Why Confidant Mail is better than "secure" webmail

TL;DR: Webmail is only as secure as the service provider. Confidant Mail does not require you to trust the service provider to stay secure.

There are a number of commercial service providers offering "secure webmail" accounts, and claiming that they do not hold your private keys and cannot read your email. Despite any claims they may make, such providers are not and cannot be as secure as client-side encrypted email systems such as Confidant Mail or Enigmail. Secure webmail is "casual security" and is good enough for everyday protection against nosy people. It cannot protect you against any serious and motivated adversary. The honest providers will admit this somewhere in their FAQ.

Most of these services do the cryptography in your browser using JavaScript. Some use Java or browser plug-ins. They either save the private key on your local system, or store it on the server encrypted with your passphrase, or they actually derive the private key from your passphrase each time you sign in.

The first basic flaw in this system is that the server provides the code that your machine uses to perform the encryption. The service provider can always modify the code to steal your private key if he wants to, or more likely, if he is forced to. At least one secure webmail provider shut down rather than be forced to compromise its users.

Anyone who can hack the service provider or get a bogus SSL certificate for the service provider can also compromise you. This only has to work once, and the attacker has your private key and can decrypt everything forever.

The second problem is, browsers are insecure. They run plug-ins. They run Flash. They run multiple applications in the same process. The browser and all those plug-ins automatically update from various servers. Exploits are found all the time. You only have to get exploited once, just long enough to grab that few hundred bytes of private key, and you are owned for as long as you use that identity.

If you want real security against serious adversaries, use client-side encrypted email, not webmail. The Confidant Mail server cannot obtain your private key, because it does not provide the code that does the encryption. Confidant Mail does not have an automatic updater, for exactly that reason. It notifies you to update, but an adversary cannot force an update.

If your computer is hacked, your private key will still get stolen. You need to secure your computer, but you do not need to trust the server. You should also use the encryption subkey rotation feature, added in build 0.26 of Confidant Mail, so anyone who steals your key only gets the most recent messages rather than your entire history.

Here are three supporting articles that back up my claims: