jamesadrian wrote:
It seems that some of you fail to see the magnitude of the opportunity and the outrageous effect on upward mobility that the absence of secure email produces.
There is no opportunity.
All of the large providers encrypt email transport. They are not required too, but they do. This is not message encryption, its transport encryption. Email has been one of the last system to have pervasive transport encryption, but all of the large providers do this today, and all of the popular server implementations support it. Does your provider or company support it? I don't know. But odds are high they can support it. This encryption protects the email message stream as they move from server to server.
All of the major email clients support encryption, and the major providers require the clients to use the encrypted streams. So, this means when your email program downloads Aunt Ethel's "Country Style Meatloaf" recipe, it's encrypted on the wire. This protects the messages from client to server.
At no point here are the individual messages encrypted, rather they are tunneled through encrypted connections. On the web this is the same as HTTPS vs HTTP.
If you wish to encrypt your individual email messages, you can do so today. It's easy and automatic, but requires setup and cooperation between you and the party you wish to send mail to. Gmail supports this out of the box, Apple Mail supports this out of the box. Thunderbird supports it out of the box. So does Outlook and Exchange. So, that's some silly proportion of potential email traffic that can handle encrypting individual email messages.
To use this feature, you must acquire a certificate that represents you, and, similarly, get a public certificate that represents the person(s) you are communicating with. You and your compatriots exchange certificates These certificates are used, leveraging Public Key Encryption, to individually encrypt email messages. The client software handles the encryption and decryption for you automatically. This is much easier today than it used to be.
The downside of encrypted mail messages is that they tend to be stored encrypted. This makes most email searching tools essentially worthless, as you can not search encrypted messages (certainly not efficiently). And, of course, sending an encrypted email message does not make you immune to traffic analysis ("They(tm)" can see that you sent a message to Bob, "They(tm)" simply can not read it). "They(tm)" can also read the subject of a normal encrypted message, so be careful with that as well.
Turns out that, in the end, most folks like to be able to search their email, so this is one nail in the "encrypt your email" movement. You can say, "Well, I'll just store in decrypted" and thats fine, but if that's your criteria, then the modern use to TLS encrypted back end traffic more than likely meets the same encryption requirement.
See, Back In The Day, the email was really set up as a bunch of relays, where messages could hop from server to server until it reached it's destination. This was a side effect of the early UUCP system, with lots of store and forward, and also older network topologies. Of course email can still do that, but in most case it doesn't. Rather, it leaves your client, hits your providers email server, who sends it directly to your recipients server, who then stores it for later retrieval by the receiver.
Back In The Day, we would rely on the concept of "relaying" to help move messages. With all of the spam and what not, that idea is pretty much dead. Every thing is basically direct, using vetted connections to trusted servers. Yes we still have spam, but a lot of that is from hacked accounts rather than rogue servers lying to you telling you that they're "yahoo.com". Any relaying is done on internal infrastructure isolated behind firewalls and what not rather than out on the wild west internet. So, it should be heartwarming to know the gazillion bot net infested Windows machines out there are spamming the globe through trusted, secure transmission pipes.
So, since relaying is dead, its reasonably safe to assume that your traffic, especially through the major providers, is encrypted during its entire journey. If your message is ending up at joe.com's email server that your friend Frank set up by parroting a 12 year old blog entry, then, yea, that last leg is likely not protected. Tell Frank to fix that.
Not even here, in the United States, are the TLA agencies sniffing encrypted TLS traffic. I mean, they are doing that, but they can't really do much with it. If they want your Gmail account, they'll ask Google. They don't need to decrypt it.
So what does all this mean?
It means that anyone interested in end to end messaging security a) likely already has it and b) they can take it the extra mile through simple processes.
But heres the news.
Nobody cares.
Enthusiasts care. Political Dissidents care. Criminals and Terrorists care. (It's a shame the groups are in the same boat, but such is the way of dual use technology) But Humanity in the large? No. They don't care.
The public at large may feel warm and tingly if you told them about the channel level encryption going on. They'll probably feel safer. They should, they ARE safer. I can't speak to people in other countries, I can only talk to folks in the modern western world.
But do they care enough to actively participate in message security? More importantly, are the people they communicate with willing to actively participate? You may want to encrypt your messages, but what of Aunt Ethel. Is she on board? You willing to train her? Support her with technical problems? Willing to scale this support to you entire family and friends?
Most answer that "no". Even with the modern software, it's a PITA.
My company sells secure messaging for medical data. Patient records, referrals, etc. It relies on open standards (including all of the ones I've talked about so far, plus others), and it's a combination of not just encryption but an entire trust relationship among the participants. We send the message over the open internet, but they're individually shrouded and encrypted. The end user experience is just like normal email -- they don't have to do a thing, and it works seamlessly for them. We move millions of messages a month among thousands of providers and interface with other vendors systems. You can ALMOST achieve this with off the shelf clients and software, but in the end, its a PITA. So, it's much easier for folks to sign up with someone like us.
My personal phone is encrypted and a brick without my passcode. If you have a modern phone (< 3 years old), odds are yours is too. My personal machine is the same way. All 5TBs of storage is encrypted. No password, no data. Steal my computer, you get a hard drive filled with white noise. So, I'm not particularly motivated to store encrypted messages. I like being able to search my email.
Anyway, that's why there is no opportunity. It's already being done, you just don't realize it, and most be people aren't willing to take active steps to work the problem anyway. Finally, of course, it's just so much easier to simply infect the machine or send a slew of spear fishing emails at folks to get them to "confirm their account information before we repossess your home", or whatever the email with links to Eastern Estonia says (where everyone know Wells Fargo hosts their servers...).
Login
Register
FAQ
Search
