Softpanorama

May the source be with you, but remember the KISS principle ;-)
Contents Bulletin Scripting in shell and Perl Network troubleshooting History Humor

Email snooping

Gentlemen don’t read other gentlemen’s mail

Many women in this and other countries country routinely scan emails and cell phones of their partners. It is part of their  fidelity and relationship surveillance. Should a man really be prosecuted for doing the same thing that occurs under every roof on a regular basis?

Protecting Yourself From Snooping – Worst Case Scenarios Planet Infowars

June 30, 2012

Protection against snooping, is, in some sense, about being paranoid in a rational way. Trusting governments and big corporations too much is to be naively gullible and being too paranoid is a sign of mental disorder. A good balance is somewhere in between. Even with that in mind, to examine worst case snooping scenarios is useful to cover all the bases.

In a better safe than sorry approach, here some worst case snooping scenarios will be examined briefly. In practice some limitations will be needed however since a real worst case scenario would include the possibility of black op projects having access to technologies that are like science fiction compared to what is available on the public markets. Therefore this article will limit the technology to what is available publicly today. There will still, as described below, be many extreme cases. Disclaimer: The scenarios described in this article are possibilities that may or may not be real.

Today most people have a cell phone, and many carry it with them basically all the time. A cell phone is an excellent potential snooping device. First, it can track your geographical location, and secondly, it can record sound from your surroundings, such as picking up what you and others nearby are saying, even when the phone is off.

Money can be tracked, even cash such as tracing the serial numbers on bills. With credit/debit cards it’s even easier to record your purchases but even when you are using cash only, they will know what you buy, when and where.

Your Internet connection can be tracked. The worst case scenario here is that the hardware in your computer, tablet and smartphone etc has what is called a key logger that records your every key stroke and sends it all on a regular basis to a snooping agency. Your IP address can always be tracked even when you use means to disguise it since your ISP will always know it and all your activities can be traced back to it. Your web camera records you all the time and snooping agencies can at any moment look at you through it and listen via the microphone. And a more technical note is that you will not be able to detect the snooping traffic with an IP sniffer since that traffic is disguised on the hardware level.

When you use standard encryption, they will still be able to snoop on you. Agencies can decipher all information encrypted with standard encryption technologies, such as SSL on the Internet.

The location of your car can be tracked 24/7 and what you talk about in the car is being recorded and listed to by snooping agencies.

Tiny cameras an microphones record and track your every move in public and at your work.

How likely are the above scenarios? Some are more likely than others. For example, tracking the geographical location of your cell phone is simple to do technically while recording and snooping via your web camera is more difficult technically since it requires a lot of bandwidth and the Internet traffic from that kind of snooping is tricky to conceal.


Top Visited
Switchboard
Latest
Past week
Past month

NEWS CONTENTS

Old News ;-)

How to avoid snooping by the NSA Prism program - San Jose Mercury News

The recommendation encrypt your mail is a little bit naive as snooping usually take place on end points, where mail is already decrypted...  But nothing prevents you to ssh to the server in Europe and send mail from Europe.

LONDON -- Phone call logs, credit card records, emails, Skype chats, Facebook message, and more: The precise nature of the NSA's sweeping surveillance apparatus has yet to be confirmed.

But given the revelations spilling out into the media recently, there hardly seems a single aspect of daily life that isn't somehow subject to spying or surveillance by someone.

Experts say there are steps anyone can take to improve privacy, but they only go so far.

Using anonymity services and encryption "simply make it harder, but not impossible," said Ashkan Soltani, an independent privacy and security researcher. "Someone can always find you ---- just depends on how motivated they are."

With that caveat, here are some basic tips to enhance your privacy:

ENCRYPT YOUR EMAILS

Emails sent across the Web are like postcards. In some cases, they're readable by anyone standing between you and its recipient. That can include your webmail company, your Internet service provider and whoever is tapped into the fiber optic cable passing your message around the globe -- not to mention a parallel set of observers on the recipient's side of the world.

Experts recommend encryption, which scrambles messages in transit, so they're unreadable to anyone trying to intercept them. Techniques vary, but a popular one is called PGP, short for "Pretty Good Privacy." PGP is effective enough that the U.S. government tried to block its export in the mid-1990s, arguing that it was so powerful it should be classed as a weapon.

