Is Today's Email Infrastructure Fundamentally Flawed?
Sony, DNC, Celebgate, our daily headline is dominated by hackers exploiting yet another round of victims. The media never shy away from analyzing and publishing stolen information: some argue that hackers (both individuals and institutions) bring transparency to corrupt political organizations, greedy multi-national corporations and questionable celebrities. What they fail to admit is the fact that while leaked information destroys shareholder value and personal privacy, it satisfies people's "curiosity" and drives site traffic and media ratings up. Without getting into the debate of whether it does more good or bad to the society, I believe hacking is often ill-intentioned (KGB, WikiLeaks) and creates consequences that are too big and does collateral damage to too many innocent people, and I think today's email infrastructure is to blame.
Let's go back in history to the age of paper mail. When someone intercepts a package, they gain one piece of information. Today, a simple Gmail password reset phishing scheme easily exposes tens of thousands of emails in one account. It's almost laughable to compare the magnitude of damage/reward and the amount of effort required. We rely on the vigilance of every email user to distinguish phishing email and once one user fell for the trap, almost the entire domain is fallen. What if a new email infrastructure can fix this?
- Gaining one password should not allow access to 10,000 emails. When someone logs into an email account, he/she should ONLY be able to see unread emails and today's emails.
- To search or browse for older ones, two-factor login is required.
- After every certain number of search queries (e.g. 10 scrolls), another two-factor login is required.
- To download the entire email catalog, the strictest level of security is required. We can throw in fingerprint recognition, facial recognition, Iris recognition, password questions or all of the above.
This proposal is simple: we strike a balance between security and convenience. By separating client use cases with usage frequency (unread, search and download all), we can largely increase security without losing too much time. It's going to be a hard sell to individual users but I can see larger organizations adopting it.
Would you promote email infrastructure like this in your organization? If anyone wants to launch a startup with this idea, let me know!
Originally published: https://www.linkedin.com/pulse/todays-email-infrastructure-fundamentally-flawed-maxwell-zhou