SlideShare a Scribd company logo

Protect Your Email Communications

Malcolm Out Loud
Malcolm Out Loud

All email communication is vulnerable to snooping by official and unofficial entities. What are the options available to protect and secure email communications? There are many alternatives from simple to complex, each providing a varying degree of privacy.

Self ImprovementTechnology
1 of 13
Download to read offline
PROTECT YOUR EMAIL COMMUNICATIONS (From the NSA, FBI, Hackers & Foreigners) E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC White Paper Protect Your Email Communications Exclusive Series 2 of 3
Situation All email communication is vulnerable to snooping by official and unofficial entities. What are the options available to protect and secure email commu- nications? There are many alternatives from simple to complex, each provid- ing a varying degree of privacy. Executive Summary & BackGround Billions of email messages flow through thousands of Internet computer servers daily and most are in “plain text” meaning they can be easily read by anyone who intercepts them. The process of sending a simple email involves sending multiple messages over the internet to complete the mail delivery. E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
In this graphic we see that a simple message from Alice to Bob involves mul- tiple communications links across the Internet, each one of which may be intercepted using readily available software and hacking techniques. Alice creates her message on her computer, tablet or smart phone and sends it to her email provider (smtp.a.org). The ISP stores the message while it con- tacts the Name Server to convert “b.org” to the IP address of pop3.b.org. With the IP address, the message is forwarded to that email server then into the email box for Bob at pop3.b.org. When Bob next checks his email box he downloads the email message from Alice completing the transaction. Problem In reality, nearly all emails travel a more circuitous route through the Inter- net passing through multiple servers and communications links. At each of these servers copies of the emails are saved, at least temporarily. And, if they are in plain text they can be easily read. Also, they are stored on multi- ple servers, sometimes for years, to prevent loss and for later investigation, review and customer retrieval at email providers such as AOL, Gmail and Ya- hoo. Under various US and foreign laws the service providers are required to provide access to the communications links and messages stored on their mail servers. Hackers and rogue employees also access these messages to steal information or cause harm to account owners. Don’t forget that computers, tablets and smart phones store your email messages until you delete them. Sometimes for years! If your device is lost or stolen, all of these messages are immediately compromised if they are still in plain text. Solution Providing absolute privacy is very difficult or maybe impossible given the ca- pabilities of organizations such as the NSA. However, there are several sim- ple steps that can be taken to make interception more difficult for the casual hackers and snoops. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
Here are suggestions for increasing the privacy of emails. 1. Use strong email passwords and change them often. The first and most important step for email privacy is use a strong password and change it often. Yes, remembering passwords and remembering to change them is difficult for most people. And we have so many passwords to remember today for bank accounts, email accounts, credit card accounts, etc. A simple and effective solution is to use a Password Manager. You create one secure master password that you can easily remember and it securely stores all of the rest of your passwords for you. There are several free ones available such as KeePass (www.keepass.com) and Roboform (www.roboform.com) and Dashlane (www.dashlane.com). And they also provide other login information simplifying your account access. Most work across multiple platforms (computers, smartphones, tablets, etc.) so a single master password access all of your passwords and login information. Some of the Password Managers even help you create secure passwords of random characters, numbers and special characters. If you use Norton Antivirus, they provide a free, feature rich program –Nor- ton Identity Safe- that securely stores your login information and shares it securely over the internet with multiple devices. A word of caution. Recently it has been reported that the US Government is demanding that major internet companies turn over their user’s stored passwords. This represents an escalation in surveillance techniques that has not been previously reported. If the government is able to determine a per- son’s password, which is typically stored in encrypted form, the credential could be used to log into an account, peruse confidential correspondence and even impersonate the account holder. Whether the NSA or FBI has the legal authority to demand an internet com- pany divulge a hashed password, salt and algorithm remains murky. The Justice department has argued in court proceedings before that it has broad legal authority to obtain passwords. So far, the results of two court cases ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