Disadvantages: Encryption can be clunky. And to work, both parties have to be using it.

Email Snooping With No Warrant Authorized By Senate

 December 27, 2012

On Christmas Eve the United States Congress passed a bill that would update the Video Privacy Protection Act that would make it legal to automatically share your Netflix viewing history on your Facebook profile. Previously, privacy laws did not allow such a practice although many users likely will have no problem with such information being shared in the first place. However, at the same time the Democrat-controlled Senate also cut a separate amendment that would have required Federal law enforcement like the FBI to obtain a warrant before monitoring the email of its own citizens.

Senator Patrick Leahy wrote the amendment with the intention to change the 1986 Electonric Communications Privacy Act. According to AllGov, the current laws allow Big Brother to intrude on our privacy pretty much at will:

“Currently, the government can collect emails and other cloud data without a warrant as long as the content has been stored on a third-party server for 180 days or more. Federal agents need only demonstrate that they have ‘reasonable grounds to believe’ the information would be useful in an investigation.”

An aide to Senator Patrick Leahy spoke to BuzzFeed and said that they plan on pressing on despite this setback:

“[We have] always known that it would need to be a multi-year effort, but that getting a vote in November on his email privacy protections would keep the momentum going. It was known by everyone that it would not pass in the lame-duck session, especially in the House.”

According to Tech Spot, Chris Calabrese of the American Civil Liberties Union says more effort needs to be made by Congress to make electronic privacy laws a higher priority:

“Changes to electronic privacy cannot happen piecemeal. If we are to achieve true reform — which means getting full protection for Americans’ inboxes and private communication — we cannot give priority to special interests. If Netflix is going to get an update to the privacy law, we think the American people should get an update to the privacy law.”

Do you think that the Federal government law enforcement should be allowed to monitor emails and any other types

Snooping highlights lower privacy standards for email, cellphones

Law enforcement can potentially spy on the American people without their knowledge or an oversight from a judge, thanks to antiquated laws that privacy advocates say haven't kept pace with technology advances.

"We haven't had a wide-scale change in our privacy laws since the 1980s, and imagine where we were with technology back then compared to today," said Mike Brickner, director of communications and public policy for the of Ohio.

Government agencies don't need in many cases to obtain people's private emails, electronic messages and cellphone records. Instead, they can acquire the records through subpoenas, which require less strict standards of evidence.

Law enforcement is increasingly using its subpoena power on social media providers like Google to obtain information on users during . The reporting requirements are such that average Americans may never know they are being snooped on unless the surveillance results in criminal charges.

The U.S. Department of Justice used subpoenas to secretly seize phone records of editors and reporters from the Associated Press, allegedly as part of a leak investigation, without first getting a warrant from a judge. Critics said the amount of information the government collected was "harassingly broad" and unconstitutional.

"I am confident our members are outraged and concerned about the targeting of journalists by the Justice Department without prior knowledge, advance warning or the approval of a judge," said Dennis Hetzel, executive director of the Ohio Newspaper Association.

The Justice Department also sought emails in a leak investigation involving Fox News reporter James Rosen, though in that case the department filed an affidavit for a search warrant, which does require judicial approval.

Information obtained from subpoenas has helped local authorities catch dangerous criminals. Cellular records helped prove that one murder suspect's alibi was a lie, and Internet subscriber records have helped identify sex offenders.

But said the government too easily can access many personal communications and other private information without sufficient probable cause. They are calling on Congress to stop "warrantless snooping" by updating digital privacy laws to account for the rise of cellphones, social media and email.

Warrants are necessary to wiretap phones and listen in on conversations as part of the Fourth Amendment's protections against unreasonable searches and seizures. Authorities usually also need a warrant to seize letters sent through the mail.

But different rules apply to digital communications, even though emails and texts have replaced letters as the primary forms of written communication.

Under the 1986 Electronic Communications Privacy Act, the government does not need a warrant to obtain emails and electronic messages that are 180 days old or that have been opened, experts said.

