Who's Reading Your E-Mail?
Who's Reading Your E-Mail?
This is why I run my own e-mail server. ....... :-X
From the Washington Post.
There's an old adage, relatively old at least, that says you shouldn't write anything in an e-mail that you don't want the whole world to see. A three-judge federal appeals court panel hammered home that point last week when it ruled 2 to 1 that e-mail service providers can copy and read messages intended for their customers.
Under the ruling, issued by the U.S. Court of Appeals for the 1st Circuit in Massachusetts, businesses and the U.S. government have more legal latitude to monitor private e-mail correspondence than ever before. The ruling allows the government to use search warrants to read e-mail correspondence rather seek a judge's permission for a wiretap, which is more difficult to get. No surprise, civil liberties groups like the Electronic Privacy Information Center say this ruling will erode U.S. privacy rights.
The case concerned former e-mail service provider and out-of-print bookseller Interloc Inc., whose vice president told the company's engineers in early 1998 to copy and store incoming mail from Amazon.com. The U.S. Attorney's Office in Boston charged the company with violating wiretap and communications intercept laws, but the appeals court ruled that the company did this legally because the e-mail messages were stored in the company's servers.
Some of the nation's largest Internet service providers, including America Online, EarthLink, Comcast and Yahoo, said that they only disclose personal information under requests from law enforcement authorities and that they do not read their customers' e-mail messages.
Re:Who's Reading Your E-Mail?
Interesting Sitri, eyes everywhere. Thanks for info. I always felt phone conversations weren't private either, especially cell. I also wonder about stuff on this site too, privacy-wise.
Re:Who's Reading Your E-Mail?
This is why I use this:
and if you don't want to pay for it, the free version is here:
I can only get a few people to send me email in encrypted form. It is very frustrating. One of my friends is always going on about bud and such things and I tell her, "You are gonna get busted - they read that shit ya know."
But nope, it is gonna take a few sacrificial lambs to wake people up...
but they wont - irregardless of the millions of IE warnings people still use it, irregardless of the RIAA lawsuits people still download music, and I am sure irregardless of the busts from reading people's mail they will still treat it like it is private.
(P.S. I also run my own mail server, but I have no control over the route mail travels from the source server to my server - anyone can collect packets.)
Re:Who's Reading Your E-Mail?
Two things:
1) Running your own email server offers zero protection as email is going to travel at least through two hops to get from source to destination. This ensures there is still a relay point where it can be intercepted and read.
2) Don't bother using PGP as all current, US legal versions *MUST* by Federal law have a masterkey to unencrypt. Hackers and most relay sites combined have the masterkey that basically converts any PGP encrypted cyphertext instantly into plain text.
There are actual secure versions of PGP, but they can only be obtained overseas as they are against US laws to possess or use. Any form of public/private key encryption that doesnt have a backdoor masterkey is considered a breach of national security and therefore disallowed usage or possession of in the USA. So basically, don't bother.. it's a false sense of security and just spinning your wheels for no reason.
Re:Who's Reading Your E-Mail?
What are you talking about PGP is insecure? Do you have any proof of your allegations? Because there seems to be a lot of proof about PGP being a bitch to crack open.
You are not talking about the ADK are you? This is something that can be turned off and people have checked messages to insure that ADKs are not used in the encryption process.
There is some good reading here:
which says the FBI had to plant a key stroke logger to try and get into this fellow's encrypted files.
Re:Who's Reading Your E-Mail?
Quote:
What are you talking about PGP is insecure? Do you have any proof of your allegations? Because there seems to be a lot of proof about PGP being a bitch to crack open.
Don't have to. Just spend about 10 minutes on the subject or be witness to all the arrests and history. Or spend less time and do a google on "nsa pgp"..
There is zero proof about PGP being a bitch to crack.. in fact anyone with any amount of 'hacking' ability can easily be setup to instantly decypher pgp encrypted streams. It's rudimentary.
You're also unfamiliar with Richard White, who had the RSA encryption algorithm tattoo'd on his arm and is now considered 'contraband' since therein lies the backdoor. There are also several reverse cases of individuals abroad with truly secure encryption tattoo'd on them deemed 'illegal' by the NSA as they can't be magic keyed that aren't allowed through customs. It's all tomfoolery but makes the point.
You're also unfamiliar with several books (mostly from Germany and Russia) that have been banned in the USA and past cases of libraries held accountable to remove and trace all using such books. These provided several PGP-style encryption algorithms the NSA cannot easily plaintext or backdoor.
It's a big subject. I'd suggest you do some homework. In the meantime, using PGP is a futile and useless effort. Believe me.
P.S. I trust the ramblings of most of the slashdot posters about as far as YOU could throw them. There are some 'in the know' posters there, but for the most part they are wanna-be MWT's (mouse wielding terrorists) far too young to actually be in the know or familiar with all this (which most of it stemmed over 10-12 years ago).
Re:Who's Reading Your E-Mail?
Oh come on man, first of all I am a computational mathematician.
Second of all I have read and have on my bookshelf the following:
"Algebraic Aspects of Cryptography" by Neal Koblitz
"Mathematical Cryptography for Computer Scientists and Mathematicians" by Wayne Patterson
"Cracking DES" by the EFF
"Numerical Recipes in C" 1st and 2nd editions
"Applied Cryptography" by Bruce Schneier 2nd edition
"Implementing Elliptic Curve Cryptography" by Michael Rosing
and quite a few books that are simply packed away.
