Jump to content
ATX Community

encrypted email

grandmabee

By grandmabee
in General Chat

 Share

Recommended Posts

Steven52

Steven52

Posted
Posted

I am still waiting for an example of someone's e-mail being hacked.....

You want proof? Good, you should. There is no reason to assume anything is true. Try looking through some news articles here:

https://www.google.com/search?q=google+china+email+hack

This is a well known incident of an email provider (Gmail) being hacked (there others with Hotmail, etc.). Sara Palin is another example of someone who had their email account hacked. Again, just search:

https://www.google.com/search?q=palin+email+hack

I am a technical person and hacking an email account is not difficult (but you do need access to someone's network, via wifi or hardwire, and use a 'sniffer' to read everything). This is one of the many reasons that laws (like HIPAA and others) are going on the books to REQUIRE people to use encryption when sending sensitive information. I, for one, think it is a great idea.

Then, we could talk about governments scanning emails:

https://www.google.com/search?q=fbi+scanning+email

Now, to the main question, I usually recommend TrulyMail for encrypting email. They have an Encrypted Web Messaging service which works really well and is very simple for non-technical people to use (and they don't need TrulyMail to decrypt the message or attachments). This is the major issue with encryption. Try having a novice decrypt a GPG-encrypted message and you'll be pulling your hair out.

Good luck!

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

Seems to me that getting access to someones network or harwire and installing a sniffer would be considerable work. It would only allow access to that single network.

Web based e-mail accounts get hacked due to weak passwords and usernames. If the person hacks the onliine account and gets the e-mail containing the information that is encrypted, he would also get the e-mail that has the information concerning the key as well.

The government scanning millions of e-mail article is 11 years old, and pure yak squeeze. There is not enough computer equipment to catch all the trillions of packets, reconstruct them, then store them.

The show "Person of Interest" is pure science fiction, as well as the "Big Brother" fear of e-mails being easily read.

Postal letters are a thousand times easier to hack.

I would also like to see some proof or evidence from a technical source. Of course we all know that news media and internet media sites only print 100% factual information. (SARCASM ALERT!)

Link to comment
Share on other sites
ILLMAS

ILLMAS

Posted
Posted

You want proof? Good, you should. There is no reason to assume anything is true. Try looking through some news articles here:

https://www.google.c...hina+email+hack

This is a well known incident of an email provider (Gmail) being hacked (there others with Hotmail, etc.). Sara Palin is another example of someone who had their email account hacked. Again, just search:

https://www.google.c...alin+email+hack

I am a technical person and hacking an email account is not difficult (but you do need access to someone's network, via wifi or hardwire, and use a 'sniffer' to read everything). This is one of the many reasons that laws (like HIPAA and others) are going on the books to REQUIRE people to use encryption when sending sensitive information. I, for one, think it is a great idea.

Then, we could talk about governments scanning emails:

https://www.google.c...+scanning+email

Now, to the main question, I usually recommend TrulyMail for encrypting email. They have an Encrypted Web Messaging service which works really well and is very simple for non-technical people to use (and they don't need TrulyMail to decrypt the message or attachments). This is the major issue with encryption. Try having a novice decrypt a GPG-encrypted message and you'll be pulling your hair out.

Good luck!

Why is this your first post and your account was just created this morning?

Link to comment
Share on other sites
Steven52

Steven52

Posted
Posted

Seems to me that getting access to someones network or harwire and installing a sniffer would be considerable work. It would only allow access to that single network.

Clearly it depends on what part of the network you have access to. If you're at the ISP, you have access to everyone connected to that ISP. Again, wifi is also a way to access someone's network.

Web based e-mail accounts get hacked due to weak passwords and usernames.

The Palin hack had nothing to do with this. The China Gmail hack had nothing to do with this. The former was due to a public figure and easy to answer reset questions. The latter was a different reason.

If the person hacks the onliine account and gets the e-mail containing the information that is encrypted, he would also get the e-mail that has the information concerning the key as well.

Your statement is completely wrong here. If you want to understand, please look up 'asynchronous cryptography.' This is a well know, and commonly use, technicque that allows me to send you a message encrypted to one key but it can only be decrypted with another key (the key to encrypt cannot be used to decrypt). This solves the age-old problem of key distribution.

I would also like to see some proof or evidence from a technical source.

If I've not given you enough technical information, please let me know what you would like understand and I'll find a proper technical source for you to read. I hope you're not serious in thinking there is not enough computer power to sort through unencrypted emails. Consider that more than 100 million computers are sold each year. Then consider the powerful supercomputers. What is science fiction (as far as I know) is the NSA being able to decrypt a messages encrypted with a strong key in a few seconds. Mathmatically, even with the most powerful computers in use today it will take more years than I'll be alive.

Hollywood does love to add unrealistic elements to shows but don't think that means that a government (don't just think the US government) cannot scan every email. I can, and does, happen (and it's not hard to do). Look at just one company, like Facebook. They were in the news recently for their computer center consuming as much power as the entire city around it. These centers don't just have 10 computers in them, they have thousands. You think the government hacking centers just have one desktop PC to do their jobs? You think China has only five?

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

Enough about this. I deal in reality. Been hearing about all this for over 40 years, and other than a few scattered instances of e-mail hacking,(out of the trillions of e-mails that get sent, if 500 get hacked, that is inconsequential) I still consider USPS far more dangerous than e-mail.

I started being a computer person when -load*.*,8,1- was the command to get started. The computer had a total memory of 64K, only floppy drives, and 40 character lines on the screen.

Still waiting for "Big Brother" to show up.

The cordless phone in your office is the most wide open source there is. I use only hard wired phones.