"The statute says that only a subpoena is necessary," said Paul Rosenzweig, a visiting fellow with the Heritage Foundation, a conservative think tank in Washington, D.C.

Subpoenas have become a go-to investigative tool because they can be written out in a prosecutor's office without anyone's review, Rosenzweig said.

"It is very rare that investigators will jump through the hoops that you need to go through to get a wiretap order - which requires a fairly high standard - when they can get email and other stored records much more easily," said Julian Sanchez, research fellow with the Washington-based Cato Institute, which seeks to advance limited government and individual liberty. "The records are subject to an almost trivial standard of evidence, which is relevance to an investigation."

How the information is used depends on what the government finds.

"If your email is lawfully acquired, anything disclosed in the email can be used by the government," Rosenzweig said. "If they solicit your emails because they think you are a drug dealer, and it turns out they are wrong but you have emails about undisclosed income you have in the Cayman Islands, they will take copies and send them to the IRS."

It is unknown how often government agencies obtain personal emails or information about email users as part of investigations.

Only a small fraction of government requests for electronic records is subject to reporting requirements, experts said. As a result, the scope of the snooping is largely a mystery.

But in the last six months of 2012, Google - which offers email, video chat and instant messaging through its Gmail service - said it received 8,438 requests for user information from U.S. law enforcement agencies. About 70 percent of requests were subpoenas, while about 22 percent were probable-cause warrants.

Google, Microsoft and some other major companies said they will not release the contents of subscribers' emails and electronic messages unless they receive a warrant. Google, however, reported producing other noncontent subscriber information in almost 90 percent of the law enforcement requests.

Microsoft - which owns the Outlook.com email service, formerly known as Hotmail - said last year it provided subscriber and transactional data in two-thirds of the 11,000 requests from U.S. law enforcement it received. In 14 percent of the requests, Microsoft produced the content of emails.

Transactional information can include who sent and received messages, when they were delivered and possibly the location where they were transmitted. Such information is invaluable in many law enforcement investigations.

Prosecutors in New York subpoenaed Twitter for tweets, IP addresses and other information of an Occupy Wall Street protester who was charged with disorderly conduct for marching on the roadway of the Brooklyn Bridge.

Twitter fought the subpoena in court but eventually turned the information over, said Thaddeus Hoffmeister, law professor with the University of Dayton School of Law.

"Twitter fought them a little, but generally social media providers roll over and give your stuff up," he said. "They don't want the government to step in and regulate them more heavily."

Subpoenas don't always produce the contents of emails, but they can reveal other information useful to law enforcement.

The Ohio Bureau of Criminal Identification subpoenaed AT&T Internet Services to identify a Beavercreek, Ohio, man who owned an IP address associated with child pornography.

The man's home was searched, and he was arrested and convicted of multiple felonies.

Government agencies also can acquire cellphone and text message records through subpoenas, which can include geolocation data showing where the phones were at certain times.

That, too, can be a case-solver for police.

In 2010, Trotwood, Ohio, police subpoenaed records from Cincinnati Bell that showed a murder suspect had lied about his whereabouts at the time of the homicide.

The suspect claimed to be in another town when the victim was killed in Trotwood.

But wireless records showed his cellphone signals were transmitted by towers near Trotwood around the time of the killing.

Cincinnati Bell said it does not know how often it receives subpoenas and other requests for information. But the company said it follows strict procedures when responding to the requests.

"Requests from law enforcement or subpoenas by the courts are handled by the office of our corporate counsel to ensure that we're complying with all applicable laws in this area," said Angela Ginty, spokeswoman for Cincinnati Bell.

In 2011, federal, state and local law enforcement agencies made about 1.3 million requests to some of the largest U.S. cellular providers for the wireless device records of customers, according to information obtained and released last year by Rep. Edward Markey, D-Mass.

The requests from law enforcement asked for information including geolocation, call records, content of text messages and wiretaps.

AT&T received 131,400 subpoenas for cellular records in 2011, more than double what it received in 2008, according to a letter from the company. It also received 49,700 warrants and orders in 2011.

Many U.S. agencies are tracking cellphones without warrants and demonstrating probable cause, according to an ACLU analysis of documents from about 250 police departments.

