Going back to the structure, as well as removing sections of the article that are irrelevant to the topic being discussed, Farrell could also have included a very concise glossary of the technical acronyms. Many of the technologies mentioned are abbreviated (e.g. MUA, MTA, PEM, MIME etc.), and even for a computer science professional new to this particular topic, it could be tiresome to traverse through the entire text to remind themselves of a definition - so a glossary would have been useful. Additionally, important quotes aren’t highlighted frequently enough (only once, on page 3) and several images could have been included to show the different MUAs, for example. In adding these extra components, the article would have been more readable and easier to understand.
Farrell’s language and writing style certainly deserves to be praised. He uses useful analogies to describe his point, such as when he says that mail encryption is “the difference between a postcard (most email) and a closed letter (encrypted mail)” (Farrell 2009, p.82). Also, the frequent use of rhetorical questions simplifies the points that Farrell is puts across. His final paragraph is a highly appropriate summary of his article, where his judgement adds great value to his points, especially the final, damming sentence, where he criticises MUA developers (such as Microsoft) for not incorporating users’ encryption needs.
Many of the appropriate parts of the article are accurately referenced in the “References” section at the end. However, with the reference to the medical study on page 83, the study appears to have been undertaken at least 2 years before it was published. In this time, there could have been significant advances in the computing industry, particularly in the area of encryption. Indeed, in 2008 (after the medical study was carried out), Microsoft Office Outlook 2007 - Microsoft’s MUA offering - benefited from a major update to its encryption, with the inclusion of encryption using configurable symmetry and cipher-block chaining (Oiaga 2008). Considering Outlook 2007 has a “75% - 80% market share in the corporate email market” (Greiner 2007), this could potentially skew the evidence that Farrell reported of people who could not “use the standard MUA security features” (Farrell 2009, p.83). The article could have featured more in depth studies with various expert opinions or organisations, for example from Mozilla with their MUA offering of Thunderbird. The reader being more aware of the stance of these software development companies in regards to email encryption should have been more of a priority for Farrell than discussing the technicalities behind encryption itself.
In summary, the article would successfully inform a computer security-enthusiast about the reasons for not sending encrypted email, and for the most part, information that Farrell has cited from other authors is up to date and based upon concrete computing theory. He explains many of the concepts of encryption with great detail, and uses numerous examples and analogies to put his point across. However, the article may be misleading to the casual reader in the sense that he article is too technically focused and its title does not reflect this. A more suitable title would be “Email: Why Our Software doesn’t Encrypt Our Messages”. And regardless of the target audience, the structure should have been more fragmented in order to captivate the readers with different styles of engagement. This is especially important as already it doesn’t appear that this article reaches out particularly well to those who are less technically competent, due to the amount of technical jargon. In general, though, the article was an interesting read and offers a solid contribution to the field of computational research.