(This was prompted by the news that Groklaw is shutting down, in large part due to concerns over conducting business by email now that there is no legal or constitutional protection for its privacy. You can find out more about this story here)
Email is wonderful and terrible. Its pretty much the one technology that no business or organisation can live without. Its also, by default, pretty much insecure enough that anyone can snoop it with little more than basic networking tools.
But there are some simple measures that you can take to make it much, much more robust.
Simplest of all is to use servers that use encryption of the communication channel (TLS). This is nice and easy for users because they don’t even need to know about it. It prevents casual eavesdropping over the network. Most providers these days use encrypted communication channels for email.
However, the big hole in this scheme is that, while your communication is encrypted to others using the network, its plain to read for your provider. Not a problem if you trust your provider with you privacy and security . But these days, why would you?
To close this gap, you need to actually encrypt the messages themselves, not just the channel they are sent over. The tool I use for this is GPG, and a handy plugin for Apple’s Mail program called GPGMail. This automatically signs emails you send (preventing forgery) and also automatically encrypts email if you have the public key of the person you are sending it to. (If you’re interested, mine is here).
You can see this working by, for example, sending encrypted email from your GMail account, then looking at the message in the GMail web interface – all you get is a big block of seemingly random characters as Google can’t decipher the message and read it. Even though I’m using their service to deliver it! How cool is that?
The system only really starts to work if more people use it, so that the amount of messages that can be encrypted becomes a significant part of the total traffic. If only a few messages on the network are encrypted, its easy enough for Bad People to just target those and break their encryption. If there are billions of encrypted emails flying around, it becomes an untenable and expensive proposition to break them open, and mining all emails by default looks far less attractive for both companies and governments.
So, even if you are of the “I have nothing to hide” point of view, there is still a good reason to use encrypted communications if you can.
Understanding how keys work is the main education barrier to getting more people using the system. It would be nicer if email applications made using encryption and signing easier by default, but I guess they have plenty of incentives not to…
For a much better guide for how to set it all up, try this article on LifeHacker.