Additionally, people whose phone and email records are obtained and scrutinized by the government will likely not find out about the intrusion if they are never charged with a crime, privacy experts said. The law does not require that the government notify subscribers of third-party services that their records were put under the microscope.

John Murphy, director of the Ohio Prosecuting Attorneys Association, said evidence in a criminal case obtained through subpoenas can be challenged in court - a protection for those who believe their privacy has been violated.

"If the person (whose information) is being subpoenaed thinks the subpoena is overbroad and asks for things it shouldn't be asking for, they can file a motion to quash, which goes before the court," Murphy said.

But privacy advocacy groups said more protections are needed.

The proposed Electronic Communications Privacy Act Amendments Act of 2013, now pending in Congress, would update the 1986 law by requiring the government to obtain a search warrant to get the contents of emails, texts, social media posts and other communications stored with third-party service providers. The legislation, which has bipartisan support, would also eliminate the 180-day rule on electronic messages, and require the government to notify people when it seizes their electronic communications.

Domestic spying and intelligence-gathering activities that do not require a warrant are rife with potential for abuse, said Brickner of the ACLU of Ohio.

"Once you can justify wrongly surveilling one group of people, it is very easy to do it with other groups that come along," he said. "We need to change some of these laws and reverse this tide, otherwise we are just going to hear about these outrages and hear about the press being surveilled and political groups being wrongly targeted."

PRIVACY V. INVESTIGATIVE AUTHORITY

Companies like Google and YouTube have policies governing the type of information they will reveal to investigators under a subpoena: subscriber registration information, sign-in IP addresses and associated time stamps, for example. Subpoenas can be used in both civil and criminal cases.

The Cyber-Snooping Spouse Protecting Email Communications during Divorce Arizona Family Law

Sadly, contested family law cases often bring out the worst in people. Some people will go to extremes to gain the upper hand in a litigation context. Spousal snooping occurs when a spouse surreptitiously monitors the other spouse’s computer activity. While this practice is generally viewed as criminal in a civil litigation context, in family law cases the legalities become much murkier; For instance, is a spouse permitted to install spyware or key-stroke monitoring software on a “family” or “community” computer to track the other spouse’s activity? Generally, the answer is yes. What about after the divorce papers are filed? What if one spouse moves out of the marital home after filing; may he or she continue to monitor the family computer left behind? And what about emails; may a divorcing spouse read the emails of the other spouse after the divorce papers are filed?

As a general rule, I tell clients that if they are still living together as husband and wife and no legal action has been commenced, neither party has a reasonable expectation of privacy, especially if they are dealing with a family computer. After a legal petition has been filed, or after one party has left the marital residence, the issue of cyber-snooping becomes more problematic. Right or wrong, during family law litigation it is quite common for divorcing spouses to monitor the other spouses email activity. The cyber-snooper will generally defend his (or her) activity by claiming that the other spouse gave his password to her during the marriage, and therefore she assumed she still had “permission” to read the other party’s emails. While the legalities of this behavior could be argued back and forth, some practical advice is in order:

I tell all potential clients to assume that their emails are being monitored by the other party. I advise every client to create a new email account on a secure server at the commencement of the litigation. While this will not entirely thwart the dedicated computer hacker, it will protect most people in most cases. This is especially important if the client intends to communicate with his or her attorney through email. While it is improper for third persons to review confidential, attorney-client protected communications, it happens. Take precautionary steps to assure that your cyber communications are kept confidential and that they do not fall into the hands of an adversarial party. For more information, or to schedule a free consultation with myself, Mesa mediation attorney Tim Durkin, feel free to contact my office at (480)-779-7972

 

Is Email Snooping a Crime?

December 27, 2010 | WSJ.com

. Article Comments (23) Law Blog HOME PAGE ». smaller Larger .facebook twitter google plus linked in inShare.6EmailPrint smaller Larger facebooktwittergoogle pluslinked ininShare.6EmailPrint By Nathan Koppel Michigan resident Leon Walker faces a peculiar predicament: he’s been charged with a felony for secretly checking out his wife’s email account.

