Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Time Has Come to Ditch Email?

Zonk posted more than 8 years ago | from the i-find-it-handy dept.

398

Krishna Dagli writes to mention an article at The Register claiming that it's time we stop using email to communicate. From the article: "The problem is, email is now integral to the lives of perhaps a billion people, businesses, and critical applications around the world. It's a victim of its own success. It's a giant ship on a dangerous collision course. All sorts of brilliant, talented people today put far more work into fixing SMTP in various ways (with anti-virus, anti-phishing technologies, anti-spam, anti-spoofing cumbersome encryption technologies, and much more) than could have ever been foreseen in 1981. But it's all for naught."

Sorry! There are no comments related to the filter you selected.

e-mail needs to get better (5, Insightful)

yagu (721525) | more than 8 years ago | (#15454312)

Short version of story:

E-mail shouldn't really go away, we need to recreate it from scratch with builtin security, authentication, encryption, etc, and those mechanisms need to be as transparent as today's e-mail.

EOF

E-mail will probably go that way, but I don't see it being recreated from scratch. Postfix evolved out of perceived difficulties with sendmail (still one of my favorite packages... obtuse, obtuse, obtuse, but lots of fun.) while in-flight.

The fixes for e-mail likely will also occur in-flight... there's too much momentum, and too many transactions dependent on e-mail for it to stop, then go.

The single most important step for me would be transparent authentication, via certs, whatever. As phishing becomes more insidious and the stakes go up, someday someone (or a bunch of someones) will be phished severely, escalating the urgency of authentication. It may start out clunky (ever tried to get friends and family to do PGP handshakes?), but as with other technology I think it can be done with transparency.

E-mail stays... (btw, if you want to send e-mail feedback to the author, this is the link [theregister.co.uk] .

Re:e-mail needs to get better (1)

neonprimetime (528653) | more than 8 years ago | (#15454378)

Short version of story:

E-mail shouldn't really go away, we need to recreate it from scratch with builtin security, authentication, encryption, etc, and those mechanisms need to be as transparent as today's e-mail.


Although it's a lovely story ... it'll never happen ... for the same reason that the US Tax Codes will never get re-written ... Social Security will never get revamped ... and our justice system will always be screwed up ... Each of the items I listed are too large and complex, and are beyond repair, but in the same respect could NEVER be recreated in a reasonable time frame.

Re:e-mail needs to get better (5, Insightful)

B'Trey (111263) | more than 8 years ago | (#15454518)

Bad analogies. Email will get replaced. I certainly can't tell you with what, but it will get replaced. And the reason it can be replaced and the others can't is because it doesn't need to be an instant and complete replacement. Email will get replaced the same way that land lines are being replaced by cell phones.

If you'd tried to instantly replace the phone system with a different, portable system, you'd have been doomed to failure. There's no way you would have ever gotten everyone to just give up their telephone and buy a new, different device for voice communications. But cell phones are replacing land lines because they're compatible. Even though a cell phone and a land line phone work very differently at the hand set level, they both go back to the same place and you can call one from the other. All of the differences are handled transparently to the user. He doesn't care if his voice is going out over copper pairs or over RF to a cell tower. He doesn't care if it's switched through mechanical switches or digitized and sent through a IP network. He dials and a number and he talks.

To replace email, we need to come up with a new system which provides security and authentication when communicating with other addresses on the new system but degrades gracefully when sending to a legacy email address. As more and more people switch to the new system, the old system can be abandoned. It's a piecemeal replacement, not a wholesale changeout.

The article talks about all of this, all though I've tried to clarify a few things. It even gives a possible mechanism for graceful degradation.

Re:e-mail needs to get better (1)

tcopeland (32225) | more than 8 years ago | (#15454380)

> Postfix evolved out of perceived difficulties with sendmail

I just converted a good-sized system from Sendmail to Postfix; here's why (with charts!) [blogs.com] . Go Postfix!

Good sized system? (5, Insightful)

fm2503 (876331) | more than 8 years ago | (#15454594)

A peak of ~75 messages a minute?

Me thinks you need several zeros on the end of that to get to a medium to large installation....

Re:e-mail needs to get better (3, Funny)

Nadsat (652200) | more than 8 years ago | (#15454444)

And they are not stopping at email, but at verbal communication. Soon the language we speak to one another will be codified. Meaning, if I want to talk to my girlfriend, I will speak through an earpiece mounted microphone. The mic encrypts my verbal language with a key that only she has. The words that come through my head-mounted mic then are amplified through a speaker which anyone can pick up, as if it were my voice speaking, but all garbled. Noone else can understand what I'm saying, because only she has the key on her headset, which is able to then re-articulate my words into her earpiece.

It's like a private foreign language without having to bother learning a foreign language.

That's the spirit of the article.

Re:get friends and family to do PGP? - Yes (5, Interesting)

Betabug (58015) | more than 8 years ago | (#15454457)

"ever tried to get friends and family to do PGP handshakes?"

Yes, I've tried... and I've been and am quite successfull with it. Using GPG to send/receive encrypted mail and check signatures with a good plugin isn't rocket science.

Agreed, setting up keys and such is hard, but with friends and familiy we geeks can help. We do that with E-Mail, Games, Wordprocessors, why not with PGP?

My experiences with PGP with friends and family: Do You Use PGP? - Encryption is not just for techies any more [betabug.ch] .

Re:get friends and family to do PGP? - Yes (4, Interesting)

B'Trey (111263) | more than 8 years ago | (#15454538)

Agreed, setting up keys and such is hard, but with friends and familiy we geeks can help. We do that with E-Mail, Games, Wordprocessors, why not with PGP?

Because we're looking for a long term, widespread, permanent solution. There aren't enough of us geeks to hold the hand of every user in the world.

Re:get friends and family to do PGP? - Yes (1)

Jeremi (14640) | more than 8 years ago | (#15454624)

There aren't enough of us geeks to hold the hand of every user in the world.


Perhaps there are enough of us geeks to code up the proper secure behavior for the various email clients that people use, make it the default behavior, and make it easy enough to use that people won't bother to try and disable it?


