Experts Call Bullshit on German Plan To Encrypt Email
It's not NSA- or cop-proof
German hackers have poured scorn on Deutsche Telekom's plan to offer "secure email", describing it as little more than a marketing gimmick.
Deutsche Telekom and partner United Internet are rolling out SSL-encrypted connections between users' computers and the companies' mail servers as part of the "Email made in Germany" offer. …
Messages sent to mail servers outside Germany will not be encrypted in transit, at least initially, which means the data can be intercepted by network taps, installed in the internet's arteries worldwide, that are run by the NSA and the UK's eavesdropping centre, GCHQ.
Any service offered within Germany will be subject to EU data retention laws and rules allowing cops and g-men to lawfully intercept or seize data (see El Reg's recent analysis of the Lavabit and Silent Mail shutdowns for details). Metadata collection is unavoidable in the EU and US, so all the "Email Made in Germany" scheme offers is some protection against crooks snooping on email exchanges, rather than anything genuinely spy-proof.
Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.
Please
to post comments
You know who else wanted to secure German communications?