Using his wife’s password, Walker accessed her Gmail account and learned she allegedly was having an affair, according to this article in the Detroit Free Press.

State prosecutors in Michigan have charged Walker under a statute used typically to prosecute identity theft or theft of trade secrets, the Free Press Reports. (Hat tip: JonathanTurley.org)

Walker, who divorced his wife this month, faces a criminal trial in February and up to 5 years in prison.

A few weeks back, we noted that the Sixth Circuit had ruled that people have a reasonable expectation that their emails will remain private and further that the government needs a search warrant to snoop through emails stored by Internet Service Providers.

But criminal charges for surreptitiously checking out a spouse’s emails?

It’s a legal gray area, the Free Press reports, and Walker could be helped by the fact that he was still living with his wife and had routine access to her computer. “It was a family computer,” Walker told the Free Press.

Oakland County, Michigan prosecutor Jessica Cooper told the Free Press that she was justified in charging Walker. “The guy is a hacker,” she said. The email account “was password protected.”

In a voice message left with the Law Blog, Cooper added that two judges have denied Walker’s motion to dismiss the charges. Walker and his wife “were in divorce proceedings and had separate email accounts, separate computers, separate everything,” Cooper said.

Michael McCulloch, who represented Walker’s ex-wife in the divorce proceedings, declined to discuss the criminal charges against Walker.

Leon Weiss, who represents Walker in the criminal case, told the Law Blog that his client was wrongly charged under a statute that is aimed at the hacking of government computers.

“If the Michigan legislature had wanted to prohibit one spouse living under the same roof, with a shared computer, from reading a spouse’s email, they could have constructed the statute to prohibit that,” he said. “There is no real expectation of privacy in email,” Weiss added. “It’s too out there.”

We recommend checking out Weiss’s work bio, which is one of the more entertaining we have seen and includes this quote from Weiss: “I have a competitive fire which has raged white hot ever since I was a kid. . . even when playing a board game, I go for the jugular!”

Tim

In 2003 I was told I could not charge my GF with Felony level privacy invasion (misuse of telecommunications and similar laws and as relating to rights to privacy – look the up, they are real)… because I willfully gave her access to my computer while we studied together at my home. I think this, while I disagreed with it at the time, makes sense. However to presume that a spouse is not allowed to read the others email is 100% absurd. Between strangers or even an acquaintance you allow access on your computer to check their emails or whatever is a totally different story. The law Leon is being subjected to is not well known, and he does have a right to protect his children, he should be awarded full custody and she should be forced to pay him child support and so on. The assault on men in this country needs to stop.

Robert:

This is really interesting, but it would be helpful to know more details, like whether the alleged “snooping” occurred pre- or post-divorce filing; and whether he actually used his wife’s password to log in to her account to access the e-mail messages.

If it was really a “family” computer, pre-divorce and regularly used by both parties, and the messages were simply visible on the local computer (either stored locally or if she didn’t log out and left them on the screen), it would be hard for the wife to claim he violated her privacy. It would be similar to her leaving printed copies of the messages lying on the kitchen table for anyone to see.

On the other hand, if the husband used her password to access her personal account, especially if that was done post-divorce filing, then I’d say he has a big problem.

Getting married doesn’t (or at least shouldn’t) mean that I completely give up my right, or expectation, of privacy. Clearly, married couples living in the same house have less privacy than other people, but I certainly hope I still have some legal rights.

Sally

The above comments seem to be asking a few questions; (1) : When did it happen? Before the application for divorce or during the divorce proceedings ? If before the application for divorce, then no prosecution should take place. During the divorce proceedings? Then prosecution should take place. (2) If married, can you be prosecuted for hacking your spouses e-mail accounts?

The two questions, however are not seperate. We must answer question (2) before question (1). For we must establish what is permissable in a marriage and what is not. Is it permissable to read your spouses e-mail, under normal-marriage circumstances, even if the e-mail is passoword encrypted? This question can be resolved by reviewing the marriage contract itself. For what does one say, typically, in a marriage ceremony? Something like, for example: “forever together…united into one..no adultery..no secrets.. share all..”? Or some such thing. If so, then, if one is genuinely adopting the spirit of the marriage vows, then there are no secret e-mails, even if the e-mails have been encrypted. But those who argue that somethings are not to be shared, may indeed be correct, on the condition it is stipulated in the marriage contract that “e-mail accounts are not shared..”. This sounds foolish, but it isn’t. it only iluminates the understanding of what a marriage commitment is all about, which newly-married couples nowadays, haven’t got a clue.

