Your Emails — They are not secure

In other news from the house-hunting front, we’ve been working with lenders to finance the purchase of a house. Lenders want a lot of information. They want bank statements, driver’s license copies, landlord information, tax returns, income statements, current address, credit card statements, letters of employment and so on. Of course, they also want that ubiquitous, unchangeable, universal secret password, the social security number.

You would think, given the nature of this collection of information, and the rising prevalence and cost of identity theft, that these people would be careful with this information. If you’re cynical or just a realist, maybe you wouldn’t think that. Anyway, you’d be wrong. One of the first lenders we dealt with EMAILED A COMPLETE, FILLED COPY of the application form to us for signatures. No encryption, whatsoever. It was like an identity theft starter kit. After we confronted them about it, they said they had no idea this was insecure, and offered to fax or FedEx the documents instead.

If you don’t already know this, you really need to know: Email, without any special add-ons, is the opposite of secret. It is the digital equivalent of a postcard — anyone along the way can read it, and you have no idea who will be along the way. Would you tape your social security card to the back of a postcard and send it across the country? Furthermore, there’s no guarantee that an email’s “From:” address is accurate, as you may have deduced from spam email that you’ve received. All it takes to forge it is changing a string of text when putting the message together.

There are ways to use email to send secure, confidential communications. Probably the most universal and robust way is with PGP or (preferably) GPG. The main reason these solutions aren’t used more widely is that encrypted communication is difficult to do correctly. Keys have to be generated, passwords selected, keys exchanged and signed, managed, and sometimes even revoked. A number of pieces have to fit together, including the encryption engine, mail program plug-ins, and file encryption software. The difficulty of using proper encryption is not, however, an excuse for sending my SSN in plain text via E-mail. When used with good enough ciphers, email can be safe even from the prying eyes of the US Government, who would have to spend hundreds or thousands of years of computer time attempting to crack your key. Furthermore, with or without encrypting the message, cryptographic signatures may be used to verify that the purported sender of the message is in fact the true sender of the message. This eliminates the problem of From address forgery.

Should you wish to send encrypted e-mail my way, you may find my public key here.

5 thoughts on “Your Emails — They are not secure

  1. Will

    Another thing is wi-fi. People think that just because the link is encrypted, everything is safe.

    Errr. Wrong. Once I’m on that network, plaintext is still plaintext.

    All my mailservers use IMAPS/POPS/SMTPS.

  2. Amanda

    So, explain the Wifi thing to me. Let’s say you’re banking online, and you are using an encrypted site. What your computer sends to the server should be encrypted, no? And only decrypted once it arrives at the website? So, how could anyone steal that from you… I feel like I am missing something.

  3. brock Post author

    Amanda: You have the right idea. SSL in that case encrypts everything from end-to-end. However, some people assume that WiFi encryption makes everything safe. That’s wrong. Once it leaves the wireless router or access point, normal, unencrypted traffic remains unencrypted (like using an unencrypted site or unencrypted email).

    Let me try to illustrate.

    – means unencrypted link
    = means encrypted link

    Here’s what some people think encrypted wifi does to *all* of their communications (like a wrapper):

    You ==== router ==== various internets

    Here’s what it actually does:

    You ==== router ——- various internets

    The only reason really, to have encrypted access on a wireless network is to keep unwanted people off. It’s the wireless equivalent of not giving them any active network jacks to plug into.

  4. Amanda

    Ah, that makes sense. I had interpreted the other post to mean that if you’re on an encrypted website over unencrypted wifi that they could steal your data, whereas it seems what he was saying is that if you’re on an UNencypted website but encrypted wifi you’re not safe (which makes total sense to me).

Comments are closed.