This year’s election cycle has put a HUGE spotlight on email. From Hillary’s ongoing email saga and FBI Director Comey’s late “October Surprise” to the alleged Russian hacking and leaking of Democratic National Committee (DNC) emails, the general public is now aware of just how easy it is for one’s email content to be used against oneself.
Email is indeed everywhere, and the incredible convenience email affords makes it irresistible to use for just about everything: off-the-cuff remarks, venting frustration, discussing executive strategies, and communicating internal and external business matters, for example.
Yet, this same willingness to put substantive thoughts into email can come back to bite oneself in two important ways. And as Americans prepare to vote for their next president, whichever way they might be leaning, it is important to understand these email issues in the context of technology available to just about everyone.
When email is sent and stored in plain text, it is incredibly easy to intercept or compromise the message contents. Hillary Clinton came under intense state and public scrutiny for her decision to use a private email server for security (and probably convenience) reasons. The widespread criticism and fallout over this issue is perhaps justified, considering how easy it would have been for hackers or foreign intelligence agents to access her email and compromise important state business.
Now, imagine for a moment that Hillary had used an email encryption service such as RMail with her private server, encrypting every outbound email from endpoint to endpoint (as with RMail’s executive mode email encryption). Doing this would not only have demonstrated responsible stewardship of the classified information in Hillary’s charge, but it may also have made it extremely difficult for anyone, including the FBI, to obtain the actual message content in the tens of thousands of emails Clinton was compelled to turn in.
When Wikileaks exposed what the whistleblowing website claimed were hacked emails from Democratic National Committee (DNC) insiders, purporting to illustrate among other things, a corrupt Democratic party and rigged Democratic primary, the general public automatically assumed the authenticity of the published emails. But why?
The reality is that standard email does not provide a certifiable record of authenticity. The supposed DNC emails could have been falsified – fiction created by outsiders hoping to influence the outcome of the US elections. There surely are sufficient incentives for someone to be willing to create fake emails. The technology to do so is certainly available.
Consider the following capabilities available to anyone using a Microsoft Office full installation:
Each of the above techniques can be performed easily without being detected. To be clear, there are legitimate business reasons why you might need to send email from an alias, or edit email content if using email as a collaboration medium.
Of course, the point of describing these techniques is not to promote their use for nefarious ends; rather, it is to illustrate that standard email, by itself, is not a verifiable record. The next time you see a copy or transcript of an email in the news, or in a dispute proceeding, it might be useful to consider how easy it would have been to alter the email contents, given the incentives or stakes.
Sending important email as an RMail® Registered Email™ message provides the sender with a verifiable record of timestamp, content, and delivery – regardless of any recipient actions. Consider this a way to have the upper hand — proof with high evidential weight. You can even record replies in an email thread, using RMail’s Register Reply™ feature.
May 13, 2022
May 06, 2022
April 29, 2022
April 25, 2022
April 18, 2022