Monday, 11 November 2013

Encrypted Email and Communications with CryptoHeaven

The case for encrypted communications has been in the news quite a bit lately. Many ways to encrypt your email exist, with the use of PGP in the client and the ability for digital signing of messages to prove their authenticity and that they have not been tampered with being the most popular and probably oldest one. But there are a few more custom, and at a higher service level commercial, services on the market. Most of them are also using PGP but absolve the end user from the task of setting this up themselves.

The problem with all of them is the fact that the people you correspond with have to know how to decrypt received messages or have to use the same service as you do. Seeing how most people are still astonishingly blase about the issue and do not understand what's possibly at stake here, what privacy issues could arise projected say 20 years into the future, the considerate geek is likely to end up talking to himself. The general populace remains lazy, ignorant, preferring convenience or just not bothered. That's the truth. The few people who do care, even some more techie types who could set such a solution up by themselves, find it's not worth the effort as nobody else is using it. That's a really sad state of affairs and is putting everyone using the world wide webs at risk.

There are a couple of solutions I've tried recently. One of them that stands out is CryptoHeaven, dubbing itself 'world's safest email'. The company is located in Canada, which is important if you're familiar with the subject. Better even would be a provider incorporated in Europe and all its infrastructure and data centers there, due to somewhat more stringent data protection laws and better practice on this front. What good are laws if the government can just ignore them at a whim, throwing around wild accusations of terrorism to get its way and how they are just acting in the interest of public safety, the great new buzzword that justifies everything (together with the WoT of course). Everything goes if you have the power. So Countermail seemed even better. Unfortunately the Java applet Countermail is using just did not load on my Debian system, but it seems like a great service, complete with crypto key on USB if you desire and based in Sweden.
Both are somewhat similar in the sense that CryptoHeaven also provides a Java based client for download. I'm going to give you an overview of what it's like working with the communications suite complete with screenshots so you see what it looks like. Communications suite? CryptoHeaven does not just offer encrypted, anonymous email, it features a built in chat facility and secured file sharing and storage space. The web site states the source code is freely available for review.

Downloads are offered as deb and rpm packages as well as an extractable binary and a tar.gz file. That's pretty comprehensive as far as Linux distributions are concerned and Cryptoheaven is also available for Mac OS X and Windows and now also in Beta for Android. The current version is 3.8.2 Build #798. The company offers various products including a web edition for people on the road who wish to access their accounts without installing software. I used the full edition of the client for my purposes which is what I'm writing about here. The current build comes in at 10 MB for both the deb and the rpm file. Once downloaded you can install it with Gdebi or dpkg or if you're running Slackware or Arch use the tar.gz file, untar it and create a link or run it from the terminal. For me installing with Gdebi turned up no unmet dependencies and the package started straight away from the run program prompt. The package installs into /opt/cryptoheaven, with a link to /usr/local/bin.

If this is the first time you need to create an account which can be done right from the interface. A public and private encryption key pair will also need to be created.

Should you have forgotten your password you can try and recover it. For security mine is just showing a vague hint but it was enough to bring me back on the right track.

Once logged in you will receive a security notice if a password has recently been recovered.

Links to read up on the licence and, probably more important to most, on the security arrangements used with private and public key encryption, strength of available encryption etc. are accessible under the Help menu at the top.

Once all this has been reviewed we can get down to exploring the interface, basically an email client with added built-in functionality for secure messaging and file sharing. You get upgrade notifications and tips, similar to the landing page in Thunderbird/Icedove, on the main page after logging in.

Going into email, or eMail, view reveals a clean looking client with a nice and somewhat 'airy' light feeling icon theme. Yes, it's primarily an email client, how different could it be?

The compose window provides lots of options and honestly, I think this is one of the better and more functional editors inside any email solution. An address book is also there to store frequent contacts. Below are a few test emails to show off the inbox.

If the email is to be sent outside the trusted network, that is addresses outside the Cryptoheaven domain, you'll be prompted to either send the mail unencrypted or implement a challenge that the recipient will need to answer correctly in Q&A style.

Noticed the Record button in the screenshot above? One can also record and send secure voice mail.

Additional folders can be added if you like being organised and having your mail separated nicely.

File storage and sharing space. Cryptoheaven opens its own windows as dialog for uploading and downloading, drag and drop etc., not much different from using the Java applet from

The chat window with options to invite others and find registered members on the same network. You can keep a history of recent conversations if that's not a concern.

