[ExI] hacked email

[spike]

Security hipsters, I need some advice or ideas.  We have a group of family
history researchers, about a dozen of us who work together, share photos,
family lore, findings from DNA and so forth.  Recently one of our circle
went off her meds and did a lot of damage by hacking into another member's
email and writing messages to the other members with a false From line, all
with carefully calculated malice.  It has us really freaked, because this
cousin is very unpredictable and has a lot of brains and a lot of ill will,
with more internet protocol savvy than the rest of us combined (she is a
computer security expert.)

 

I am thinking of a way to write some kind of code word or something into our
email such that it would be evidence the message is from who it says.  Is
there a standard way of doing this?  We can exchange the code word via phone
so if the party in question has access to our email, it wouldn't be
intercepted.  Ideally it would be some kind of rotating code, different with
each message but derived by some kind of externally-accessible information,
not easily guessed.  An example would be the F10.7 cm radiation average from
the sun on a given day.  That could be looked up each day and put in the
email message somewhere.  Archives exist, so we could even go one year back.
Ideally we would want a code that changes by the hour.  Ideas please?  What
do you security guys do to verify a sender?

 

I don't think my email has been compromised, so posting here or privately is
OK.

 

spike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20141125/c5755736/attachment.html>