Posted on 06/01/2006 12:20:31 PM PDT by nickcarraway
Back in 1972, by some accounts (http://www.livinginternet.com/e/ei.htm), a new form of communication known as email was born. It was a practical implementation of electronic messaging that was first seen on local timeshare computers in the 1960s. I can only imagine how much fun and revolutionary it must have been to use email in those early years, to have been at the bleeding edge of the curve.
Almost ten years later, in November 1981, Jonathan Postel published RFC 788 (http://rfc.sunsite.dk/rfc/rfc788.html) (later deprecated by RFC 821 (http://www.ietf.org/rfc/rfc0821.txt), also by Postel, and RFC 822 (http://www.ietf.org/rfc/rfc0822.txt) by David Crocker), thereby inventing the foundations of the Simple Mail Transport Protocol (SMTP) - a proposal that would revolutionize email again. Since that time, email has become as important an invention to the world as the telegraph and the telephone, and it has long been synonymous with the internet itself.
Twenty five years later, we still use essentially the same protocol. And email is a terrible mess. It's dangerous, insecure, unreliable, mostly unwanted, and out-of-control. It's the starting point for a myriad of criminal activity, banking scams, virus outbreaks, identity theft, extortion, stock promotion scams, and of course, the giant iceberg of spam (http://www.msnbc.msn.com/id/12480457/).
The problem is, email is now integral to the lives of perhaps a billion people, businesses, and critical applications around the world. It's a victim of its own success. It's a giant ship on a dangerous collision course. All sorts of brilliant, talented people today put far more work into fixing SMTP in various ways (with anti-virus, anti-phishing technologies, anti-spam, anti-spoofing cumbersome encryption technologies, and much more) than could have ever been foreseen in 1981. But it's all for naught.
A sinking ship
All the work spent fixing email is like rearranging the deck chairs on the Titanic. Email is a sinking ship and it should be abandoned just as other insecure technologies like telnet, ftp and the beloved Usenet nntp were "abandoned" years ago. All these old technologies actually live on and in some cases thrive (and in the case of the Usenet, still consume (http://en.wikipedia.org/wiki/Usenet) enormous amounts (http://www.google.com/search?hl=en&lr=&rls=en&q=Usenet+binary&btnG=Search) of bandwidth and offer very useful (http://groups.google.com/) information) but have been mostly superceded by newer protocols. Email should be abandoned in much the same way. The problem is, more people depend on email than ever before.
The main reason we will never win the email war against the spammers-phishers-scammers-botnets and their assorted ilk is we're bound by legal standards that limit the ways we can combat email abuse – unlike in the early days of the internet. The perpetrators are not bound by the law (http://www.securityfocus.com/news/11392). Therefore the good guys can't win. The only solution is to change the rules. We need to abandon our email infrastructure and concede that the spamming-phishing-virus-writing scumbags have won; moving on is only inevitable.
The problem is, we lack "something better" to abandon email for.
Starting from scratch Email in its current form will never, ever, ever be spam-free. It will never be virus-phishing-scam free. It will cost companies and individuals billions of dollars (http://www.internetnews.com/ec-news/article.php/3350891) in theft, criminal activity, and the reality of spam will grow from the 50-70 per cent it is today to 90 per cent of all traffic. Email will continue to harm millions of people through banking scams, identity theft, viruses, and more. Email will never be secure, because it was never designed to be secure.
The only solution is to start from scratch. Develop a new email system and make it secure. Use existing, proven technologies and a few new and novel ideas – starting with the latest encoding mechanisms, a reliable hashing algorithm, fast compression, strong encryption and signatures. Build an electronic identity. Encode, hash, encrypt, compress, sign, and provide a novel way to share keys when needed, for example. I don't know how this will all turn out, but perhaps yEnc, MD5, AES, H.264, and GPG are some potential technologies that could be used together. A new transport protocol would need to be flexible enough that any of these technologies could be replaced, transparently to the user, as better and stronger options become available. It would need to be seamless for the client – no more messy GPG or other stop-gap solutions that few people actually use. Secure email should be a mandatory "secure bundle" of email that is safe for sending a credit card number to a business or someone I know.
I don't want to think about any of this when I send secure e-mail, however. I just want to type my email and press Send. If I need my secure identity plugged in, say, from a USB key, fine.
The basics of communication One of the great joys of computers is that newer, better technologies supercede the older insecure ones, yet both the old and new generations still live happily together. There are so many examples of this, I won't even bother listing them here. A completely new, secure email system would be the internet's next big critical application. If it required IPv6 addressing, maybe secure email would also kill those ridiculous "tiered internet (http://news.bbc.co.uk/1/hi/technology/4552138.stm)" ideas with one stone. But I'm just thinking aloud.
--------------------------------------------------------------------------------
I'm a messaging junkie. Today's store-and-forward email is fundamentally broken, but I still like the concept very much. Instant messaging is too instant, and peer-to-peer networking is, ironically, too anonymous. Video conferencing is fantastic – if it's someone you know, and they're online (and you've combed your hair). Written communication is never going away. We're tied into an antiquated email system that needs to be abandoned and replaced.
