Steve Smith, host of your Technology Questions Answered, explains why you should digitally sign and encrypt all e-mail, and provides listeners with a link to a free e-mail certificate service.
Episode #1-44 released on July 31, 2011
E-mail, like the rest of the internet, was created early on in its history, and as a result, to this day, is insecure in every possible way. Not only can anyone claim to be sending e-mail from your account, but anyone who has access to the servers that your e-mail passes though can read the message in plain text as it passes by. And, to add to all this, servers keep logs and archives of content going through it, the duration of time archived may also vary, so there is always the potential of your privacy being compromised, as a result. This means that all you business letters, account information, etc... is being sent totally in the clear, and we a relying on the massive server load to hide our messages in plain sight.
Many people will say that is simply a fact of life, and we need to upgrade the whole system in order to bring any privacy to it. I am going to tell you the truth, if we made this all private, the governments of the world would have us give them back-door keys, and that in itself would make a weakness big enough for any hacker to get though.
So, how do we deal with this issue? How about we solve the issue of identity, then deal with sensitive data.
In order to prove your identity to others, you will have to start using a secure digital signature in all your e-mails, most e-mail clients support this, none of the web-based accounts do. Luckily, G-mail and Hotmail, very common e-mail services, and numerous others, use POP3 or IMAP, so using a secure digital signature is possible, if using an e-mail client.
Signing your e-mails will make it possible to do two things, one identify that the e-mail truly comes from you, and no one else. The other, it will make it possible to send you encrypted replies, secured from all prying eyes. Now, isn't that what we all want.
Now, what you need to do to make this completely effective, is have all parties using secure digital signatures, and encrypting all outbound e-mails. This way, no one can ever read your e-mails again, and if all returning e-mails are encrypted, none of the replied text will be seen either. Now, the only hiccup is, that you need the other person's secure digital signature to send them an encrypted e-mail.
Now, I've got the hook up for you, normally a secure digital signature, otherwise known as a PGP Key for E-mails, would cost you several dollars a month, well head over to www.comodo.com, direct link in my show notes, and get yourself a free secure e-mail certificate, and make sure your family and friend's get their hand on this, too. I will include in the show notes, the link to get one, the link to revoke it, and then allow you to change your certificate, and next week, I'll be giving you all access to a limited time SSL certificate for your web-sites, but you have to come back next week to know what the address is for that.
So, until next week, subscribe to the show, have a great day, stay safe and online. This has been your Technology Questions Answered.
Host : Steve Smith | Music : Jonny Lee Hart | Editor : Steve Smith | Producer : Zed Axis Productions