To say that an email is generally insecure is clearly an understatement because of the number of proven threats and invasive practices that have transpired mainly due to violation of its original intent. Email messages have their intended recipients and when some other party gets to eavesdrop, certain risks arise. These include identity theft, invasion of privacy, modification of messages, false messages, repudiation, replay of messages, and unprotected back-ups.
An email is sent through the “Simple Mail Transport Protocol” or SMTP. It uses the “Hyper Text Transfer Protocol” or HTTP language to send a message through the SMTP server in order to reach the recipient. When the recipient’s actual SMTP server cannot be contacted, the sender’s server will try to contact back-up servers when available. It will try to contact the intended recipient’s server for a number of days before it finally gives up. The message becomes available for reading once it is received by the recipient’s server. The amount of time wherein an email message travels from the sender to the recipient varies depending on the servers’ traffic load.
The travel time of an email is the most critical phase of the process in terms of exposure to risks. Potential risks can be lessened through the use of encryption. One way is through symmetric encryption wherein the sender and recipient share a secret key. Plain text is converted into cyphertext which would appear meaningless to anyone who does not have the secret key. The message needs to be decrypted before it is understood. Asymmetric encryption requires the use of a private and public key. The private key is expected to be kept secret by its holder for the asymmetric encryption to retain its security. Most email messages are made more secure through the Secure Socket Layer (SSL).
Tags: email risks, email security
Categories: E-mail
Loss of physical property is not the only concern when a phone, laptop, or netbook goes missing while traveling. More than the cost of the equipment itself, there is the potential exposure of personal data contained in them that could represent undetermined costs to its owners. Costs will not be limited to the financial aspect but will include concerns regarding business/trade secrets, security of self and family members, and exposure of other sensitive data that can affect reputation and well-being.
When it is absolutely necessary to bring equipments or files along in travel, travelers will have to anticipate possible scenarios that may occur unexpectedly. Things do not always go as planned in spite of best precautionary measures taken. Travelers will have to try to minimize the potential damage by the performance of certain actions such as scrubbing laptops of important files or at the very least encrypting these files when it is necessary to bring them, and opting to bring the less expensive laptop which could also perform the required functions in travel. They can opt to bring the next best alternative which when lost is easier accepted.
Securing data requires travelers to remove all those data that are deemed NOT for public consumption from laptops and other mobile devices. Personal information in the hands of unscrupulous people is like a time bomb waiting to explode on the faces of its owners. Bank and credit card details should not be conveniently found in the stolen item since this could equate to a major financial debacle. The scenario becomes even scarier when victimized in a foreign country where travelers have no family or friends to turn to.
Online activity should always be done discreetly. Travelers should not call attention to themselves when using expensive laptops and other like equipments. It is always best practice not to check the laptop along with other luggage and have it close while on the plane to avoid the possibility of forgetting about it and leaving it behind.
Tags: data security in travel, lost laptop
Categories: IT Security Basics, Physical Security
Computer users lose their privacy once their online presence and activities are no longer anonymous. Losing anonymity means that someone or a group of people are able to track online behavior. This includes knowing the user’s location or browsing habits.
Most people are not aware that their online activities are under surveillance. It should be noted that Internet Service Providers possess a full record of user activities, not to mention that search engines and websites likewise record all user activities in spite of claims that all data garnered are “anonymized” or has not been provided identifiable information. There are providers and sites that purposely collect personal information to sell to the highest bidder.Â
So how do we go about protecting our online anonymity? Users can consider using a software implementation that uses a network of servers that can effectively conceal usage and location. This highlights the layered nature of encryption wherein a data is encrypted and re-encrypted many times over on its way to its final destination. The process prevents undesirable elements from unscrambling and understanding the message sent. There are several tools available in the market today including Proxy.org, JonDonym, Ultra Surf, Tor, Proxomitron, and the Ultra VPN.
Another way to protect online anonymity is to install a good software firewall. Computer users can also stick to visiting highly reliable big sites such as Disney which are committed to upholding the highest standards. Upholding the highest standards simply means doing right with whatever information they inadvertently or purposely obtain from the customers.  There is also an option to maintain an alias email address to enable users to receive messages without revealing the true email address.
Tags: encryption, online anonymity
Categories: E-mail, Privacy & Anonymity