Then it's just a matter of waiting for everybody to update their email client (i.e. 5-10 years, but that's better than never), and we're done :^)

Re:e-mail needs to get better (4, Insightful)

onion2k (203094) | more than 8 years ago | (#15454465)

someday someone (or a bunch of someones) will be phished severely, escalating the urgency of authentication

This is the key issue .. the victims. These are the people who need to be targeted if we're ever going to stop spam. No technological solution will ever fix the problem so long as it remains profitable .. people will go to extraordinary lengths to make a fast buck .. The debacle with Blue Frog demonstrated just how much power spammers wield over the internet. I really doubt that even a fundamental change to the underlying protocols of email would stop them.

Instead we need to educate the victims. Stop people clicking on links in emails *ever*, stop people buying "cheap prescription meds online", stop people sending thousands of dollars to the Nigerian interior minister.

Only when spam stops working will spammers stop working.

Re:e-mail needs to get better (1)

DragonWriter (970822) | more than 8 years ago | (#15454467)

The fixes for e-mail likely will also occur in-flight... there's too much momentum, and too many transactions dependent on e-mail for it to stop, then go.
I'm not so sure that's true; I suspect e-mail will be around with incremental, "in-flight" attempts at fixes for some time, but I also think that sooner or later its going to be suprisingly suddenly displaced, but not by something whose main focus is as an "e-mail replacement". Instead, by something that takes a radically different approach to information sharing, that would subsume the function of lots of different computing and communication technologies. But I don't know what that thing will look like.

Re:e-mail needs to get better (5, Funny)

RingDev (879105) | more than 8 years ago | (#15454471)

"(ever tried to get friends and family to do PGP handshakes?)"

I've got one of those! It ends in a chest-thump then a simulated pistol shot in the air! We can always ensure that our friends are definately our friends with that hand shake.

-Rick

Re:e-mail needs to get better (2, Interesting)

harrkev (623093) | more than 8 years ago | (#15454528)

Sometimes you simply can't patch things any more, and it is time to start over. Even Microsoft realized this and moved from a DOS core to an NT core on XP. Apple realized this and moved from 6800 to PowerPC to X86.

The solution? For some novel open-source software to appear that handles this problem. Then it gets integrated into Thunderbird as an OPTION for a way to send mail. It should work seamlessly, and fall back to old-fashioned e-mail when necessary. You would have two e-mail accounts side-by-side, but it would appear to the user as if they had only one.

So the geeks will be on the bleeding edge. Everybody reading this would probably have it. As time goes by, more and more people using Thunderbird woudl switch. Then Opera would join it. Once it gets big enough, even Microsoft would sit up and take notice after hearing about how great it is ("embrace-extend-extinguish" begins with "embrace").

It done right, and if the right players were involved, it could work.

Re:e-mail needs to get better (0)

Anonymous Coward | more than 8 years ago | (#15454546)

ever tried to get friends and family to do PGP handshakes?

That's because PGP is proprietary and a stupid design. It's an add-on hack that sticks out like a sore thumb.

S/MIME does it better and it "just works" in most e-mail clients. Plus you have built-in access to all sorts of things like smartcards via PKCS#11 and such (Thunderbird, Mozilla, etc).

yeah right (0)

Umbral Blot (737704) | more than 8 years ago | (#15454313)

They can take my email when they pry it from my cold dead hands!

in other news (1, Insightful)

Pig Hogger (10379) | more than 8 years ago | (#15454314)

... it also says that FTP and NNTP are dead, too.

Yeah, right.

Re:in other news (1)

$RANDOMLUSER (804576) | more than 8 years ago | (#15454461)

Yeah - he says twice that NNTP has been "abandoned", which I don't get: I'm on Usenet almost daily. Sure, there are plenty of encoding schemes (mime, uuencode, yEnc, etc.) but the protocol lives on, even if, as he says, gobs of (redundant) bandwidth and storage go into Usenet itself.

Re:in other news (1)

harrkev (623093) | more than 8 years ago | (#15454648)

Well, it is not DEAD, but it is dying. The average person does not use/need usenet. Newbies can be on the internet for a couple of years without even hearing about usenet. Withing a decade it is likely to go the way of Gopher.

Off-topic, but I wish that I could take a poll to see how many slashdotters have ever used gopher.

Back to the topic. To me, "alt.*" is like an outlaw wasteland. It is not a "nice" place to visit. The moderated areas are nice, but the same thing is often found on internet forums, so I do not really see the need for those.

The funny thing is that the "alt.*" areas remind me a bit of e-mail. You never know who is posting, you never know who to trust, and there is a lot of spam. Really, "alt.*" is like e-mail except everybody has the same in-box.

Re:in other news (1)

Viol8 (599362) | more than 8 years ago | (#15454689)

"Withing a decade it is likely to go the way of Gopher."

People were saying something similar a decade ago except
they said uucp instead of gopher.

"so I do not really see the need for those"

You might not , but a a few million people do.

"You never know who is posting,"

You think people would post to newsgroups if others
could get hold of their real name? Bye bye any political
posts from people under oppressive regimes them. Hello
incarceration for them and spam for the rest of us.

You're a good example of the I-dont-use-it-so-it-has-no-use
mentality.

Re:in other news (1)

monoqlith (610041) | more than 8 years ago | (#15454583)

Actually, from the article, about FTp, telnet, and Usenet(NNTP):
"All these old technologies actually live on and in some cases thrive (and in the case of the Usenet, still consume (http://en.wikipedia.org/wiki/Usenet) enormous amounts (http://www.google.com/search?hl=en&lr=&rls=en&q=U senet+binary&btnG=Search) of bandwidth and offer very useful (http://groups.google.com/) information) but have been mostly superceded by newer protocols."
He's right - the technology is still very much around(that's why in the previous sentence he has "abandoned" in quotes) - but adoption just isn't as big percentage-wise as it used to be - while FTP is used for a file download, it's mostly transparent to the user because most ftp downloads are initiated from a web page, and HTTP can perform file transfers just fine. Usenet is HUGE but it's not known about among the less experienced users - and many many people who do use USENET access it through a web site, such as Google Groups. FTP and Telnet also both have secure counterparts - SFTP and SSH, which most responsible system administrators opt for in the interest of maximizing security. It's reasonable to assume that SMTP could be phased out and replaced with a newer, encrypted protocol just like the other protocols - or at least phased out enough that adoption of a more secure protocol would vastly outweigh the use of SMTP. I can envision a system like our domain system where ISP, Companies, and Universities who want Mail Exchangers have to register with a central registrar and (perhaps) pay a small fee for their mail exchange to resolve for other mail exchanges. The only way they permit a mail exchange to participate is if the software they use conforms to some stipulations 1) Only users in the same domain are allowed to send mail - no outside users 2) the mail is encrypted and each individual user has to have a unique signature or something - they can remain anonymous, but they must be authorized by the compliant mail exchange, which will limit how many anonymous users there will be. 3) There is a max send rate of like 100 mails per user per hour, or whatever reasonable number that would accomodate the largest number of non-spammers - above that the mail exchange starts paying fines, so there's an incentive to enforce no-spam policies in addition to the bandwidth incentive. 4) The user/agencyregistering their mail exchange has to be a real person. The central agency can suspend abusers and other people for sending spam, etc, This is just me imagining, feel to free to shoot me down, but I think if there was a pact, contract, and agreement among all secure mail exchangers to keep spammers out, we could fix the concept and use of electronic mail.