Unfortunately for some it is a proprietary solution and needs parting with money after the initial 30-day trial, but some things are worth it if your privacy and anonymity is important to you. There are various pricing plans for personal and business accounts. All the pricing information can be found on this page.
For a more flexible, free and gratis solution just for email try Thunderbird with the Enigmail extension. Friend Eric has written a little piece on employing this, with a couple o' links thrown in. Or you could go straight to the Enigmail handbook, available both as web page or downloadable as a PDF file. The handbook is relatively short and to the point, easy to understand and follow and is all one could ever need to set up encryption and digital signing with various email accounts.
For a similar chat capability Torchat could be suitable, used with Tor as anonymizer, but all these are not an integrated solution like you're seeing here. Anyway, the choice is yours.

Wearing my tinfoil hat, a word of caution towards the end. While working in market research in and around the IT industry many, many years ago I got to speak to a specialist in a company providing commercial encryption solutions to the market. The respondent told me that, working in the field and knowing what he does, he would never use online banking himself as it is, in his words, "not safe", and that was despite encryption and not the lack of it. There you are. So my advice would be, don't rely on it too much and don't do, say or post anything online you wouldn't otherwise.

Icon courtesy of

No comments:

Post a Comment

Please leave your comment here. Spam will be deleted.


12.04 LTS (1) 1280x1024 (2) 14.1 (1) absolute (3) accessibility (6) administration (2) afterstep (1) android (3) announcements (13) anonymity (5) anonymous (1) anonymous browsing (1) anti-malware (1) anti-virus (1) antiX (2) applications (1) arch (9) archbang (11) archone (1) authentication (1) backports (1) bash (2) bittorrent (2) block-this (1) bodhi (1) books (1) browsers (5) browsing (1) bsd (3) bug (2) bugs (3) calculate (1) centos (1) certification (1) chakra (2) changelog (2) chat (1) chatzilla (1) chromebook (1) chromium (2) click (1) commodore 64 (1) crunchbang (5) crux (1) ctkarch (1) debian (22) desktop (55) devuan (3) digital certificates (1) digital memories (1) distributions (72) documentaries (1) documentation (2) dr. web (1) drivers (1) duo (1) e17 (1) email (1) encryption (3) enlightenment (1) events (1) exit nodes (1) ext4 (1) fake (1) fallout (1) fallout 4 (1) fedora (6) file systems (1) firefox (3) flash (1) flush (1) fluxbox (6) fluxflux (1) FPS (2) free software (2) frugalware (1) FSF (1) fusion (1) fvwm (1) fvwm-crystal (1) games (10) gaming (9) gentoo (2) gnome (8) gnome shell (4) gnu/linux (4) google (2) google-chrome (3) graphics (1) grml (1) hangouts (1) hardcore punk (1) hardware (3) how-to (22) humor (2) icewm (3) init (3) init freedom (4) interview (1) introduction (1) jibbed (1) jwm (1) kanotix (2) kde (17) kde3 (2) kernel (6) knoppix (1) kongoni (2) kubuntu (1) LAS (1) libtorrent-rasterbar (1) linux (18) linux light (12) live (40) live medium (13) live system (7) liveslak (1) lxde (12) lxqt (1) mageia (1) mandriva (1) marine life (1) mate (1) media center (4) mepis (2) mint (2) mobile (2) mobile security (1) movies (5) mozilla (3) music (1) netbook (2) networking (4) news (3) nvidia (1) open source (1) openbox (14) openSUSE (2) opinion (12) other (5) overclockix (1) packages (1) pclinuxos (2) perl (1) poll (2) porteus (3) privacy (5) privoxy (1) programming (1) proxy (2) puppy (3) qbittorrent (1) qt (1) quick look (10) ratpoison (1) red hat (6) relax (1) release (1) reviews (49) rhythmbox (1) RPG (2) sabayon (5) salix (15) scientific (7) screenshots (2) scripts (3) security (3) semplice (1) server (3) shell (1) shooter (4) siduction (1) slackel (1) slackware (53) slackware 14.2 (2) slackware-current (11) slax (7) slitaz (1) smart phones (2) sms (1) south africa (2) specialist (1) spoof (1) surfing (1) systemd (2) table mountain (1) TDE (1) tegra k1 (1) themes (1) tinyme (1) tips (1) tor (3) torrenting (1) torrents (1) traffic analysis (2) trinity (2) trisquel (1) ubuntu (4) unity (2) unity linux (3) unix (1) upgrade (5) vector (2) video (3) vinux (2) virtualbsd (1) visual impairment (5) voip (1) vpn (2) wallpapers (3) window maker (4) window managers (1) wireless (10) xfce (15) youtube (1) zenwalk (3) zoo (1)

Tux Machines

DistroWatch - Headlines