“In recent weeks, I’ve written about protecting data stored locally on a hard drive, against both people with physical access and potential remote attacks,” Glenn Fleishman writes for Macworld. “But your data is much more vulnerable in transit, as it passes between end points or via servers.”
“This problem is effectively solved for instant messages with iMessage, which uses strong end-to-end encryption designed in such a way that—Apple says—not even they can decrypt your messages,” Fleishman writes. “This is accomplished by creating local encryption keys through a process that can’t be reverse-engineered on their side. Even though iMessages pass through intermediate points on the Internet, there’s no opportunity for others to grab the plain text, images, and audio within. (The same is true with FaceTime audio and video.)”
“But it’s still a mess for email, whether Mail in iOS or OS X, or third-party email software,” Fleishman writes. “iMessage [offers] …strong end-to-end encryption. So how can we achieve the same in email? Through the use of public-key (PK) cryptography, something that’s been available for encrypting documents and email messages since 1991 in one form or another.”
Read more in the full article here.