Email Myths

Do you think email is secure? I am getting the impression there's a big fallacy regarding the privacy of email. Some apparently lesser known email facts:


1. Internet email generally has no encryption, either of the mail itself or the communication between servers.


2. Email usually hops across a few dozen servers (routers and switches usually, devices people can log into and control) and a few mail servers to get to where it's going.


3. Email is usually stored in plain text on servers, allowing staff and crackers easy access.


There is some good news though. On many servers, you can at least encrypt your own communications between you and your server. And there is an end-to-end method of encrypting email using extremely hard to crack encryption. GNU Privacy Guard is a free program that allows you to send mail using conventionally uncrackable encryption algorithms. It's not impossible to defeat but it requires computer power few people have access to. I would say it is the only way available to securely send Internet email.
There are several servers that will let you automatically fetch people's keys, mine is here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0E6834E3
The search page on that one is here: http://pgp.mit.edu/
There is a nice add-on for Thunderbird that adds good support for this, called Enigmail.