Thinking about email security (NewsForge)
For many users, using encryption may seem like overkill, but Michael Lucas, author of PGP & GPG: Email for the Practical Paranoid , says that it's good to have the option whether you have something to hide or not. "It's simply something in my gut that says, 'I want the option to have privacy,' and I think a lot of people feel the same way.""
Posted Jun 30, 2006 20:31 UTC (Fri)
by b7j0c (guest, #27559)
[Link]
i also think the authors cited in this article are wrong on one count. they cite webmail accounts as a bad idea. but it should be noted that google, yahoo etc were likely using technologies like domain keys, phishing detection, and decent antivirus before your ISP. it is these technologies that seem to be of more everyday practical value than signing and encrypting casual messages. while it is true that your webmail inbox is on someone else's server, the legal and security issues here are no different than a normal hosting provider or ISP. even if you are encrypting your outgoing email, your incoming messages (presuming they are plaintext) are still fodder for interested parties along the way.
Posted Jul 2, 2006 20:20 UTC (Sun)
by kdart (guest, #486)
[Link]
public-key-infrastructure for email seems like a non-starter, as it has been for many years. its a great idea with proven technology, but who uses it? Thinking about email security (NewsForge)
I do use public key infrastruct to sign emails, but not to encrypt them. I started doing this when I discovered that spammers were using my own email address as a spoofed source address. So the issue for me is not just privacy, but authentication. Now, I can say to people that if an email does not have a signature signed by my GPG key, it's not from me. Thinking about email security (NewsForge)