A number of ISPs in the US and Thailand have recently been spotted actively removing encryption from their customers’ data sent to email servers, the Electronic Frontier Foundation warned on Monday.
The ISPs are doing it by removing from the customers’ data the STARTTLS flag, which is used by email servers to request encryption when talking to another server or client.
“By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted,” explained EFF technologist Jacob Hoffman-Andrews. “This type of STARTTLS stripping attack has mostly gone unnoticed because it tends to be applied to residential networks, where it is uncommon to run an email server.”
Unlike PGP and S/MIME, STARTTLS does not provide end-to-end encryption, but just server-to-server. Nevertheless, it has some advantages over the former:
- It protects metadata (subjet lines, TO, FROM, CC and BCC fields)
- Users don’t have to do anything for it to function
- An email server with STARTTLS can provide Forward Secrecy for emails.
Combining all these technologies together – and it can be done – provides more security.
Unfortunately, as we see now happening, the STARTTLS flag is easy to spot (it’s not encrypted) and interfere with.
“It is important that ISPs immediately stop this unauthorized removal of their customers’ security measures,” says Hoffman-Andrews. “ISPs act as trusted gateways to the global Internet and it is a violation of that trust to intercept or modify client traffic, regardless of what protocol their customers are using. It is a double violation when such modification disables security measures their customers use to protect themselves.”
He also shared that the EFF is working on improving STARTTLS with STARTTLS Everywhere, a tool that will require encryption for servers that are already known to support it.