Re:in other news (2, Insightful)

gowen (141411) | more than 8 years ago | (#15454604)

Usenet is HUGE but it's not known about among the less experienced users
You make that sound like thats a bad thing.

I mentioned this some time ago (2, Interesting)

ellem (147712) | more than 8 years ago | (#15454323)

http://slashdot.org/~ellem/journal/104280 [slashdot.org]

Mail really is broken. It does not work as expected or as wanted by users.

Couldn't agree more (2, Insightful)

Weaselmancer (533834) | more than 8 years ago | (#15454704)

I've had people get pissed at me when I don't respond to their email. Reason I didn't respond is that it was sitting in a queue somewhere and I hadn't gotten it yet. Plenty of other examples I can think of but that'll do for now.

What we need is a locked out system. Something that doesn't interact with SMTP at all. True, people using that system could only email people in that system, but that wouldn't be a problem once it caught on. If you could guarantee delivery and zero spam, people would flock to it. Google could adapt Gmail to be that system inside of a half a year if they wanted to.

I know people would initially say "No way! How will I communicate with everyone I normally have to email?" Well...it'd be like when my friends discovered ICQ back in the late 90's. Everyone said "Hey...download ICQ and we can talk in real time." And eventually I did. And for a few years, I didn't do email at all (until ICQ died from bloat anyways). This new email system would be adopted just like that. "Hey, I know a messaging system that'll give you something like email, but zero spam and a guaranteed delivery time. Just download the client and make an account. It's great."

Wouldn't be hard to make, either. Just fix things so that you have to log in to send a message, and put something in your TOS that you cannot spam people. Also have an active admin system. Someone does something against the TOS, you yank their account. Maybe have a "report abuse" function built in to the client, or some such. Maybe something like Slashdot Karma. Enough complaints and your account gets locked for admin review.

And ditch relays - they're too hackable. Make each server isolated. We don't need to do the relay thing anymore. It was important "way back then" when you could only send email by queueing them up to transmit at 3am when the grad students finally get off the mainframe, but it's not like that anymore. Make the new system isolated. If you want to send email to someone@someserver.com, you have to have an account on someserver.com. And if you spam someone@someserver.com, they report you and you get locked out.

You could implement all sorts of good ideas into a system like this. Don't allow people to send more than 1 email every minute or two. Don't let people automatically get an account you the system - let them apply and then wait for verification to stop bots from making accounts.

It'd take more thinking and planning than what I've got here, but the point is that something more safe and secure could easily be made. I'd love to see it.

Time to ditch (5, Funny)

Carewolf (581105) | more than 8 years ago | (#15454332)

It's time to ditch reality. It's fundamentally broken and inherently insecure. We should have predicted that 13 billion years ago.

Re:Time to ditch (0)

Anonymous Coward | more than 8 years ago | (#15454510)

I think most /.ers have already ditched reality some time ago :)

Re:Time to ditch (1)

dotpavan (829804) | more than 8 years ago | (#15454658)

Krishna Dagli writes to mention an article..

Sources confirm that Krishna, unable to find the Submit button, emailed the story to zonk@slashdot.org

Re:Time to ditch (1)

RangerRick98 (817838) | more than 8 years ago | (#15454667)

"I reject your reality, and substitute my own!" -Adam, MythBusters

Re:Time to ditch (2, Funny)

Jargon Scott (258797) | more than 8 years ago | (#15454713)

...13 billion years ago.

I think you mispelled "6 thousand".
</id lunatic>

Finally, an idea to take down Exchange Server! (2, Funny)

LibertineR (591918) | more than 8 years ago | (#15454334)

They tried better, they tried different, who knew that the best way to destroy Exchange Server would be to just discredit email altogether?

Whatever works!

Re:Finally, an idea to take down Exchange Server! (1)

asobala (563713) | more than 8 years ago | (#15454716)

+1 Funny :-)

It's all for naught? (0, Offtopic)

jeffs72 (711141) | more than 8 years ago | (#15454336)

WTF? Is this another SMS is better proclamation? Email works fine. I want a record of my conversations, thats why I use email. I also want to use a full sized keyboard and decent spelling and grammar, which is why I don't type on my phone.

In conclusion, bite me, it's friday.

Re:It's all for naught? (0)

Anonymous Coward | more than 8 years ago | (#15454371)

... thats why I use email. I also want ... decent spelling and grammar ...

Yes, I can see that.

Re:It's all for naught? (0)

Anonymous Coward | more than 8 years ago | (#15454466)

Heh, nearly as good as the writer of the article.

I enjoy the thought of a spammer needing a giant Bewolf cluster...

Re:It's all for naught? (1)

nasch (598556) | more than 8 years ago | (#15454485)

WTF? Is this another SMS is better proclamation?
RTFA, SMS is not mentioned. Neither does the article actually advocate not using email anymore, contrary to the title.

Re:It's all for naught? (1)

Jeff DeMaagd (2015) | more than 8 years ago | (#15454501)

The article doesn't mention SMS.

Is there an SMS program for a desktop / notebook computer? Can you send a lot more than 200 characters per message with SMS? Then it's not really an alternative. I think even mobile phones resort to email to send pictures. I don't like the retarded shorthand that SMS encourages.