The other problem is this: rather than putting the man in jail, he should be let go, be free, with no penalty because the proescution, as it is the first of its kind, has no legal precedence. There is a child involved, too. Would the male spouse be sued for nelegenece if the female adulterer ( it doesn’t really matter who is having the affair), was having an affair wth an on-line child molester, who when seceretly introduced into the home of the adulterer, injured the child?

5 years is a very long time in jail, lest we forget. And after his freedom his life will forever be tainted by his served time. The woman, if she ever loved him in the least amount, would not, surely, allow this to happen to an otherwise good citizen, who has provided for his wife and child for many years.

Bystander wrote :

As a married unit, you do have to protect your family. I totally and completely agree that the snooping is justified. This man has the possiblity of not only having his name being slandered, his children taken/removed from his life, and lets not forget the financial credit in the end is tarnished. If he is loosing all of these things, he better be losing them for a good reason. And I believe adultery not in any form an acceptable reason.

David Kallman wrote :

I am an attorney in Lansing, MI, and I successfully defended a client who was charged under the same felony hacking statute in Lansing, MI. The prosecutor is clearly over-reaching by charging the husband under this computer hacking statute. My client was charged under the statute for simply changing his ex-girlfriend’s password in her Yahoo and Facebook accounts. The charges were ultimately dismissed. See kallmanlegal.com/computer-crime-on-the-rise.html.

Snooper myself:

I have been doing the same thing for about a two years now with my wifes email and mother in laws email. They both gave me the password to their emails quite some time ago. i started checking my wifes email when we started having problems in our marriage. She was talkng to her mom about our problems, and I asked her not to go to her mom about our problems. Her older sister was having problems with her husband, and the mom was not giving good advise to help them, she was bashing the husband any way she could. With the mom doing that, she is putting a bad image in her daughters head about her husband. Ya ya ya I know she has a mind of her own, but if someone is always tearing someone down your going to change they way you think about them. So anyways, this is why I have been looking myself. Sure enough, I was right. The mother in law was just bashing me left and right. I would ask my wife if her mom was bashing me. She said “She would never do that. She loves you’. So every now and then I check the emails and print out the negative bashing about me. I also found out they were snooping in my email. I asked my wife about it and she got enraged that i would ask her about that. I found the info on her phone and looked up the IP address of who looked at my email. It was her phone and her mom’s IP address of her home computer. So lucky me no felony charges on my end, or they both will go to jail as well…..

Emails and text messages tell the real story about your spouse or partner. You share everything together. Bathroom, bed, shower, soap (think about the last place they wash and the first place you wash) cars, drinks, and saliva. Can’t share much more than that. But email is more private than that. Come on. She was just mad she got busted and the attorny is trying to pull out everything to win her case. Get some morals before you charge this guy about finding out his wife had an affair.

kallmanlegal:

The prosecutor keeps using the term “hacking” to describe what the husband did here in looking at the emails. However, the statute does not use this term in defining what is a criminal act under the statute. By the plain terms of the law there is no violation here. In the case we got dismissed against our client, he was given the password by his girlfriend. Therefore, his use was authorized and not criminal. Mr. Walker claims he also was given access to the password by his wife. I do not see how a jury could find him guilty beyond a reasonable doubt based on this authorization by his then wife. See our blog at kallmanlegal.com for a discussion of our case.

