Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Open Source Matters For Sensitive Email

Posted by samzenpus on from the better-mail dept.

Jason Baker writes Can you really trust your email provider? And even if you self-host your email server, can you really trust its security if you can't see the code? Over on Opensource.com, Olivier Thierry makes three cases for using open source to power your email solution: The power of numbers, the value of trust, and the importance of leverage.

9 of 73 comments (clear)

  1. Paranoia abound by Anonymous Coward · · Score: 4, Interesting

    Can you really trust your email provider?

    Yes, because I'm not a paranoid idiot. If someone wanted to do something malicious with your email, they probably could anyway, because so much of the world's email servers transmit in plaintext, the provider (other than the choice of one that does encrypt when possible) is the least of my concerns.

    1. Re:Paranoia abound by Dutch+Gun · · Score: 4, Insightful

      Even beyond that, e-mail can be encrypted client-side when necessary, meaning you don't have to trust anyone. There's no reason to trust your e-mail provider in the first place if the contents are truly sensitive. For everything else, e-mail should be considered about as secure as a postcard.

      If you need to protect the metadata as well as the content, then e-mail shouldn't even be used for that sort of correspondence. E-mail has never been secure. It probably never will be either, at least not for what we consider "e-mail" today, because there's too much legacy crap that would break if we lock it down (at least if we are trying to secure metadata).

      If we're OK with simply encrypting content as needed, then there are ways of building that sort of infrastructure into the system. We're seeing a lot of 3rd party messaging solutions that are using very good "trust no one" client-side encryption technologies and methods, such as What's App (now that they've integrated Open Whisper Systems security) or Threema.

      --
      Irony: Agile development has too much intertia to be abandoned now.
  2. Open Source not a silver bullet by i+work+on+computers · · Score: 5, Insightful

    We've seen over the last year many open source, power in numbers projects have critical vulnerabilities waiting to be exposed. Those defects were sitting there for years, yet being open source didn't magically fix them. I use many open source tools, but I've never inspected the code myself. Even if I did, I'm not going to be finding these hard-to-find defects that the people in the project can't find. I'm not going to implicitly trust an open source project just because it's open source. How do I know who's really contributing? At least if Apple is doing something naught with my iCloud email, at least in theory I can join a class action lawsuit and get a free download from iTunes. If the NSA is inserting nefarious code into an SSL project, there's really no recourse for action. Over the last year, I've learned that the key to internet security is that it doesn't exist. If there's something that really so sensitive, maybe you shouldn't email it.

    1. Re: Open Source not a silver bullet by Anonymous Coward · · Score: 3, Insightful

      Also of import: what's the status of turnkey open source email packages these days anyway? What is out there that exchange admins can switch to that won't make them hack on features or make their users ask WTF they just did? That is the elephant in the room and the million dollar question.

    2. Re:Open Source not a silver bullet by exomondo · · Score: 3, Insightful

      From a security perspective, even just having and being able to inspect the code is insufficient if you need top-notch security: you had better also be compiling that code yourself.

      With a verified compiler no less. We have seen ever more sophisticated malware these days, certainly a malicious compiler could easily slip vulnerabilities into the binary.

  3. Not really ... by BarbaraHudson · · Score: 3, Insightful

    Unless you're using encryption, it doesn't matter, since there are many points of 'interest" between the sender and receiver.

    --
    "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
  4. Trust by Michael+Woodhams · · Score: 3, Insightful

    Sigh. Now somebody is going to bring up Ken Thompson's "Reflections on Trusting Trust" in 3... 2... oops, too late.

    --
    Quattuor res in hoc mundo sanctae sunt: libri, liberi, libertas et liberalitas.
  5. Stupid article is stupid by Anonymous Coward · · Score: 5, Insightful

    Open source is a source licensing model. It has no magic powers for creating secure solutions to anything.

    Stupid headline: Why open source matters for sensitive email
    Stupid headline: Why closed-source matters for sensitive email
    Smart headline: Why security matters for sensitive email

    Code audits for security defects can happen regardless of source licensing model.
    Coders authoring a service, no matter how security conscious, and no matter how many eyeballs they have, will likely miss many exploitable defects.

  6. FOSS email LONG before Exchange, most mail FOSS by raymorris · · Score: 4, Informative

    Email was flowing through open source systems for DECADES before Exchange came out. Today, the vast majority of mail is handled by open source systems.

    If you're accustomed to Exchange and want to get that same bloated feeling without the six figure license fees, there are many open source packages designed,for that. Examples include OpenChange, Open X-change, Zumbra, Citadel ...

    Of course the vast majority of mail is handled more in the Unix philosophy, rather than one software package that thinks it's a file server (SMB), an MTA, an MDA, a groupware calendar, an IMAP server, and six other things it does poorly, the normal Unix way is if you want IMAP, you install a good IMAP server by clicking on or typing "dovecot". It doesn't have a buggy, insecure file server sticking the out the side that you never asked for.