eMail is broken – Here is what you can do about it

Email is broken and this is not a news but before we start to make a complaint, what alternatives do we have and how we deal with the problem?

eMail broken

Is it possible to use eMail without exposing out identify or is eMail something what we should avoid using? This article will cover all of these questions.

What’s wrong with eMail?

When the entire new eMail  message format was build (RFC 5322) no one (in that time) has ever think of it that agencies like NSA, FBI, CIA,… are ever be able to collect these data in real-time, encryption to that time was really used and everyone was like – I have nothing to hide.

  • It’s default-plaintext. We don’t generally love the way websites ensure they’re viewed securely, but email doesn’t even have the basic mechanisms HTTP has to prevent secrets from accidentally being sent in the clear.
  • Email encryption is never forward-secure. The most popular standard, OpenPGP, involves a long-term key that is the root of secrecy for all messages from a particular person. Lose that key, ever, and not only is every message you send in the future unsafe, but every message you’ve ever sent in the past is too. That’s a terrible property for a secure messaging system!
  • Email leaks metadata. In fact, some of what we call email “metadata” isn’t even metadata – stuff like subject lines are simply content. They’re sent in plaintext. We would never accept a new secure messaging system that behaved like that.
  • Most email users get their email from a website. Unless you make them install something on all their computers – and at that point, just get them to install Signal, WhatsApp, or Wire – “encrypting” their email involves schemes in which those websites can get their plaintext mail.
  • Most email clients are searchable-archive-by-default. Again, if you’re using a secure messaging system to keep secrets from a state-level adversary, that’s exactly what you don’t want. And again, what matters here is the behavior of the overwhelming majority of clients. If you can stipulate a special mail client that is extra-careful, why not stipulate a forward-secure advanced messaging system and stop bothering with email?
  • External eMail programs can leak data or are infected. The change is always present that you install something which got (somehow) compromised.

These are the biggest arguments against eMail, but most of the critiques could be made of HTTPS too, e.g. the metadata argument. Building a protocol which doesn’t has any metadata is simply not possible, otherwise you could never be sure that it really reaches the end it supposed to be.

So overall making a complaint about a specific RFC or protocol doesn’t seems practical because the standard user doesn’t really care and because you car has a flat tire it doesn’t mean you change the car – right? You have to analyse the problem and see how to work this out, in our car example you can simply repair it by replacing the flat tire and you’re good to go.


Using alternatives is fine but the problem is that this mostly mean there not backward compatible to insecure stuff like eMail. So before I recommend programs or protocols keep in mind that this doesn’t solve the issue, it’s a workaround!

These chat and clients are fine to use but again this is not a general answer to the eMail problem itself, it requires you to buy/install the mentioned clients and then you need to setup it, same like the person/group which you want to communicate with. Security professionals need to meet users where they are. And where they are, to a massive unstoppable undeniable extent, is on email. Shitty, plaintext by default, metadata leaking email which just crying out to be fixed.

Riot is pretty young and still under development, same like Tox. So use it with caution or wait till there getting an audit on a stable version.

eMail Clients

These clients are good and there getting often updates, there open source and can be used on almost every platform. Thunderbird needs an special addon (which might get integrated in the future) like Enigmail to ‘fix’ the eMail problem. Mailpile is relatively new and integrates autocrypt by default.

Of course you can check your eMail with your Browser but that’s maybe not as comfortable, especially if you want to check multiple accounts or has a huge database which you want to search offline – because you might want to write another eMail on another account at the same time.

Attempts to fix eMail (for the mass)

The people behind autocrypt took a similarly honest stab at improving email security there also working together with Mozilla to fix known problems. If this sort of system were more widely deployed – and i know firsthand that GPG can work well when deployed to an entire workgroup – the security gains would be massive. A huge, imperfect gain and an essential one even for people who use Signal (on a daily basis) – because every single one of them, dollars to donuts, uses email part of the time. It would be hugely wrong to just leave that on the table.

Self-hosting a mail is fine, but it requires a lot of work. This usually means it scares people away.

Other providers migt doing a great job but you have to trust their words if there is no source code present and even with a source, you never know if there holding what they promise of if the code is not different from what the server is really using – that’s really a problem since there is no code-to-server verification. The protocol must be so secure/hardened here that the provider can’t see the content, but this is based on the protocols encryption.


Since eMail has the mentioned problems we take now a closer look at the protocols, there exist alternatives which aim to increase the overall security by encrypting the plaintext.

Signal uses end-to-end encryption their applications include mechanisms by which users can independently verify the identity of their messaging correspondents and the integrity of the data channel – but it must be mentioned that even with this metadata can’t be fully hidden, which means that every client which uses the Signal protocol leaks such data, that’s not a problem when you use the original client by Open Whisper Systems, more when you use WhatsApp (Facebook). Open Whisper Systems worked together with WhatsApp/Facebook to integrate their protocol into WA, because they realized that the mass uses ‘the most used clients’ instead of the best ‘hardened’ clients – which means you can use and recommend Threema all day long – it wouldn’t help anyone if you’re the only one which is using it and your entire family and friends all staying on WhatsApp. This was one of the main reasons, the mass.

EMail encryption can rely on public-key cryptography but once the key is lost you have a serious problem (as mentioned above).

These are the options and there all in some point broken because it’s not helpful to use S/MIME when the recipient can’t read/understand the protocol or his client simply doesn’t support it. There other examples and basically all protocols have pros and cons. Thunderbird and Mailpile can e.g. native support the S/MIME protocol. But especially on mobile operating systems there only a handful of such clients which really supporting it. Some are only paid solutions while others including ads.

Should we stop using eMail?

Theoretically if you have a lot content which contains private information you should switch to the mentioned alternatives, but in general I say no. I see the responsible by the big players like gMail, Yahoo & Co. they need to push encryption standards for the mass otherwise nothing will ever be changed. This is a problem because they might have interest to inspecting your eMails or want to use it for marketing reasons – or there forced to give the data away to the well-known agencies.

What you can do is to use the mentioned extensions, clients or eMail provider alternatives. Another trick would be to attack encrypted documents, which means even f the eMail could be read the attachment would be still secure. Of course in that case you shouldn’t provide the key to decrypt it within the same eMail… The secret then must be submitted over other/better channels.

Another reasons is that eMail is still required for forums, banking pages and basically all pages which work with you, eMail is like a unqiue ID which such pages use, most of the websites like Amazon, Google & Co. not providing other methods to work with them, an eMail is required.

General Problems

  • You cannot get people to convert to your encryption scheme
  • Forcing people to install/buy xyz app(lication) can be problematically especially if they are blocked (in a specific region/country) or if there containing ads or requiring external plugins
  • As long big players not changing anything we not getting a major influence
  • As long there is an index/search there must be metadata, as there metadata the risk gets higher to expose some private information
  • Secure alternatives are unwanted by the Government due to ‘security reasons’ – An terrorist can use it too
  • Revocation doesn’t provide forward security.

What I suggest

I say that you should choose secure eMail provider which you trust, personally I like ProtonMail but there also good alternatives like Tutanota, Posteo or Addons/Extension like Mailvelope and Enigmail in combination with your Browser or eMail client seems still the easiest solution but we have to teach others how to use it and how to backup it to avoid possible data/key leaks.

Personally I still haven’t given up on Thunderbird but I’m old and the new deal these days really seems Signal. It’s used by millions and it seems compared to Riot more stable. It also has desktop clients and is easier to use and setup.