Email is not Private
Posted in All Posts, Email Security, mini-reviews, Online Security, Privacy, Security Tools on March 6th, 2006In fact potentially, email is very public. Especially web based email like Gmail and Hotmail. But pretty much no matter what email client you use, email is easy to intercept and compromise. Email is not private unless you encrypt your email in some manner. There are a number of options available. But beware of their limitations.
- Some can only encrypt attachments.
- Some programs can only encrypt the contents of an email, but not the attachment or subject.
- Most will not encrypt the subject and header.
- Most require extra steps on the part of the sender and the recipient.
- Most require that you send a password to your recipient, and obviously you can’t do that through email.
Even users of Outlook or other computer based email clients should realize that email is sent through the Internet in “plain text” and can be intercepted and read both legally and illegally.
“The gap between law and technology is widening every day, and privacy is eroding,” said Jim Dempsey, the CDT policy director who authored the report.
“What makes this even more troubling is that most users of these new technologies don’t realize they are putting their privacy in jeopardy.”
Modern consumers live in an age when web based e-mails pileup on services like Microsoft’s Hotmail and Google’s Gmail, and all kinds of files from personal photos to bank, medical and travel records are stored online.
Few computer users realize however, that web based e-mail is subject to much weaker protections than messages stored on home computers.
While the government needs a warrant, issued by a judge, to search someone’s home computer, it can access a person’s web mail account with only a subpoena, issued without judicial review.
Source: ‘Big Brother’ watching e-mail, computer data: US report
We recommend that all users employ a secure email service, or software, or client that encrypts their communications. In particular, we highly recommend an email security system called Ciphire. Ciphire does it all. It completely wraps the email in a secure, encrypted package including the header, the subject, the body and any attachments. And it does it seamlessly and competently in the background. It works with most any email client. The one requirement is that the recipient must also have Ciphire installed. And please note that it does not work with web based email such as Hotmail or Gmail.
We have been testing Ciphire for some time now and it has evolved into a very capable and usable way to secure email transactions. Once installed, it can be set to automatically encrypt email communications between any users of Ciphire, and do it in a very user friendly manner .
It is also relatively unique among the various email security systems available in that it can encrypt the entire email, including the header, the subject, the body of the email, and an attachment, entirely automatically when it determines that the email is being sent to another Ciphire user.
Here is more about it in their own words:
Ciphire Mail is the world’s most powerful email security tool and requires no learning. It works smoothly with your regular email client. Just download, install, and forget.
Ciphire Mail has been optimized for the average, non-technical individual who has no real knowledge of security or cryptography, but who needs their benefits nonetheless.
Ciphire is free of charge for personal use and is available at https://www.ciphire.com/.
Highly recommended.
Editor, Internet-Insecurity.com