Can the NSA break PGP?
Sure. Given enough time and resources. It is known that 512 bits are good for about eight months.
1024 bits are expected to hold good for about 20 years (given moore's law).
Does the NSA have a PGP back door?
I don't think so.
I am not some rookie freshman thinking a newly written Ceasar Cipher program is the shitz. (Easily broken by a frequency attack and the spell checker in MS Word.)
You want paranoia?
Google "cipherpunk" and subscribe to some of their mail lists.
Re:Who's Reading Your E-Mail?
Yah, so I guess disallowing tattoo's into the USA by NSA, not to mention all the books pulled off the shelves.. AND federal offense for usage or possession of several varieties of international PGP encryption programs is just for show..
Enjoy your false sense of security, but by all means- if you want to keep using it, go right on ahead. Even RSA (local here in San Mateo by the way) has to run every single security solution they provide through the feds for backdoor inclusion. It's common knowledge.
Cheers.
Re:Who's Reading Your E-Mail?
Common knowledge like aliens invented the atomic bomb.
We are gonna have to agree to disagree on this one. :)
Re:Who's Reading Your E-Mail?
Well, I'd just simply ask (and no, you don't have to be a computational mathematician with books on cyphers on your shelf.. a moron working at McDonalds with "Where's Waldo?" on his shelf can figure this one out...):
Why are the overseas encryption algorithms illegal for use in the USA?
Why would it be considered a threat to national security, as documented by the NSA for these foreign, unreviewed algorithms to be used or possesed here in the USA?
It doesn't take rocket or computational science to formulate the reasoning why "Feel free to download and use these PGP/RSA encryption algorithms! Knock yourself out!" but the ones from overseas are instantly a crime.
Re:Who's Reading Your E-Mail?
Actually, the NSA does have the keys ... except for foreign algorithyms. I was talking with a security guy of a german company with a location in the U.S. and they were using Nokia VPNs because the tunneling encryption is different.
They actually felt the NSA would read their mail and give their designs and competitive info to a domiciled U.S. corp.
But although you can't stop everyone. If you stop 99%, that's 99%. The NSA could give a crap about what I do. The main thing is protecting you communications from the other people.
If your run your own server, you control the backups of the email... or lack thereof. If it's not there, it can't be used against you. They just passed a law can't remember if it is federal or state that companies of a certain size have to keep copies of every email .......because of Enron and crap like that.
Re:Who's Reading Your E-Mail?
I can't even get my email to run, period...
Re:Who's Reading Your E-Mail?
Rumplestiltskin is reading your email...
Better be able to spin straw into gold...
BOO!
Re:Who's Reading Your E-Mail?
hey i have "Wheres Waldo?" on my bookshelf!
Re:Who's Reading Your E-Mail?
Quote:
Originally Posted by Marko link=board=1;threadid=10820;start=msg134985#msg134 985 date=1089356507
FYI: irregardless is not a word. Use regardless.
Hmmm. I think we all understood what was meant. Spelling corrections are off-topic and create an atmosphere of spell-checking instead of thinking about the topic.
We are not here to author english composition papers...
Re:Who's Reading Your E-Mail?
Personally for any confidential or mail that needs to be encrypted I use http://www.hushmail.com
2048 bit encryption here is what it says directly from there site
Hushmail
Benefits
Hushmail is the World's premier free, secure web.based email and document storage system. Hushmail provides Individuals and Businesses with essential communication tools, allowing you to communicate with privacy and confidence.
Affordable
Hushmail offers both free and Premium accounts, starting at only $29.99 per year!
Reliable
Now in its fifth year, Hushmail continues to innovate and extend its acclaimed technology.
Accessible
Hushmail users can access their email, documents and instant messaging from anywhere in the world.
Secure
Hush Technology: Peer-reviewed, Standards Compliant, 2048 bit encryption.
Hushmail Comparison Matrix
Click here for an overview of all Hushmail services.
Feature: Free Premium Business
Domain Administration: Generate reports, manage your Hushmail Business accounts.*
Webmail Customization: Configure the Hushmail interface to use your own logo and colours.*
Email at your own domain: Send and receive encrypted email using [email protected] accounts!
Email Aliases: Send and receive email with unlimited @nym.hush.com email aliases.
Secure Document Storage / File Sharing: Store your documents, and share them with other Hushmail users, securely!
Up to 128 Mb additional storage for email and documents**
Spam Control: Allow lists, Block lists, and Challenge-Response verification using the Human AuthenticatorTM
IMAP Access to retrieve mail from your Hushmail account***
Instant Messaging: Access to Hush Messenger, our encrypted instant messaging client
Mail retrieval from external POP3 accounts
New email notification via Hush Messenger and email paging
Ability to send and receive large attachments
Unlimited Contacts in Address book
Read Receipts, Auto-responders, Drafts, and Templates
Access to Hushtools, our encryption toolkit
Premium Technical Support
Advertisement Free
Online Help System
No Deactivation due to inactivity
2048 bit encryption with full Open PGP support (including Twofish, TripleDES, and RIPEMD160)
Digital signature verification and signing capability for email and attachments
End-to-End Encryption for Email and Attachments, and Secure Document Storage
Early or exclusive access to new products and features
For my money is the best out there and nothing else comes close