It might take years to design and ratify a new email standard and years to transition, assuming enough people go along with it. So many devices, services and programs use the current email standards, they will all have to be updated or replaced.

Or as we used to say. (1)

gowen (141411) | more than 8 years ago | (#15454338)

"Imminent death of the Net predicted. Film at 11."

Whoops... (2, Funny)

Lacota (695046) | more than 8 years ago | (#15454341)

FTP Dead? Riiight. Just like BSD.

Re:Whoops... (1)

Anonymous Monkey (795756) | more than 8 years ago | (#15454448)

If all this stuff is dead...are we the zomby hord?

Re:Whoops... (0)

Anonymous Coward | more than 8 years ago | (#15454531)

That's "zombie horde" you terd.

Re:Whoops... (1)

MysteriousPreacher (702266) | more than 8 years ago | (#15454657)

Not really. The technologies are the zombies and we're necromancers (since we toy with the dead). Finally I have something interesting to put on my resume.

Acronym soup. (5, Insightful)

khasim (1285) | more than 8 years ago | (#15454350)

From TFA:
Build an electronic identity. Encode, hash, encrypt, compress, sign, and provide a novel way to share keys when needed, for example. I don't know how this will all turn out, but perhaps yEnc, MD5, AES, H.264, and GPG are some potential technologies that could be used together.
So, he doesn't know how to fix email, but here is a list of acronyms to get you excited about it.

Sorry, but to be taken seriously, you'd at least have to have a basic framework already thought out. Just claiming that it's broken and maybe one of these TLA's that you've heard of might be used to fix it ... that's just junk.

Go back, think about it and then write a real article.

Re:Acronym soup. (1)

gEvil (beta) (945888) | more than 8 years ago | (#15454413)

It appears that his solution revolves around some heavily encrypted and encoded form of video messaging. Basically, any available processing power in our machines would be used so that we could have basic communication abilities. Since I don't really feel like upgrading my machines, I'll stick with email, including all its faults.

Re:Acronym soup. (2, Insightful)

fumblebruschi (831320) | more than 8 years ago | (#15454422)

I have to agree. Isn't it kind of a waste of time to devote 4000 words to describing a problem everyone already knows about, but offer no solutions beyond "Somebody needs to do something?"

Terry Pratchett observed that no one ever seems to follow the sentence "Somebody should do something" with the sentence "And that someone is me!"

Re:Acronym soup. (1)

SoapDish (971052) | more than 8 years ago | (#15454559)

Somebody should compile a list of observations from Terry Pratchett novels.

Trouvez l'intrus ! (1)

alexhs (877055) | more than 8 years ago | (#15454526)

> but perhaps yEnc, MD5, AES, H.264, and GPG are some potential technologies that could be used together.

> So, he doesn't know how to fix email, but here is a list of acronyms to get you excited about it.

It's quite blatant he doesn't know what he is talking about when you know H.264 is a video codec.

Oh, and yEnc is a binary to text encoder, like uuencode, so it hasn't its place here either.

Re:Trouvez l'intrus ! (0)

Anonymous Coward | more than 8 years ago | (#15454563)

Worse, yEnc is a coding mechanism specific to Usenet--it doesn't do a general 8 bit -> 7 bit transform, it just escapes three bytes significant to NNTP. (The idea is to assume that Usenet is 8-bit safe and thus not inflate everything enormously by using UU/base64.) More evidence that this guy is completely in the dark.

Re:Acronym soup. (2, Informative)

mypalmike (454265) | more than 8 years ago | (#15454589)

My favorite quote:

"A completely new, secure email system would be the internet's next big critical application. If it required IPv6 addressing, maybe secure email would also kill those ridiculous "tiered internet (http://news.bbc.co.uk/1/hi/technology/4552138.stm )" ideas with one stone. But I'm just thinking aloud."

Your ISP can throttle an IPv4 stream just as well as an IPv6 stream. And why would an email protocol "kill teh tiered intarweb"? Amazing stuff.

Re:Acronym soup. (1)

tedhiltonhead (654502) | more than 8 years ago | (#15454641)

Umm... H.264 is a video codec [wikipedia.org] :)

Re:Acronym soup. (1)

Jeremi (14640) | more than 8 years ago | (#15454693)

Sorry, but to be taken seriously, you'd at least have to have a basic framework already thought out.


So nobody is allowed to point out the email has problems until the solutions are already known? But if nobody is allowed to discuss the problems, how will the solutions ever be found?


Go back, think about it and then write a real article


This article is useful in that it gets people thinking about the problem. Now some clever person can come up with a proposed solution and post an article about it. That's how it works.

headline (3, Insightful)

gEvil (beta) (945888) | more than 8 years ago | (#15454354)

I realize basic language skills are a difficult thing for a slashdot editor to grasp, but come on! Rather than taking the title of the Register article and slapping a question mark on it, it makes a whole lot more sense to actually rearrange the words into the form of a question: "Has the Time Come to Ditch Email?" or even "Is it Time to Ditch Email?"

Re:headline (1)

nasch (598556) | more than 8 years ago | (#15454516)

I would say the time has come to ditch the question mark. I think we can probably figure out that it's just a headline and not the editor's position. They don't need to put a question mark on the end to maintain editorial neutrality.

Re:headline (1)

$RANDOMLUSER (804576) | more than 8 years ago | (#15454629)

Wouldn't you say the time has come to ditch the question mark? Don't they think we can probably figure out that it's just a headline and not the editor's position? Do they need to put a question mark on the end to maintain editorial neutrality?

Couldn't resist.

Re:headline (1)

Rob T Firefly (844560) | more than 8 years ago | (#15454548)

The title is an imperative statement erroneously ending in a question mark?

What's with that.

Use new technology? (3, Insightful)

dissolved (887190) | more than 8 years ago | (#15454355)

From TFA: "Use existing, proven technologies and a few new and novel ideas - starting with the latest encoding mechanisms, a reliable hashing algorithm, fast compression, strong encryption and signatures. "

So in 25 years time today's technology will stop 90% of communication being spam? Spam exists in the spite of the best efforts to stamp it out. Whatever we do it'll be the same. Writing an article full of buzzwords and hypothesis doesn't really help a lot.

PGP (1)

oliverthered (187439) | more than 8 years ago | (#15454359)

It look like the author of the artical should look at getting his friends to use PGP and then filter out all messages that aren't signed with known signitures.