have been mixed. Both of these cases deal with criminal proceedings when the password holder is the target of a criminal investigation. They don’t ad- dress a hashed password that is stored on the servers of a company who is an innocent third party. If you are concerned about this loss of privacy for your communications then consider encrypting your messages when they are created and stored on your computer. And send them as encrypted attachments to emails. While this does not prevent the government or snoops from accessing your ac- count it does protect the privacy of your communications. For details on us- ing encryption, see paragraph 3 below. 2.Use SSL (Secure Socket Layer) and TLS (Transport Layer Security) to encrypt the communications link between your computer or smart phone and your email server. To secure the connection between your email provider and your computer or other device, you need to set up Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption--the same protection scheme that you de- pend on when checking your bank account or making online purchases. This is especially important if you regularly check your email or browse the web over open WiFi systems. Keep in mind that if your email provider is required to give access to government snoops or the system has been compromised by hackers, your emails on their server is plain text! However, securing this link is critical if you are using WiFi, especially in a public location. And, it also protects your privacy while web browsing. If you check your email with a Web browser (whether on a desktop, a lap- top, a smartphone, or a tablet), take a moment to ensure that SSL/TLS en- cryption is active. If it is, the website address (URL) will begin with https in- stead of http; depending on your browser, you should see some additional indication, such as a notification next to the address bar or a small yellow padlock icon on the status bar at the bottom of the browser window. Encrypted connection to Gmail using Internet Explorer 9. Note the 'https' in the address bar. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
If you don't see an 'https' address and other indicators after logging into your Web-based email program, type an s at the end of the 'http' and press Enter. If your email provider supports SSL/TLS, that instruction will usually prompt it to encrypt your current connection. Then browse your account set- tings to see whether you can activate encryption by default for future logins, and whether you can create or modify bookmarks or shortcuts to your email site using the 'https' address. If you can't force the encryption, check with your provider as they may not support SSL/TLS. If you use a desktop client program like Microsoft Outlook to check your email, or if you use an email app on your smartphone or tablet, you should still try to use SSL/TLS encryption--but in such situations, encryption is harder to verify or to set up. To do it, open your email program or app and navigate to the settings menu; there, your account will likely be labeled as a POP/SMTP, IMAP/SMTP, HTTP or Exchange account. Look for an option to ac- tivate encryption; it's usually in the advanced settings near where you can specify the port numbers for incoming and outgoing connections. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
You can enable encrypted connections in Outlook's advanced settings. It also requires the use of new ports such as 995 for POP3 and 465 for SMTP. If you use an Microsoft Exchange email account for work, for example, you'll find a designated area for security settings where you can clearly see whether encryption/security is enabled for the incoming and outgoing con- nections and for your Microsoft Exchange account. If it isn't enabled, check with your email provider to see whether the provider supports encryption, and consider switching to a service that allows SSL/TLS encryption. 3. Use Encrypted Email Service Using SSL/TLS encrypts the messages on the communications links from your computer to the email server. But, the message remains in plain text on ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
your computer/smart phone and on the email servers. Also, from your email server to the recipient the messages are again in plain text and readily available to snoops and hackers. For important messages containing information you do not want to share use f i l e e n c r y p t i o n . S i m p l e a n d f r e e p r o g ra m s l i k e Tr u e C r y p t (www.truecrypt.com) let you easily encrypt documents and files for trans- mission. Once the documents are encrypted, they can be sent as attach- ments to normal email messages. In this case, the files are fully encrypted from end-to-end meaning that at no time are they readable as plain text un- til the recipient decrypts them using TrueCrypt software and the same en- cryption key as the one used to encrypt the message originally. Of course, you must pre-share the key in a secure fashion to allow decryption. How- ever, the metadata is still plain text and may be intercepted, analyzed and stored by snoops and hackers. Also, it is generally believed that when snoops detect an encrypted file they routinely put it aside for future analysis and potentially cracking the encryption to read the message in the belief that it most likely includes valuable information. TrueCrypt is a very powerful and versatile encryption system with many ad- ditional uses. We will cover more of these capabilities in the next White Pa- per on Web Browsing. Some other email encryption products automatically encrypt your email messages for you and manage the process automatically inside email clients such as Microsoft Outlook as well as through webmail. Two of these are Sendinc (www.sendinc.com) and FlexCrypt (www.flexcrypt.com). Both of these offer free and paid services with an annual fee per subscriber. One of the advantages of these products is that the recipient is not required to have the software loaded on his device. To decrypt messages it is only necessary to enter the pre-shared key. And, you can respond to an en- crypted message without having the software loaded on your computer. Un- fortunately, at this time both of these products only work on Windows desk- top systems. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
