jarrodwhaley.com

I make films. I'm also a nerd.

Posts Tagged ‘gmail’:

Email Is Inherently Insecure

The recent shutdowns of Lavabit and Silent Circle—two supposedly "secure" email providers—demonstrate perfectly the limitations of the medium. MIT Technology Review notes:

When e-mail was created 40 years ago, security or anonymity wasn’t part of the design. The routing and labeling protocols plainly state what computer sent it or forwarded it, what computer received it, and what time all this happened. “There are far too many leaks of information and metadata intrinsically in the e-mail protocols themselves,” says Mike Janke, CEO of Silent Circle, whose customers include people in companies and government agencies with secrets to protect. “It doesn’t matter what you try to do with e-mail, there are these inherent weaknesses. So we got rid of Silent Mail [the company’s e-mail service]. We deleted all of it, burned it, and threw it in the ocean with locks and chains on it. People lost all their e-mail, but the response went from ‘Why would you do this?’ to ‘Thanks for doing this.’ “

Even if your email is encrypted by your provider, that provider will have to give the key(s) to any law-enforcement agency who cares enough to ask for it. Furthermore, the email protocol itself is exceedingly transparent about who sent the mail and who sent it. A lot of information about you is revealed even if you go to great lengths to encrypt your communications with the greatest crypto-nerd care.

This Gmail privacy kerfuffle is ridiculous. As soon as you hand your message to a third party, you lose any reasonable expectation of privacy. It’s not only the law, it’s just common sense. Remember trying to pass a "secret" note in elementary school, only to have it unfortunately intercepted by some dickhead middleman? It’s like that.