Virtru Simplifies Email Encryption

in Productivity


By Kevin Tea

When Edward Snowden leaked a paper nuclear bomb of evidence that showed that the US and UK government’s were undertaken mass spying on citizens’ emails, telephone calls and web history, malodorous solids hit rotating blades big time.  Since the NSA’s antics were revealed there has been a rush of interest in security systems for Joe Public to use, especially on emails.  There has always been encryption software out there like Zimmerman’s PGP package but for most people the use of keys etc was a {PITA. Now there is a new, simple email add on to come to the rescue – Virtru.

Virtru’s architecture is underpinned by three foundational elements: the (1) open Trusted Data Format (TDF) standard, (2) strong, on-device encryption, and (3) patented technology that allows you to use your existing online identity to authenticate yourself. This works well with mainly web based email systems such as Yahoo and Gmail through bolt on extensions in  your browser of choice.

Each Virtru protected message is secured with encryption per message  using 256-bit AES keys. Using Virtru software installed on your browser or mobile app, your content is encrypted before it leaves your device.  No one, except you and your intended recipient, has access to your content.

virtru email 2

With Virtru installed and activated when you start writing an email you have the choice to proceed as normal or encrypt the email. With encryption chosen the options for your email are extended to include the ability for email forwarding to be disabled and the ability to revoke access to the email after you have sent it.  You can also set a time in days when the email will self destruct on the Virtru servers.

The recipient does not receive the email message but the core email including an explanation that the message has been encrypted and a link to the encrypted message which is stored securely on Virtru’s servers.  What the recipient sees is illustrated below.

virtru email

Note that the encrypted mail provides the opportunity to answer only, nothing else. However, I did find that if I picked up an email that had forwarding revoked in a third party, non-web browser such as Thunderbird, that email can be forwarded and the second recipient gets access to the original encrypted message. I will contact tech support for clarification on this.

It has to be said that Virtru is in beta and is being developed so there might be some ragged bits around the edge but the company is also looking at enterprise level encryption and the use of individual key servers etc so watch this space.

Edited to add: Four hours or so after I sent tech support an email – and on a Sunday – the developer came back with this response:

While anyone may see the link, only authorized users will be able to decrypt the message inside of it. If an unauthorized user were to try to open that link, they will receive a “Not Authorized” error.

If you want to try this on your own computer, make sure you use a different browser than your authorized users, or run it in incognito mode. 

If you still see unexpected behavior please let me know! Thanks for your email.

Previous post:

Next post: