May 13 2021 GM

From TCU Wiki
Glitter Meetups

Glitter Meetup is the weekly town hall of the Internet Freedom community at the IFF Square on the IFF Mattermost, at 9am EDT / 1pm UTC. Do you need an invite? Learn how to get one here.

  • Date: Thursday, May 13th
  • Time: 9am EST / 1pm UTC
  • Topic: Feedback on Thunderbird
  • Featured Guests: Gus Andrews (@gusgus on Mattermost)

Do you or people you teach use Thunderbird? Are you frustrated with bugs and other difficulties with encrypting your mail? The Thunderbird developers want to hear from you. Join us for a group chat event to gather community feedback, and explore other ways the community can shape a more usable Thunderbird. We want to hear from all Thunderbird users, whether you use the old Enigmail GPG setup or the new built-in encryption!

Bio: Gus Andrews is Digital Protection Editor at Front Line Defenders, working on updating Security in a Box. Previously, she worked on secure tools usability on a Simply Secure fellowship and before that at the Open Internet Tools Project. She has helped organize the Hackers On Planet Earth conference and was the producer of The Media Show, a video series on digital and media literacy.

Community Updates

Topic of Discussion: Feedback on Thunderbird

  • So as some of you know, when Enigmail was the way to encrypt Thunderbird email, they had some great success bringing the Enigmail team to the IFF and converting them into champions for human rights workers, activists, and journalists who face high risks because of their work. Part of Gus goal is to do that again with the core Thunderbird team who are incorporating OpenPGP, so they stay focused on the needs of the people in our community.
  • The Thunderbird developers have expressed that they sometimes struggle to figure out which bug reports to address. They get requests to fix problems that are specific to highly-skilled users who are doing unusual things with, for example, child keys, that the average user is not actually concerned about.
  • So let's start by telling them who the digital rights community is, and what we need!

Where are the people you train to use encrypted mail? In a few words, what kind of work do they do that needs encryption?

  • One participant said that Investigative journalism focusing on exposing corruption and organized crime and they're scattered across the globe. Except on the north and south pole.
  • Other one referred at their community: These people are specifically in sub saharan Africa and they are journalists, frontline activists, HRDs and any orgs that want to secure their 'sensitive' communications
  • Another participant said that they do not train people to use Thunderbird, but they ship it in Tails. They also have to answer questions about it sometimes. They are different kinds of people, see our personas
  • A person added activists, journalists, NGO Folks and FLOSS
  • Technologists and encryption evangelists that may not face serious threats, but default all comms to encrypted; and human rights defenders, activists journalists with or without a lot of technical skills who are working in high risk environments and need to keep comms as secure as possible for security reasons.

Can we say a little more about types of activism? About the risks they face if their work is found out?

  • Most folks that are working in digital rights are either folks experiencing the most acute forms of surveillance and direct attacks because of their work, or are their allies.

What do your people in your community need encrypted email for? Do you have any success stories?

  • When authorities were raiding a newsroom in eastern europe to find out who their source was, they couldn't figure it out as the emails were encrypted. Also, sometimes the forensics firms are not very good in e-discovery cases and they don't spot the PGP emails.
  • We have noticed that people are switching so much more to apps like Signal, Wire, etc....than email / pgp. It is too difficult to use PGP if the people you are working with don't know how to use it
  • It's usually for communicating sensitive information and sharing sensitive documents through email as an organisation. They might be working on issues that might disclose locations or any information that can be used for unlawful arrests. And we do have success stories of about 4 whole orgs that have internally be using Thunderbird for the past 4 years
  • Individuals that we work with will sometimes prefer encrypted comms even to discuss localization of projects/technologies that might be considered subversive by local government or could even be considered illegal.

What devices/operating systems do people in your community usually use? What's their level of comfort with technology?

  • Lots of mobile phones recently, but it's very diverse depending on their demographics.
  • Android, Windows, iOS, macOS, Linux-based in that order. Mobile over desktop.
  • From Chromebooks, Windows, Mac and Linux, ranging from clients like Thunderbird, Gpgtool and Apple Mail to Mailvelope in the browser. Some are more comfortable with technology than others, but we have a dedicated helpdesk team that trains people when they join and we do security checkups when needed and also yearly. As well as Android and iOS. But we don't want to have their PGP key on mobile.
  • These vary honestly but for the majority who we have gone as far as training encryptions the majority are running Windows operating systems and their level of tech comfort is good
  • In our team we have different levels of technology use. some people runs their own email server. Our users may be the first time they use an email client, as opposed to webmail. We have lots of users with connectivity issues, they like email clients because of this.

Do you have any stories of people abandoning Thunderbird? What are the risks when they do?

  • We see a push for web based email for various reasons, especially when people are traveling. (ie,they have a second device and means they don't have emails downloaded on their computer). Second, when Enigmail stopped, that caused a lot of well, maybe time to experiment with Mailvelope etc.
  • A participant abandoned Thunderbird: it really affected their work efficiency, but was having ongoing SMTP server issues and really disliked the built in encryption too. Moved to Mailvelope which has been great to have as a fallback, but not near as efficient as my old Thunderbird / Enigmail workflow.
  • We started looking around other clients... we looked at mailvelope and apple mail + gpgtools but after thunderbird fixed some issues, it wasn't as bad as it was. However, I still really wish mailvelope's seat buying would make a lot more sense but it doesn't and it isnt transparant. Also, exposing trusting of keys before sending emails and not being able to TOFU keys because it gets fetched from seems a bit.. too complicated for most users. if you want mailvelope to work properly with other PGP implementations and be able to send encrypted attachments (or something like that) you need to buy a license. But you can't tie a license to a user! So you buy 10 licenses and the first 10 who use mailvelope in a new month get the license attached to them. It's very confusing UX.

