Email is not secure

There is so much hubbub about Hillary Clinton’s email usage. People are going nuts over something that is completely irrelevant in any situation.

Email itself is inherently insecure. It was developed back in the early days of the net when you just wanted to send a note to someone. Everything was sent plain-text over the net and you could read it at every hop it makes through servers. They have come up with ways to make it a little bit more secure by allowing you to select SSL (Secure Socket Layer) where it will encrypt the data being sent to the server.

That only protects one hop. The one from your computer when you click send, to your mail server. Then it goes out plain-text over the internet to the receiving mail server.

It isn’t like secure websites. In that situation, you are using a browser that has a secure connection to a web server. That is just point to point. But email has two servers involved. Yours and the receiving one. And the protocol for email does not involve encryption through the whole process.

There are methods that someone like a Secretary of State could employ to send emails totally securely, by encrypting the content of the email. If you do that, then the person on the other end will need special software to decrypt the message. This is a workaround, not an intended way of using email.

The entire email protocol needs to be replaced, but we use it so much for every day activities that it would break most of the Internet if we switched methods of delivering email now. Not all servers would be updated to allow such a new method, and the new servers wouldn’t be able to talk to old servers.

So this is another example where politics and the media are blowing things way out of proportion. Even if Hillary sent classified documents through a state department server, they would still be subject to breach. Nothing would be able to stop that except practices which they do not seem to employ at all (end to end encryption with a 3rd party software). This is a non-issue.

Okay, now we can focus on the 999 other reasons she’s not trustworthy.

http://www.digitaltrends.com/mobile/can-email-ever-be-secure/

Here I Go Again

I haven’t had irni.net active for years. It remains the best place to put my music and idiocy. So enjoy both. Here’s something I threw together last year. Just playing with Logic.