Unless your friends are terrorists that's going to be easier said than done.

Re:PGP (1)

arivanov (12034) | more than 8 years ago | (#15454513)

PGP is close, but no cigar as it works at MUA, not MTA level.

The domainkeys draft: http://www.ietf.org/internet-drafts/draft-delany-d omainkeys-base-04.txt [ietf.org] is a much closer approximation of what is needed here as it also describes the way this fits at the MTA level.

There are also some obvious ways to build on this draft as far as trust chain management, but it will be better if they do not get in the draft and the draft is accepted "as is" for now. All other reasons aside, better to have an RFC to build on instead of having another draft-martini where there are 10 RFCs out before the original draft settles.

So to summarise the original article is an absolute POS. The person writing it did not even bother to check if the work is being done by someone else and if there is someone big enough out there using it (yahoo).

Isn't it time to ditch cars? (1)

suv4x4 (956391) | more than 8 years ago | (#15454361)

Heard of that cool new things Segway?

Insightul +10 (0)

Anonymous Coward | more than 8 years ago | (#15454363)

The author of the article isn't planning on ditching the e-mail anytime soon. A fact.

At best he might not subscribe to any new pop3 accounts or actually read them, but he WILL be writing email.

It doesn't take a genious to notice that there is a lot of spam moving around, if this is news I got some news of my own to report: water is most of the time wet.

Yeah OK! (1)

LordHotDog (831575) | more than 8 years ago | (#15454404)

Wow news flash email is dead, but wasnt the news also saying that they think they found Jimmy Hoffa, oh wait they've been searching for him for years....So i guess email is dead but will live on for at least another 30 years.....

It's just complaining until... (1)

DrKC9N (895806) | more than 8 years ago | (#15454405)

...you've got a better option. If we get rid of e-mail, what will take its place? What protocol will be written? What standards will be created? What specs should be mandatory and what bells-and-whistles are desired? Like we've all heard from our bosses, "thanks for pointing out this problem, now give me a solution by next week." Otherwise, we're just whining about what is without substituting what should be.

This kind of finger-pointing happens every day: think about the problems with current automobile technology. Pollution, energy problems, petroleum issues, prohibitive costs. And we hear about all the evils of the internal combustion gasoline engine every day. But people who show us all the problems without giving us the solution(s) are *gasp* politicians. TFA offers precious little in the way of solutions, and has a very political air about it.

The better question is: if we wrote the standards for the new e-mail today, what would it be? The sky's the limit, but we need engineers to actually make it happen.

inane (1)

BillFarber (641417) | more than 8 years ago | (#15454407)

I'm sorry, but that's an inane premise. That's like saying that cars are broken because there's so much traffic.

Re:inane (1)

Jeff DeMaagd (2015) | more than 8 years ago | (#15454557)

That's like saying that cars are broken because there's so much traffic.

That depends. In reality and in the metaphor, cars are often misused or overused, they take a lot of space, pollute and are generally very inefficient. The entire infrastructure needs to be updated to provide more acceptable mass transit, especially for many urban areas. There are several cities that have become major "no car zones", at least one in Canada, several in Asia and the EU.

Re:inane (1)

winnabago (949419) | more than 8 years ago | (#15454580)

Cars, or rather the system under which they operate, are in fact broken. Most of us drive both ways to the office, likely with three perfectly good seats empty, and for hours a day [census.gov] . Is this not because the inherent design of cars (capable of high speed, size, materials used, comfort) pushes us to use them more and devote more space to the road?
The convenience of email makes its problems more severe. Nobody wants a trade off for that.
I think the inverse of your analogy may be correct.

BSD is dead, too. (1, Funny)

Anonymous Coward | more than 8 years ago | (#15454409)

Don't forget computers, they're on the way out, antiquated beasts.

Father of Sendmail (2, Interesting)

totallygeek (263191) | more than 8 years ago | (#15454430)

I recently had an opportunity to meet Eric Allman. He had people in his office, so I did not get to say hi. Afterward, I thought if I met him, what would I even say? I figured there would be an equal number of praises and complaints.

For the record: smtp rules.

Re:Father of Sendmail (1)

MrSquirrel (976630) | more than 8 years ago | (#15454541)

The beauty is in the simplicity. Messages are extremely small so it helps congestion (traffic would be better if everyone drove a Geo Metro versus if everyone drove a stretch Hummer) - even on 33.6 kbps I was able to read e-mails like mad. The article proposes no solutions, just buzzwords and "we have the technology" babbling. Yeah, we have the technology to layer encryption on and assign keys to every e-mail address we want to communicate with and have a reverse-DNS lookup and this would help to reduce spam... but it would never stop anything... not spamming, viruses, phishing, or anything else the author mentioned. It would, however, increase the size of e-mails and make e-mailing a hassle. SMTP is a great technology; it's simple and it works -- I don't foresee anything better in the near future.

I don't use email in the office (2, Funny)

Rik Sweeney (471717) | more than 8 years ago | (#15454433)

I express myself verbally when "talking" to the other developers:

FIX YOUR FUCKING CRAPPY CODE!

I also use sign language, but I don't have much of a grasp of it and stick to the usual middle digit up in the air.

If it ain't broke... (5, Insightful)

Just Some Guy (3352) | more than 8 years ago | (#15454436)

SMTP still works exceedingly well for its purpose. Understand this: spam and viruses will propigate through any message transfer protocol that will ever be invented. We already have effective technologies [freesoftwaremagazine.com] for filtering that stuff out of SMTP traffic, but if admins can't be bothered to implement them for their customers, I don't know why they'd implement similar measures on other protocols.

Put another way, if you run your own mailserver and still get spam and viruses, it's because you haven't chosen to address the problem. If you use someone else's mailserver and still get spam and viruses, it's because they haven't chosen to address the problem. Nothing stands between you and a clean inbox but motivation, whether your own or your ISP's.

And no, broken hacks like DJB's "Internet Mail 2000" will never get real-world acceptance as they make it as difficult for legitimate bulk senders to broadcast as for spammers. SMTP is here to stay as the standard method for (somewhat) reliably routing messages between people on unaffiliated networks. Replacing it with a similar system with new pitfalls isn't the answer we're looking for.

