Latest news:

June 4, 2014:
Breaches and spying revelations make people wary to send emails, some sites shut down.


End to End:

Google has created a new extension for its Chrome browser called End to End, which allows for encryption between the sender and the recipient. Most people are unaware that many emails are sent unencrypted across the internet.

Email Encryption

Secure SMTP and MIME Email Encryption Software

Email Encryption SoftwareDid you know that if you are not encrypting your emails, you might as well print them in the Newspaper (which is more secure, given that newspapers are less read than online stories) since the contents, recipient, and subject line can be recorded by any computer in between you and the receiver? A great failing of e-mail is that every day, people send private information, passwords, and other data which gets sifted and categorized by servers which may either be in the hands of hostile parties, or have been hacked to duplicate everything that gets sent to be scraped for data later. If you have been discussing trade secrets, your own private information, or even gossip then there is a good chance that it has been saved and categorized. If you send a password to another person via email, you might as well write it on the side of your house.

Most email encryption involves public key cryptography. As a term, "E-Mail Encryption often refers to both the authentication, encryption, and decryption of email messages. Some of the best known email encrypting protocols include S/MIME, TLS, OpenPGP, mail sessions encryption, and Identity Based Encryption.

S/MIME, which stands for Secure Multipurpose Internet Mail Extensions is one of many standards for signing email in the MIME format. It uses individual key certificates either from an in-house certificate authority or from a public CA that uses separate private keys. One of the problems with this type of encryption is that it can also encrypt viruses and malware right past the antivirus program, because the virus is encrypted and therefore undetectable. Some companies that offer this type of encryption free are CAcert and Thawte, but usually membership is required.

TLS, formerly SSL, provides security for TCP/IP networks like the internet. When it comes to email, the handshake protocol between computers allows for the encrypted email to be sent at the highest TLS protocol supported by both systems.

Open PGP is still being actively developed under the RFC4880 specification and many email client services provide compliant email security. There are freeware versions of OpenPGP in the form of GNU Privacy Guard (or GnuPG).

Identity Based email encryption uses unique personal identification like an email address as the public key.

For Mail Sessions Encryption, a secure SMTP extension is layered on top of the standard SMTP connection. This provides protection against sniffing, but but since the encryption takes place between relays it is not classic encryption.





Notes and Special Information

Special note: Private email is being supplanted by messaging that self-destructs, services like Snapchat are great for smartphones, but you could be better served by using non-email communications sources to send messages and files.