[LINK] Gmail and crypto
Karl Auer
kauer at biplane.com.au
Thu Jun 5 10:36:59 AEST 2014
As far as I can tell, the "encrypted email" Google is making a song and
dance about is only encrypted between the sender and Google (or the
sender and their email server, more generally).
To the best of my knowledge, the VAST majority of email is shipped
between servers in clear text. That's the greater part of its journey
unless both sender and recipient happen to have the same email server.
It's certainly a good thing that email is being protected at least as
far as your email server, but even if you are using an email server that
supported encrypted transmissions, don't think that your email is thus
protected for the whole trip to the recipient. And of course, the
protection is meaningless if Google or your ISP are happy to hand over
stuff to the local Three Letter Acronym, because it's not encrypted ON
the servers, just on the way TO and FROM them.
If you are actually concerned about the privacy or secrecy of your
emails (and those are not the same thing) then you need to get a
certificate and start doing S/MIME or (even better) figure out GPG/PGP.
Then your actual emails will be encryoted and/or signed, not just the
transmissions thereof.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389
GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882
Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
More information about the Link
mailing list