Recent Posts
Categories
Keeping your messages safe from prying eyes
With the current political environment your privacy is being chipped away more and more each day. Much of the debate is based on the idea that if you are not doing anything wrong then you should have no worry about your information being viewed by the government, this in itself is a fallacy. Another debate is that they need the ability to view everything to protect you from terrorists that are bent on harming your way of life, this is a long discussion in itself, but not here.
With the next few entries I will discuss ways to keep your messages private between you and the people you want to exchange information with. The key ones will be E-mail, IM and file exchange using encryption and encryption type programs. Some of them require usage of special programs that you and the person your are exchanging information with need to have set up. It is quite simple to do, I will also give some tips and tricks on using them. All of the applications I will talk about are open source so if you wish to view how they work you can.
The E-mail program I will be using in the discussion is Thunderbird with some plugins. It has clients for windows, mac and Linux, I use this because it seems to be on of the more extendable clients for email. It will be used with a public key / private key clients to encrypt and decrypt the messages. For exchanging IM between you and another person I will be expanding on pidgin, it is a multi-service client, that is it works with yahoo, AIM, jabber, exchange and some others. The last group of topics will be encrypting your files, so if you travel you can be generally sure your files will be safe from prying eyes. This is not the entire list of applications you could use, nor is there a guarantee that the data can not be decrypted at some time in the future. As technology changes one never knows, but for now its mostly safe.
I will add different programs as I go from time to time under the same heading, so I hope it will spur you into keeping an eye on your data and who may be snooping on it, for good or evil.
E-Mail Security Tips
E-mail security tips.
This posting I will define some E-mail security tips, as always it is not a full and all fix for security but a good list of tips.
If you use a browser to access your Email, one of the most important tips is to make sure it uses SSL to connect you to the mail server. SSL or Secure Socket Layer is a internet standard of connection that will encrypt the connection so no or very little information is visible about what is being send.
A way (but not all the ways known) is to look for the https:// in the browser path. Some will change part of the dialog box green. Google does this, Other E-mail systems do as well.
If it connects using HTTPS then falls back to HTTP, my advice is to use a different web based E-mail client. On that note when ever possible do not use public machines to Login to your E-mail. Firstly you have no idea the setup of the machine and what programs are running at he same time your are trying to log into your account. Many places will add logging programs to there systems. This is not as a desire to track you but some places must to protect them from you.
When setting up A Email client connection (the way I would recommend when possible), IMAP or POP, try to set the connection to SSL or TSL to begin with. You will need to look at your client closer to know were the settings are located. Or go a simple search using your search engine of choice.
I want to talk a little on email clients, there are many to choose from, some are cross platform others are single platform. Cross platform clients are nice because you only need to learn one way to do something and most have the same function for each of the operating system. Many have the same basic functions, most are free so give them a try.
The ideas discussed here will only get you security for the connection and the exchange from your machine to the email server. There still is a risk if the other receiver gets the message from a unsecured machine or connection. One way to reduce the risk is to encrypt the message on the mail server and in turn require the receiver un-encrypt any messages sent. The next posting will hope to cover ways to to have your messages kept secured on the mail server, your own client and the receivers system.
General Security Post
Being this is the first post of the year, I am going to start again with the basics of general security. These postings will cover simple security tips and tricks for things like, E-mail, site access, etc. Some of this may be things you know already some may not be.
First and foremost a question – “How long has it been from your last password change?”
This includes E-mail, the machine your currently using now, banking sites. If it has been over a few months then change them today to new ones. And try not to use the same password for everything, yes it difficult to remember but in the long run you will be safer. When you think up a password make sure it has a number letter mix, with upper and lower cases. Don’t use your kids, pets, or easy to find names like that..
A question many times arises, “were do I keep the password?”. There are many programs that will store the passwords for you. Yes you can write it down on a sheet of paper and put in “safe” place. Do a google, bing or what ever your search engine of choice is for password saving programs. There are many ways out there, but use something.
Now go forth and change them..now.. now.. now..
Also when accessing your sites using your web browser make sure you connect securely. When your at the login site see if there is a “https://” in the site bar, or some will have a lock or green bar to tell you they are security connected. If no then enter https://, Example – https://mysite.com. Later I will cover ways to always force the secure SSL connection to sites.
This will keep you busy for a while..bye for now
Recent Comments