are not capable of maintaining good CA lists, so the trust is misplaced to begin with.
Join the SDF Public Access UNIX System today!