Against the silos: usable encrypted email & the quest for privacy-aware services

Technologies that allow for privacy in the communications, allowing the escape from the pervasive massive surveillance, have been there for some years now, but yet its use by the general public is far from widespread. The challenge, in our view, can be defined by one of making usable crypto. Usable for the end user, usable for the sysadmin and for the fellow application developer. In the quest for massive adoption of encryption technologies, we’ve been forging several python packages to solve different problems, always standing in the shoulders of giants. We bring some tales from the trenches to share, from our humble experience trying to deploy clients and servers to provide Secured Encrypted Internet Tunnels and Encrypted Email. This includes interesting challenges dealing with key management, automatic and secure software updates, and processing of email while using stock cloud providers, while still being resistant to hostile environments. We’ll show a webmail email user agent based on this architecture, a promising future for decentralization and privacy. We’ll also talk about how to store locally encrypted data, and will present Soledad (Synchronization of Locally Encrypted Data Across Devices). Soledad is a library with server and client components that allows the development of different applications based on client-side, end-to-end and cloud-syncable encryption of private data. We’ll play with some toy apps to showcase its features and potential.