Wednesday, April 9, 2014

No Bleeding Hearts Here

Earlier this week, a vulnerability dubbed The Heartbleed Bug was identified in certain versions of the cryptographic library, OpenSSL (see www.heartbleed.com). Although many thousands of servers and websites were affected across the Internet, Send Files Securely was not affected by this since we do not use OpenSSL. 

Thank you for your continual support and use of our service for sending files securely!

Wednesday, April 2, 2014

Gmail Encryption Is Now Mandatory, BUT Is Your Email REALLY Secure?

In recent news, Google announced that it's email service, Gmail, will require all communications to be encrypted using HTTPS (http://www.cnet.com/news/gmail-encryption-is-now-mandatory). So, does using HTTPS mean your email is now secure? The answer is, it depends.

The option to use HTTPS has been a feature of Gmail for some time now. This news simply means that users no longer have an option to opt-out of the secure connections. Using HTTPS with your email provider is a good idea, whether you use Gmail or any other email provider. However, the encryption provided by your email provider usually* ends once the email leaves their servers. At that point, the email travels across the Internet unencrypted.

Despite this news, email is still just as inherently insecure as it's always been. One day that might change. But until then, use Send Files Securely to send secure file attachments.

*Although the technology exists to encrypt email between servers, it's not widely used.