June 8, 2008

About email security

I’ve just finished reading a post from Jeff Atwood about the reasons to not ask for an email password as part of your service.

Appart from the fact that I agree with the article in every point, it caught my attention because it still amaze me the way in which email is regarded as private as a letter in an envelope when in fairness is more like a postcard.

I have a good number of email accounts around there, some in free providers like Gmail, some in a few domains hosted for me by my hosting provider, and a couple more living in my servers at home, but I could not think of them as ‘safe’ at any point. They are increassingly difficult to setup and maintain (Gmail is trivial, the hosted accounts are OK, my own email server is giving me hassle nearly every week), and none of them is safe.

At some point (I don’t know if it still the case) Gmail was expected to search through my emails to present me with appropiate adds (I dont see a ‘searched’ email as safe). I have no idea about how my hosting company have their email service setup, or who has access to it, then I must assume that at least a few persons have control on it (the administrator, postmaster, and a few guys in support probably). At home I have a server in place, which should be pretty safe, but I am not a full time sysadmin/postmaster, then I am never sure about the holes in the network/services running in my own network.

In the end, email is open, but we keep assuming than nobody can access it appart from the sender and receiver. We send confidential documents by email, and passwords, and photos, bussiness plans, love letters, whatever, and they are flying with signs asking to open them on the way from one point to the other. Human mind is very strange :)

I use PGP to encrypt mail with a few contacts who are using it as well and that make a difference, but there is not too many people around who knows or care about PGP, and I haven’t seen an Internet company using it (not my bank, PayPal or any other service dealing with money, which I guess should be very interested in this kind of problems).

One idea that is around my head since a few months ago is the fact that we have now enough spare computing power in most houses to manage this kind of services without too much trouble. Right now I can see a portable DVD player which can process DivX files (I still have around a 486 motherboard that run out of breath trying to process MP3s), a TV that boot up with a logo from the maker (making me suspect that there is a micro processor there with more power than the first five computers that I used), and a couple of discarded mobile phones which can run Java applications. Probably any of them should be enough to deal with a encrypted mail service, easy to setup by a normal person, instead of being sitting there with a light saying that they are ready to do what they do whenever you pay them any attention.

Now I only need to decide if I want to sit down and write some code to implement this idea ;)