Subjecting clients to have to deal with decrypting simple e-mails is "a bridge too far." Most have trouble just reading, sending or attaching information to e-mail. Sad to say, but that is the state of most of America.

I also saw the black helicopters with blue helmeted troops flying around here today. The "Harp" project in Alaska is responsible for the unusual weather we are having. All our water supplies have been contaminated with DiHydrogen Monoxide. (DHMO) Google it if you don't believe me. Maybe the "One World Government" is on the way after all. (SARCASM ALERT)

  • Like 1
Link to comment
Share on other sites
MAMalody

MAMalody

Posted
Posted

My e-mail account at aol was hacked a few years ago. What a shock when I couldn't use it because they had sent out some obscene material on it. Good thing I was indirectly working for aol at the time so it was not too difficult to get reset up...just took some time. You can be hacked!

Link to comment
Share on other sites
Steven52

Steven52

Posted
Posted

...if 500 get hacked, that is inconsequential

I guess it depends on whether or not it was YOUR email which was hacked and exploited (and resulting credit report destroyed).

I still consider USPS far more dangerous than e-mail.

Opening, reading, and resealing trillions of envelops is a lot different from having computer programs scan text for key words/numbers.

The cordless phone in your office is the most wide open source there is.

Agreed, huge security risk.

Subjecting clients to have to deal with decrypting simple e-mails is "a bridge too far." Most have trouble just reading, sending or attaching information to e-mail. Sad to say, but that is the state of most of America.

I agree that encryption needs to be easy, that's why I encourage people to use TrulyMail instead of trying to install three different applications, configuring each with a series of options, only to end in frustration. Things need to be zero-click-easy. Not many people drove early cars... until they made them easier to use, now everyone can drive.

I also saw the black helicopters with blue helmeted troops flying around here today. The "Harp" project in Alaska is responsible for the unusual weather we are having. All our water supplies have been contaminated with DiHydrogen Monoxide. (DHMO) Google it if you don't believe me. Maybe the "One World Government" is on the way after all. (SARCASM ALERT)

Please do not consider my earlier links to Google to claim that anything which can be found on Google to be true, honest, or even reasonable. However, when you see the same story listed by CNN, BBC, Reuters, etc., it is reasonable to assume it's true. I'm sure you're a reasonable person and already understand this.

Link to comment
Share on other sites
Don in Upstate NY

Don in Upstate NY

Posted
Posted

My personal experience with a hacked account:

I have a Gmail account that I use for most non-critical e-mails. As you may know, Gmail maintains an address book and archives your messages indefinately. About two years ago, that account was hacked.

My first notice that something was wrong was a series of ten phone calls within an hour from people in my address book telling me that they had received the classic "Lost my wallet in London, please send money" e-mail. We wondered why anyone would try such a well-known scheme.

I attempted to login to Gmail, and was informed that my passowd was incorrect. I attempted to reset the password and Gmail told me that the new password was sent to my secondary hotmail address [problem - I don't have a hotmail address]. Further correspondence with Gmail security indicated that this sequence of events fell into a protocol that required the account be frozen for a week before any more changes would be accepted.

After a week I regained control of the Gmail account and the true extent of the hack was revealed.

My secondary e-mail address had been set to the [bad guy's] hotmail account.

A copy of all incomming e-mail was being sent to the [bad guy's] hotmail account.

Then I looked at the log of activity for the period when I didn't have control of my account. Besides the "London" e-mails, only one other e-mail had been sent. That was a copy of the only e-mail in the archive that had the work "Taxes" in the subject line and an unencrypted attachment. This was no casual hack - the bad guy was serious.

Link to comment
Share on other sites
Jack from Ohio

Jack from Ohio

Posted
Posted

For the record, I trust nothing from any news media when it comes to technology. Remember Y2K?

USPS thieves only have to look for any mail with "Important Tax Information" written on the envelope, which is an IRS requirement now.

Soft passwords and typical answers to challenge questions allow hackers into online e-mail accounts. If you choose to use them, make a strong password and use incorrect answers to challenge questions.

If you don't lock the front door of your home when you are gone, don't be surprised if you have unwelcome visitors. Same applies to your online e-mail accounts.

Link to comment
Share on other sites
ILLMAS

ILLMAS

Posted
Posted

There is a big difference between your account getting hacked vs hijacked. Hacked will be when someone opens your account by figuring out your password, hijacked (caused by trojan virus usually) is when your email account sends out emails to all your contacts. Usually this happens when you opened an email that contained a virus that replicates by sending emails to all your contacts, someone that can't spot a sketchy email will open it and and infect thier computer. A good and up to date antivirus software usually catches them, but best bet is not open an email of people you don't know and just delete them, avoid the headache or embarrassment when your contacts start calling you and tell you, you sent me an email that blasted porn websites on my computer that won't go away. If you do a google a search there is a ton of information and how to prevent getting your account hacked or hijacked.

MAS

Link to comment
Share on other sites
ILLMAS

ILLMAS

Posted
Posted

Against my better judgement, I'm going to post in this thread one more time. Just one question.

Would you be comfortable making a purchase online over a connection without SSL encryption?

Great question, but I think most people won't know "watcha talkin' bout' Willis" when it comes to SSL, so here is something to get an idea of what the question relates to:

http://www.biztechmagazine.com/article/2007/07/http-vs-https

Link to comment
Share on other sites
mcb39

mcb39

Posted
Posted

I am not sure anyone changed their mind about the security or lack of it in email, but it is an interesting discussion nevertheless and I feel like I learned somethings from the posts, both pro and con. And it was at least a civilzed discussion, which i think we need more often!

AMEN to that.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...