Forum Chat

Mar23,13:31 Johan Marechal
Wees gegroet
Sep20,17:50 Vicente Duque
Kim, Martin, Others :...
Jul07,11:10 Johan Marechal
Jul05,21:13 martin
Fastest in the bush
Jul05,07:48 martin
Jun28,21:16 martin
New domain / new blog!
Jun28,21:11 martin
On posting etiquette

Email security

Comment on this article

Email is a very useful medium, but should be used carefully in some circumstances. What I'm mentioning in this text is just the most rudimentary common sense. I'm not at all intending a full treatment of the subject.

Sensitive content

Don't send sensitive content in email, if it's unprotected. You may reason that with all those millions of emails going through the networks, the risk of somebody chancing onto that one email where you send a friend your username/password to something, is negligible. It isn't, since there are network sniffer software that just sits here and there on the net checking every message going through for certain keywords or phrases, such as "user name", "logon", "login", "password", etc. So as soon as you mention your "password" in the text, the message is copied to the villain on duty.

Similary, sniffers are looking for words such as "credit card", "visa", "mastercard", etc. Nothing stops them from actually checking for strings looking like credit card numbers, even if you avoid using the above words.

Encrypt it

That said, it should be clear that you should never send login information over email unless you protect it somehow. The simplest, cheapest and most effective encryption is probably PGP. You can get a freeware version from PGP Corporation and it's really easy to use. With it, you can encrypt and sign text and files. An easier to use commercial version is also available, though I have to admit I've never even tried it.

Note that the GNUPG project also develops an open version of PGP. There's a selection of related free programs on their site, but I haven't used any of them yet, so I don't know what to recommend. But it sure looks like a goldmine. (Thanks to Johan Marechal for pointing this out to me.)

Make your key available

Since you do want people to be able to send you encrypted email, you should make your public key easily available. If you have a homepage, put it there and include a link in your emails. Also include the "fingerprint" in your emails, on your calling card and keep sprinkling it around. With that fingerprint, it's easy for anyone to confirm that the public key they got from your homepage or another server indeed has that same "fingerprint" and hasn't been replaced by some other person or thing. For instance, my public key has the following fingerprint: "C18A F357 D8AA E4D1 C334 D4FD 32CB 5D56 C7D5 6E11", which is easy enough to check if you load my public key into PGP and then check the "key properties". 

Encrypt even if you don't need to

Don't just encrypt messages that contain secrets. If you do, you're actually advertising the fact that you're doing something interesting. The more trivial stuff you encrypt, the more you can tire out the people that want to stick their nose into everything all the time (read: governments). Also, if you keep asking people to encrypt, you contribute to spreading the good habit. It's actually amazing how little this system is used, considering it's been around for many years, is very stable, easy to use and totally free (if you're a corporation, though, you have a pay a little bit for it). It's also as close to unbreakable as you can get.

Solution to spam

If we required all email we receive to be digitally signed, we could simply reject any message without a digital signature. Naturally, since spammers can sign spam just as well as anyone else can sign their own messages, we also have to check who that person actually is. Now, there's two ways to go: either we use the signature to verify that the sender is not a spammer or we use the signature to track the sender down and punish him/her.

Signature as a sign of non-spam

In this case, the signature needs to be certified by a public certification authority of some kind. That authority can then revoke the certificates of known spammers. A similar system is currently used for code signing. The authority need not be commercial, it can be built upon a buddy-system like the PGP PKI ("Public Key Infrastructure") is. That is, if the signature you get is signed by someone you know, or at least respect, you let the mail through.

Signature as identification

If the signature unequivocally identifies an organisation or person, we can go after them through the courts if they spam us. Currently, it's very hard to prove who is responsible for spam and to get them in front of a judge. 

Comment on this article