Rhodri Marsden: Use email encryption services? The trouble is, we can't be bothered
Rhodri Marsden is the Technology Columnist for The Independent; he has also written about crumpets, Captain Beefheart, rude place names and string. He's also a musician who plays in the band Scritti Politti, and won the under-10 piano category at the 1980 Watford Music Festival by playing a piece called "Silver Trumpets" with verve and aplomb.
Wednesday 23 April 2014
When I was a boy I was given a fantastic book called The Knowhow Book of Spycraft. This hugely important volume did an excellent job of persuading young men and women of the importance of secrecy and stealth, with evocative illustrations of men in dark coats and sunglasses covertly passing notes to one another through shrubbery. For a whole summer, I found myself leaving bits of paper for friends at carefully allocated drop points, informing them of crucial nuggets of information.
The bits of the book dedicated to coding your messages, though, I wasn't that bothered about. I remember one tip involved writing a message in lemon juice and the recipient holding the piece of paper over a candle to read it. It just seemed like too much of a faff. My secrets didn't seem worth encrypting.
For years, I felt the same way about email. When I send a message to a specific email address, I figure that it'll be opened by the person who owns that email address, and even if anyone else did stumble across that message, it's unlikely that they'd be interested in the contents. I knew about methods of email encryption such as PGP (Pretty Good Privacy) and GPG (Gnu Privacy Guard), because I occasionally saw the email signatures of people who cared deeply about such things; they'd include a public key that you could use to send them encrypted messages. But rather like the lemon juice, dealing with the various keys and additional processes all seemed too much like hard work. I reckoned that the people who emphasised its importance were at best excessively geeky and at worst ridiculously paranoid.
But this thinking seems to be slowly changing, not least in my own head. The revelations over the past few months about the surveillance programs of the NSA have prompted people to toy with the idea of encryption, not necessarily because they have something to hide, but merely because they have something to type and find the idea of unauthorised interception slightly unappealing. When stories of the kind revealed by Edward Snowden have emerged in the media, some encryption services have seen spikes of interest in their products, and that's a good thing for privacy in future; as systems such as PGP or GPG rely on senders and receivers having the same encryption and decryption tools at their disposal, they are only as useful as the number of people using them.
But could encryption be made easier, perhaps to the point where we can actually be bothered to do it? This week, the website Venture Beat quoted a source at Google claiming that research is under way to "improve the usability of PGP with Gmail". This piqued my interest, for a bit. The idea of all my email being encrypted with a single click and unreadable to anyone except the intended recipients – not even Google! – held a very strong appeal.
But then I realised that the aforementioned faff, a lack of ease of use, is almost a necessary part of encryption systems. All the coding or decoding should happen on your computer before the email is sent or after it's received; as soon as you make it part of the system, with public and private keys stored for convenience in the cloud and "protected" by a password, you've made the whole point of encryption redundant. Convenience and encryption will never make easy bedfellows; that's why I still don't my write letters in lemon juice. (Don't tell GCHQ.)
Life & Style blogs
Penis size study: what's 'normal' anyway?
What happens to your body when you give up sugar?
The big fresh food con: Alarming truth behind the chocolate muffin that won't decay
Majority of UK women don't bathe or take a shower daily
From criminal to catwalk: Convict Jeremy Meeks wins modelling contract in the most unusual fashion scouting – behind bars
Durham Free School: 'Creationism taught at' free school facing closure
Nearly 100,000 of Britain's poorest children go hungry after parents' benefits are cut
End of the licence fee: BBC to back radical overhaul of how it is funded
Nigel Farage promises Ukip will not 'stigmatise' would-be migrants – and says he wants 'everyone to speak the same language'
Ex-head of MI6: 'We shouldn't kid ourselves that Russia is on a path to democracy'
Most people think legal tax avoidance is just as wrong as illegal tax evasion, poll suggests
iJobs Gadgets & Tech
£45000 - £55000 per annum + benefits: Ashdown Group: Senior VMware Platform En...
£32000 per annum + pension, healthcare & 23 days holiday: Ashdown Group: A gro...
Negotiable: Ashdown Group: Software Application Developer (C# & ASP.Net, SQL S...
£27000 - £33000 per annum + Excellent benefits: Ashdown Group: Front-End Devel...