ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel
  • »
  • Technology»
  • Internet & the Web

Why Your Email Is Not Secure

Updated on May 13, 2011

Email has become a primary means of communication for many people. We often dash off a quick message without considering security risks. It's cheaper and faster than 'snail mail', but is it more secure?

What happens to your email when you click "Send" ? It's important that you have some understanding because you'll probably be surprised.

How does Snail Mail work?

    A slang term for the United States Postal service is "Snail Mail". Referring to (mostly) harmless mollusks doesn't imply that your letters will get slimy or be delivered to you in tiny shells. Snails are perceived as slow-moving creatures; the US mail is slow-moving compared to electronic mail.The term is not intended to be complementary.

    Drop a letter in a mailbox. It magically appears at the recipient's mailbox a day or two later, hopefully. Betwixt and between, who knows? Knowing who handled it or where it traveled is problematic. The stamp cancellation may give some clue, but any other intermediate stops cannot be determined. Careful examination of the envelope usually tells us that the package wasn't tampered with, but we can never be completely sure. Perhaps a bored clerk in Poughkeepsie steamed it open for lunch hour entertainment. Perhaps it passed through numerous automated sorting machines, never to be touched by human hands until a trusted mail carrier dropped it in your mail slot. We simply don't know.

How does electonic mail work?

Electronic cannot be steamed open by unscrupulous intermediaries, but technology presents another set of opportunities. Compose an email, click send, and a few seconds later your message arrives on the other side of the world. How'd it get there?

Your message moves across the world in the form of electrons. Electrons move at the speed of light. For example, the sun is 92 million miles away; its light reaches us in 9 minutes. Theoretically your email could travel around the world (25,000 miles) and back to you in .15 seconds. As fast as email appears to be, our experience tells us that transmitting a message usually take at least a few seconds. What are those electrons doing with their 'down time'?


Your email hops around

You compose a birthday greeting for dear old Aunt Mabel and click send: your email electrons move through multiple computers on their way to Aunt Mabel's inbox. Each computer is referred to as a hop. The process of determining a reasonable sequence of hops is called routing. Routing is not trivial; every hop wastes time and consumes space in the Internet pipeline. Ideally, a direct route from your hard drive to Aunt Mabel's hard drive would be available, but that hasn't yet been invented. Instead, you depend on the kindness of numerous intermediate servers to relay your kind words across the Internet. Even if Aunt Mabel is living in your spare bedroom, sending her an email requires multiple hops through remote Internet servers. You could always buy her a Hallmark card and deliver it personally.

What happens at each hop?

Each hop makes a copy of your message. The copy may persist for a few microseconds or it may live on for eternity. You have no control. It may be backed up onto a tape drive. Rest assured that most email servers have no interest whatsoever in Aunt Mabel's birthday card. Generally, a computer acting as a relay will save your message long enough to be sure that it arrived safely at the next relay point, then delete it.

On the other hand, a relaying computer may be scanning every email that passes through. Innocent best wishes to Aunt Mabel could be scanned for words,phrases, recipients, or attachments. You have no guarantee of privacy whatsoever.

Consider your client

     A client software program is the tool that lets you create and edit email. The client then passes your message to a server software program that begins the routing process. Email users generally fall into two categories; those that use a local client and those that use a web based client. Popular local clients are Thunderbird, Outlook, and Outlook Express. Popular web-based email clients are Gmail (Google), Yahoo Mail, and Hotmail. Local clients live on the computer sitting in front of you; copies of your mail reside on your hard drive. Web-based clients store virtually no information on your local computer. All your transactions exist on a computer somewhere in cyberspace (these days referred to as 'the cloud').

     Which client is more secure? That depends on who you trust. An enterprising hacker may be capable of guessing your Gmail password, so from that perspective your local computer may seem more secure. On the other hand, a nasty virus may provide a hacker in Yugoslavia with the keys to your local kingdom; your entire email history could be downloaded without your knowledge. It's also extremely unlikely that Google servers will all crash at the same time. Sometimes it's safer to trust the cloud with your data, but each one of us must make that decision.

Conclusion

Electronic mail as employed by most users is not at all secure. Messages pass through different servers before arriving at final destinations. Text and attachments can be read or scanned without the consent of either party.

