I’m not a particulalry techie person so i’d appreciate a relatively simple answer.
Why is it that emails can apparently be intercepted so easily? I know there are ways to encrypt email but why are they not more widespread in the general user community? And why do we need to encrypt them anyway?
Surely there is a huge incentive for people and organisations to reduce cost and environmental impact of sending mail the old fashioned way so why is it still so prevalent? I know there have been some reductions (i don’t get a paper bank statement or payslip for example) but what’s stopping a more fullscale move to email?
Part of the problem is that email was originally designed for intelligent adults that trusted each other not to be jerks. The same applies to many other parts of the Internet. Unfortunately, a large proportion of the human race doesn’t meet that standard.
It’s pretty easy for someone to send an email and pretend to be someone else. But is that really much differant from paper mail?
Almost all (99.9% I’d guess) the post sent with an address on it is delivered to that address. Just like email. I don’t think there’s a fundamental differance between paper & email system, just a perceived one.
Because of the way email works, it has some fundamental security flaws. Wikipedia’s entry on email privacy is good reading:
"Because e-mail connects through many routers and mail servers on its way to the recipient, it is inherently vulnerable to both physical and virtual eavesdropping. Current industry standards do not place emphasis on security; information is transferred in plain text, and mail servers regularly conduct unprotected backups of e-mail that passes through. In effect, every e-mail leaves a digital papertrail in its wake that can be easily inspected months or years later.
The e-mail can be read by any cracker who gains access to an inadequately protected router. Some security professionals argue that e-mail traffic is protected from such “casual” attack by security through obscurity - arguing that the vast numbers of e-mails make it difficult for an individual cracker to find, much less to exploit, any particular e-mail. Others argue that with the increasing power of personal computers and the increasing sophistication and availability of data-mining software, such protections are at best temporary.
Intelligence agencies, using intelligent software, can screen the contents of e-mail with relative ease. Although these methods have been decried by civil rights activists as an invasion of privacy, agencies such as the U.S. Federal Bureau of Investigation conduct screening operations regularly within the bounds of the law.
ISPs and mail service providers may also compromise e-mail privacy because of commercial pressure. Many online e-mail providers, such as Yahoo! Mail or Google’s Gmail, display context-sensitive advertisements depending on what the user is reading. While the system is automated and typically protected from outside intrusion, industry leaders have expressed concern over such data mining."
Aside from concerns such as hackers snooping your mail, and government monitoring, it’s also worth noting that there are many people authorised to read your email. Whether it’s an ISP or work account, there will be sys admins who have the ability to read any email in your account.
And how hard would it be for intelligence agencies to inspect the contents of Paper post before it’s sent on? I’m sure they could, I’d bet they have in the past.
My point wasn’t that email is secure, as you’ve rightly pointed out it’s fundamentally vulnerable, but I wouldn’t say it’s really more vulnerable than alternative systems.
Intercepts of paper mail to a particular person aren’t very hard to arrange. Intercepts of paper mail from a particular person are a lot harder to arrange (how to you catch it in order to look at it?). Intercepts of all paper mail in order to look for suspicious words and phrases would seem to me to be essentially impossible in a large country that prides itself on a (usually) reasonably fast postal system.
All of those intercepts become trivial for unencrypted e-mail, and even for encrypted e-mail the spooks could grab copies of encrypted messages to play with at their leisure and no one could possibly tell.
eMail was a chubby child and his parents were not very supportive. The other kids teased him and he never fully outgrew the feeling that no one really loved him.
OK, so i know email *can * be secured. What i don’t understand is why it has to be so difficult. maybe if i rephrase my question a little.
As far as i know the only commercially available methods of securing email relies on a two part exchange. That is to say i need to provide the recipient with a means of decrypting the secure email before i send it. I could be wrong but in my opinion, if that’s the only option then we will never see mass acceptance of secure email, it’s just too much of a pain in the ass.
What i don’t understand is why cant the process work like this:
You send email to your provider. When you set up your account you exchange keys with your provider thus allowing encryption between your own pc and your providers servers. This would be easy, just one exchange, no need to send it to lots of individual recipients.
Provider decrypts your message to them. Then re-encrypts the message using previously exchnaged keys before sending to recipients provider.
Reverse above.
That way your message is protected at each stage through it’s journey. Of course there is a need to trust the provider involved but that doesn’t seem to be a real concern, commercial survival can see to that.
I also realise that for all the providers in the world to have pre-agreed keys exchanged might be tricky but coul dbe overcome if smaller organisations had agreements with larger providers to carry messaging for them.
What am i missing? Or shoud i have posted this solution to the patent office instead of SDMB?
Well, there’s no reason something like that couldn’t be done, except the huge cost and the lack of an across-the-board will to do so. As mentioned above, email just wasn’t designed with security in mind, and thus it is hard to completely re-mould something now it is so huge. What’s in it for the free email account providers, for example? Plus, it probably wouldn’t take long for hackers to find a weak point somewhere.
It is a similar issue with spam. Technically, the whole thing could be redesigned to make spamming much, much harder, but the amount of companies, agencies, developers, etc, that would have to agree and work together on a total change in the system makes it pretty unlikely/impossible at this time.
This is the one thing where I agree that Microsoft isn’t a very good company. With their position in the market, they could easily create a new (open) email protocol and force everyone onto it. Yet they don’t.
Two years from now, we could have eliminated the grand majority of spam, but we won’t have because MS isn’t willing to pioneer.
What the? Microsoft isn’t an Internet provider and their mail system (Hotmail/MSN) is only a small part of the grand mail scheme. Why not harp on AOL, SBC, Google or Time Warner?
How many of the world’s SMTP and POP servers are running Windows? I doubt very many. First Google Hit
That quote refers to a SMTP survey… I don’t claim to understand the details, but the numbers stand.
Since Windows is playing catchup to the Unix environments that the Internet and Mail protocols run on. I would say your ire should be raised at Sun Systems first. Or some other Unix leader.
Yeah, it’d have to be a massive consensus with all big parties committed, from the end-users who’d be charged extra and have to change their software, to the developers, ISPs, universities, etc.
Standards agencies would have to be set-up, and it would have to be phased in over years.
I think a hybrid solution with one-to-one encryption offered by people like Verisign for sensitive email, and plain text for non-sensitive is the more likely route forward. <— Of course, on edit, this is irrelevant for spam, sorry.
Yes, and it’s proprietary and only a small fraction of e-mail users use it. What if you want to send an email from a Lotus Notes user to a Microsoft Outlook user? There are encrypted solutions out there; the problem is finding ONE solution suitable for everyone (or at the very least, several solutions that can somehow interoperate with each other).
Public/private keys make it a lot easier than you describe. I publish my public key on a public key server such as http://keyserver.veridis.com:11371/ . Then, if someone wants to encrypt an email to me, they can look my details up on the server, get my public key, encrypt the message and send it. Most good encryption programs for mail will do this invisibly - all the user has to do is select the option to encrypt the email, and the plugin then looks through it’s list of keyservers to find a public key matching my email address. It can be completely painless for the user.
The problem with the above scheme is major - you have to trust that your ISP won’t read your emails, or archive them, or pass them onto government authorities, etc. Any encryption scheme where you allow a third party to decrypt emails means that you have to be able to trust them completely. In a day where governments routinely force ISP’s to record emails and pass them details, that seems to me to be a flawed scheme
Oh yes, no doubt. I just was pointing out that it is possible to do it in a relatively idiot-proof mannner… that there’s no technical reasons e-mail can’t be both simple and secure.
