E-mail communication can hold a significant amount of personal or business related information that is usually sensitive in nature. A large number of devices and software form the network of this system, and weak links can exist at any stage. The communication system includes handheld devices, mobile software products, communication lines and server-side hardware and software. To understand the security issues holistically, we need to consider the threats at all the levels of this information system.
Every threat or adversary has an objective. Usually, there are two basic objectives for an adversary in the communication sphere. First is to simply get your mobile device, while the other is to get your data. Although we cannot control your physical devices, we protect your data. We will be protecting you from a person who wants to get your mail messages. That includes hackers, business competitors, law enforcement units, etc. We will be protecting your data from thieves. We will be protecting your data from a person who found a lost device. We will be protecting you from a person who has the capability and the motivation of getting your data. Apart from the objectives, there are several motives that may drive an adversary.
- Getting your device without an intent to get your data (thieves, lost and found, etc.) – these adversaries generally want your device, and not the information in it. They will usually not do anything to extract your data even if it is only minimally protected. Harm level from such adversaries is low.
- Wanting to get your data without a personal aim at you (hackers, crackers) – they want your data and will dig into it, but the possible harm level is not so high. They will usually try to get into your device or account remotely. It is important to understand that these adversaries will not invest much into getting the data, since their motivation is mainly satisfying their ego, overcoming a challenge, destroying or altering the information, and the like. This may include some basic monetary gain.
- Wanting to get your data in order to get competitive advantages, tangible or intangible assets (to harm or violate your reputation or interests) - They are usually your business competitors and are much more motivated than the regular hackers. Such adversaries might try to get your device physically, and might hire hackers or even misuse legal tools (you may find it disturbing, but there are plenty of countries, where, for example, the police force is corrupt enough to be used for unfair business practices). They will try to extract your data and might pay a lot (but definitely not more than the potential profit) to get it. Getting your email is most likely just a part of a complex scheme. Potential harm level is extremely high.
- Wanting to get your data just because they were told to, so as to sue or prosecute you (such as the NSA, law enforcement, government, industrial espionage) – in addition to all the above, these people will usually try to get access to your device physically, and will force you and your service provider to disclose your data. Harm level can vary from zero to totally unacceptable. These adversaries possess virtually unlimited resources to discover your data, but need a very good reason to use that power.
When talking of system security, it is important to understand what “exactly” is an asset and what are the vulnerabilities that could threaten the security of the system.
1. Assets – passwords, data, and hardware including a mobile device and a server (which we do not control).
a) Passwords - A password is never stored, but is typed on a device and is transmitted to the server over a SSL-protected channel. The target server needs to check the validity of the password. An adversary can spy on the device, intercept it on the way to server or hack the validation procedure on the server. He or she can trick a user into entering the password on a phishing site.
b) Data being stored/transferred - The data that is generated on a device is sent to the server, stored there, and transmitted to the recipient. This data is vulnerable and can be extracted at every stage.
c) Hardware access - This is the same case as accessing your data.
Numerous threats linger when we talk about data security. We have to make sure that we understand the various issues that could come up, in order to protect ourselves better. Here are some threats:
Realistically, the developers cannot do much to compromise the users. There is no way to leak any user information, since we do not know the passwords, and we don't have servers to keep or backup any information. The only place that the information is sent to is your mail server.
We do not even collect the analytics about the app usage, unlike others, in order to make 100% sure that no information is sent to anywhere except the mail server that you specify.
However, we do not restrict the use of weak passwords. We aim to interfere as little as possible with the way you handle your accounts, and that includes “not” analyzing your password for the level of security. But, if you forget your password there is no way that we will be able to help you.
We guarantee that there are no backdoors or any other means to facilitate unauthorized information access. We have made our encryption module public to gain reviews from industry experts.
We have no centralized key storage/distribution system. In fact, we have no such a system at all. It's a user's responsibility to communicate the key to his or her recipient. How is this to be done? Who knows! We do not offer any tool for it, so there's nothing to compromise!
It's obvious that a software product cannot cover all the existing threats that could come up from a variety of sources. We understand it, and want to make it clear to you that there are some threats that we cannot protect you from. It is only proper if we notify you of our shortcomings. Here are some threats that we cannot cover: