Friday, August 16, 2013

Some vague ideas on building a secure email service

In the wake of growing awareness of the indiscriminate spying activities of governments and private entities, more people consider moving away from existing email services, such as Gmail, Hotmail or even the accounts provided by employers and universities. Email is fundamentally broken: encryption comes with serious usability impediments (ever tried to sync your PGP encrypted mail across multiple devices), and your email provider is forced to hand the unencryptable meta-data (to, from, ip/location, subject, client etc.) to basically unaccountable government agencies. If you are involved with anything that might be affected by industrial espionage, or if you are interested in any form of political activism (such as Transparency International, Greenpeace, Amnesty International, Attac etc.), if you do not want to be blackmailed for your sexual preferences, your religion, etc., you should be very worried.

I am aware that our children use email less and less, but I am still hooked on it and think that it should continue to play a role in my life. So how could we design a better email service?