Tell me why

Initiated by the Snowden affair 2013 I had a great expectation about the fightback the digital community would send against spying on us. But as two years had passed and nothing had happened I have decided to try to realize measures to support security myself. When I began my work I thought like most people think up till now. Now I know that the espionage on us by secret services is just one aspect. Much more important is the fact that unsecured email is totally fakeable and the recipient will recognize this when it is too late. Most people think that the email header is a liable information. This is a fallacy and this delusion will cause that more and more people will fall into the giant trap the email system is. Nowadays a few criminals know about this trap but they sharpen the sticks they have placed at the bottoms of the pits. We are just at the beginning of digital crime but governments like to prevent security to ensure controllability. This attitude is not logical. As any information might be faked, any information gained by spying is worthless, too. To make it even worse: As long the myth of reliability will last people could be prosecuted on foisted messages. It is urgent and it will be more urgent to secure the email system. Email is the mostly used gate criminals use to place their attacks. This can be phishing attacks (to obtain PINs or passwords) or attacks to implant trojans (small malicious programs). Nowadays these are the main evils and to fight them is overdue.

To secure comprehensive cryptologically not much effort is needed. I emphasize that cryptology consists of two parts: encryption and securing the sender's identity. Most people do not imagine that they can become victims because they never communicate secrets and everyone might see what they communicate. But if a recipient does not recognize that he has been attacked by faked messages the damage has happened as faster as he can press the reset button. Encryption is not necessary to establish a protected email system, but signing is. Nevertheless you should encrypt if you communicate data of others or data that are sensitive. If you are a professional you must do so.

It is the duty of software developers and they should feel challenged to provide solutions consumers can work comfortably with. They cannot request users to have knowledge about cryptology.

Journalists should inform the wider public about solutions, not only about successful attacks.


ReSecCo has been designed to make cryptological techniques accessible to everybody. I have the idea that security should be provided with one click. I think that I have nearly reached this aim. I tried to avoid proceedings that would be too elaborated. I wish that users can use cryptology in a smart way but ReSecCo will evermore prefer the way of more security. I offer proceedings that are transparent and authentic.

Address management is not an appendage to ReSecCo but a kernel of email organization. ReSecCo focuses on transparency. Any of the mails you will send a vcard file and your openPGP key will be attached to. The recipient can import these files into his email client. Security is a matter of all participants in a system. If every participant has to agree security matters individually it will be a long way to secured email or it will end on the wrong track.