[ExI] internet security
Harvey Newstrom
mail at harveynewstrom.com
Mon Jan 19 23:27:35 UTC 2015
Email is cleartext and can be read by anyone. That is how the protocol
works. Even if you use https to connect to your email, that just encrypts
between you and the server. The server then stores it in plain-text in most
cases. (Google just started encrypting their email at rest recently.)
And many ISPs do a man-in-the-middle attack on https sessions so that they
can decrypt it and copy it as it goes through the ISP anyway.
E-mail is store and forward. So it will be stored at your ISPs, probably at
intermediate steps along the way, and finally at the other end's ISP.
Most ISPs and big services (google, yahoo, etc.) scan your email for
keywords and sell advertising based on keywords. So indexes, summaries, and
keywords from your emails are distributed to companies and governments who
request these. And since much of the advertising is outsourced overseas,
these keywords will be spread across the world to countries you never
dreamed would see your email. Even if you send email to someone on the same
email server as you.
Also note that big services also not only claim the legal right to do this,
but make you sign an the agreement, that they own anything you send through
their service and/or they have a right to use the information sent through
their service. So if discuss an idea and they steal it, you would have no
legal recourse.
So I would say that Email is probably the least secure protocol possible for
this purpose, and the most likely to copy and distribute clear-text versions
of your data around the world.
And most of the other services that claim to be secure aren't. They just
play off the hype to get customers who want to be secure, but most of them
don't have enough technical knowledge of spying or surveillance to actually
stop it, even if they do have some heightened security.
(Remember when I spoke about Internet spying back in 2001 at Extro-5?
Nobody believed that corporations or governments would monitor their
customers or citizens usage of the Internet. Boy, times have changed!)
--
Harvey Newstrom www.HarveyNewstrom.com
More information about the extropy-chat
mailing list