cancel
Showing results for 
Search instead for 
Did you mean: 

Secure Email (Again!)

Kwak
Grafter
Posts: 85
Thanks: 2
Registered: ‎05-11-2007

Secure Email (Again!)

If I reply to this in one of couple threads below on this it'll be less obvious there is a demand for it. - there is a demand for it.
Please implement this! Sorry, but how hard or costly can it be?!
Channel 4 news this evening touched on this very subject today, by showing spoofed wifi sites + packet sniffing and then getting the personal info from phones on wifi connections. Not just email but email was obviously a part of it. Watch the article that's 40 minutes in on 4OD if you want.
Extacting our plusnet userID/Password would be easy peasy for even the most useless of hackers. Many on this forum have pointed this out over a number of years.
How many of your customers now have phones/tablets etc set up to get their plusnet email in the clear (as there is no other way) and have no idea at all that when they use open wifi in the pub,street, hotel, anywhere - they are throwing a security dice that all their emails are now available for anyone to read, until they change their password, which might be in 10 years time?
How many customers would be happy with this?!
34 REPLIES
Community Gaffer
Community Gaffer
Posts: 17,682
Thanks: 665
Fixes: 167
Registered: ‎05-04-2007

Re: Secure Email (Again!)

It's something that personally I'd love us to do, but there are no official plans for this.
Quote
How many of your customers now have phones/tablets etc set up to get their plusnet email in the clear (as there is no other way) and have no idea at all that when they use open wifi in the pub,street, hotel, anywhere - they are throwing a security dice that all their emails are now available for anyone to read,

Even if we did offer it, I'd be very very surprised if there was a large uptake in it. Most people wouldn't change their settings unless something stopped working.
If this post resolved your issue please click the 'This fixed my problem' button
 Chris Parr
 Plusnet Staff
Superuser
Superuser
Posts: 13,047
Thanks: 4,337
Fixes: 26
Registered: ‎22-08-2007

Re: Secure Email (Again!)

Chris,
But at least there would be a choice.  Take up could be encouraged by communication of its availability to users with an explanation of the benefits / clarification of the risks of not using it.  Ignorance of the risks by possibly the majority of users is no excuse for not providing the feature.
What is the cost / effort?  Has it been assessed?  Would its implementation (along with phasing out non-secure access) make PN's servers more secure against being hacked?  Why is there reluctance to fulfil this request?  Does PN consider it to be unnecessary?
Cheers,
Kevin
Community Veteran
Posts: 26,746
Thanks: 959
Fixes: 10
Registered: ‎10-04-2007

Re: Secure Email (Again!)

They are probably not upgrading it because, like so many of the other extras that used to be included for new users, they are planning to stop offering email at some stage in the future.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
Superuser
Superuser
Posts: 13,047
Thanks: 4,337
Fixes: 26
Registered: ‎22-08-2007

Re: Secure Email (Again!)

Jelv,
Possibly a cynical thought there - is there really a market for an Internet connection only service?  It would certainly be a new paradigm akin to a wires only service (broadband without POTS) from BTOR.
I guess that would pass all email business to the likes of gmail or hotmail.  Imagine the difficulty in getting support from them when things go wrong!  It would be a very sad day to see the demise of an email service from PN; personally I'd prefer to pay a bit more and enjoy the usually responsive support from PN.  Google don't even have a support service - I've ever received a response to a problem query from them.
Cheers,
Kevin
Community Veteran
Posts: 5,472
Thanks: 292
Fixes: 4
Registered: ‎11-08-2007

Re: Secure Email (Again!)

Quote from: townman
Jelv,
Possibly a cynical thought there

Not really, when this subject came up before a few years back, the official line was something like -
email is not a core service that the customer pays for and should be treated as a free extra feature with your package, and as such Plusnet don't guarantee the operation of the service or take responsibility for handling or storing your emails.

The moral of the story is if you want reliable and secure email then sign up for a decent service elsewhere - as I have done with 1&1   Cool
[Moderator's note by Adie (dvorak)  Referral identifier removed as it is against the spirit of this Forum Rule ]
Moderator
Moderator
Posts: 27,341
Thanks: 1,893
Fixes: 174
Registered: ‎14-04-2007

Re: Secure Email (Again!)

Personally I think that broadband and email are intimately linked in most people's minds and automatically believe that with the former comes the latter.

