Blown To Bits

Encryption is the answer

Wednesday, June 17th, 2009 by Harry Lewis

In Blown to Bits we spend all of Chapter 5 making the argument that (a) perfect secrecy is possible through public key encryption and (b) almost no one encrypts their email anyway. Why this would be the case is one of those small mysteries of the universe. Few of us actually know people who know that their email has been read, but most of the time we’d have no way to know that. If you are sitting in Starbucks and the guy with the double mocha latte is running a packet sniffer, you’d never know the difference.

Today’s New York Times has the kind of story that might lead more people to take the issue seriously. It seems likely that the NSA is snooping on more email than they’d like to admit. The simple fact that the cost of surveillance has plummeted in itself makes abuse more likely. (THe NSA doesn’t need to loiter at Starbucks. They can get access to ISPs’ switching equipment.)

If you use Google’s Gmail, you can encrypt all your mail. The preference setting is pretty obscure, and you have to opt-in: the default is no encryption. Chris Soghoian, I, and a number of other computer scientists and security experts have just called on Google to make encryption the default. Our letter explains it all: You can read it here.

6 Responses to “Encryption is the answer”

  1. XkiD | Encryption is the answer | blog.xkid.ro Says:

    [...] here: Encryption is the answer Posted in News | Tags: actually-know, double, file-today, fine-but, one-answer, one-encrypts, [...]

  2. Konstantin Pozin Says:

    This is inaccurate. Gmail does not have the option of encrypting mail that is being sent. HTTPS only encrypts communications between your browser and Gmail’s servers while you’re interacting with the Gmail web client. Once you hit send, your message travels across the Internet from Google’s mail servers to the recipient’s mail server. This happens over the SMTP protocol, in clear text.
    Unless both you and your recipient use additional tools for encrypting and decrypting mail before it’s sent over SMTP, anyone who is listening in can read your messages in transit. This is what the NSA does.

  3. brian Says:

    I’ve had https setup on my gmail account for a long time. One minor irritation is that the igoogle gadget for gmail doesn’t work when you have https turned on- I wish they’d fix that.

    As another poster has pointed out, using https only protects your email as it goes from your machine to google’s server. From there on, it’s sent unencrypted to the recipients server. The chances that some hacker will be listening in on your Wifi network are much higher than that they’ll be listening to the traffic between Google’s server and the destination mail server, so it really does make sense to use https. However, it certainly doesn’t protect your email from snooping by the NSA.

  4. Harry Lewis Says:

    Konstantin and brian,

    Sorry I wasn’t more specific; you are both correct. Both ends of the email communication have to to be using encryption for the communication to be secure along the whole path (plus the path between servers, if they are different). People have the same confusion about Blackberries — from the mobile device to the Blackberry server is encrypted, but of course if the mail is not destined for another Blackberry it will not be encrypted the rest of the way. But with Gmail, the most worrisome vulnerability is WiFi packet sniffing at the source, and using SSL solves that problem.

  5. shire_stalker Says:

    Thanks for those further clarifications. I feel much better about having used the https log-in since it became available. It’s unfortunate that google isn’t doing more to encrypt given that most of the known problems out there have viable solutions (ie, the wifi sniffing mentioned above, or preventing phishing attempts with extended validation ssl’s green url bar).

    One question, though, from the non-expert: how does this change while accessing Gmail through, say, an iPhone 3G network rather than a wifi connection? Obviously https is still an option, but is its preventative power affected at all from the change?

  6. Harry Lewis Says:

    Assuming Apple has implemented https correctly, you’re safe.