I would love to see a secure email system that did all the hard-crunching on the client and perhaps generated a unique private-public key for each piece of mail, without user interaction. However it is done, let's make it rather mathematically difficult to send email, and even more difficult to send email to many recipients – while the process remains very simple to the end user. Make it a requirement that one mail sent to a thousand recipients securely would require a very fast client doing unique encoding, hashing, compression, and encryption on each piece of mail just to send it. I enjoy the thought of a spammer needing a giant Bewolf cluster ranked rather high up in the Top 500 (http://www.top500.org/) list of supercomputers to send one piece of spam to ten million people. At that point, the source of spam and the spammer himself would be a little bit easier to track down.
Simply complex Before you skip to the end of this column and submit your comment, telling me that I'm crazy or uninformed, understand that I realize the problem with email is very complex. It would be nice if the solution "appeared" to be rather simple. I've spent the past 18 years with an email address of some sort, dating back to 1988, and I get more email than most. But like most people, I'm just an end-user of email and it's very clear that email is a sinking ship. And millions of people were online in the 1980s before me.
Getting email clients to work with a new infrastructure will be a major hurdle, and the plumbing itself will take some time. Getting major ISPs and Yahoo Mail, Gmail and Hotmail to adapt an open solution will be even harder. Fine. There are many technical hurdles. But time and again, truly innovative technology will catch on. With the rise of the web, HTTPS and SSL, Napster, SSH, BitTorrent, and so much more, superior technologies have created many new storms.
With all the security problems stemming from 1981's nuclear explosion of SMTP, it seems only fitting that the bright minds in the security community should develop the internet's next killer app.
A gateway Far too much effort is spent preserving today's name@somewhere.com format, to the exclusion of everything else. The @ symbol was a novel hack, so let's find a similar new one.
Maybe I'm dreaming, but a gateway from e-mail to a new secure e-mail infrastructure, electronic identity or e-num system might be the first place to start. Perhaps using one of the reserved symbols first outlined way back in RFC 821 or 822, whether it's a bangpath secure!name@somewhere.com, or secure?name@somewhere.com or name=secure@somewhere.com might work – but it would have to degrade nicely with current email systems. However it's done, a very simple, elegant solution would be a fantastic way to start.
I'm confident that there is no solution using today's massive email infrastructure problems, because so many bright people have been working on it for such a long time. Maybe I am indeed dreaming that we can "abandon" today's email SMTP much like the Usenet's NNTP was "abandoned" years ago for something better – because that "something better" for email still doesn't even exist.
Copyright © 2006, SecurityFocus (http://www.securityfocus.com/)
Kelly Martin has been working with networks and security since 1986, and he's editor for SecurityFocus, Symantec's online magazine.
If I ever get anything about my PayPal account, and think it is remotely genuine, I NEVER use the link in the email, and always go directly to the site and login.
I'm glad that works for you. There are solutions out there that suit just about anyone's needs. personally, I don't like the idea of having to change my email address on a regular basis. I like my address and plan to keep it for another 10 years if that is possible.
I don't change my email address. I have had the same personal email address and business addresses for years.
When I buy something online, or register for something online, it works like this:
Suppose I want to buy a book from Amazon.com. I register with the email address amazon@myaccount.spam-stopper.net. When I signed up for Freerepublic, I registered as freerepublic@myaccount.spam-stopper.net. Any email I create at whatever@myaccount.spam-stopper.net is forwarded to one registration account. If I start receiving spam from an account I generated on the fly (by merely using the @myaccount.spam-stopper.net suffix), I know who sold my email address to spammers, and block that account at spam-stopper. Any email to that address gets bounced as if it doesn't exist. Meanwhile, I use my personal address for personal reasons, and my business addresses for business reasons, and they always stay clean.
Actually, that's my policy too. But I do hover and discover the URL just to see if it's a phishing scam and I should just delete it or if I need to go to Paypal.
I agree with you about encryption. I think a substantial proportion of email should be encrypted so that the mere fact of something being encrypted wouldn't be suspicious in and of itself.
Would you use a bathroom with glass walls? Why, are you doing something wrong in there? Just rhetorical questions, not directed at you, Z.
EXACTLY!
This is one of the reasons Fedgov pushes against it.
Anything fedgov doesn't want is probably good for us serfs (and vice versa).
I do that too, using /etc/aliases on the mail server, primarily for one-time business transactions that aren't supposed to become continuing business relationships. My "real" addys are revealed only to trusted friends.
I grew tired of disposing my e-mail addys when they got on spam lists, so I decided to run my own mail server -- the one thing the ISPs don't want you to do -- but it gives me much finer control over incoming mail. I use blacklists to filter out known spammers, and my own filters to keep out the spambots. Outgoing mail still goes out to the ISP's mail host so my stuff won't get blocked.
[root@Ralph root]# cd /etc/mail [root@Ralph mail]# cat access | grep 'ERROR:"550' | wc -l 2013
Wow, that's over 2000 subnets I've had to block over the years. And I do occasionally get "new" spam, maybe once every few weeks, and the origin has to be researched and added to my local filter until the blacklists catch up with it.
We have work-arounds to make the present system more or less tolerable, and there are some good minds (better than mine, at least) working on ideas for trying to tackle the spam problem. I liked the Sender Policy Framework (not Microsoft's) idea, but not everyone will cooperate on any one system.
SMTP is obviously broken and will have to be replaced eventually. It will be quite painful (like IPV6) but it has to be done sooner or later.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.