Kinko is an crowd funded project building an external hardware device for email encryption and decryption that will work in the background with any operating system using well established open source technologies like GnuPG and OpenSSH.
The Kinko Project supports Intel and ARM architectures, translated into plain English this means desktop and single board devices like the BeagleBoard. A pocket sized Kinko prototype already exists and it has a microSD slot for data storage, 512 DDR3 RAM and a fanless design with a Rhombus Tech ARM A10 Cortex-A8 CPU.
Kinko comes with a front end to manage GnuPG keys, a simple to use webmailer running Dovecot, offline IMAP and SSH. It is like running your own small email service at home with support for up to 10 people. Kinko is compatible with any email client but it will not work with webmail services, the only way to send email through a web interface is by means of Kinko’s build in webmailer.
Kinko GPG hardware email encryption
There is no central server with access to your encryption keys, when you receive an encrypted PGP email Kinko will automatically decrypt it using the keys manually added to the box, detecting public keys attached in the email message or fetching them from a keyserver. User intervention is kept to a minimum, you will only be asked if a recognized public PGP key should be accepted or not.
What Kinko can not do for you is to encrypt email metadata, this is impossible due to OpenPGP specifications but you have the option to replace email subjects with a standard innocuous phrase.
Email messages are sync in between your computer and the Kinko box with IMAP, the connection is secured with TLS and a private encryption key that only Kinko knows. To access your email outside your home Kinko can be tunnelled to the public Internet with OpenSSH and accessed with any email client supporting IMAP or a web browser.
The price of the Kinko box is not yet known but I am elated with the specs and initial presentation. I only see two downsides, one is having to plugin yet another device to my collection of computer hardware, and the other one is storing my email messages at home.
PGP email encryption Kinko Project
All data is encrypted and password protected when you first set up Kinko, but that will not stop physical threats to hand over the password from anybody breaking into my house, adding that in some countries it is illegal to withhold your password from law enforcement.
I think that the device is extremely user friendly and time saving but something Kinko will not do for you is convincing or training your friends and colleagues about the importance of email encryption. Until people is willing to use PGP for email, it won’t matter how comfortably you can encrypt and decrypt messages, there will be no mass adoption.
Kinko is something that small businesses might want to look into, private users will have to consider first what are the chances of abusive law enforcement breaking into their home and demanding the password for their encrypted Kinko email box.