About email security

I’ve just finished reading a post from Jeff Atwood about the reasons to not ask for an email password as part of your service.

Appart from the fact that I agree with the article in every point, it caught my attention because it still amaze me the way in which email is regarded as private as a letter in an envelope when in fairness is more like a postcard.

I have a good number of email accounts around there, some in free providers like Gmail, some in a few domains hosted for me by my hosting provider, and a couple more living in my servers at home, but I could not think of them as ‘safe’ at any point. They are increassingly difficult to setup and maintain (Gmail is trivial, the hosted accounts are OK, my own email server is giving me hassle nearly every week), and none of them is safe.

At some point (I don’t know if it still the case) Gmail was expected to search through my emails to present me with appropiate adds (I dont see a ‘searched’ email as safe). I have no idea about how my hosting company have their email service setup, or who has access to it, then I must assume that at least a few persons have control on it (the administrator, postmaster, and a few guys in support probably). At home I have a server in place, which should be pretty safe, but I am not a full time sysadmin/postmaster, then I am never sure about the holes in the network/services running in my own network.

In the end, email is open, but we keep assuming than nobody can access it appart from the sender and receiver. We send confidential documents by email, and passwords, and photos, bussiness plans, love letters, whatever, and they are flying with signs asking to open them on the way from one point to the other. Human mind is very strange :)

I use PGP to encrypt mail with a few contacts who are using it as well and that make a difference, but there is not too many people around who knows or care about PGP, and I haven’t seen an Internet company using it (not my bank, PayPal or any other service dealing with money, which I guess should be very interested in this kind of problems).

One idea that is around my head since a few months ago is the fact that we have now enough spare computing power in most houses to manage this kind of services without too much trouble. Right now I can see a portable DVD player which can process DivX files (I still have around a 486 motherboard that run out of breath trying to process MP3s), a TV that boot up with a logo from the maker (making me suspect that there is a micro processor there with more power than the first five computers that I used), and a couple of discarded mobile phones which can run Java applications. Probably any of them should be enough to deal with a encrypted mail service, easy to setup by a normal person, instead of being sitting there with a light saying that they are ready to do what they do whenever you pay them any attention.

Now I only need to decide if I want to sit down and write some code to implement this idea ;)

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

3 thoughts on “About email security

  1. Doug

    Encrypted email should be easy enough to use and secure enough to significantly reduce the risk of jeopardizing your privacy.

    A better solution than PGP is Identity Based Encryption (IBE). It allows you to send encrypted email to anyone. You just need their email address. Try it yourself at http://www.voltage.com/vsn

  2. Rick

    There is an email service called “Sub Rosa” that should meet your requirements at http://www.novo-ordo.com. It uses encrypted links, supports PGP, stores mail on an encrypted partition and is located outside the FBI’s reach. (I assume nothing is outside the NSA’s reach.)

    The website also has a lot of useful information on how to make email and computing in general more secure.

  3. Eduardo Post author

    Hi Rick,

    Sub Rosa is interesting, but I still thing that this kind of service is not the answer. For example, they say that their disks are encrypted with Truecrypt, which seems to be very good (I can say that from Truecrypt because I saw the source code and seems to be doing what is supposed to do, even than I will not guarantee it with my life because didn’t go to every file and reviewed it :) But how can I be sure about the quality of the password they are using? Even worst, how can I be sure that Sub Rosa is not the FBI, or the chineese government, or the maffia?

    I don’t see how to deal with the situation without open source applications running at the user side.

Leave a Reply

Your email address will not be published. Required fields are marked *