[David Strom's Web Informant] The many ironies of the post email era

David Strom david at strom.com
Mon Dec 10 11:32:56 EST 2018


Web Informant, December 10, 2018: The many ironies of the post email era

It has been 20 years since Marshall Rose and I wrote  our book about
Internet email.
<https://www.amazon.com/exec/obidos/ASIN/0139786104/davidstromswebin/> Since
then, it has become almost a redundant term: how could you have email
without using the Internet? For that matter, how can you have a business
without any email to the outside world? It seems unthinkable today.

But for something so essential to modern life, Internet email also comes
with multiple ironic situations. I will get to these in a moment.

To do some research for this essay, I re-read a column that I wrote ten
years ago about the evolution of email between 1998-2008
<http://blog.strom.com/wp/?p=701>. Today I want to talk about the last ten
years and what we all have been doing during this period. I would call this
decade the post email era because email has become the enabling technology
for an entire class of applications that previously weren’t possible or
weren’t as easy ten years ago. Things like Slack, MFA logins, universal
SMS, and the thousands of apps that notify us of their issues using emails.
Ironically, all of this has almost eclipsed the actual use of Internet
email itself. While ten years ago we had many of these technologies, now
they are in more general use. And by post-email I don’t mean that we have
stopped using it; quite the contrary. Now it is so embedded in our
operations that most of us don’t even think much about it and take it for
granted, like the air we breathe. That's its second irony.

When a new business is being formed, usually the decision for its email
provider comes down to hosting email on Google or Microsoft’s servers. That
is a big change from ten years ago, when cloud-based email was still being
debated and (in some cases) feared. I have been hosting my email on
Google’s servers for more than ten years, and many of you have also done
the same.

Another change is pricing. This has made email a commodity and it is pretty
reasonable: Google charges $5 per month for 30 GB of storage or $10 per
month with either 1 TB or unlimited storage. If you want to go with
Microsoft, they have similarly priced plans for 1 TB of storage. That is an
immense amount of storage. Remember when the first cloud emailers had 1 GB
of storage? That seems so quaint -- and so limiting -- now. For all the
talk back then about "inbox zero" (meaning culling messages from your inbox
as much as possible), we have enabled email hoarding. That's another irony.

Apart from all this room to keep our stuff, another major reason for using
the cloud is that it *frees up the decision as to which email client to run
(and to support) for each user. *A third reason is that the cloud frees up
users to run multiple email clients, depending on what device and for what
particular post-email task they want to accomplish. Both of these concepts
were pretty radical 20 years ago, and even five years ago they were still
not as well accepted as they are now. Today many of us spend more of our
time on email with our phones than our desktops, and use multiple programs
for our email, and don’t give this a second thought.

Why would anyone want to host their own email server anymore? Here is
another irony: one reason is privacy. The biggest thing to happen to email
in the past ten years was a *growing awareness of how exposed one’s email
communications could be*. Between Snowden’s revelations and Hillary’s
server, it is now crystal clear to the world at large that your email can
be read by your government.

When Marshall developed the early email protocols, he didn't hide this
aspect of its operations. It just took the rest of the world many years to
catch on. As a result, we now have companies that are deliberating locating
in data havens to prevent governments from gaining access to their data
streams. Witness ProtonMail and Kolabnow, both doing business from
Switzerland, and Mailfence, operating out of Belgium. These companies have
picked their locations because they don’t want your email finding its way
into the NSA’s Utah data centers, or anywhere else for that matter. And we
have articles such as this one in Ars that discuss the issues about Swiss
privacy laws
<https://arstechnica.com/tech-policy/2013/12/switzerland-wont-save-you-either-why-e-mail-might-still-be-safer-in-us/>.
*Today a business knows enough to ask where its potential messages will be
stored, whether they will be encrypted, and who has control over its
encryption keys.* That certainly wasn’t in many conversations -- or even
decisions about selecting an email provider -- ten years ago.

One way to take back control over your email is literally to *host your own
email server *so that your message traffic is completely under your
control. That has been a difficult proposition even for tech-savvy
businesses -- until now. This is what Helm is trying to do,
<https://thehelm.com/> and they have put together a sexy little server
(about the size of of a small gingerbread house, to keep things festive and
seasonal) which can sit on any Internet network anywhere in the world and
deliver messages to your inbox. It doesn’t take a lot of technical skill to
setup (you use a smartphone app), and it will encrypt all your messages
from end-to-end. Helm doesn’t touch them and can’t decrypt them either.
Because of this, the one caveat is that you can’t use a webmail client.
That is a big tradeoff for many of us that have grown to like webmail over
the past decade. Brian Krebs blogged this week that users can pick two
items out of security, privacy and convenience. That is the rub. With Helm,
you get privacy and security, but not convenience (if you are a webmail
user). Irony again: webmail has become so pervasive but you need to go back
to running your own server and email desktop clients if you want ironclad
security.

*Speaking of email encryption, one thing that hasn’t change in the past ten
years is how it is rarely used. *One of the curiosities of the Snowden
revelations was how hard he had to work to find a reporter who was adept
enough at using PGP to exchange encrypted messages. Encryption still is
hard. And while Protonmail and Tutanova and others (mentioned in this
article <https://www.maketecheasier.com/secure-email-services/>) have come
into play, they are still more curiosities than in widespread general use.

*Another trend over the past ten years is how spam and phishing have become
bigger problems.* This is happening as our endpoints get better at
filtering malware out of our inboxes. This is one reason to use hosted
Exchange or Gmail: both companies are very good at stopping spam and
malicious messages.It is somewhat of an ironic contradiction: you would
hope that better spam processing would make us safer, not more at risk.
This risk is easy to explain but hard to prevent. All it takes is just one
user on your network, who clicks on one wrong attachment, and a hacker can
gain control over your desktop and eventually your entire network. Now that
scenario is a common one witnessed in many TV and movie episodes, even in
non-sci-fi-themed shows. For example, this summer we had Rihanna as a
hacker in Ocean's 8. Not very realistic, but certainly fun to watch.

So welcome to the many ironies of the post email era. Share your thoughts
<http://blog.strom.com/wp/?p=6938> about how your own email usage has
evolved over this past decade if you feel so inclined.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.webinformant.tv/pipermail/webinformant_list.webinformant.tv/attachments/20181210/45765d77/attachment.html>


More information about the WebInformant mailing list