You know those confidential messages you send via email? Guess what, anyone can read them. Most emails are sent to people unencrypted over the Internet. As these messages travel from one location to another, they could be easily read by the routers they travel through.
Email is still the dominant communication mechanism for most U.S. adults. And while there have not been many known breaches, a more secure email system will better protect consumers and keep them safer and better secure confidential information (like what you might send your lawyer).
Back in college, I used to encrypt my email messages to friends using PGP keys – it was cumbersome and difficult but all the cool geeks were doing it. Today people rarely send or receive encrypted emails because of its difficulty.
A Simple Way to Encrypt Emails at the Server Level
Instead of relying on individual senders to encrypt and decrypt emails, email servers could instead encrypt emails for a given domain. For example, if gmail.com is sending an email to gm.com, gmail could ping GM’s MX record for to see if GM accepts encrypted traffic and then gmail could choose to encrypt its email. Email encryption would look similar to that of browser encryption (HTTPS) using a standard encryption layer called TLS that handles all the handshakes and certificate exchanges.
As long as your domain accepts encrypted email traffic, anyone can send you an encrypted email easily. And while email will be decrypted at the domain level (like @oracle.com or @meebo-inc.com) and not at the individual email, at least the emails will be secure from email provider to email provider be able to travel safely between destinations.
Of course, there would be a significant cost to encrypting and decrypting data and domains might want more complex policies as to who can send and receive encrypted emails, but starting this process would provide a safer internet.
Special thanks to Bryan Duxbury for his help and edits.
Opportunistic encryption of email exists; here’s one implementation
http://www.postfix.org/TLS_README.html
and in Exchange
http://support.microsoft.com/kb/829721
and an RFC from 1999
http://www.rfc-editor.org/rfc/rfc2487.txt
Some or all of these may be superseded by the current state of the world, but this should be a starting point.
That said, all of the transport level encryption in the world won’t help you much if you have a rogue sysadmin ready to dump your database of email. (cf wikileaks)
Plus, people are cheap with their infrastructure.
I’ve been using a couple of wireless hotspots the last few days, and while very convenient, it made me think about security. The problem is that every time you check your mail, transfer files with FTP or connect to a server via telnet all the data, including your username and passwords, are transferred over the internet in plain text and therefore in danger of eavesdropping and password sniffing.
For public wi-fi hotspots, you can always use a VPN service like WiTopia.
Ok- I’ll dive in on this one. There is no doubt email should be more secure. I shudder to think how much of me email is scanned everyday by multiple severs and snffers. It would also be nice to share information anonymously. There is a website ( http://www.silentsender.com ) that lets you send messages to people without passing along your identity. It’s pretty cool and quite different from your traditional re-mailer and so-called anonymous email site. All the content between the user and the site is SSL encrypted (256 bit) and the message is sent from their mail server. The recipient never knows who it came from. Perfect if you want to report crime, corruption or communicate a story to the media and not get involved. A good alternative to plain old email.
It will only take one “major” breech of privacy for everyone to be up in arms and demanding more secure forms of conversation. It seems that most people take privacy for granted, and we may soon see the repercussions of our “must have it now” mentality.
Very interesting post. I really enjoyed reading it.