Why Your Email Is Not Secure

Email has become a primary means of communication for many people. We often dash off a quick message without considering security risks. It's cheaper and faster than 'snail mail', but is it more secure?

What happens to your email when you click "Send" ? It's important that you have some understanding because you'll probably be surprised.

How does Snail Mail work?

    A slang term for the United States Postal service is "Snail Mail". Referring to (mostly) harmless mollusks doesn't imply that your letters will get slimy or be delivered to you in tiny shells. Snails are perceived as slow-moving creatures; the US mail is slow-moving compared to electronic mail.The term is not intended to be complementary.

    Drop a letter in a mailbox. It magically appears at the recipient's mailbox a day or two later, hopefully. Betwixt and between, who knows? Knowing who handled it or where it traveled is problematic. The stamp cancellation may give some clue, but any other intermediate stops cannot be determined. Careful examination of the envelope usually tells us that the package wasn't tampered with, but we can never be completely sure. Perhaps a bored clerk in Poughkeepsie steamed it open for lunch hour entertainment. Perhaps it passed through numerous automated sorting machines, never to be touched by human hands until a trusted mail carrier dropped it in your mail slot. We simply don't know.

How does electonic mail work?

Electronic cannot be steamed open by unscrupulous intermediaries, but technology presents another set of opportunities. Compose an email, click send, and a few seconds later your message arrives on the other side of the world. How'd it get there?

Your message moves across the world in the form of electrons. Electrons move at the speed of light. For example, the sun is 92 million miles away; its light reaches us in 9 minutes. Theoretically your email could travel around the world (25,000 miles) and back to you in .15 seconds. As fast as email appears to be, our experience tells us that transmitting a message usually take at least a few seconds. What are those electrons doing with their 'down time'?


Your email hops around

You compose a birthday greeting for dear old Aunt Mabel and click send: your email electrons move through multiple computers on their way to Aunt Mabel's inbox. Each computer is referred to as a hop. The process of determining a reasonable sequence of hops is called routing. Routing is not trivial; every hop wastes time and consumes space in the Internet pipeline. Ideally, a direct route from your hard drive to Aunt Mabel's hard drive would be available, but that hasn't yet been invented. Instead, you depend on the kindness of numerous intermediate servers to relay your kind words across the Internet. Even if Aunt Mabel is living in your spare bedroom, sending her an email requires multiple hops through remote Internet servers. You could always buy her a Hallmark card and deliver it personally.

What happens at each hop?

Each hop makes a copy of your message. The copy may persist for a few microseconds or it may live on for eternity. You have no control. It may be backed up onto a tape drive. Rest assured that most email servers have no interest whatsoever in Aunt Mabel's birthday card. Generally, a computer acting as a relay will save your message long enough to be sure that it arrived safely at the next relay point, then delete it.

On the other hand, a relaying computer may be scanning every email that passes through. Innocent best wishes to Aunt Mabel could be scanned for words,phrases, recipients, or attachments. You have no guarantee of privacy whatsoever.

Consider your client

     A client software program is the tool that lets you create and edit email. The client then passes your message to a server software program that begins the routing process. Email users generally fall into two categories; those that use a local client and those that use a web based client. Popular local clients are Thunderbird, Outlook, and Outlook Express. Popular web-based email clients are Gmail (Google), Yahoo Mail, and Hotmail. Local clients live on the computer sitting in front of you; copies of your mail reside on your hard drive. Web-based clients store virtually no information on your local computer. All your transactions exist on a computer somewhere in cyberspace (these days referred to as 'the cloud').

     Which client is more secure? That depends on who you trust. An enterprising hacker may be capable of guessing your Gmail password, so from that perspective your local computer may seem more secure. On the other hand, a nasty virus may provide a hacker in Yugoslavia with the keys to your local kingdom; your entire email history could be downloaded without your knowledge. It's also extremely unlikely that Google servers will all crash at the same time. Sometimes it's safer to trust the cloud with your data, but each one of us must make that decision.

Conclusion

Electronic mail as employed by most users is not at all secure. Messages pass through different servers before arriving at final destinations. Text and attachments can be read or scanned without the consent of either party.

More by this Author


Comments 18 comments

lmmartin profile image

lmmartin 6 years ago from Alberta and Florida

So the moral of the story always write under the assumption the world may see it. Got it. I'll put it right up there with Mom's make sure I'm wearing clean underwear in case I'm in a bad accident and ...


