With the specter of government surveillance hanging over this post-PRISM world, people are beginning to wonder if the idea of secure email is complete nonsense.
Ever since the former National Security Agency contractor Edward Snowden leaked documents revealing the extent of the spy agency's monitoring activities, many are convinced that email can never be completely safe from prying eyes, and some have even given it up entirely. In recent weeks, two services that promised to offer completely secure email -- Lavabit and Silent Circle -- have shutdown, apparently because they couldn't stop the government from breaking their security.
>'Email is going to be with us for a long time. We need to do what we can to make it more secure.'
Bjarni Rúnar Einarsson
But the reality is that email is an integral part of both our personal and professional lives -- something that most of us can't give up without alienating friends and family and ditching our day jobs. We have no choice but to find new ways making it safe. "E-mail is going to be with us for a long time," says Bjarni Rúnar Einarsson, a software developer and member of the Icelandic Pirate Party. "We need to do what we can to make it more secure."
Einarsson is doing his part with Mailpile, an open source web-based e-mail client that you can run on your own computer or in the cloud. With this creation, he hopes to make it easier for every day users to encrypt their mail -- without giving up the sort of search tools they get from a service like Google's Gmail. The team has already raised over $100,000 dollars on the crowdfunding site Indie GoGo to fund its future development.
It's a tough time to pitch secure email. But that's what Einarsson is doing. And it only makes sense.
Despite the fallout from Snowden's leaks, privacy experts realize that most of us can't help but use email and that our only choice is to secure it as best we can. "Those of us that are going to stay online need to determine the tools that are best for us," says Rainey Reitman, the director of the activism team at the Electronic Frontier Foundation.
The government may have the technical means to reach public email services and, with National Security Letters, it may have other ways of getting at our messages, but we can minimize these threats -- and that's what Mailpile aims to do.
Einarsson, an ex-Googler, points out that one of the biggest problems with e-mail is that large providers like Gmail make tempting targets for both malicious hackers and overzealous governments. A government service or a hacker with "direct access" to Google could tap thousands, perhaps millions, of e-mail boxes. But if no single e-mail provider had such a large user base, government and attackers would have a much harder time.
"It's more expensive to subpoena hundreds or thousands of [e-mail providers] all over the world than it is to subpoena one big target like Gmail," Einarsson says.
Yes, you can already sign-up for an e-mail account with an alternative hosting provider and move your email into a client like Thunderbird. But Gmail has changed people's expectations about how e-mail should work, particularly with regard to search. If you decide to switch from Gmail to another provider, you may find the tools sorely lacking. That's what happened to Einarsson a few years ago.
"I'd become addicted to being able to search and process large volumes of e-mail quickly," he says. "When I started to become uncomfortable with using a proprietary solution living in the cloud I began to look for alternatives and couldn't find anything. I had a realization of how I could design something that would function like Gmail on my own computer at home, so I wrote the code and it worked."
Eventually, he reached out to fellow Icelandic developer and activist Smári McCarthy and the two started to build a more fully realized application. But while they'd solved the search issue, they knew that if they wanted people to actually use the product it would have to be as easy to use and as attractive as Gmail. So, in May, they showed their prototype to Brennan Novak, a Portland, Oregon based user interface designer.
Novak's biggest task is to make the application's security and privacy tools more easily accessible to average users. Most major e-mail clients have plugins that add support for encryption -- Mailvelope for Gmail, Enigmail for Thunderbird or GPGTools for Apple Mail, for example. But PGP encryption remains notoriously cumbersome to use.
"Because those things are plugins they don't have access to your entire client," Novak says. "For example, the one for Apple Mail is really good, but it doesn't have access to the address book." He believes that tighter integration from the very beginning will make the difference.
Even if Novak doesn't get the interface right, Mailpile is providing an open source platform that other designers can easily modify. Because it's built on web technologies, such as HTML, CSS and JavaScript, web designers will have an easier time contributing alternative user interfaces and templates. He says that's actually one of the biggest advantages to Mailpile: it will give people the chance to experiment with the platform in ways that you could never tinker with Gmail.
"We need a free software project where people can innovate on these things and add features," says Einarsson. "When you're working with a proprietary system in the cloud you have limited options."
>'If you're actually concerned that someone will know who you're communicating with, that's not something that PGP can help'
Rainey Reitman
Novak points out that even if they can make PGP easy to use, they'll still need to encourage adoption by other users. You can have the most secure e-mail client and e-mail server in the world, but if the person you're sending messages to doesn't follow good security practices, you're wasting your time.
The key, Novak says, will be in getting people who already have encryption keys to get other people to sign-up as well. "My goal is to make it like sending a friend request on a social network," he says.
Mailpile's encryption tools could indeed make e-mail more secure, but there are still risks. Even those using PGP to encrypt messages will leave behind information such as who they exchanged messages with, even if the contents of those messages have been read. It's like having a log of your phone conversations: Someone can tell who you talked to and when, but they don't know what you actually said.
"If you're actually concerned that someone will know who you're communicating with, that's not something that PGP can help," Reitman says. She says secure real-time chat tools -- like the Off-the-Record plugin for the Pidgeon and Adium instant message clients, or an anonymous file uploading system like the New Yorker's open source project DeadDrop -- might be better under some circumstances.
But for those stuck in the world of e-mail, a tool like Mailpile offers some hope. It won't stop a National Security Letter, but it's something.
Bob McMillan contributed reporting for this story
