Revelations about both governmental and non-governmental interception of email and other web traffic continue. In a recent article in Mail & Guardian, CTO Alastair Fairweather reiterates the challenges of the email protocol as a clear text method of sending email across the internet. Email messages are transmitted in clear text between email providers and there are many points of interception and storage built into the system.
In the article Google’s new tool “End-to-End” is presented as a solution to encrypting email. While it is still a ways from implementation and may or may not do a good job of protecting the content of email, it does nothing to stop the bigger problem – email source spoofing, phishing, and malware delivery through email. In fact, adding encryption make make these worse because they eliminate virus scanning at the network level.
Email is a great tool, but it has a long way to go before it is secure.