Internet Giants Team Up & Propose New Email Encryption

On the most part, emails have become part of our lives and at this point in time, it's safe to assume that anyone with an active Internet connection is sending and receiving emails on a daily basis, whether for personal, professional reasons or otherwise. However, as widely popular as electronic mailing has become over the years, it turns out that emails are not as secure as one might think. Most emails are actually sent as unencrypted text using SMTP (Simple Mail Transfer Protocol), which is a rather old protocol in itself and quite vulnerable. The good news is that Google, Microsoft, Comcast, LinkedIn, Yahoo, and 1&1 Mail & Media Development have teamed up and recently submitted a new proposal to the Internet Engineering Task Force (IETF) for a different protocol, in a quest to make our emails more secure.

As it currently stands, an email sent using SMTP (Simple Mail Transfer Protocol) can be intercepted by a third party user (hacker), which can tell the sender's browser that SSL encryption is inactive. The email is then sent unencrypted without the sender's knowledge. Fortunately, a new proposal from Google, Microsoft, Yahoo, Comcast, LinkedIn, and 1&1 Mail & Media Development aims to fix this vulnerability by introducing a new protocol. In theory, by using the new standard, a user's email is protected from attackers who may want to intercept an email in transit through TLS / SSL vulnerabilities. The protocol should achieve this by verifying if the email's recipient supports encryption before the email is actually sent out. Assuming that the certificate is valid, the email is then securely sent; otherwise, if the destination doesn't support encryption, the email will fail to deliver and the client will inform the user as to why this is happening.

Google reports that in the last year, 83% of sent emails, and 70% of emails received through Gmail have been using TLS encryption. However, the system is not bulletproof and certain issues can cause these encrypted emails to revert to unencrypted text, thus compromising privacy and security. The proposed standard can technically fix these problems, but it remains to be seen when or if the Internet Engineering Task Force will approve it. Nevertheless, since the protocol has been co-written and proposed by some of the largest email providers in the industry, it may become the new standard sooner rather than later.

You May Like These
More Like This:
About the Author
2016/02/profile-picture.jpg

Mihai Matei

Senior Staff Writer
Mihai has written for Androidheadlines since 2016 and is a Senior Writer for the site. Mihai has a background in arts and owned a couple of small businesses in the late 2000s, namely an interior design firm and a clothing manufacturing line. He dabbled with real-estate for a short while and worked as a tech news writer for several publications since 2011. He always had an appreciation for silicon-based technology and hopes it will contribute to a better humanity. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now