Comments on: The Case For Email Security

By: Protect Your Passwords from Theft | LuxSci FYI

Protect Your Passwords from Theft | LuxSci FYI — Tue, 03 May 2011 16:16:34 +0000

[...] to other services, like email, chat, Facebook or Twitter, should also be made over SSL or TLS connections. If you want to use a [...]

By: BIS - No Better Security than Web Based Mail - Page 7 - BlackBerry Forums Support Community

Mon, 17 Jan 2011 20:26:52 +0000

[...] 03:26 PM Read this – it helps to understand what SSL (https) does and what it doesn't do… Case for Email Security – Why Use Encryption? | LuxSci FYI I don't use Luxsci, so this is not some add for them, I just found the article useful. Right now [...]

By: Michael Linn

Michael Linn — Sat, 21 Aug 2010 06:29:40 +0000

This was a thorough primer on e-mail security. Thanks for sharing

By: SecureForm Now Support SMTP TLS for Secure Form Email Delivery | LuxSci FYI

SecureForm Now Support SMTP TLS for Secure Form Email Delivery | LuxSci FYI — Sat, 03 Apr 2010 01:16:25 +0000

[...] in SecureForm refers in part to the fact that the emailed form data can be secured using PGP or S/MIME. This, combined with enforced use of SSL, ensures that the form data is secured from end-to-end [...]

By: JumbleMe Support

JumbleMe Support — Thu, 01 Apr 2010 17:42:28 +0000

JumbleMe’s security is very robust, while allowing convenience for our users. All emails are actually secured with two passwords. One password is given to the recipient, the other stored on JumbleMe’s servers and is unique to each email. Both must be present to open an email.
When a recipient tries to read an email, he/she enters her password on the website or using our software. They have 4 attempts to enter the correct password, at which point there is a lockout and the Sender is notified of the failed attempts. After the lockout, they may try again up to a total of 10 times, then the email is completely disabled. Only with a correct password entry is the second key then used to decode the email.
By using a 2 password system, a password cracker software would be trying to crack the equivalent of a 20+ character password (exact length reserved for security reasons). And this password would be unique to each email. This seemed the best way to allow our members the convenience of one password, but the security of long and unique passwords for each email.

By: Unsatisfied wJumbleme

Unsatisfied wJumbleme — Tue, 09 Mar 2010 04:24:16 +0000

Jumbleme may not be as secure as you think. Let’s suppose you put a strong password on a file and send your email. You would expect your recipient to need to use that strong password, right? Well, yes, except if that user has a jumbleme account. In that case the recipient receives the email with THEIR jumbleme password regardless of what you sent. Seems like a pretty serious security breach to me. Many many password crackers exist that can crack 6 or 8 character passwords with relative ease.

See for yourself:

http://jumbleme.com/board/index.php?action=printpage;topic=5.0
or
If you are having trouble opening an email, the first question to ask is, are you a member? If so, all emails sent to you should be encrypted with YOUR password. This was done for convenience, for if you are working at a business using our system, and you have 20 different people sending you encrypted emails, you don’t want to remember 20 different passwords. Just the one you signed up with. Keep this in mind if you send yourself a test email. It won’t matter what password you use in the body of the email, it will always be encrypted with your password.

By: Erik Kangas

Erik Kangas — Wed, 24 Feb 2010 02:38:45 +0000

Postini filters inbound email for spam, viruses, and other content — it is essentially a slightly inferior version of what McAfee offers (formerly MX Logic) — and what we offer through our Premium Email Filtering service.

JumbleMe is a service somewhat like the “Escrow” feature of LuxSci’s SecureLine end-to-end email encryption service. it allows you to secure parts of an email message and that does help with some of the problems discussed in this article.

By: Jack Lampson

Jack Lampson — Wed, 24 Feb 2010 02:30:08 +0000

how does something like postini or JumbleMe fit into this conversation?

By: SMTP TLS: All About Secure Email Delivery over TLS | LuxSci FYI

SMTP TLS: All About Secure Email Delivery over TLS | LuxSci FYI — Sat, 20 Feb 2010 02:13:33 +0000

[...] conversation cannot be eavesdropped upon (without Computer A [...]

By: Can You Make Your Email More Secure? | LuxSci FYI

Can You Make Your Email More Secure? | LuxSci FYI — Sun, 10 Jan 2010 15:41:24 +0000

[...] only to a point. While you can ensure that your users connect securely to LuxSci’s servers, who is to say that your recipient’s connection is secure? With LuxSci SecureLine, even if the recipient’s connection isn’t secure, you can be [...]