PaulSpoerry.com

Social Media, technology, and geeky stuff for your brain.

  • Home
  • About
    • Privacy Policy
  • Categories
    • Google+ Posts
    • Site news
    • Tech
      • Android
      • Apple
      • Chrome
      • Gadgets
      • Hacking
      • Linux
      • OSX
      • Privacy
      • Web Life
        • Bittorrent
        • Facebook
        • FireFox
        • GMail
        • Google
        • Google+
        • Twitter
        • WordPress
        • Windows
          • Windows 7
    • Google+: Getting Started Guides
    • Games
    • Meditation
    • Politics
    • Science
    • That’s freakin hilarious
  • Code
    • FreeImageZoom
    • Post Editor for Google+™
    • The Plus Editor
  • Contact
You are here: Home / Google+ Posts / Darkmail aims to fundamentally change email by making it secure by default

Darkmail aims to fundamentally change email by making it secure by default

January 7, 2015 by Paul Spoerry 6 Comments

 

If you don't already know this… your email is sent over the Internet unencrypted. It's the digital equivalent of sending a letter through the mail without an envelope. Anybody who comes across it can read it. The Darkmail Technical Alliance, which is composed of some heavy hitters like Lavabit founder Ladar Levison and PGP designer Phil Zimmermann, aim to change all of email with drop-in SMTP and IMAP replacements that will wrap messages in layers of encryption.

"Conceptually, DIME applies multiple layers of encryption to an e-mail to make sure that the actors at each stage of the e-mail’s journey from sender to receiver can only see the information about the e-mail that they need to see. The e-mail’s author and recipient both know who sent the message and where it was bound, but the author’s e-mail server doesn’t—it can only decrypt the part of the message containing the recipient’s e-mail server. The recipient e-mail server knows the destination server and the recipient, but it doesn’t know the sender. So if you arrange the four steps in a line from left to right—author, origin server, destination server, and recipient—each step in the line is only aware of the identity of the entity directly to its left or right."

This could be huge and it certainly has the right people in place to make it happen. They'll be submitting all of it to the IETF as a formal set of RFCs and there is even a pre-alpha GitHub repository.

Check out the rest of the article on Ars… it's really worth a read if you're at all curious about the subjects of security and/or email.

Src: http://arstechnica.com/security/2015/01/lavabit-founder-wants-to-make-dark-e-mail-secure-by-default/

Check this out on Google+

Filed Under: Google+ Posts Tagged With: Darkmail, email, encryption, Lavabit, pgp, security

About Paul Spoerry

I’m a groovy cat who’s into technology, Eastern Thought, and house music. I’m a proud and dedicated father to the coolest little guy on the planet (seriously, I'm NOT biased). I’m fascinated by ninjas, the Internet, and anybody who can balance objects on their nose for long periods of time.

I have a utility belt full of programming languages and a database of all my knowledge on databases... I practice code fu. Oh, I've also done actual Kung Fu, and have a black belt in Tae Kwon Do.

I run. I meditate. I dance. I blog at PaulSpoerry.com, tweet @PaulSpoerry, and I'm here on Google+.

I'm currently work for IBM developing web enabled insurance applications for IBM and support and develop a non-profit called The LittleBigFund.

Comments

  1. CR2 - Rock & Roll says

    January 7, 2015 at 2:14 pm

    love that art

  2. Scott Duensing says

    January 7, 2015 at 5:08 pm

    LIKE LIKE LIKE. Hopefully they'll fix other email issues while they're at it.

  3. Jason Honingford says

    January 8, 2015 at 8:16 am

    That's nice, but does it solve spam? ie anonymous SMTP – part of the security problem is not being able to tell who actually sent the email.

  4. Paul Spoerry says

    January 8, 2015 at 9:52 am

    +Jason Honingford There is a lively discussion on the +Ars Technica post about this very thing:

    "This actually helps solve the spam problem. The recipient can verify any sender, and (once widely deployed) senders will be verifiable by default, since the message will be signed.

    The From: line is the private key of the sender. The final receiving server will also know the initial sender's IP address. If each MTA has it's own public and private keys, and the sending MTA's IP address does not match it's key, it is spam. This would make blacklisting much easier and spamming much harder. "

  5. Thomas Wrobel says

    January 8, 2015 at 1:08 pm

    A good patch. Id still rather see a federated replacement for email completely though. Theres some really daft limits on most severs/set-ups still. Like every 70 characters you need a new line.

  6. West Kagle says

    January 8, 2015 at 9:12 pm

    Nice. Not that anyone (say the government) would systematically read our e-mails……right? Nice to have though, just in case. 😛

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright © 2023 · Epik on Genesis Framework · WordPress · Log in