Hushmail has been around for more than a decade, while ProtonMail is relatively new and still in an extended beta. We looked at Hushmail and ProtonMail in this category. If you are already using a hosted email service, you would need to replace that provider with one of these services. Typically, you use the hosted provider's webmail client to have a secure connection to send and receive email. To analyze the current state of the art, we examined seven products, and found that they fall into three functional categories.įirst are hosted email services that make use of end-to-end encryption of their message traffic. And there still is a lot of end user apathy towards encrypting messages, even in spite of the Snowden saga and other object lessons in keeping messages secure. That means any encryption solution has to cover different use cases and endpoint clients. Some people prefer Outlook and many organizations depend on Microsoft Exchange, while there are dozens of SaaS-based hosted email providers, such as Google Apps and Office 365. Some of us alternate between desktop and mobile clients, or also turn to webmail as our mail client. These are all good signs that encryption has finally come of age.īut there is one remaining problem: the ways we use email has also evolved and gotten more complex. And all of the products reviewed have better control over the message traffic, such as setting expiration dates, or being able to revoke unread messages or prevent them from being forwarded once your recipient has read them. After this first communication, your recipient is able to exchange encrypted messages with you quite easily.Īpart from zero knowledge encryption, modern products make sending and receiving messages easier, with advances like an Outlook or browser plug-in that gives you nearly one-button encryption. Just provide them a passphrase to decrypt their message and to compose a reply to you, or in some cases they can read the message by just authenticating themselves. Today, many products have a "zero knowledge encryption" feature, which means you can send an encrypted message to someone who isn't on your chosen encryption service. In the past, recipients of encrypted emails had to share the same system as the sender, and many email clients were difficult to configure. While things have improved considerably since then, encrypting messages is not as simple as it could be, and requires careful study if you want to have truly private communications that can't be viewed by your competitors - or your government. I once co-wrote a book on enterprise email where I likened email encryption to a "sucking chest wound." That was in 1997, when you had to do all the encryption key management on your own, a daunting task to say the least.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |