Side note… How secure are our emails?

One of the questions I get often is: Is my information safe to email you?  In the past I have answered well, you know pretty much everything is scanned, when it comes to hackers I think we are all vulnerable to some degree.  It is something you have to consider and weigh the pros and cons to decide what you are comfortable with.

Recently I had a family member receive emails that came from a friend whose account had had been hacked.  This prompted them to look for other email providers.  Since privacy and freedom are important to me I started thinking about my own situation.  How I need to take steps now to ensure any communications with my clients are secure and out of the hands of not only hackers but those who intrude through surveillance.

While I have been aware of our government reading our emails, this article was one more layer of icing on the cake of the disturbing practice of scanning our private communications.  I didn’t see a way to re-blog it so here are a couple of excerpts and a link to the full article…

Updated October 7, 2016 with additional clarification and analysis of Yahoo’s denial

Dear ProtonMail Community,

Two weeks ago, we published a security advisory regarding the mass hacking of Yahoo. Unfortunately, due to recent events, we are issuing a second advisory regarding all US email providers.

What happened?

This week, it was revealed that as a result of a secret US government directive, Yahoo was forced to implement special surveillance software to scan all Yahoo Mail accounts at the request of the NSA and FBI. Sometime in early 2015, Yahoo secretly modified their spam and malware filters to scan all incoming email messages for the phrases in the court order and then siphoned those messages off to US intelligence. This is significant for several reasons:

  • This is the first known incident where a US intelligence directive has indiscriminately targeted all accounts as opposed to just the accounts of suspects. Effectively, all 500 million+ Yahoo Mail users were presumed to be guilty.
  • Instead of searching stored messages, this directive forced Yahoo to scan incoming messages in real-time.
  • Because ALL incoming email messages were targeted, this program spied on every person who emailed a Yahoo Mail account, violating the privacy of users around the world who may not even have been using a US email service….(Click here to continue reading the rest of the article)

Needless to say, I have switched who my email service provider is 🙂  The specific reason due to that first point of all users presumed guilty.

The problem is it takes both sides of the communication to ensure complete security.  My end is secure.  Is yours?  ****UPDATE: It appears as though I can send secured messages to non-proton mail users and the message remains secure! 🙂 ****

(As always welcome comments and questions 🙂