It was about seventeen months ago that mailbox.org started out, offering a fully-encrypted e-mail inbox to its customers. The success of our service so far has shown that PGP can work well for everyday users and everyday use cases. It has also proven the feasibility of an underlying principle, where a provider can successfully operate their e-mail service without having or needing access to any of the emails stored in user inboxes.
Right from the beginning, it was clear to us that providing plain PGP encryption for e-mails can only be a first step. What was still lacking at the time was an easy-to-use mechanism that can be integrated into web-based mail clients to provide secure access to e-mail from anywhere. There have been some developments, like the well-known PGP plug-in Mailvelope for Mozilla Firefox, which also works with mailbox.org. However, solutions like this one appear to offer only limited encryption, may have problems with some basic e-mail functionality (like the handling of mail attachments in a cloud-based file storage setting), and are not really straightforward to use. We believe that simple PGP plug-ins present half-baked solutions, as they are not fully integrated in a Webmail client, and often rely on non-standard ways to decrypt e-mails (e.g., via cut & paste operations).
mailbox.org now has a solution at hand which demonstrates that encrypted communication can actually work in the web browser: Securely, conveniently, and for everybody.
Are PCs and mobile phones secure?
The situation described above has been a huge motivating factor for our own effort to develop comprehensive PGP support for Webmail over the past 1,5 years. Encryption, decryption, electronic signatures, and the management of public keys all represent essentials for using PGP securely and transparently in everyday communication.
It certainly took considerable brainpower to deliver the conceptual framework, plus a lot of patience and persuasion to sort out the technical details – yet a few weeks ago, we were able to start our countdown for launch:
We hereby proudly present the “mailbox.org Guard”, available for all mailbox.org users as of today, 2 July 2015.
Together with Open-Xchange, the manufacturer of our Office software suite, we have developed the first (as we know) comprehensive PGP implementation for Webmail, offering secure access to PGP-encrypted e-mail from everywhere, around the clock. By the way, the solution also allows encrypting all personal files on the mailbox.org Drive using PGP. Our aim is to ensure that only the rightful data owner can actually access that data.