17 Nov Your Email WILL Betray You
No matter what your email service is or what you think of their security, Yahoo shows that there is no customer loyalty when it comes to the NSA’s command.
I talk about security on my personal site a lot. There’s a whole page of different stuff to consider when you’re trying to keep your secrets secret. I talk about best practices for email (ProtonMail), for messenger apps (Telegram), for texting (Just Don’t Do It), and what things an average person might do to protect themselves in the long and short run.
But the truth of the matter is, if somebody wants to come for you, they will. As we just watched with this last year of election coverage, even the top echelons of federal government don’t understand even the basics of information security, or that all-important fact that nothing ever really goes away. In fact, most people are so shortsighted and uninformed about how email even works that I’ve had variations of this conversation:
“Please don’t send me messages like this.”
“Oh, it’s ok. I’ll just delete it when we’re done.”
“Ok, but that just deletes messages in your account. That doesn’t make them go away in my inbox. Or in google’s cache.”
“Right but I’ll delete them. They’ll be gone.”
with many, many people, for years now.
There is no “deleting.” That isn’t real. Information doesn’t go away the way you think it does, and if you don’t want someone to read it, you can’t ever type it and send it.
My choice to move to ProtonMail as my email provider was based on the idea that I’m going to do the best I possibly can to make sure my personal information stays personal. I know that if somebody really wants to hack me, they’re going to. But I can do my best to make it very difficult for them. And I think I have a duty to protect my information, especially as it relates to clients and friends. It’s why I don’t keep an address book or save contacts, and why I don’t want to text or talk on the phone with you.
In an effort to help people be more realistic about their email, and how they contact people they may not want the whole world to know they’re contacting, I’d like to share this post from the ProtonMail blog about Yahoo’s recent admission and what it means for GMail, AOL, or any other email service that has definitely already given up all your secrets to the NSA at this point. This is an important read, but it will be uncomfortable and upsetting:
What Yahoo’s NSA Surveillance Means for Email Privacy
I encourage you to go to ProtonMail’s blog and read their analysis of the Yahoo statement, for further information about the pressure they have been under as a company, and why other sites are likely under a gag order about their own participation.
I also strongly, STRONGLY encourage you to sign up for a ProtonMail account (it’s fast and free and works like every other email you’ve ever used) and use only that for emailing me, or anyone you don’t want your boss/mother/wife or the FBI/DHS/NSA to know about.
There have been countless occasions where I am unable to respond to someone who is clearly using their corporate/employee email account, simply because I do not want to be associated with them when their IT department decides to see what they’ve been up to.
Like I said, you’re never going to seal all the cracks. Even .gov addresses are hacked and released on Wikileaks. But you can do better than what you’re doing right now.
And you need to.
Previous Post: Video: Make Yourself Gay Through Hypnosis