Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Time Has Come to Ditch Email?

Posted by ryuzaki0 on from the i-find-it-handy dept.

Krishna Dagli writes to mention an article at The Register claiming that it's time we stop using email to communicate. From the article: "The problem is, email is now integral to the lives of perhaps a billion people, businesses, and critical applications around the world. It's a victim of its own success. It's a giant ship on a dangerous collision course. All sorts of brilliant, talented people today put far more work into fixing SMTP in various ways (with anti-virus, anti-phishing technologies, anti-spam, anti-spoofing cumbersome encryption technologies, and much more) than could have ever been foreseen in 1981. But it's all for naught."

11 of 398 comments (clear)

  1. e-mail needs to get better by yagu · · Score: 5, Insightful

    Short version of story:

    E-mail shouldn't really go away, we need to recreate it from scratch with builtin security, authentication, encryption, etc, and those mechanisms need to be as transparent as today's e-mail.

    EOF

    E-mail will probably go that way, but I don't see it being recreated from scratch. Postfix evolved out of perceived difficulties with sendmail (still one of my favorite packages... obtuse, obtuse, obtuse, but lots of fun.) while in-flight.

    The fixes for e-mail likely will also occur in-flight... there's too much momentum, and too many transactions dependent on e-mail for it to stop, then go.

    The single most important step for me would be transparent authentication, via certs, whatever. As phishing becomes more insidious and the stakes go up, someday someone (or a bunch of someones) will be phished severely, escalating the urgency of authentication. It may start out clunky (ever tried to get friends and family to do PGP handshakes?), but as with other technology I think it can be done with transparency.

    E-mail stays... (btw, if you want to send e-mail feedback to the author, this is the link.

    1. Re:e-mail needs to get better by RingDev · · Score: 5, Funny

      "(ever tried to get friends and family to do PGP handshakes?)"

      I've got one of those! It ends in a chest-thump then a simulated pistol shot in the air! We can always ensure that our friends are definately our friends with that hand shake.

      -Rick

      --
      "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
    2. Re:e-mail needs to get better by B'Trey · · Score: 5, Insightful

      Bad analogies. Email will get replaced. I certainly can't tell you with what, but it will get replaced. And the reason it can be replaced and the others can't is because it doesn't need to be an instant and complete replacement. Email will get replaced the same way that land lines are being replaced by cell phones.

      If you'd tried to instantly replace the phone system with a different, portable system, you'd have been doomed to failure. There's no way you would have ever gotten everyone to just give up their telephone and buy a new, different device for voice communications. But cell phones are replacing land lines because they're compatible. Even though a cell phone and a land line phone work very differently at the hand set level, they both go back to the same place and you can call one from the other. All of the differences are handled transparently to the user. He doesn't care if his voice is going out over copper pairs or over RF to a cell tower. He doesn't care if it's switched through mechanical switches or digitized and sent through a IP network. He dials and a number and he talks.

      To replace email, we need to come up with a new system which provides security and authentication when communicating with other addresses on the new system but degrades gracefully when sending to a legacy email address. As more and more people switch to the new system, the old system can be abandoned. It's a piecemeal replacement, not a wholesale changeout.

      The article talks about all of this, all though I've tried to clarify a few things. It even gives a possible mechanism for graceful degradation.

      --

      "The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.

  2. Time to ditch by Carewolf · · Score: 5, Funny

    It's time to ditch reality. It's fundamentally broken and inherently insecure. We should have predicted that 13 billion years ago.

  3. Acronym soup. by khasim · · Score: 5, Insightful
    From TFA:
    Build an electronic identity. Encode, hash, encrypt, compress, sign, and provide a novel way to share keys when needed, for example. I don't know how this will all turn out, but perhaps yEnc, MD5, AES, H.264, and GPG are some potential technologies that could be used together.
    So, he doesn't know how to fix email, but here is a list of acronyms to get you excited about it.

    Sorry, but to be taken seriously, you'd at least have to have a basic framework already thought out. Just claiming that it's broken and maybe one of these TLA's that you've heard of might be used to fix it ... that's just junk.

    Go back, think about it and then write a real article.
  4. If it ain't broke... by Just+Some+Guy · · Score: 5, Insightful
    SMTP still works exceedingly well for its purpose. Understand this: spam and viruses will propigate through any message transfer protocol that will ever be invented. We already have effective technologies for filtering that stuff out of SMTP traffic, but if admins can't be bothered to implement them for their customers, I don't know why they'd implement similar measures on other protocols.

    Put another way, if you run your own mailserver and still get spam and viruses, it's because you haven't chosen to address the problem. If you use someone else's mailserver and still get spam and viruses, it's because they haven't chosen to address the problem. Nothing stands between you and a clean inbox but motivation, whether your own or your ISP's.

    And no, broken hacks like DJB's "Internet Mail 2000" will never get real-world acceptance as they make it as difficult for legitimate bulk senders to broadcast as for spammers. SMTP is here to stay as the standard method for (somewhat) reliably routing messages between people on unaffiliated networks. Replacing it with a similar system with new pitfalls isn't the answer we're looking for.