Comments

    0 of 8192 characters used
    Post Comment

    • nicomp profile image
      Author

      nicomp really 5 years ago from Ohio, USA

      detectiveinindia 117 minutes ago

      Email security is not just simple but we have to take care of many things. Secure your email account from hijacking. if require help go to http://www.YouHaveGotToBeKidding.com/

    • profile image

      saba ali 6 years ago

      superb hub.Am thankful,although my mail wasn't secure.

    • tmbridgeland profile image

      tmbridgeland 6 years ago from Small Town, Illinois

      Yeah, I always just assume that anything on the web, any email I send, and potentially everything on any computer I own is available to someone, somewhere. I try now to keep it innocent. Good Hub.

    • nicomp profile image
      Author

      nicomp really 7 years ago from Ohio, USA

      @psychicdog.net: Yes, but that's a snapshot. The next time you execute tracert you are not guaranteed the same route.

    • psychicdog.net profile image

      psychicdog.net 7 years ago

      I was thinking 'registered' in terms of IP and traceroute "An Internet utility that traces the route from the client machine to the remote host being contacted. It reports the IP addresses of all the routers in between." http://www.pcpitstop.com/Internet/internet_glossar...

    • Dian Hendratmo profile image

      Dian Hendratmo 7 years ago

      excelent is hubs

    • save my system profile image

      save my system 7 years ago from United Kingdom - London

      Nice hub,I am very curious about how mails are dispatched and are they really secure. I have little doubt when I see my email inbox full of the spam mails and wondering from where this all companies get my personal email ID. Now I come to know probable reason behind this.Thanks for the posting.

    • breakfastpop profile image

      breakfastpop 7 years ago

      Great hub. I always suspected my mail wasn't secure, but I needed to hear this anyway. Thanks.

    • Hub Llama profile image

      Hub Llama 7 years ago from Denver, CO

      I knew it wasn't secure, but it's nice to have someone lay out WHY instead of just preaching about it. Nice hub. Thanks.

    • nicomp profile image
      Author

      nicomp really 7 years ago from Ohio, USA

      @psychicdog.net: I don't know what 'registered' means, but latency isn't as much of an issue as exposure to prying eyes. Hopefully no one reads my email regardless of whether or not it contains sensitive information.

    • psychicdog.net profile image

      psychicdog.net 7 years ago

      OK there is a price but hops would have to be registered wouldn't they? I know you can actually assess hops for delay so there is an accountablity of sorts? On the other hand being transparent is not such an issue if you don't care and have nothing to hide but bank account and other sensitive info.

    • nicomp profile image
      Author

      nicomp really 7 years ago from Ohio, USA

      @drbj: The government can see through tin foil.

    • drbj profile image

      drbj and sherry 7 years ago from south Florida

      Scary information, nicomp.

      I'll just keep my head and my computers covered in aluminum tinfoil and then no one or no thing can harm me.

    • OpinionDuck profile image

      OpinionDuck 7 years ago

      nicomp

      Ah, you are right, it always comes down to the people.

    • nicomp profile image
      Author

      nicomp really 7 years ago from Ohio, USA

      @OpinionDuck : yep, we can be a little more secure with technology such as public and private key pairs, but the clients have to support them and people have to use them.

    • sheila b. profile image

      sheila b. 7 years ago

      How do so many companies get my email address? Dating sites! All sorts of insurance. Jobs. Where I used to live, I used a 'public' computer at the clubhouse, and one day a black man was using the computer beside me. The day after that I got emails from black dating sites! Do you know how this happens?

    • OpinionDuck profile image

      OpinionDuck 7 years ago

      nicomp

      Nicely done, many a cheatig spouse has found out the hard way about email, and then blackmail :)

      A packet is a packet, and while not all packets are created equal, I believed that they all can be sniffed.

      Email can be encrypted, with the sender and the receiver having the secret keys.

      I imagine that a variant of broadband spectrum technology could be used by email hosts and clients to break an email into several different email addresses and the client program would have to appropriate algorithm to put humpty dumpty back together again.

      I also imagine that the same algorithms used for RAID 5 could be adapted to secure emails, with the email recipient being the RAID pseudo device.

      I am sure that either of these suggestions would irritate the NSA.

      :()

    • lmmartin profile image

      lmmartin 7 years ago from Alberta and Florida

      So the moral of the story always write under the assumption the world may see it. Got it. I'll put it right up there with Mom's make sure I'm wearing clean underwear in case I'm in a bad accident and ...