Freenigma is a Firefox extension that adds PGP support to GMail. You install the Firefox extension and when you are about to write an email in GMail, it rewrites the page code to add the PGP support.
Using public-key cryptography is generally cumbersome when you take in account the management of the public keys of the other people you communicate with, and also keeping around your private key to decrypt the mails you receive. Freenigma, currently at beta, helps alleviate these problems.
I would like to see a security researcher look into the implementation of Freenigma, and especially for any sources of vulnerability.
4 comments
Skip to comment form
Outstanding plugin! I had never heard of it. Thanks 🙂
I’d also like to see a similar plugin for the Epiphany browser…
I would like to see a security researcher look into the implementation of Freenigma, and especially for any sources of vulnerability.
Me too. The Firefox plugin is GPL licensed, but at the very least, key management on their server leaves open the possibility of man-in-the-middle attacks (on their part). Paranoid? Maybe, but I don’t “know” these people (freiheit.com technologies, g10code).
OTOH, I only skimmed the site, so I might be reading this wrong (and I’m not suggesting they’re malicious, it’s just that the scheme seems odd).
In any case, I’m already using my Gmail account to exchange encrypted email; it’s a matter of setting up a Gmail account for POP3 retrieval, and using Thunderbird with the Enigmail extension as your MUA.
Well I really wish GoogleMail was https all the way…. I guess Freenigma is as close as it can get.
Author
You can use the URL
https://mail.google.com/ and you session will be under SSL/TLS all the way.