Joe Levi:
a cross-discipline, multi-dimensional problem solver who thinks outside the box – but within reality™

How to Protect Your Email

Background

Government officials (the FTC, the FBI, and the Postal Inspectors Office, etc.) need not obtain a search warrant to read your email.

Stop. Read that last sentence again, slowly
You don’t need to get a search warrant to read someone else’s email, nor do they to read yours.

The Law
Isn’t email protected under your 4th Amendment Right to be secure in your papers and dealings? According to the government: no.

They argue what I’ve been saying for years: Email isn’t like postal mail where you have to break a seal to get inside. Email is more like postcards, already open, and anyone out there can read it because it’s just written on the back of the card.

To further complicate things is the Stored Communications Act, a law that gives the government easier access to material held by third parties than to first-party documents. To put it in the terms of postal mail, if you haven’t picked up your “e-mail” from the “e-post office” (your mail server), it’s all just “e-postcards” sitting around that anyone can read.

The Postcard Conundrum
Postcard
Again, I’ve been telling all of you that email is analogous to postcards for years, and the remedy to that hasn’t changed.

Before we dive into the details of how to protect your email (whether sitting on your computer, flying through cyberspace, or sitting on your mail server (and subject to warrantless searches under the Stored Communications Act), let’s talk briefly about how email works in comparison to “snail mail.”

With snail mail, you, the sender:

  1. write a letter,
  2. stuff it in an envelope (if you’re cautious the envelope has a “security lining” printed on the inside so unscrupulous people can’t simply hold your letter up to the light and read it through the envelope),
  3. address the envelope to the recipient,
  4. add your return address to the upper-left corner,
  5. apply appropriate postage,
  6. and finally drop the letter off in a mail box.
  7. From there a mail carrier picks up the envelope,
  8. The post office routes it according to the zip/postal code, and whisks it away.
  9. Eventually the letter arrives at the recipient’s mailbox,
  10. where they open the envelope and read the contents of your letter.

With email, you, the sender:

  1. write a letter,
  2. (no envelope here to stuff it into here, which is the root of the problem),
  3. add the recipient’s email address,
  4. (your email program already knows your email address, so it fills that part in for you),
  5. (no postage is needed, that’s paid for by your monthly ISP bill),
  6. and you click the send/receive button in your email program.
  7. Your ISP’s mail server then picks up the message, and forwards it on to the recipient’s mail server
  8. where the message is held until
  9. the recipient’s email client requests the messages be downloaded, then removed from the mail server

All in all, the process is very similar, except for the part where you (the sender) didn’t put the letter in an envelope! And a letter that has all the other things besides an envelope is a post card. Anyone along the way can read your postcard, and you’re okay with that. You accepted the postcard’s lack of security and privacy when you opted for it over a typical letter as your delivery medium, right? The same is true with email!

What Can You Do To Secure Your Email?
Believe it or not, the answer is very simple: put your email in an envelope. You can take that literally or figuratively, either one will solve the problem at hand.

If you simply print out your email (rather than clicking the “send” button), stuff it in an envelope, address it, apply postage, and drop it in a mailbox, your problem is solved. But that’s a lot more time consuming, resource consuming, and a lot less convenient. So how can you put your email in a digital envelope?

Encryption
The process of putting your email in a digital envelope is called encryption. Yes, I know, it’s a scary word, hard to understand, and often vilified by the media, but it’s really not.

There are a few popular methods of encrypting an email. I’ll start with the most cumbersome, and work up to the easiest.

  1. The first is to attach an encrypted document to your non-encrypted email message. This means that you must author your message in a word processor or text editor, save it, then use another program to encrypt the document, attach it to your email, and send it. The person on the other end must then decrypt it (using the same program and passkey that you used to encrypt the message), then read it. Not all that easy.
  2. Use steganography to hide your message within an attachment. Again, you must have another program that does this, and the recipient must have the same program to get the message out. Again, not all that easy.
  3. Use an open-source encryption scheme, such as PGP, to encrypt your message. A downside is that this method requires the sender and receiver to have a PGP compatible email client or plug in (like this, or this) and a copy of your “public key” to decrypt your messages to them, and you must have a copy of their public key to encrypt your message to them. Cumbersome, but very fast and efficient once it’s set up.
  4. Use the S/MIME features built in to your email client to send digitally signed (and encrypted) messages. This is, in my opinion, the easiest of all the encryption implementations, and the most seamless to use once you have your digital signature certificate installed (I’ll go into more detail on that in a moment). To use it, you set your email client to always digitally sign your messages (which they usually do by default once your digital signature is installed). That way every outgoing message you send has your secure signature on it, and once your recipients have gotten an email from you (which includes that secure signature), they can send an encrypted message back to you (so long as they have a digital signature as well. Refer them to this article if they don’t). Simple, right?

S/MIME and Digital Signature Certificates
According to Wikipedia, “S/MIME (Secure / Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of e-mail encapsulated in MIME.” Okay then, what’s MIME? MIME is Multipurpose Internet Mail Extensions, the standard by which most email is already sent today1.

Where to get your Certificate

What now?

  1. Go and get your digital signature and start sending signed messages.
  2. Add the following message to your email signature
  3. Insist that your friends, co-workers, and family-members digitally sign their messages to you

Email Signature:

PS: The US Government claims that your email is simply a “digital post card” and no one needs a search warrant to read it. This article tells you how you can easily protect your email from prying eyes: http://tinyurl.com/ymvrxj

Share

You may also like...

4 Responses

  1. Terry Musser says:

    Thank you, Joe for posting that. I’ve haven’t spent time on this topic yet and appreciate you “doing the homework” for me. -Terry

  2. Justin Smith says:

    Wonderful information. I however am not worried about the contents of my emails. I mean, who wants to see pictures of a fat guy in various positions? haha.

    The government probably has me added to their spam list.

  3. hamburger helper says:

    For me, it seems, a very big plus would be dividing e-mail into two categories:
    1) wanted (digitally signed), and
    2) unsolicited, and usually unwanted (not digitally signed).

    But, hey, how about e.g. those few occasions when you are asked to log in to a website for the first time and their policy is to provide you with a temporary password which is sent to your inbox directly. Guess what? No digital signature. Does it sidestep your inbox and go to “SPAM MAIL?” Shouldn’t be too difficult to work with that,. eh?
    Any other problems been reported? [Pete]

  4. Joe says:

    Pete, yes, I agree! Especially when using intelligent spam filters, the weighting of a wanted email could be increased with the presence of a valid email cert. Note the use of the term “Valid” in there. This means the mail server, or the mail client would need to validate the email cert, and disregard/demote any invalid certs.

    That’s the only complication that I can see with better SPAM handling through email certs.

    On a side note, after having published this article, I stumbled across some articles and eventually a Wikipedia Entry regarding a secret “_NSAKEY” build in to every version of Windows from NT 4 on up.

    Conspiracy theories abound, and Microsoft has denied that the National Security Agency has anything to do with this key, but the question raised in my mind is both malignant and benign…

    I do not think this key allows the NSA or any other government agency the capability to hack in to anyone’s computer (which is one of the more popular of conspiracy theories).

    However, since it is located in the same API .dll library as the encryption libraries to encrypt S/MIME emails, perhaps this is the public side of a “universal key,” the private side of which could (theoretically) unlock any message encrypted using the Microsoft ADVAPI.dll routines.

    I find the latter of the two usages to be much more plausible, and much more concerning than the former.

    There is hope, however, as identified in this article.

    Anyone with more input/ideas is invited to comment!

Leave a Reply