Messaging platforms such as WhatsApp and Facebook Messenger have risen to popularity due to their fast and instant way of passing information over the internet.
For once, email service providers such as Google and Yahoo have been feeling heavily threatened by these apps, but this service remains to be a core part of the enterprise setup. As if to prove this, a number of tech companies including Google, Microsoft, LinkedIn, Comcast, Yahoo and 1&1 Mail & Media Development have come together to in a bid to work on better ways of improving the encryption used on email platforms.
In this time of millennials, it is important that online platforms be kept more secure than ever, especially considering the rate at which hackers and cybercrime activities are being reported.
Out with the old, in with the new
Email service providers have been here for years, but very little has been done to change the underlying transport mechanisms used when passing the messages around. In essence, most of today’s emails are sent as unencrypted plain text using the ancient SMTP technology and even though the SMTP STARTTLS came in a few years ago to take care of this encryption problem, it has failed heavily.
The current technology makes it a lot easy for hackers to get in the middle of a conversation that was intended for someone else. Google, Microsoft, Yahoo and other companies now want to take care of this after they submitted a joint proposal to the Internet Engineering Task Force last week.
The proposal wants to protect against attackers with efforts of modifying or intercepting emails that are being sent out by impersonating the server at the receiver’s end or maybe breaking SSL via several existing attacks.
How it works
In a bid to ensure that you only communicate with the intended persons and not some attacker on the internet, the new proposal wants the sender to be able to tell whether the recipient is legit. When an email is sent to a given domain that also supports SMTP STS, the sender can easily tell whether the destination server supports encryption as well as whether their certificate is legal before sending the message. In this way, one will be sure that they are communicating with the right server.
In case of otherwise, the sent email will not be delivered and the sender will also be told why this happened. These won’t be new rules for tech savvy users, but they might just happen to be new for those still heavily reliant on emails. However, don’t get too excited since this is still just a proposal and it has got a long way ahead before it materializes. The good thing is that it has names such as Google, Microsoft, LinkedIn and Yahoo behind it.