OpinionDuck profile image

OpinionDuck 6 years ago

nicomp

Nicely done, many a cheatig spouse has found out the hard way about email, and then blackmail :)

A packet is a packet, and while not all packets are created equal, I believed that they all can be sniffed.

Email can be encrypted, with the sender and the receiver having the secret keys.

I imagine that a variant of broadband spectrum technology could be used by email hosts and clients to break an email into several different email addresses and the client program would have to appropriate algorithm to put humpty dumpty back together again.

I also imagine that the same algorithms used for RAID 5 could be adapted to secure emails, with the email recipient being the RAID pseudo device.

I am sure that either of these suggestions would irritate the NSA.

:()


sheila b. profile image

sheila b. 6 years ago

How do so many companies get my email address? Dating sites! All sorts of insurance. Jobs. Where I used to live, I used a 'public' computer at the clubhouse, and one day a black man was using the computer beside me. The day after that I got emails from black dating sites! Do you know how this happens?


nicomp profile image

nicomp 6 years ago from Ohio, USA Author

@OpinionDuck : yep, we can be a little more secure with technology such as public and private key pairs, but the clients have to support them and people have to use them.


OpinionDuck profile image

OpinionDuck 6 years ago

nicomp

Ah, you are right, it always comes down to the people.


drbj profile image

drbj 6 years ago from south Florida

Scary information, nicomp.

I'll just keep my head and my computers covered in aluminum tinfoil and then no one or no thing can harm me.


nicomp profile image

nicomp 6 years ago from Ohio, USA Author

@drbj: The government can see through tin foil.


psychicdog.net profile image

psychicdog.net 6 years ago

OK there is a price but hops would have to be registered wouldn't they? I know you can actually assess hops for delay so there is an accountablity of sorts? On the other hand being transparent is not such an issue if you don't care and have nothing to hide but bank account and other sensitive info.


nicomp profile image

nicomp 6 years ago from Ohio, USA Author

@psychicdog.net: I don't know what 'registered' means, but latency isn't as much of an issue as exposure to prying eyes. Hopefully no one reads my email regardless of whether or not it contains sensitive information.


Hub Llama profile image

Hub Llama 6 years ago from Denver, CO

I knew it wasn't secure, but it's nice to have someone lay out WHY instead of just preaching about it. Nice hub. Thanks.


breakfastpop profile image

breakfastpop 6 years ago

Great hub. I always suspected my mail wasn't secure, but I needed to hear this anyway. Thanks.


save my system profile image

save my system 6 years ago from United Kingdom - London

Nice hub,I am very curious about how mails are dispatched and are they really secure. I have little doubt when I see my email inbox full of the spam mails and wondering from where this all companies get my personal email ID. Now I come to know probable reason behind this.Thanks for the posting.


Dian Hendratmo profile image

Dian Hendratmo 6 years ago

excelent is hubs


psychicdog.net profile image

psychicdog.net 6 years ago

I was thinking 'registered' in terms of IP and traceroute "An Internet utility that traces the route from the client machine to the remote host being contacted. It reports the IP addresses of all the routers in between." http://www.pcpitstop.com/Internet/internet_glossar...


nicomp profile image

nicomp 6 years ago from Ohio, USA Author

@psychicdog.net: Yes, but that's a snapshot. The next time you execute tracert you are not guaranteed the same route.


tmbridgeland profile image

tmbridgeland 5 years ago from Small Town, Illinois

Yeah, I always just assume that anything on the web, any email I send, and potentially everything on any computer I own is available to someone, somewhere. I try now to keep it innocent. Good Hub.


saba ali 5 years ago

superb hub.Am thankful,although my mail wasn't secure.


nicomp profile image

nicomp 4 years ago from Ohio, USA Author

detectiveinindia 117 minutes ago

Email security is not just simple but we have to take care of many things. Secure your email account from hijacking. if require help go to http://www.YouHaveGotToBeKidding.com/

    Sign in or sign up and post using a HubPages Network account.

    0 of 8192 characters used
    Post Comment

    No HTML is allowed in comments, but URLs will be hyperlinked. Comments are not for promoting your articles or other sites.


    Click to Rate This Article
    working