Girly:

I have been going through 3 year divorce. During this time I moved out into a different home after years physical abuse and his adultrey. I leased the home paid and for my own internet. I took a old family computer when I moved out. My ex broke into my home and placed spyware on my computer. I have all the evidence of it on my computer. In addition, he was arrested for placing a tracking device on my car during a Protection Order I had on him. He was arrested for felony stalking for violating the TPO. During the investigation it was confirmed he had purchased spyware and it was mailed to him. I have made a police report for the spyware 4 months ago and nothing has been done by the police. Its basically sitting on their desk. They did call me in to tell me that it was a marital computer and did not think they could do anything. Again, I moved out into my own home. I also have a court transcript of his admission to this crime in divorce hearings. My ex reports to the judge that it was a marital computer. Judge said nothing but he was not sure if it was against the law. We did file for divorce prior to his spyware on my computer. WOW.. I am amazed that this case is going through. Would like feedback regarding my case? My divorce won’t get finalized because my ex wants to continue to attempt to gather evidence. I have spent 45,000 in legal fees and can’t get a divorce because he won’t agree to anything. Should he be charged or will I end up all over the news and blogs………………

Jan:

My ex-fiance downloaded spyware on my computer without me knowing, and we have been split up for a while, but he can get into my bank accounts and email accounts.

Its more of a “keystroke spy”, so it documents EVERYTHING you type, so he sees my passwords, even when I try to change them. There needs to be a more specific law put into place to protect people from this. I have no idea what to do, and I have no money to take it to a technician or to get a spyware protector (even then, It would be hard to tell whether the spyware protector is working.) ive heard that you need to back up your files, strip your hardrive and install windows all over again…but..I cant afford it. What can I do?

 

E-Mail as Protection

Documentation of communication with others has been a need since the written word. This has progressed from chisels and stone, to papyrus and ink, to moveable type on paper to the electronic communications of the current day.

Electronic communication and its documentation has progressed from simple analog recording of the oral sounds of airwave or wired communication to the rapid transfer of the current electronic mail.

E-Mail as it is called has been used in many forensic investigations and all have seen this in some of the more popular forensic television programs. It is likely that the majority of the users of this very useful method of communication do not know all the twists and turns the message takes once the send is done. A casual conversation with many who use this method of communication will reveal a general impression it is equivalent to a letter mailed in the Postal Service except it is in electronic form. It was actually quite clever of the early designers and users of this system to call it mail. If the casual user of this system understood the convoluted path these messages take and how easily they can be intercepted and copied they would be astounded. That little title, mail, just gives it that illusion of the same privacy as a letter in the Postal Service.

The documentation of communications has usually been done to maintain a record for future reference. This saved message can be a crucial piece of evidence to refer to in many types of disputes. It is however a two edged sword and one must always remember that any message sent may be saved and later referred to. Since that is the case the following simple legal advice pertains; Never Write Down Anything You Don't Want To Defend In Court!

A closer look at the types of messages sent by an individual or organization gives a simple initial classification.
1. Simple chatty messages that have no risk if viewed by others.
2. Messages that contain specific information that has a limited intended audience and should be protected from snooping It seems reasonable to lump all the spam, general information and advertising messages to category 1. The subject of pornography associated messages is complex and it should be remembered that a good forensic investigator can likely read anything that has happened in a system.
Those messages with specific sensitive information can take on even more significance if business or legal reference is made to them in any future time. This leads to the following advice: E-Mail Can Be A Protection And A Tool. To fully use these functions of E-Mail a system must be able to protect the message from being snooped and it must be able to prove receipt of the message of the message and have a file of these for future proof as needed..

 
Snooping Protection:
The basic concept of protection from snooping involves making the message unreadable by anyone who does not have the secret of being able to read it.
This short article is not a comprehensive discussion of the techniques of such protection. Simply put the message is hidden within a system that requires a key to read the real message. Message coding and decoding techniques have been around for centuries.

However the more complex techniques can be so difficult they will not be discussed. The simple concept is to encrypt or code the message such that it requires the reader to enter a key that presumably only the reader knows.

If one looks at the options on commonly used E-Mail programs, an option to code the message is seen. There are other more complex methods that need to reside on message servers and are within large systems used by business and governments. The simplest general system is called PGP (Pretty Good Privacy) and is available to anyone. The concept is for a public key known to all who communicate with an individual and a private key known only to the individuals sharing a particular system. The specified reader needs to use the private key to open and read the message. It is a simple system and likely adequate for all but the most secure information. The more comprehensive, secure systems will not be discussed but they can be so difficult that even the most skilled code breakers have trouble reading the message.