Re:If it ain't broke... (1)

nasch (598556) | more than 8 years ago | (#15454551)

Understand this: spam and viruses will propigate through any message transfer protocol that will ever be invented.
How do you know?

Re:If it ain't broke... (1)

Just Some Guy (3352) | more than 8 years ago | (#15454652)

How do you know?

I have faith in the unlimited creativity of ethically challenged people. Beyond that, though, ask your local mathematician, cryptographer, computer scientist, or philosopher whether it's theoretically possible to design a perfect communications system that reliably delivers all wanted messages and no unwanted messages. Short answer: no.

Re:If it ain't broke... (1)

LewsTherinKinslayer (817418) | more than 8 years ago | (#15454687)

there's plenty of spamming done even on other kinds of communication mediums to back up your theory.

i concur.

E-mail hath it's advantages (1)

b0s0z0ku (752509) | more than 8 years ago | (#15454437)

For one, it's simple to set up, doesn't require a dongle/ID, and it works 99.999% of the time. What we need is better spam recognition software bundled with OS's and mail clients so that people use it by default. If spam can't get through to most people, the sending of spam will become unprofitable and the problem will resolve itself fairly quickly.

The solution to most phishing scams is to use a text-based e-mail client. No click-thru links means you can see the end URL and disbelieve it if it isn't the actual bank site. If it *is* the actual bank site, the bank has got bigger problems than you :(. Actually, HTML e-mail is generally annoying - e-mail should be restricted to straight ASCII or Unicode text whenever possible.

Large attachments would actually be better off being replaced with a Web-based system (i.e. paste this text into your browser and enter this password), since that would minimize transfer time of the e-mail itself.

-b.

Wrong (1)

supra (888583) | more than 8 years ago | (#15454443)

The only "extra" layer on SMTP is anti-spam technologies.
Fixing the e-mail protocol does little if anything for anti-virus, anti-phishing, anti-spoofing cumbersome encryption technologies, etc as they are not solely e-mail targets. For example, there's nothing specific to e-mail which invented viruses. Thus, there's nothing to fix in e-mail for viruses.

Viruses (1)

b0s0z0ku (752509) | more than 8 years ago | (#15454572)

Viruses don't spread because of e-mail per se.

They spread because of e-mail clients that are designed by people who shouldn't even be designing a Big Mac behind the counter of McDonald's. Attachments shouldn't be automatically decoded/downloaded/executed/read. Period. End of story.

And people who execute attachments from people whom they don't know or trust, or which are obviously automated get what they deserve, I guess. They'll probably learn the second time 'round, anyway.

Anyway, there are far more efficient mechanisms to spread viruses and worms, like for example using known, unrepaired vulnerabilities in services running on ports exposed to the Internet. (Cue story of unpatched SBS 2003 box getting Sassered within 2 min of being plugged in.)

-b.

Security starts with the user (1)

Enigmafigment (978746) | more than 8 years ago | (#15454454)

In this time of hackers and coders there is only one real solution to any mass communications system that is based via the net. Security issues in communications systems are basically at the descripcincy of the user. If you have an email, im, or anything of that manner that you seem to be suspicious dont read it, dont download attachments, dont follow the damn link. I mean really, its not like email is secure, but its not like someone can give you virus in the email without you ever opening it. Its a plan line, and poeple just can get it through their head that the internet is no different from the world when it comes to the users. Also on a side note, maybe if the whole damn world wasnt reliant on one single security flawed OS this wouldnt happen, as i always say windows based malicious code most likely wont ever effect me, i use FreeBSD. Long live UNIX and all things good that come from it. "Some people think these questions are hard, I don't... ... These questions all have answers."

Let's Ditch Email... (1)

creimer (824291) | more than 8 years ago | (#15454463)

And replaced it with Slashdot! Anonymous Cowards of the world rejoice!

Talking about the devil... (0)

Anonymous Coward | more than 8 years ago | (#15454706)

Your sig shows well why e-mail is dead: it tried to mess with Chuck Norris.

Interesting... (1, Interesting)

Digital Dharma (673185) | more than 8 years ago | (#15454473)

Kind of like telling the world we need to ditch cars as our primary mode of transportation because of the evils of pollution...

Well, one surefire way to lock it down would be to make it a closed system... (waits for incoming fire)

Whilst TFA is correct... (1)

DarthChris (960471) | more than 8 years ago | (#15454474)

...in that email is terribly insecure and easy to fake, it's all to easy to forget that there is no such thing as a perfect system. Someone will always find a way around no matter what you do.

I think fundamentally, the biggest problem is how easy it is to fake - you just put false headers in the message and most people will believe it's from who it claims to be from. I'm no security expert - anybody care to suggest how this could be done?

I wish it was still the 80s! (2, Insightful)

Anonymous Coward | more than 8 years ago | (#15454489)

Who's the first one who wants to actually do it?! Go ahead, ditch e-mail! Yeah sure, I'm sure that will happen! I wish I could go back to the eighties when doing IT jobs was still fun. We had no e-mail back then. No cell phones either. You could read the newspaper and smoke a cigar on your lunch break. We used to go to the restaurant in downtown and eat lunch there. There was no hurry and we fucking knew every single piece of our systems we administrated back then. Now it's impossible to know everything and now it's constant fucking rush every single moment!

no, the time has come for anti-spam treaties. (3, Insightful)

plasmacutter (901737) | more than 8 years ago | (#15454491)

As much as I hate to admit it, copyright treaties have been extremely successful in perpetuating the DMCA.

why not use it for something beneficial for a change, and introduce treaties to the UN for the harsh enforcement of anti-spam measures.

Once the international safe havens are removed or severely curtailed, there will be less of it, and everyone but the ad nazis and the "big data" industry which has arisen to serve them will be better off.

Right...... (5, Insightful)

Puls4r (724907) | more than 8 years ago | (#15454498)

And of course, the NEW system won't be vulnerable to ANYTHING - right?

No, wait, let's think that through. Let's take video games as the paradigm. Every year companies spend upwards of 20 million per video game. Every year, they come out with the newest, latest, greatest in copy protection. This copy protection is only limited by their imaginations (and the hardware). And yet days after release, and sometimes prior to release, their code is hacked, cracked, and distributed.