Can you tell me more about which parts of the new encryption setup were hurting your efficiency?

  • it was merely because of the mobility issues, as the orgs had now to work more in the field hence a change of device from laptops to maybe mobile phones/tablets which then made it hectic to receive and send encrypted emails.
  • A participant said that they consistently had issues with keys not being recognized.
  • The email filters have stopped working because of AUTOCRYPT, and this has affected communication with other Thunderbird users as well. When they try to send mail for a person and they dont have the key, they need to go to the main interface to import the key on Thunderbird's keyring. It would be much easier/quicker if you could import it from the menu that tells you that 'it does not have the key'

When it comes to encrypted email, what do your trainees struggle with most?

  • A participant said that they miss the 'per recipient rules' feature horribly. They try to encrypt as much email as possible, so they have encryption on all keys settings. But some emails cannot be sent encrypted. For example, email to mailing lists, or people that do not have encryption keys. They used to be able to select an email address and add a rule, for example for mailing lists they will select 'send unencrypted'. Now they cannot do that, and they get Thunderbird telling them each time they send email to a mailing list that it has no key to encrypt to it. Sometimes they send several emails to the same mailing list, each time they need to unselect encryption on the message composition window.
  • The removal of the password for both encrypting and decrypting is literally saying that we trust Thunderbird to do it for you and remove the user power

Are there any bugs or parts of the Thunderbird encryption interface you notice that are hard to use?

  • A lot of our users are struggling with the by-default encrypting of subjects, we still can't seem to turn it off under Linux, maybe this is solved for Mac and Windows? It's on the radar of the team of thunderbird though.
  • E-mail send from mailvelope to thunderbird that's encrypted is causing issues as thunderbird doesn't always recognizes it and auto-decrypt it. Or it has broken threads in the past as it needs access to the google gmail API that's only accessible in the paid version of mailvelope.
  • We need tips about using PGP on thunderbird that are popping up from time to time (ie, educate folks). * Reminders to put in your password. People don't realize how easy it is to forget your password, and that you can't get it back. Authy i think does this, reminds you every so often to put in your password, and reminds you DON'T FORGET IT.
  • A team wanted to encrypt their list with schleuder but they couldn't find anything as the subjects were encrypted
  • Thunderbird Master Password: So as a way to try to secure Thunderbird app from being opened, when you put the password you can wrongly enter the password like 3 times, then press the cancel button and boom you are in; Thunderbird then opens, yes you will get to see all the emails and yes the password prompt will keep on popping up but you can always continue to cancel it and continue scrolling emails. This is happening on Windows 10 Pro Version 20H2.
  • Participants feel unsafe without the need of giving the key password each time they sign an email or open encrypted emails.
  • when switching from old computer to new computer, sooo incredible difficult if you are not technical
  • Key management/discovery/import is a huge pain - key trust and bulk or default settings (Some people have over 1000 keys previously trusted-by-default/TOFU, now every time you send an email to a contact you haven't emailed in 78 you have to manually go through and set key trust per recipient; we explicitly don't want to do this, this is a rewind to 90s era cryptoparty/web-of-trust stuff which never caught on and most tools have moved past
  • auto-discovery (and TOFU) is not great (partially because the keyservers are basically dead and not everyone has moved to; also auto-import of attached keys doesn't seem to be working for Ubuntu, but is going to the system keyring instead
  • It was just easier to have an option to export both the private and public key from the Key Manager window like what it did in the other versions.
  • Looking the feeling of being in control of their encryption and decryption of emails. Never underestimate the power of entering that password to decrypt an email, its powerful for some user to FEEL like their in control and on top of protecting their sensitive communications

Newer folks: talk us through your decisions to use encryption tools. Did you consider Thunderbird, but found it was not a good tool for you and your community?

  • Most folks that we work with are using Signal, and if they need to use encrypted email, they're using Protonmail. We are still working on helping folks have an understanding of what E2EE means and what content needs to be E2EE. Our risk profile is not as high as many others in the chat since most groups we work with are 501(c)3s (their identities & work is known, legal, and required to be documented by the government).
  • The new folks got into Thunderbird to easily use my email service. They really like how they can manage all email accounts but have been doubting to continue. They were advised it was not too safe as it downloads the emails to your computer.

So the Thunderbird devs are definitely thinking hard about "opportunistic encryption" (autocrypt). Could you talk for a second about the benefits your community might get if this worked well, but also the risks they might face if it doesn't?

  • A lot of time folks want to send an encrypted file to folks, but the idea of having to then train people or ask them download also PGP/Thunderbird is such a headache. We are all so strapped with time. There is never enough time in the day, and you just want something that works and is painless.
  • Would love to at least learn how to use Thunderbird & PGP. The user is truly in control, and not reliant on a private company. Would like to be able to offer it as an option to the groups we work with that don't have a budget and who we can't give grants to (i.e. the non-501(c)3s).

Is AutoCrypt more trouble than help, if the keyservers setup is still a pain?

  • Autocrypt would be OK with a little UX help