|Home Forum RSS PGP Alerts Links (D)|
Email securityComment on this article
Email is a very useful medium, but should be used carefully in some circumstances. What I'm mentioning in this text is just the most rudimentary common sense. I'm not at all intending a full treatment of the subject.
Don't send sensitive content in email, if it's unprotected. You may reason that with all those millions of emails going through the networks, the risk of somebody chancing onto that one email where you send a friend your username/password to something, is negligible. It isn't, since there are network sniffer software that just sits here and there on the net checking every message going through for certain keywords or phrases, such as "user name", "logon", "login", "password", etc. So as soon as you mention your "password" in the text, the message is copied to the villain on duty.
Similary, sniffers are looking for words such as "credit card", "visa", "mastercard", etc. Nothing stops them from actually checking for strings looking like credit card numbers, even if you avoid using the above words.
That said, it should be clear that you should never send login information over email unless you protect it somehow. The simplest, cheapest and most effective encryption is probably PGP. You can get a freeware version from PGP Corporation and it's really easy to use. With it, you can encrypt and sign text and files. An easier to use commercial version is also available, though I have to admit I've never even tried it.
Note that the GNUPG project also develops an open version of PGP. There's a selection of related free programs on their site, but I haven't used any of them yet, so I don't know what to recommend. But it sure looks like a goldmine. (Thanks to Johan Marechal for pointing this out to me.)
Make your key available
Since you do want people to be able to send you encrypted email, you should make your public key easily available. If you have a homepage, put it there and include a link in your emails. Also include the "fingerprint" in your emails, on your calling card and keep sprinkling it around. With that fingerprint, it's easy for anyone to confirm that the public key they got from your homepage or another server indeed has that same "fingerprint" and hasn't been replaced by some other person or thing. For instance, my public key has the following fingerprint: "C18A F357 D8AA E4D1 C334 D4FD 32CB 5D56 C7D5 6E11", which is easy enough to check if you load my public key into PGP and then check the "key properties".
Encrypt even if you don't need to
Don't just encrypt messages that contain secrets. If you do, you're actually advertising the fact that you're doing something interesting. The more trivial stuff you encrypt, the more you can tire out the people that want to stick their nose into everything all the time (read: governments). Also, if you keep asking people to encrypt, you contribute to spreading the good habit. It's actually amazing how little this system is used, considering it's been around for many years, is very stable, easy to use and totally free (if you're a corporation, though, you have a pay a little bit for it). It's also as close to unbreakable as you can get.
Solution to spam
If we required all email we receive to be digitally signed, we could simply reject any message without a digital signature. Naturally, since spammers can sign spam just as well as anyone else can sign their own messages, we also have to check who that person actually is. Now, there's two ways to go: either we use the signature to verify that the sender is not a spammer or we use the signature to track the sender down and punish him/her.
Signature as a sign of non-spam
In this case, the signature needs to be certified by a public certification authority of some kind. That authority can then revoke the certificates of known spammers. A similar system is currently used for code signing. The authority need not be commercial, it can be built upon a buddy-system like the PGP PKI ("Public Key Infrastructure") is. That is, if the signature you get is signed by someone you know, or at least respect, you let the mail through.
Signature as identification
If the signature unequivocally identifies an organisation or person, we can go
after them through the courts if they spam us. Currently, it's very hard to
prove who is responsible for spam and to get them in front of a judge.