light bulb

Did You Know?



Reply
Posts: 4,814
Topics: 3,041
Kudos: 5,935
Registered: ‎06-12-2013

Facebook encourages email providers to deploy STARTTLS encryption to block spy agencies

Lucian Constantin  May 13, 2014 11:00 AM
 

Facebook is pushing for more email providers to use STARTTLS, a technology that encrypts emails as they pass between servers and clients, after an analysis showed that any SMTP (Simple Mail Transfer Protocol) server that adds the feature now would start encrypting over half of its outbound email traffic.

STARTTLS is an extension for several communication protocols, including IMAP and POP3, SMTP, FTP and XMPP and allows a plain text connection to be upgraded to an encrypted one using the TLS (Transport Layer Security) or SSL (Secure Sockets Layer) protocols.

Researchers at Facebook recently analyzed a day’s worth of the company’s email logs to determine how widely STARTTLS is deployed among email servers around the world. The company is in a good position to run such a test because it sends several billion notification emails every day to user email addresses hosted across millions of domain names.

 

Full Article

Sr. Community Leader

Posts: 4,814
Topics: 3,041
Kudos: 5,935
Registered: ‎06-12-2013

Good news for privacy: fewer servers sending e-mail naked, Facebook finds

Company calls on laggards to join majority of servers by deploying STARTTLS.

by Dan Goodin - May 14 2014, 12:55am GMTST

 

STARTTLS

Overall STARTTLS Results

 

Server-to-server e-mail encryption using the STARTTLS protocol has reached an important tipping point that hardens the majority of messages Facebook sends its users against wholesale snooping by well-financed adversaries, according to figures released Tuesday by site.

The social network said 58 percent of the notification e-mails it sends users are successfully encrypted using STARTTLS. Even more impressive, 76 percent of unique Mail Exchange hostnames are set up to support the protection, although only about half of them use valid digital certificates to cryptographically validate connections. STARTTLS ensures that plaintext e-mails are encrypted before being transferred from the sending server to the receiving server. Amid revelations of an expansive surveillance program by the National Security Agency and other state-sponsored groups, the extension is seen as a way of thwarting such programs or at least making them more costly to carry out. But like most network-based technologies, its value is proportional to the square of the number of servers that use it, meaning it provides benefit only when widely used.

 

Full Article

 

 

 

 

 

 

 

 

 

 

 

Sr. Community Leader

Posts: 5,051
Topics: 211
Kudos: 4,822
Ideas: 9
Registered: ‎02-03-2012

Get cracking on STARTTLS says Facebook

E-mail security protocol has 'critical mass'

 

 

Facebook has debunked the idea that SMTP STARTTLS encryption still isn't taking hold, after an analysis of the billions of messages it sends to millions of servers each day.

 

In this blog post, The Social NetworkTM says the numbers are clear: “STARTTLS has achieved critical mass and there is immediate value in deploying it”, and the more people that use e-mail encryption, the more value there is in it.

 

The analysis was prepared by Facebook mail integrity engineer Michael Adkins.

 

The short version of Facebook's numbers: out of billions of messages to millions of domains, 76 per cent of unique MX hostnames it sends to use STARTTLS, and 58 per cent of notification e-mails are successfully encrypted.

 

“Additionally, certificate validation passes for about half of the encrypted email, and the other half is opportunistically encrypted. 74% of hosts that support STARTTLS also provide Perfect Forward Secrecy”, the post continues.

 

The company is at pains to assure its customers that the log file analysis underneath the numbers didn't involve delving into sensitive customer data: it only looked at data reported from the recipient server including STARTTLS results (whether encryption could be negotiated and which cipher suite was used), the recipient's domain, the MX hostname and the receiving server's IP address.

 

 

 

Full Article

 

Poor Facebook...seems to be in the wars again re. security & privacy issues.  Just like MS...when you are big they go for you.

       Untitled-1.png


Webroot SecureAnywhere Complete Beta Tester v8.0.8.53...+ VoodooShield v2.31l Beta....working together as the NEW perfect combination! And backed up by AX Time Machine v2.0

Community Manager Community Manager
Community Manager
Posts: 4,172
Registered: ‎12-16-2013

Re: Get cracking on STARTTLS says Facebook

Glad to see this getting some traction!

Posts: 5,051
Topics: 211
Kudos: 4,822
Ideas: 9
Registered: ‎02-03-2012

Re: Get cracking on STARTTLS says Facebook

Completely agree, Nic...but there are a lot of others out that there need some traction too...and no doubt there will be many others to come.

       Untitled-1.png


Webroot SecureAnywhere Complete Beta Tester v8.0.8.53...+ VoodooShield v2.31l Beta....working together as the NEW perfect combination! And backed up by AX Time Machine v2.0