Helping people with computers... one answer at a time.
Email is ubiquitous and convenient, yet surprisingly not very secure. I'll look at why that is and when you should worry.
•
Actually I don't have hard data to say one way or the other. The risk varies too much on too many factors to really present data that'll apply in a specific situation.
But we can definitely look at some of the specific factors.
•
To be blunt, most people have an over-inflated sense of risk when it comes to external threats that they don't understand. (The one exception being WiFi hotspots; more on that below.) For example many people will still not make purchases on-line because they're afraid of the possibility that their information could be "sniffed" or stolen by a hacker. However these same people are more than happy to hand their credit cards to a complete stranger in a restaurant, and give them a signature to boot! The fact is more credit cards are stolen not by hackers sniffing internet transactions, but by hackers and physical theft at banks and merchants - which then involve both internet as well as in-person transactions. The shop keeper, or an untrustworthy employee, is much more likely to walk off with the information, than some hacker.
And even then, all the press about identify theft aside, with some simple precautions and common sense it just doesn't happen that often. For every case of theft you hear about, there are hundreds of thousands, if not millions, of transactions that happened successfully, securely and without incident.
The same is true of email.
Yes, it's possible to sniff and intercept email conversations. It's not particularly easy (unless you're on an open WiFi connection), and in most cases it's not particularly interesting ... 99% of all email is, in all likelihood, incredibly boring unless you're the intended sender or the recipient.
Email privacy does start to make sense if you have legitimate reason to be concerned that your email might be intercepted (not just uninformed paranoia), and/or if the cost of such an interception is unacceptably high.
So the first question you need to ask yourself is "am I really a target"? Most people are not. Most business are not. Many might think they are, but in reality, no one cares. On the other hand, if you're communicating on sensitive things that you know are the focus of possible industrial, political or personal espionage then yes, you might have a legitimate concern.
The next question is "what's the downside of someone else seeing this?" Again, in most cases the cost is negligible ... a little embarrassment at most. If, on the other hand, that communication landing in the wrong hands could cause serious damage, then it's also time to consider approaches.
If all this sounds like I'm skeptical ... it's because I am. In my opinion, most people who think they are targets are, in fact, not.
But what if you really are? If electronic communication is a necessity, then encryption, good encryption, is a must.
The "problem" here is that encryption schemes for email are, generally, not as interoperable as we'd like. If you can standardize on a solution what works for all your senders and recipients, say everyone within your business, then your problem is mostly solved - though typically those solutions involve third party software, and periodic fees.
If you're doing it on your own, and your correspondents may be running a different email client, perhaps even on a different operating system, things get more difficult. Personally, I've not found a good solution that integrates well with various email clients. My approach instead is to send encrypted attachments. By that I mean:
- I write my message using a plain text editor or word processor, and save it to disk
- I use a tool to encrypt that file. (Many people are tempted to use password-protected zip files, but they are often easily cracked.)
- I send the encrypted file as an attachment to my recipient.
- I also send to the recipient - through a different channel - the password or whatever other information he will need to decrypt the file.
It is somewhat cumbersome, but if you can agree on an encryption tool, it works in almost all environments, and with any email client that can send an attachment.
Specific encryption tools are beyond the scope of this article, but in my case it boils down to either a passworded approach using a tool like TrueCrypt, or a public/private key approach using GPG, both of which are free. But there are many solutions out there.
So in a nutshell, most people aren't at the risk that they think they are, and for those that are, things can be a little more complex than we'd like.
It's one more reason that truly secure information is often best handled in phone calls or in person meetings, rather than email.
Important: the one place where exactly the opposite is true - people are at much more risk than they realize - is in WiFi hotspots. It's fairly easy for anyone there to "listen in" on the data flowing to and from your machine. There, you need to be encrypted one way or another. See How do I stay safe in an internet cafe? for the steps you need to take if you use a public WiFi hotspot.
Article C2458 - November 13, 2005
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
@Andrew
Posted by: Mark J at September 19, 2011 9:57 PMSendfilessecurely website may be a reliable website, but when it comes to encryption, the only really safe methods are peer reviewed open source encryption software. Otherwise, there could be vulnerabilities or even a back door. This article explains one of the most accepted methods of encrypting email.
http://ask-leo.com/how_do_i_send_encrypted_email.html
I agree with Andrew, peer review is essential to ensure security and no back doors. Right now I'm using encrypted email from CryptoHeaven, the source code for peer review is posted here: http://www.cryptoheaven.com/Download/download-advanced.htm
I'm really liking the additional features of this software and service.
Henry.
Posted by: Henry at October 18, 2011 2:49 PMNot sure, but I think it's called "pgp" -- hard to listen to an "expert" if he doesn't know the right acronyms.
17-Apr-2012
@Dedic
Posted by: Mark J at April 17, 2012 7:54 AMGPG is Gnu Privacy Guard, a free open source encryption which is compatible with PGP keys.
Leo, you are right about making the process simple and recently there are more services popping up that allow confidential communication between senders and recipients, some of which have been suggested already.
I think the key to this is for the sender to be able to differentiate between whether an email is confidential and needs to be sent via a secure email service or whether you can send it via standard email with a small amount of inconvenience. I believe in both cases the service should be able to use standard email as a transport mechanism. http://www.digipostsecure.com is such a service but it is designed for business.
Posted by: Tiger Jackson at April 18, 2012 4:37 AMTJ.