    --
    Dewey, what part of this looks like authorities should be involved?
  5. Re:get friends and family to do PGP? - Yes by Betabug · · Score: 5, Interesting

    "ever tried to get friends and family to do PGP handshakes?"

    Yes, I've tried... and I've been and am quite successfull with it. Using GPG to send/receive encrypted mail and check signatures with a good plugin isn't rocket science.

    Agreed, setting up keys and such is hard, but with friends and familiy we geeks can help. We do that with E-Mail, Games, Wordprocessors, why not with PGP?

    My experiences with PGP with friends and family: Do You Use PGP? - Encryption is not just for techies any more.

  6. Right...... by Puls4r · · Score: 5, Insightful

    And of course, the NEW system won't be vulnerable to ANYTHING - right?

    No, wait, let's think that through. Let's take video games as the paradigm. Every year companies spend upwards of 20 million per video game. Every year, they come out with the newest, latest, greatest in copy protection. This copy protection is only limited by their imaginations (and the hardware). And yet days after release, and sometimes prior to release, their code is hacked, cracked, and distributed.

    This author somehow thinks that going back and redoing everything will fix it. The author is naive.

    Call my analogy a bad one if you will, but the SECOND you put ANY type of system into the hands of the criminals / spammers, they will find ways to exploit it. This is proven time and again.

    How exactly does this new email system stop phishing? Oh, right, it can't. Have a link, go to a malicious website, etc. How exactly does this new email system stop users from clicking executables thinking that they are going to see nudie pictures of Katie Holmes? They don't. How does this new email stop virii? It won't.

    Encrypt your email if you want security. Password protect your account. Use filtering to dump spam before you read it.

    OH, and I forgot to mention - I'll be sending you a snail mail letter that looks completely official. It's about a man I met in Nigeria, who has some money he'd like to give you.

  7. Applying the article logic to regular mail... by TINGEA77 · · Score: 5, Interesting

    If I'm to apply the same logic to regular mail, well, regular mail is doomed too; it's full of phishing, spam, and spoofing. I guess I'm not sending anything by mail from now on!! Duh!

    If you get a letter from a car dealer stating that you won $3000 in credit if you buy one of his cars, do you automatically go and buy one? NO. Same thing goes for email, you don't open all emails and follow all links blindly.

    The problem is with educating people how to use email and the Internet as a whole. When enough people stop being click-happy... spamers will lose interest as no one will be paying for such a service, and phishers/spoofers won't find enough people to fall for their tricks.

    Simply, educate people about this powerful tool before you through them in! this is not only for email, it goes for anything to do with the internet and any form of communication as a whole.

    Just my $0.02.

  8. Good sized system? by fm2503 · · Score: 5, Insightful

    A peak of ~75 messages a minute?

    Me thinks you need several zeros on the end of that to get to a medium to large installation....

  9. Surprised this hasn't appeared yet by Have+Blue · · Score: 5, Funny

    Your company advocates a

    (X) technical ( ) legislative ( ) market-based ( ) vigilante

    approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) Spammers can easily use it to harvest email addresses
    (X) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the money
    ( ) It is defenseless against brute force attacks
    (X) It will stop spam for two weeks and then we'll be stuck with it
    (X) Users of email will not put up with it
    ( ) Microsoft will not put up with it
    ( ) The police will not put up with it
    ( ) Requires too much cooperation from spammers
    (X) Requires immediate total cooperation from everybody at once
    (X) Many email users cannot afford to lose business or alienate potential employers
    ( ) Spammers don't care about invalid addresses in their lists
    ( ) Anyone could anonymously destroy anyone else's career or business

    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    (X) Lack of centrally controlling authority for email
    ( ) Open relays in foreign countries
    ( ) Ease of searching tiny alphanumeric address space of all email addresses
    ( ) Asshats
    ( ) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    ( ) Public reluctance to accept weird new forms of money
    (X) Huge existing software investment in SMTP
    ( ) Susceptibility of protocols other than SMTP to attack
    ( ) Willingness of users to install OS patches received by email
    (X) Armies of worm riddled broadband-connected Windows boxes
    ( ) Eternal arms race involved in all filtering approaches
    (X) Extreme profitability of spam
    ( ) Joe jobs and/or identity theft
    ( ) Technically illiterate politicians
    ( ) Extreme stupidity on the part of people who do business with spammers
    ( ) Extreme stupidity on the part of people who do business with Microsoft
    ( ) Extreme stupidity on the part of people who do business with Yahoo
    ( ) Dishonesty on the part of spammers themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    (X) Outlook

    and the following philosophical objections may also apply:

    (X) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) SMTP headers should not be the subject of legislation
    ( ) Blacklists suck
    ( ) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    ( ) Countermeasures should not involve sabotage of public networks
    (X) Countermeasures must work if phased in gradually
    ( ) Sending email should be free
    ( ) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    ( ) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    ( ) I don't want the government reading my email
    ( ) Killing them that way is not slow and painful enough

    Furthermore, this is what I think about you:

    (X) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid company for suggesting it.
    ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!