Saturday, July 1, 2023

"if you're not paying for the product, you are the product"

Email wasn't designed with privacy or security in mind.  And it's original form email was transferred completely in the open everything was readable by anyone who watched Network traffic and there were little to no checks to prevent impersonation but as email is important screw instead of overhauling the way it works to provide security and privacy various protocols were layered over it to try and address these issues but let's be honest most people aren't going just give up their email not only do we rely on it for work communicating with loved ones we also use email addresses to sign up to various websites to reset our passwords email is a core part of our digital identity.

What are some of the things that we can do to increase our email privacy?  Most importantly find an email provider that provides the following Services:

1) Collection Retains Minimum Metadata.  Metadata is personal information about you, stuff like email subjects, sender, and receiver, and the date.  You don't want an email provider that is keeping a database of all this information. 

The rest of the criteria revolves around encryption like a digital lock and key
2) Transport Layer Encryption, TLE.  This means your email is encrypted while it travels over the Internet which makes it harder for third parties to intercept and read most email providers worth their salt will provide this.
3) Zero Access Encryption, ZAE. This means that your email and attachments are encrypted while stored so that your email provider can't read them zero access encryption prevents the messages in your mailbox from being shared with third parties or leaked in the event of a data breach but encryption and decryption still happens by the email provider and there is a split second in which the message is accessible to the email provider before it is encrypted and finally,
4) End-to-End Encryption, EEE. This takes things a step further than zero access encryption instead of just storing emails in an encrypted way encryption and decryption of emails happen entire entirely on a user's device so that whatever information the email provider receives is already encrypted and given these criteria how did the most popular email providers Stack Up well let's start with the free ones.

The vast majority of users rely on free online email services such as Gmail, Yahoo, or Outlook.

Gmail alone has 1.8 billion users making up almost half of the entire email market share.  Gmail Outlook in Yahoo actually do a good job with transport layer encryption and use the TLs by default as long as the receiving email address supports it given the large amount of emails that flow through these email providers this was a huge step in securing a large bulk of the world's emails while in transit but there's a reason why these companies are willing to provide email services for free.  The saying "if you're not paying for the product, you are the product" rings true here.  

Web-based emails' primary job is to scan your email.  

The content of your emails is visible to the likes of Google and Yahoo or Microsoft and they use this data to build profiles of you and Target you with advertising. 


No comments:

Post a Comment