This author somehow thinks that going back and redoing everything will fix it. The author is naive.

Call my analogy a bad one if you will, but the SECOND you put ANY type of system into the hands of the criminals / spammers, they will find ways to exploit it. This is proven time and again.

How exactly does this new email system stop phishing? Oh, right, it can't. Have a link, go to a malicious website, etc. How exactly does this new email system stop users from clicking executables thinking that they are going to see nudie pictures of Katie Holmes? They don't. How does this new email stop virii? It won't.

Encrypt your email if you want security. Password protect your account. Use filtering to dump spam before you read it.

OH, and I forgot to mention - I'll be sending you a snail mail letter that looks completely official. It's about a man I met in Nigeria, who has some money he'd like to give you.

Yeah, right... (2, Insightful)

zeromemory (742402) | more than 8 years ago | (#15454509)

Since we're thinking about ditching email, when are we going to ditch snail mail?

Anyways, these suggestions for improving email are full of fancy features (hashing and compression!) but all they really serve to do is complicate the protocol. Right now, SMTP is so simple that it can be implemented by the tiniest of embedded systems. Take that away and whatever protocol you come up with probably will never be as popular SMTP.

Besides, most of these proposed changes don't do too much to prevent spam without any of the questionable side-effects encountered with the current proposals to counter spam (ex., lost of anonymity, cost, proving identity a la SSL certs)...

These aren't problems. (0)

Anonymous Coward | more than 8 years ago | (#15454525)

Most of the "problems" associated with email either aren't really problems, or are easily avoided.

When it comes to spyware, viruses, etc., the easiest way to eliminate such problems is to not use Windows. Between Solaris, Linux, BSD, Mac OS X, and any number of alternative systems, one can surely have a system that isn't vulnerable to such problems (and likely never will be).

Of course, there is much in the way of filtering systems that will eliminate the vast majority of such malicious software.

To prevent phishing and obscene images, use mutt or pine, or disable HTML and the loading of images in your graphical email client. With some added care (ie. looking at URLs before blindly clicking) and thinking twice before giving over sensitive data, an issue such as phishing is rendered irrelevant.

As for spam, it's easily combatted using one of the many (and often open-source) filtering systems out there. You can even chain several filters to ensure the quality of the mail you receive.

Email works great. With some care and understanding, anyone can have a great email experience. You just have to make sure you use a decent client, proper filtering, and suitable behavior.

It's really not much different from driving; use some simple, sensible precautions, and you'll avoid basically all problems. And remember, almost everyone can drive.

uh huh... (1)

Heem (448667) | more than 8 years ago | (#15454527)

ya know, In Korea, only old people use email.

Applying the article logic to regular mail... (5, Interesting)

TINGEA77 (935076) | more than 8 years ago | (#15454552)

If I'm to apply the same logic to regular mail, well, regular mail is doomed too; it's full of phishing, spam, and spoofing. I guess I'm not sending anything by mail from now on!! Duh!

If you get a letter from a car dealer stating that you won $3000 in credit if you buy one of his cars, do you automatically go and buy one? NO. Same thing goes for email, you don't open all emails and follow all links blindly.

The problem is with educating people how to use email and the Internet as a whole. When enough people stop being click-happy... spamers will lose interest as no one will be paying for such a service, and phishers/spoofers won't find enough people to fall for their tricks.

Simply, educate people about this powerful tool before you through them in! this is not only for email, it goes for anything to do with the internet and any form of communication as a whole.

Just my $0.02.

The problem is spam, not e-mail (4, Insightful)

rueger (210566) | more than 8 years ago | (#15454555)

I find that the people who gripe loudest about the problems with e-mail are the ones who have poor or no spam filtering.

I guess I'm lucky that I have an ISP [magma.ca] who takes spam blocking seriously, using a combination of Brightmail and a user configuarable Spam-Assassin install that seems to block 98% of spam and which has virtually no false positives. On the weeks when I monitor it, they may mis-label one in several tens of thousands of messages, usually from mailing list or other source that just barely triggers the filter.

Most people assume that the lousy, error prone spam blocking offered by many ISPs is the best than can be acomplished. That's simply not true.

Unlike the article author, I still find e-mail a reliable and essential tool, and can't see a need to make significant changes at this time.

Depends what you do with it (1)

Intron (870560) | more than 8 years ago | (#15454565)

The article says that email is a problem because you can't take an inscure, open form of communication and use it for secure, private stuff. How insightful.

I must have 6 email accounts. What's wrong with adding a secure, whitelist-only account that I use for all communication involving banking, law, etc? Secure mail protocols already exist. This could be a value-add service for ISPs to do the hard parts. All it needs is an extra step when I want to add allow a new sender, that they provide their mail server. SPF could be used to automate that.

I believe they said this... (1)

Billosaur (927319) | more than 8 years ago | (#15454566)

...about the US Mail and look how well it... never mind...

Seriously, this is old news. Very old news. What is everyone waiting for? If someone were to lob a few million USD my way I'd put together a legion of highly-talented programmers and we'd go out, write some new, more secure protocol and be done with it. Anyone got some venture capital lying around they're not using? It's all fine to argue that there are more secure email systems and talk about signing emails to make them more trustworthy, but it's all basically an outgrowth of the current system. Email needs to take that next leap, like computers did when they went from being the size of rooms to fitting on your desktop.

proper DNS (0, Troll)

SuperBanana (662181) | more than 8 years ago | (#15454569)

All sorts of brilliant, talented people today put far more work into fixing SMTP in various ways (with anti-virus, anti-phishing technologies, anti-spam, anti-spoofing cumbersome encryption technologies, and much more)

It's funny how many of these problems would be at least partially solved by proper DNS.

Postfix, for example, can be configured to be varyingly anal about how closely the reverse lookup matches HELO, the MAIL FROM domain, etc. SPF extends the concept.

hit enter too soon, oops (0, Redundant)

SuperBanana (662181) | more than 8 years ago | (#15454676)

It's funny how many of these problems would be at least partially solved by proper DNS.

