Journalist & IT security professional
STARTTLS endangers your E-Mail passwords
The E-Mail protocols IMAP, POP3 and SMTP can be TLS-encrypted in two different ways: Normal, so-called implicit TLS and via STARTTLS, which will first open an unencrypted connection that is then upgraded to TLS.
This upgrading via STARTTLS is fragile and leads to widespread security flaws, which in the worst case can lead to a full compromise of an e-mail account.
Hanno Böck is a journalist and IT security professional living in Berlin.