Why you should be using encrypted email

Email was created 45 years ago as a way to easily send messages from one computer to another. Fast forward to today and email has become a ubiquitous communication mode on the Internet. Every online service we use relies on users with email addresses: Amazon, Netflix, Spotify, Expedia,
Twitter - you name it, all of which require an email address to sign up and use. This is what happens. In this sense, email has undoubtedly become your online identity.


 Additionally, work email revolves around. When you enter a university or a new job, you will first receive an email address. Although messaging has made a lot of headway in recent years, it never displaces email for better or worse. Despite its popularity, email hasn't changed much since its inception in 1972. Sure, apps like Gmail and Mail on Mac have made it easier to use, but in reality, it's still a very basic, straightforward and insecure medium. In the 70s. However, we use email and the type of content we communicate within it.

Why you should be using encrypted email

Nowadays we have a reservation confirmation, receipts from online purchases, private messages from colleagues and relatives and all other personal information in the email is basically insecure and easily read by any third party. The importance of this fact is that if you post something you know the whole world can see, unlike Facebook, it allows users to share sensitive information in a very private way by splitting emails with each other. In fact, when it leads. Everything is private. Context: See the image below and do not make a simple email containing the person's credit card information.

This may sound silly, but you may be surprised at how these kinds of emails are sent out on a regular basis (I see you, Mom). The only factor the sender takes into account in these cases is that they depend on the person receiving the conclusion. The problem here is that the medium is not reliable. To bring this thing home, it is good to see that email is actually computer-like (see below).

What you see is email in its purest form. This is basically a script, not a word file, that bounces from server to server globally until the email reaches its intended recipient. If you can read it, the server can. This is a simple way to display security flaws in today's widely used media.

The security problem

It can be easily compared between email and SMS: both technologies are outdated and adapted for private and instantaneous communication. However, unlike email, messaging originates from SMS to platforms such as WhatsApp, Signal and Telegram, which enables encryption, allowing users to securely exchange private information. Encryption is the process by which the sender can intercept the data and only know it by its intended recipient. This process prevents intermediaries and third parties from joining your conversation. However, the problem with encryption is that it is still not standard in email. Many types of encryption and email service providers have never agreed to use it. The most popular encrypted email services use PGP encryption, which is now questionable in light of new and improved encryption protocols that have arisen in recent years, including signal encryption. If the name signal is ringing, it may be the most used encryption protocol in the messaging industry since the integration of WhatsApp, Skype and Signal Messenger. It is worth pointing out that this is an encryption protocol publicly supported by the famous whistleblower and privacy Edward Snowden.

The data location problem

Now, there is one more vector we need to address in the entire email security conversation, and that is "the one who holds the data". Regardless of whether your emails are encrypted or not, you may not actually own them. Instead, they belong to the company that hosts the email service. A simple example of this is Gmail: All your emails are stored on their servers, so you can easily log into your inbox from any computer in the world. It is not limited to simple email services, but is encrypted. The Terms of Service of these email services state that they have the data and have the right to tell you with it. Trust me, I learned this the hard way when I learned that the government of Panama was collecting my emails without my permission to use it in a legal fight against me (we'll leave that funny story a second time 😉). To overcome these obstacles you can choose to host your own emails on Helm devices, such as recently launched home servers.

Privacy Issue

Claims to go to a secure email service have a lot of privacy. You don't have to hide anything to protect your privacy. The reality is that privacy in today's Internet is rapidly becoming a luxury. Consider that Google is the largest advertising service provider in the world. Why does a company that offers 84% ​​of its revenue from advertising provide a free email service? The truth is that Google collects exceptional data from conversations in Gmail to "optimize" your ad targeting services. Although Google claims it no longer reads users 'emails, it does allow third-party apps that work in Gmail to read users' entire inboxes. Don't get me wrong, Gmail has done an amazing job of making email easy to use, but its credentials are upheld by its parent company, Google, which isn't really driven by privacy.

In conclusion

We’ve clearly identified the main privacy, security and ownership issues with email, but how do we go about solving it? What‘s an ideal substitute for Gmail? Unfortunately, existing encrypted email services don’t solve for all three problems. Most of them depend on jurisdictions to provide peace of mind, but ultimately they own both your data and your encryption keys. this is why we decided earlier this year to launch our own solution: Criptext. If there was any other solution similar to it, you would reading about it here in this blogpost, but unfortunately there isn’t. Every other secure email service out there uses archaic encryption and collects your emails in their servers. Instead, Criptext is basically built like WhatsApp, but for email:

1. It doesn’t store your emails in its servers, instead they’re only stored in your device.
2. It uses the Signal encryption protocol, which assures you that not even the company can read your emails.
3. Encryption keys are generated and stored on your device, which means only you and the recipient can access the content of your emails.
4. All the code is open source, which means all claims are verified by the online community.

Now, for some, transitioning into a new email service may seem like a hassle, but it’s a hassle worth going through. We’re now living in a world where security breaches are happening with higher frequency and higher magnitudes. Just this week Quora suffered a breach under which 100 million of its users’ account data was stolen. This is aside from the fact that ad-based businesses like Yahoo Mail are known for reading your emails and sharing your information with advertisers. Events involving Cambridge Analytica this year have made people all over the world more privacy conscious. Today, encryption and privacy should no longer be considered features, but rather standards. When it comes to email, Criptext is truly setting the standard for email privacy in the industry.