...and postfix checks, blah blah. The reason these CAN'T be enabled, and I have tried on a volunteer site I help run- is because many major internet service providers don't have proper forward and reverse DNS set up for their mail clusters. A certain major cable company in Florida comes to mind; a list member spent 2 hours trying to explain to the tech support grunts that the problem was that a machine in their outgoing mail server cluster didn't have a reverse IP address. They kept trying to troubleshoot DNS on HIS computer, despite his pleas for them to just forward his report to the infrastructure guys- that they would understand. We kept running across these bozo internet service providers, and had to give up.

Aside from that...when I enabled just "HELO domain must match the domain of the hostname found by reverse lookup", spam volume dropped by over half. Enabling "MAIL FROM must match" cut it even further, since almost all spam claims to be from something else.

Insecure about insecurities? (1)

haggishunk (964995) | more than 8 years ago | (#15454576)

The author speaks about the staggering amount of criminal activity to which email (synonomously linked to the SMTP protocol) is susceptible. Rather, I'd say, those perpetrating the criminal activity are using the means of email. Sadly (or maybe hopefully!), those that wish to do a thing can always find a way. Seep in through the cracks, right? Go ahead, find a way to create a thing with no gaps, with no discontinuities to exploit, and then find me. I have a wonderful job for you.

He needs to get his facts straight (0)

MImeKillEr (445828) | more than 8 years ago | (#15454601)

And email is a terrible mess. It's dangerous, insecure, unreliable, mostly unwanted, and out-of-control.

How the hell does he come to this conclusion?

According to http://email.about.com/od/emailtrivia/f/how_many_e mail.htm [about.com] there are an estimated 1.1 BILLION email users world-wide. That's an average of 1 out of every 6 people.

Here We Go... (1)

eno2001 (527078) | more than 8 years ago | (#15454670)

... all the people who have no experience with programming are going to jump into this saying how they would do it much better. "SMTP needs to be rewritten!!", is the rallying cry. I've seen it before when spam first started making an appearance and now we're going to see it with a vengeance. The worst thing is that most users think of e-mail as JUST e-mail. They have no idea that their inboxes are held on a POP3, IMAP or possibly other proprietary server. So when they start crying out about spam they want it taken care of at their inboxes and that's what we're going to hear about here on /. This is quite typical. The truth is that there is NO answer to this problem anymore than there was an answer to telemarketing. Short of getting a private number, you can't keep tlemarketers from calling you without getting into legislation (the Do Not Call list). So you could get an "unlisted" e-mail address concept going so that only your family and friends would mail you... but that STILL wouldn't work. Want to know why? Because e-mail addresses are NOT telephone numbers. When was the last time you wanted to let a bunch of people know about something by phone? You called all of them and told them what you wanted them to hear and THEN you gave them a list of everyone else's phone numbers you were going to call or had already called. Did you ever do that? I'm guessing the answer is no. Well, with e-mail that's what a lot of people do each day when they forward on those jokes, or interesting blog links, or news articles. And all it takes is for one of those people to get their machine infected with something that harvests their address book. Bam! Your private e-mail address is no longer private. Short of running your own e-mail service on your own darknet via VPN that only your relatives and friends have access to, there is NO solution to this problem. Only a set of workarounds that have a fair amount of success. I'm not kidding.

A bit huffy, aren't we? (0)

Anonymous Coward | more than 8 years ago | (#15454682)

The number one issue I have at work with e-mail is spam. You can easily knock out 75% of it by simply requiring the remote SMTP server to have a PTR record. You can eliminate the remainder by collecting samples of spam messages, and doing a domain record look-up on the IP of the last relay. If it belongs to a spam company (come on, their names just stand out), then block their whole allocation range with your firewall. Filters are silicon snake-oil, and they result in a lot of frustration from my staff.

The problems I see with e-mail are that people treat it like a formal communication, equivalent to a written memo, for example. Bzzzt! Wrong! It fits in the same category as a phone call. I can see why people misuse it, since sometimes it makes a better fax than a fax. Also, a mail spool is also NOT a permanent document archive.

I've given a lot of thought to e-mail issues this past year, since spam volume went up about 3000%. (It tapered off? Yeah right!) My experience with other users' "spam filters" has lead me to believe that an open system is the only one that's going to work. The combination of lookups and firewall rules has helped tremendously, and if things somehow get worse, I can always split usage between an internal-only and external-only server.

NNTP fell first and email change is slow (1)

chamilto0516 (675640) | more than 8 years ago | (#15454686)

I kind of knew NNTP was dead when all the "community" websites were starting to putting up software like vBulletin [vbulletin.com] , Yahoo! Groups [yahoo.com] and such. Communities, or people with a common topic to discuss, had to flee NNTP because they were first hit by spam [mailmsg.com] . But this turn from NNTP to self control seems to be way easier than Email 2.0. Being in sales, I will always need a way to give someone a business card and have them email me as easily as possible. I can't see a way around this right now that doesn't keep the doors open for spammers.

Maybe a seperate email system could be phased in over 10 years that does not connect to the original that where participaints are certified and heavily fined for not controlling spam. I would make space on the business card for this second address. This would prevent gateways but I bet our company would switch over if the cost was right.

However, I can see from the PKI movement that changing email is a very slow process and friction is easily dismissed and disguarded. I am a PKI user/nut myself and the mailers and standards are still a bit of a problem.

really??? (1)

warrior_s (881715) | more than 8 years ago | (#15454703)

Time has come to stop using automobiles... Gosh.. so many accidents happen every day.. so many criminals use cars... so many people are run over by speeding cars... man we shouuld ditch automobiles now... yeah right.

Curb Spammers (4, Insightful)

Robber Baron (112304) | more than 8 years ago | (#15454705)

What somebody needs to do is curb the fucking spammers!

And I don't mean "curb" as in curtail their activity, I mean "curb" as in stick their fucking heads on a curb and stomp on them!

Email is like the phone system (1)

VincenzoRomano (881055) | more than 8 years ago | (#15454711)

So it'd be quite hard to avoid spam, phishing and other nasty stuff.
Because it's not supposed to be based on invitations or similar constraints.
Better protocols and implementations are welcome, of course.
But changing the email system is quite likely to kill it.

It's also time to put an end to cars! (1)

The MAZZTer (911996) | more than 8 years ago | (#15454727)

I mean, someone with the right knowledge can break into your car and steal it before you even know it's gone! And then we have drunk drivers, car accidents, and loads of other problems. Never mind that not everyone can take public transportation, AWAY WITH CARS.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?