Over on the post “Electronic messaging inherently insecure” contains this text:
“Jack Hembrough, CEO of VaporStream, recently wrote to me with some interesting ideas. We corresponded about the problem of controlling e-mail distribution, and this article and the next are the results of our conversation. Everything that follows is Mr Hembrough’s own work with minor edits.
* * *
Electronic messaging has made us all more connected and more productive. No longer do we have to wait for the mailman to arrive or arrange a mutually convenient time to meet or speak on the phone. We can communicate asynchronously over e-mail, text/instant messaging and now even over Twitter. We share ideas, we collaborate, we resolve problems. We have come to rely on ubiquitous connectivity and written access to anyone, anywhere as our primary communications tool. But can we continue to use traditional electronic messaging tools as we have been?
There is a growing understanding that e-mail, text and IM are inherently insecure, but it appears people aren’t quite sure what that means. Maybe privacy — or the inherent lack of privacy — in traditional electronic messaging is a clearer way to frame the problem.
Related Content
The privacy problem, part 3BLOG
Data breach notification fatigue: Do consumers tune out?
Can IPS appliances remain useful in a virtual-machine world?
Independent lab tests find firewalls fall down on the job
View more related content
Get Daily News by Email
Privacy breaches are commonplace – think of Eric Schmidt’s (former CEO of Google) leaked memos, or any other executive who has had private e-mails made public. Some proponents of government and business transparency feel this is progress. However, individuals and executives who simply want to have confidential electronic conversations, and keep them that way, are left asking, ‘When did privacy become a dirty word?’To prevent third-party intermediaries from reading what we write and potentially compromising our privacy, we add encryption to the mix. However, unless the crypto is peer to peer, we have to trust that the networking infrastructure carrying the cleartext to and from the crypto box is secure. We call that private messaging. But is it?
Getting a message from source to destination without a middleman reading it is interesting and useful, but it’s certainly not ensuring the message will remain private.
My bride used to fret about entering her credit card information into e-commerce sites – trust me, it didn’t slow her spending. The TrustE and Verified by Visa symbols made her feel more secure, but when told that a thief couldn’t be bothered sniffing her single credit card when retailers’ databases with millions of credit cards were not protected adequately, she understood the futility of her fretting.
Wikileaks and Anonymous are illustrating the same point with the privacy of electronic messaging. Man-in-the-middle attacks on the messaging infrastructure can be prevented fairly easily by sending ciphertext across the wire, but that’s not where embarrassing thefts are taking place. Message archives are the Holy Grail for privacy attacks.
Follow a typical e-mail from author to recipient. Think of all the copies of that e-mail that must be protected from disclosure. The authoring device has an archive; maybe the author also keeps a personal archive. The Exchange server, the BlackBerry Enterprise Server (BES) and the corporate archiving system (and the backups of each) may all have copies. The service provider may have copies (and more backups). If the message went over Gmail or a similar Web-based cloud provider, the hosted service provider has archives that they mine for personal information — just read the Gmail privacy policy paying particular attention to the Data Retention paragraph! If you double these archives (the recipient has them as well), and add to that any copies that were forwarded, and copies of those forwards, you’re potentially left with hundreds of copies of one correspondence.
“