Customer and Forum Moderator. Windows 10 Firefox 64.0 (64-bit)

Community Veteran
Posts: 5,472
Thanks: 292
Fixes: 4
Registered: ‎11-08-2007

Re: Secure Email (Again!)

I think ISPs are to blame for that, because once customers have told all their email contacts their ISP specific domain name, then the customer has yet another reason not to leave - as the effort in updating hundreds of email contacts could be too daunting.
People should sign-up for their own portable domain name, and use that for their email address.
That way you are not tied into an ISP, and you won't get SPAM filtered by email clients that dump hotmail and google mail addresses.
If you are looking to get your own domain name, then there is a good tool on 1&1 to see what is available.   Cool
jim:red Referral identifier removed as it is against the spirit of this Forum Rule mod:end
Moderator
Moderator
Posts: 27,341
Thanks: 1,893
Fixes: 174
Registered: ‎14-04-2007

Re: Secure Email (Again!)

I've had my own domain for years....as has my daughter.

Customer and Forum Moderator. Windows 10 Firefox 64.0 (64-bit)

Community Veteran
Posts: 38,460
Thanks: 1,031
Fixes: 62
Registered: ‎15-06-2007

Re: Secure Email (Again!)

Quote from: purleigh
The moral of the story is if you want reliable and secure email then sign up for a decent service elsewhere - as I have done with 1&1  Cool
I have a few email addresses with 1&1 and they are the only ones where nasties get through. Fortunately Kaspersky always (up to now) jumps all over them. So don't think the filtering is as good as Plusnet's
Note I don't have anti spam activated on those as that doesn't seem to be a problem
Superuser
Superuser
Posts: 13,047
Thanks: 4,337
Fixes: 26
Registered: ‎22-08-2007

Re: Secure Email (Again!)

Strat,
I think 99% of users would agree with your view - an Internet connection naturally comes with an email service.

Purleigh,
From personal experience (albeit quite sometime ago) 1&1 are expensive for what they supply and support is not overly good.  But all of this is somewhat off topic here.
DaveyH
Seasoned Pro
Posts: 1,458
Thanks: 263
Fixes: 9
Registered: ‎15-11-2012

Re: Secure Email (Again!)

I don't understand why people use ISP email, especially as its common to constantly swap ISPs, chasing 'offers'
And email isn't really 'secure' unless its encrypted end to end with keys you control, and that's a PITA for users to implement/use
kmilburn
Grafter
Posts: 905
Thanks: 2
Registered: ‎30-07-2007

Re: Secure Email (Again!)

It's not a question of the email being secure between source and destination,  but the connection between the user and the ISP where the username and password are exposed,  plus any email trasferred,  being read by anyone with inclination and a suitable packet sniffer.
As for using the ISPs email, with you own domain name, Plusnets email system is very convenient and has the advantage of being very close.  It's not subject to the US Patriot act, and they don't harvest the email for advertising purposes.
Kwak
Grafter
Posts: 85
Thanks: 2
Registered: ‎05-11-2007

Re: Secure Email (Again!)

Quote from: kmilburn
It's not a question of the email being secure between source and destination,  but the connection between the user and the ISP where the username and password are exposed,  plus any email trasferred,  being read by anyone with inclination and a suitable packet sniffer.
As for using the ISPs email, with you own domain name, Plusnets email system is very convenient and has the advantage of being very close. 

Precisely, couldn't have put it better myself. And as for some posts above : even if you have a domain, you have to have something acting as your email server, your ISP if it's email is reliable enough is probably the obvious choice. I'd consider email an important part of the service.
PhilHawker
Dabbler
Posts: 15
Thanks: 4
Registered: ‎30-06-2011

Re: Secure Email (Again!)

Lack of any email encryption or real security is my #1 (probably only) issue with the PlusNet service. It's the only thing stopping me recommending PlusNet as an ISP to friends, it must cause many support calls from people spooked by the multiple warning messages when setting up email clients (especially on Apple devices) and is massively frustrating when traveling and trying to use external networks which block unencrypted SMTP delivery.
It is - as others have repeatedly commented - the most horrendous security risk.  With access to your email any miscreant can take control of any service which emails forgotten or replacement password reset links. Your main email password should by the most secure, holy grail of all passwords and it's appalling that PlusNet have left things in this state for so long, especially as many of the PN techs seem keen to actually fix the problem.
There are many ways to fix this without breaking existing user accounts - alternate host names for the SSL service would seem the simplest?
PLEASE can you fix this!