WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! Security Warnings for Mailcrypt As usual, the weakest link in a cryptosystem is how it is used. As far as we know, PGP and GPG are completely unbreakable, even with the full resources of the NSA on your trail. However, there are many other ways for your secrets to be found out--let the user beware. NT Users: Mailcrypt might leak your passphrase! We have reports that Mailcrypt/PGP 5.0 works on NT. We've also had reports that it doesn't work. So far, no volunteers have come forward to make sure it works correctly on NT. One report, though, you should be aware of. One person has tried using Mailcrypt on Windows NT, with poor results. Much later, he looked in a temp directory and FOUND HIS DECRYPTED MESSAGES, WITH HIS PASSPHRASE TUCKED INSIDE. This is certainly no joke. Many workstations carelessly share their whole filesystems across the network. Many are shared by multiple users. Temp directories are usually world-readable. This means that someone might learn your passphrase if you use Mailcrypt carelessly on an NT workstation. Here is what you can do about it: 1. Volunteer to test Mailcrypt on NT, and fix this problem. 2. Try using GPG on NT instead of PGP; there is a good chance this problem is not present with GPG. BUT TEST THIS CAREFULLY BEFORE TRUSTING IT! 3. Only use Mailcrypt on a workstation over which you posess sole physical control. Tightly restrict network file-sharing, and clean your disk often with a secure wiping utility. Other Security Issues Other security issues are standard concerns. * Make sure that nobody can look over your shoulder when you're typing your passphrase. * Do not store decrypted messages in publically accessible places. * Do _securely_ erase any files you won't need again. * Do _not_ run Mailcrypt remotely through a telnet connection; your passphrase will travel across the network/Internet in the clear. If you trust ssh, go ahead and run Mailcrypt over an ssh connection. * Do _not_ store your keyrings on shared machines (including mainframes) if you can help it. Secret keys are encrypted on your keyring, but why tempt fate? Furthermore, storing keyrings on mainframes increases the likelihood that you will end up transmitting your passphrase via telnet.