Jump to content
ATX Community

encrypted email

grandmabee

By grandmabee
in General Chat

 Share

Recommended Posts

Jack from Ohio

Jack from Ohio

Posted
Posted

I do not encrypt any e-mail. The idea of someone simply driving up in a van and intercepting your e-mail is TV and MOVIE FICTION!

Can a person/entity tap your e-mails? Yes. I had my software engineer/techno son explain the process. It is long arduous and extremely complicated, and has to be done individually for each computer. Much information about the computer and it's connecting network is needed to put the proper tools in place.

I challenge anyone to show me an instance of someone who has had their e-mails intercepted by a third party.

E-mail is safer than snail mail. How many human beings handle a letter as it is going through the postal system? It is extremely low tech to steal an envelope, and every person is equipped with skills to do it.

I dislike when people send me e-mail that requires logging in to some security system, then inputting information just to read it. I have, already, called the person and told them to fax the information.

The TV show "Person of Interest" is 99% fiction. Despite all the rumors about Government seeing all e-mail, and listening to every cell phone conversation! PURE YAK SQUEEZE!!

Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

The actual mail message is fairly safe. The security issues come in when someone can access your computer and/or network. A packet sniffer is easy to use and can lead to password theft, assuming there is a password. Many wireless routers/computers are using "security" that can be hacked in minutes (or less), which opens the computer up as well.

Once access is gained, it is not hard to read email and run the computer in question.

Passwords will only keep out those not wanting to get in - if you think that way you are much safer.

Access is the critical issue.

If I wished, I can access a nearby unsecured router, which is likely connected to an unsecured computer. Would take maybe 10 seconds to figure out what email program they use, their server settings, and be able to read their messages in any manner I wish, and also send as them. Could do anything with their computer as well.

Then there is the slight delay of accessing the many routers which use the default login and password. They are also likely connected to an unsecured or under secured machine, easy to tap into.

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

The actual mail message is fairly safe. The security issues come in when someone can access your computer and/or network. A packet sniffer is easy to use and can lead to password theft, assuming there is a password. Many wireless routers/computers are using "security" that can be hacked in minutes (or less), which opens the computer up as well.

Once access is gained, it is not hard to read email and run the computer in question.

Passwords will only keep out those not wanting to get in - if you think that way you are much safer.

Access is the critical issue.

If I wished, I can access a nearby unsecured router, which is likely connected to an unsecured computer. Would take maybe 10 seconds to figure out what email program they use, their server settings, and be able to read their messages in any manner I wish, and also send as them. Could do anything with their computer as well.

Then there is the slight delay of accessing the many routers which use the default login and password. They are also likely connected to an unsecured or under secured machine, easy to tap into.

You use the words "access" and "unsecured." Those are issues that I cannot control on my client's end. Sending the e-mail is safe. Snail mail is much more vunerable to theft and loss.

I am finding that every day, more and more people are securing their routers.

If a person is lax on securing things and controlling access, the person doing the "invading" would be able to see the information to decrypt and encrypted e-mail as well.

Unauthorized access and unsecured systems do not make e-mail unsafe. These are items that I cannot control on the client's end.

No encryption for me. I have been using e-mail in a large way for many years. I have used the internet for everything available. I use simple common sense when using it, and have never been hacked or compromised.

Link to comment
Share on other sites
ed_accountant

ed_accountant

Posted
Posted

I email a password protected pdf file. The purchased version of Acrobat allows you put a password on the pdf file. I always use the last 4 digits of the taxpayers social security #.

I send pdf tax returns password protected via email and ussually remind them the password is the last 4 digits of their SS#. This has worked for me..

Link to comment
Share on other sites
Randall

Randall

Posted
Posted

I use Acrobat. It allows you to send an attachment encrypted with a password as well. I give them a hint of what the password is, in the body of the email. I'm more concerned with wireless. I don't know much about it and the security features. Right now, I'm not mobile with my work, only in the office. But in the future I want to do more with a laptop, etc.

Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

I live across the street from a rest home. When my kids were little, one of the residents at the rest home had a portable phone which broadcast very well to our baby monitor...

-

If you have a cell phone with wireless data, you can download a free app to scan wireless connections nearby. Very enlightening. I use it to make sure my own wireless is on the best channel I can select, that the security settings are actually set correctly, and to see what may be available when not at home. I do not let my phone connect automatically.

Link to comment
Share on other sites
Catherine

Catherine

Posted
Posted

Jack -- here in the People's Republic of Massachusetts, any email that might have confidential data is _required_ to be encrypted. So I can't send anything to clients by email that isn't generic. I get lots of use out of my file share site...

There is a program called PGP Encryption that will encrypt your hard drive and secure your email as well. Acrobat also works well and I bought my brand-new, fully-registerable copy of the one-prior version for very small money on eBay.

  • Like 1
Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

Jack -- here in the People's Republic of Massachusetts, any email that might have confidential data is _required_ to be encrypted. So I can't send anything to clients by email that isn't generic. I get lots of use out of my file share site...

There is a program called PGP Encryption that will encrypt your hard drive and secure your email as well. Acrobat also works well and I bought my brand-new, fully-registerable copy of the one-prior version for very small money on eBay.

That just proves that lawmakers are as uninformed technology wise as most of the American public.

The phobia is almost worse than the Y2K hoax.

Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

For android, I am using Wifi Analyzer. It actually is useful for figuring out which channel to set your router for, to avoid the others close by. Shows signal strength, and can be used as sort of a "router finder" based on the signal strength. Helpful if you want to see how your router placement affects signal strength/coverage.

