July 19, 1999] InformationWeek LangaLetter — Are E-mail Digital Certificates And Encryption Worth The Bother?
How many digitally signed or encrypted E-mails do you get in a day? I’m probably not typical because I get somewhere around 800 E-mail messages a day (thank goodness for autoresponders!). But consider the percentage: of those 800-some E-mails, only a dozen or so are digitally signed. I can’t ever recall having gotten an encrypted message, and I’ve been using E-mail since around 1980. It’s surprising because it’s ridiculously easy to spoof E-mail. At the simplest level, many users are unaware how easy it is to alter the “From” and “Reply To” fields in E-mail. It’s child’s play to send someone an E-mail that will look (to a casual or inexperienced eye) like a message from, say, a boss, a co-worker, or a spouse. The potential for mischief or outright fraud is enormous. It’s not a lot harder to hack many mail servers: Spammers do it all the time, and the “warez” boards are full of tools that will help a hacker find poorly guarded mail servers they can exploit. But is also very easy to use
