Security problems in new De-Mail service?
Experts cited serious security risks on Wednesday in Germany’s new De-Mail system, which is set to let users send official letters and documents over the internet starting next year, reports The Local. The article continues:
The government aims to use the system to banish the need to use printed pages for sensitive material such as letters and documents to lawyers, banks and government officials. Though it’s not set to go into full effect until 2011, major German email providers began registering customers earlier this month ahead of final government approval.
But IT expert for the country’s federal lawyers council (BRAK) Thomas Lapp told daily Frankfurter Rundschau that he believed the system was not secure.
“I have serious doubts about the De-Mail law,” he told the paper. “The security gaps cannot be overlooked.”
The problem lies in how servers must briefly decrypt documents for processing, he said, likening the process to a letter opened at least twice and then placed in a new envelope on the way to its destination.
“The promise to be as secure as a letter is therefore not kept,” he told the paper, adding that it would theoretically possible for hackers to copy or manipulate documents if they gained access to the system.