Link to comment
Share on other sites
Randall

Randall

Posted
Posted

I have PGP (now owned by Symantec). I use it for my HD and external HDs, and flashdrives. I haven't used it for emails though, been using Acrobat.

Jack- I might agree that the stuff on TV shows is fantasy, but I'm not ready to assume there's no risk out there. Especially on the wi-fi stuff.

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

I have PGP (now owned by Symantec). I use it for my HD and external HDs, and flashdrives. I haven't used it for emails though, been using Acrobat.

Jack- I might agree that the stuff on TV shows is fantasy, but I'm not ready to assume there's no risk out there. Especially on the wi-fi stuff.

I do not assume the information about risk. I talked to, and inquired from, technical professionals at the heart of the technology infrastucture.

I am still waiting for an example of someone's e-mail being hacked.....

The phobia is spreading fast, and quickly becoming worse than the Y2K hoax.

Link to comment
Share on other sites
Eric

Eric

Posted
Posted

Email accounts are hacked regularly due to weak passwords, but I'd say it's usually limited to webmail services. I'm embarrassed to say that it happened to my Gmail account once, and that password included two special characters and it wasn't a dictionary word. All of my passwords are now 20 random characters, upper and lower case, numbers, and special characters. Impossible to remember, but quite secure. (I use a KeePass database and my browser to remember passwords for me)

Another thing to consider (or maybe not, Idunno) is that by design, your email is not only received by your ISP's and the recipient's ISP's servers but also many servers in between as it makes the trip. Of course, it's making that trip with millions of other emails, and I would assume that most people who have access to those servers and your accounts at the ISP are trustworthy enough.

But just because you're not paranoid, doesn't mean they're not after you :ninja:

(haha)

Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

Many mail providers offer web based messaging, even if you are not using it, which makes it easy for someone who has ever received a message from you to know where to try to look.  Many lost password questions are easily guessed.

If you use IMAP to access mail, then your messages reside on the mail server (although secured, not impossible to get at) unless you delete them.  You also have to empty the trash or the messages stay in the deleted folder.

Your mail provider may be keeping messages on their own, one good reason is to restore from a backup should there be a failure.  This also subjects those messages to subpoena...  Check with your provider for their retention policy.

Email security is no different than the security of your checking account.  Once you send a message, and once you send a check, the message and the check can be used to gain access to your account.  While it is tougher to crack an email account than to forge a check, it is not impossible.

Use non dictionary passwords, passwords with special characters (have to press and hold the alt key then a number sequence) and come up with a nonsensical set of answers to your lost password questions and you are safe enough.

It is the password reset that is the easiest to crack, other than using packet filters.  Mother's maiden name?  I use my first car's license plate number.  Father's middle name?  I use the firing order of a V8 Chevrolet engine.  Things like that prevent most problems with that area of weakness.

Was it not Ms. Palin who has her gmail/yahoo/whatever accessed via someone guessing her lost password responses?  IIRC, the person was criminally convicted as well.  That is "one" very public case not only admitted, but proved in a court of law.

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

I do not use web based e-mail period, for all the reasons just mentioned. Everyone's internet provider has non-web based e-mail that is handled with Outlook, Outlook Express, Windows Live Mail (Win 7) or the like.

When I retrieve my mail, it is erased from the e-mail server of my internet provider. No one else can retrieve it unless they hack my computer.

Someone guessing a password is not the same as someone "intercepting" e-mail transmissions. Improper care of, and creation of, access passwords are the source of most information that gets stolen. If a client uses a web based e-mail, even the decrypted e-mail is subject to the same risk on the web based server.

When an e-mail is sent, it is broken into many, maybe hundreds or thousands, individual small "packets" of data. All the packets do not necessarily take the same route (through all the routers that compose the internet) to its destination. There may be thousands of different routes that any given packet may take. This is one reason why "intercepting" e-mail is tedious and difficult.

No encrypting of e-mails for this long-time old nerd!!

On the Palin incident, once the perp changed the password, e-mails would not be available to Ms. Palin, so it would be very evident that something was wrong. Again, if there are no e-mails residing on a server out there, there would be nothing for the perp to see.

Just ranting!! E-mail IS SAFE!

Link to comment
Share on other sites
ILLMAS

ILLMAS

Posted
Posted

For peace of mind, you can pay for a service called Share File, and how it works, you basically create a folder for each client (links to their email), upload whatever to their folder, once you are done, the client receives a secured email that allows them to download the information safely, this also works in reserves, the client uploads to their folder and sends it to you.

MAS

Link to comment
Share on other sites
Medlin Software, Dennis

Medlin Software, Dennis

Posted
Posted

Have you confirmed you don't have webmail available? Not used does not equal not available. Have you checked with your mail provider on their backup/retention policy? I know mine has backup so if something goes in the dumper, it can be restored and resent. While my mail is open (pop account in this case), I am only popping in every few minutes. For those in between times, the messages are on the mail server, and subject to someone making a copy (allowed or not), and is sitting there for webmail or imap access.

I doubt any mail provider would allow you to constantly pop in, and you probably don't have your mail program running 24/7, so at least some if the time your mail is on a server. Mail on a server can be read by anyone with permission to access the server, or someone who has the password and login for the server.

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

I believe Circular 230 requires sensitive data to be sent securely. Email is not considered secure. End of argument.

Considered not safe by whom?

An argument could be made that only Registered Mail is considered secure. So no sensitive data could be sent by any other USPS method. All First class mail could be easily stolen. Given the requirement to label all mail containing tax information with the words "Important Tax Information", they are easy marked targets.

Still waiting for the examples of e-mails being intercepted....

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...