The state of email encryption
Encrypting with Webmail
Some webmail systems are behind the times in providing comprehensive encryption. The Mailvelope browser plugin [7], which is available for Chrome, Edge, and Firefox, adds secure OpenPGP communication to webmail. It runs locally in the user's web browser and detects when the provider's webmailer contains a PGP-encrypted email. It then decodes the contained email, exchanges the contents of the web page for the unencrypted message, and displays the message.
Mailvelope can also send encrypted email. Before a message written in plaintext is sent on its way, Mailvelope encrypts it locally and only then transmits it to the provider's webmail system. The process seems good at first glance, because decoding occurs locally on the user's computer. However, security experts have complained about the implementation of Mailvelope as a browser plugin: it leads to the sensitive PGP key material being stored in the browser's plugin area, which cannot be 100 percent protected. In addition, JavaScript is not considered suitable for implementing secure cryptography.
Implementations such as the Guard system of the Open-Xchange groupware solution [8] take a somewhat different approach. These solutions store the key securely on the provider's server, and a password entered by the user protects it against unauthorized access. The server takes care of encryption and decryption, removing the need for a browser plugin. This means that users can access their own mailboxes from other computers at any time, even when if they are on the road.
Conclusion
Cyber snoopers are more sophisticated than ever, which means there has never been a better time to get familiar with email encryption. However, as this article has shown, you can't just install SSL/TLS or PGP and expect a safety guarantee. It pays to consider the details and look closely at what you need to ensure your messages remain private.
Whether trusting your email provider offers you more security, or whether you are better off keeping your own key on your private PC, is a matter for every user to determine. But either way, in view of the recent gamut of virus and ransomware attacks, it pays to be cautious.
Infos
- DANE: https://datatracker.ietf.org/doc/html/rfc6698
- TLSA generator: https://ssl-tools.net/tlsa-generator
- WKS/WKD: https://wiki.gnupg.org/WKD
- S/MIME: https://en.wikipedia.org/wiki/S/MIME
- Volksverschl¸sselung: https://volksverschluesselung.de [In German]
- Fraunhofer Institute: https://www.fraunhofer.de/en.html
- Mailvelope: https://mailvelope.com/
- Open-Xchange: https://www.open-xchange.com/
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.
-
DebConf24 to be Held in South Korea
Busan will be the location of the latest DebConf running July 28 through August 4