The general concept to protect against snooping is some form of coding the message so only the intended reader can see the actual contents of the message.

 
Proof of Receipt:
This concept is discussed as proof of receipt is chosen because the cold fact is that someone other than the intended recipient could have obtained the key and be able to read the message. In these days of increasing problems with identity theft the possibility that another person than the intended recipient can read the message has increased. The keeping safe a password is an ongoing problem.
When an email is received in most of the current systems it is possible for the sender to request a read receipt. This is a switch that can be set on when the message is sent. However to call it a read receipt only tells the sender the message was read and the read receipt return request that the reader saw was checked yes. This never tells the sender that only the intended recipient has opened and read the message. Most of theses read receipt systems also give the reader the option of answering no and thus the sender may not get a read receipt.

The more secure way of telling if the message was opened is to have the particular communication program send a confirmation of that to the sender in the background such that the reader does not even know it is occurring. The more ethical communications programs that do this will inform the readers that this will occur when they install the program. With such a system the sender at least knows the location of the intended recipient has opened the message.

The United States Postal Service has a product called Certified Mail with Return Receipt. This means when the letter is sent the sender fills out two forms and one of these is a postcard that comes back to the sender. The postcard is signed by whoever took receipt of the letter and signed the form the Postal Service employee gave them to sign. Once again this does not mean the intended recipient actually got or read the letter! This system only tells the sender the letter was received by someone at the intended address. However an important legal principle has been set. If the postcard is returned to the sender at least the person who signed the Postal Service form and the postcard is accepted as actually receiving the letter. The law now assumes that the sender has fulfilled any legal obligation required to inform the supposed recipient of some particular information. Most recipients of such letters know this and respond as having received the message. It is, of course, possible for someone other than the intended recipient to sign for the letter. There is an option to have the intended recipient only to sign for the letter but unless the Postal Service employee knows and can identify that person it would still be possible for someone else to sign.

Two systems that tell the sender the message got to the location of the intended recipient have been discussed. Each has problems of actually telling the sender that the intended recipient actually read the message. The legal system, however, will likely recognize the sender has done all possible to notify the specified recipient of some specific information and thus absolve them of any legal responsibility for delivering the message.

 
Record Retention:
These proof of receipt of a message will do no good unless this proof is kept safe.

Most E-Mail programs have the option of placing certain messages in certain folders. These keep copies of the messages in these folders. However since any system can fail the usual admonition to backup the system applies here also. The multiple choices for such backup will not be discussed here. There are many sources of backup systems and programs. A good rule of thumb is to backup frequently and to make enough copies of sensitive information that one can be kept at a secure location away from the location of the primary computer. If the system is a large one of an organization or government it is likely that large, secure backup mechanisms are in place. In such systems the type of read receipt that is sent in the background to the sending system could go directly to such an archiving backup system and that system notify the sender of the receipt.

 
The Three Principles:
The three principles of using E-Mail as a protection are simple:
1. Prevent snooping with some form of encryption.
2. Obtain proof of receipt of the message.
3. Keep secure backup copies for future reference.

 
E-Mail can be a simple, pleasant, convenient method of communicating with friend and business associates. It is most generally used in this fashion. It can be used for secure, sensitive, limited recipient messages and have proof of receipt of the message. The use of E-Mail for sensitive communications and proof of such communication has some simple principles and these have been discussed in general. If it is intended to use E-Mail for such it is wise to consult with specialists in designing and implementing such systems.

Recommended Links

Softpanorama hot topic of the month

Softpanorama Recommended

 

Password Protection Act of 2012 A Good Start Against Employer Snooping American Civil Liberties Union

Cell-Email Snooping On Rise

Fight Back Congress Pushing Broad Internet Snooping Bill Demand Progress

Tech Dating 101 My Boyfriend Is All Up in My Virtual Business POPSUGAR Social

Spying on Your Spouse Online



Etc

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit exclusivly for research and educational purposes.   If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner. 

ABUSE: IPs or network segments from which we detect a stream of probes might be blocked for no less then 90 days. Multiple types of probes increase this period.  

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least


Copyright © 1996-2016 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License.

The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: February, 19, 2014