Outside of specific areas dealing with technology, privacy, copyright and patents, I generally don’t steer this blog into the winds of general politics, or presidential campaigns. But the issue of private email servers has become a staple of the daily news diet, and that is within my realm of interest. Suddenly, everyone who has a problem with Hillary Clinton is a sysadmin.
Sure, there are many reasons to take issue with the prospect of Hillary Clinton as a president. Yes, she had a poorly secured email server. So does the federal government. So it’s fascinating that people are outraged, from a security standpoint, that Clinton’s email server may have handled strategy discussions regarding U.S. drone strikes in Pakistan. Personally, I’m more interested in the security of the people who ended up on the receiving end of the missiles.
But the security issue with the communications over it has less to do with the server somewhere in a Clinton broom closet and more to do with the insecure nature of email itself. Email copies itself around the internet from point A to B, with several spots in between. Even if the content is unreadable, there’s more than enough information about the email itself to let an onlooker know who is talking to whom, when, and often about what.
Locking down your own DIY email server is not for the faint of heart. But it’s not impossible to do it with reasonable security, if doing these sorts of things is your sort of thing.
- See Linode’s guide on hosting your own email.
- The Sealed Abstract walk-through to setting up a secure email server, which is nicely written but poorly titled.
- Check out Mail-in-a-box, along with its security configurations guide.
It may seem nutty in the internet-as-a-service culture to do anything yourself. Email hosting is complicated, but it’s complicated on a matter of scale. If you’re Google, your defending billions of email addresses. More email addresses than there are people. If you’re you with your own email address,than it’s a matter of looking after one or two and a much smaller system for them. The reasons for embarking on this are varied:
- You want immediate knowledge of a hacking attempt, and control how the server responds.
- You want to control the physical location of the data storage due to safety, legal or jurisdiction issues.
- You want to make sure you have total access to really remove data from the system when you delete something.
- You want to make sure you’re the only one with the encryption keys to your server.
- You’re a mad scientist who likes to Frankenstein your own things to life.
There are likely many other reasons. Avoiding a subpoena or Federal investigation is demonstratively not one of them. Personally, my favourite reason is item 5. I’d like more people to be interested in how the things they use work, even if they don’t solely rely on it. Billions of people rely on just a few systems to keep in contact with each other: Google, Facebook, maybe some Microsoft things.
We are moving away from local things. This is why lot of people were shocked that floppy disks are still used to run American nuclear weapons systems. They’re probably being used by people who weren’t alive when most of the world stopped using them. But if you’re running a local, locked down system that’s responsible for world-destroying devices, you probably just wouldn’t auto-upgrade to Windows 10. Suddenly, simpler, highly predictable, lower processing, removable systems make more sense. Some things shouldn’t be synced.