Other products such as SilentCircle (www.SilentCircle.com) offer a suite of products for securing all communications, including email. It establishes a completely private communications network between clients and is not in- tended for general communications to Internet subscribers. For $10 per month, personal users get a comprehensive package of services. All commu- nications from users is encrypted peer-to-peer and SilentCircle does not have access to the plain text of communications. Their servers are outside the US which provides some protection against legal snooping but some lim- ited metadata is available, For commercial customers there are many more solutions for managed se- cure email and other communications services available at prices from low to very high. Banks, financial institutions and medical facilities are required to have and use these systems. 4. Hiding information in plain sight--Steganography Sometimes, when you really want to make sure people aren’t able to read your email or data, encrypting it may not be enough. While people won’t have immediate access to encrypted files, they may eventually find a brute force way to decrypt it, or they may force you to share the password and encryption algorithm. For cases like those, you’ll not only want to encrypt, but hide the data. Steganography, or hiding messages in plain sight, is another choice for se- curely sending messages and files. And they can be sent by open email sys- tems. In modern practice, steganography means taking a media file such as an MP3 or a jpeg image and burying data in it. The file still works as usual, and if you don't specifically look for the hidden data, you'll have no idea the encrypted information is even there. One good tool for this is OpenPuff, a powerful open-source steganography application that supports a wide variety of "carrier" formats for hiding data in, including MP3, JPG, and more. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
OpenPuff’s interface looks simple at first, but it does take some getting used to. For example, you could hide an important text message in an image file, and then post that file publicly online. Another party could then download the file and—using OpenPuff and a password you both shared in advance—process the file and extract whatever information you've buried in it. By default, OpenPuff asks you to protect your information with three differ- ent passwords, although it does let you dial that down to just a single pass- word. It even supports plausibly deniable encryption, and this is where things get really paranoid: Even if someone somehow realizes your seem- ingly innocent image or music file contains a hidden message, OpenPuff lets you hide a decoy along with the real message. Simply provide a different password, and the other person will extract the decoy out of the image, thinking they've won–but actually, your real secret will still be hidden in the file. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
OpenPuff lets you select the level of encryption and suggests that you use three passwords. Steganography usually works well for hiding short text messages or other condensed information; obviously, you can't hide an entire video file within another video file using steganography–there's just no room for all of those extra bytes. Still, if you need to hide a large amount of information, Open- Puff lets you chain multiple carrier files together into one large message. To extract the information, the recipient (or yourself) needs to have all of the carrier files, and feed them into OpenPuff in exactly the right sequence, along with the correct password or passwords. Not for the faint of heart. Summary For those needing the ultimate in email privacy, a combination of techniques are required. And, there is not 100% certainty that any of them, or all of ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
them combined, cannot now or in the future be compromised by govern- ments or determined hackers. The techniques discussed in this White Paper provide starting points for the various techniques but are not intended as a full analysis of everything available today in this marketplace. There are many more products and techniques available that are not covered here in the interest of time. Some may be exactly the solution you prefer. With the current interest in communications privacy, many new products are being released to the private market. Systems and products that previously were only available to governments or large corporations are now releasing versions intended for small companies and individuals. Stay tuned, these are exciting times! ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
About The Author Robert D. (Bob) Francis Technology Expert Managing Partner Milford Communications Partners After an extensive career in telecommunications and data communications companies, Francis founded Milford Communications in 1993 to promote the development of high technology companies and projects. Francis directed a high technology practice in Washington DC with a focus on Satellite, Inter- net, Multimedia and Wireless technologies. www.milfordcommunications.com Malcolm Out Loud Chairman, The Out Loud Network TV and Radio Host The brand of Malcolm Out Loud is delivered around the world and across multiple platforms. We live in a world that is communications rich and fast changing... which creates a thirst for knowledge and an appetite for truth! Malcolm is a great alternative to the talking heads that influence the head- lines with their agenda driven analysis. Malcolm is first and foremost an In- novator and a Visionary who inspires and encourages people around the world to tap into their greatest strength; themselves! www.MalcolmOutLoud.TV www.BrinkThinking.com ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC

Recommended

When Is The RISK Worth The REWARD?
When Is The RISK Worth The REWARD?When Is The RISK Worth The REWARD?
When Is The RISK Worth The REWARD?
Malcolm Out Loud
 
9 Lessons From The 'Iron Lady'
9 Lessons From The 'Iron Lady'9 Lessons From The 'Iron Lady'
9 Lessons From The 'Iron Lady'
Malcolm Out Loud
 
17 Insincere Traits From People Who Claim To Be Sincere
17 Insincere Traits From People Who Claim To Be Sincere17 Insincere Traits From People Who Claim To Be Sincere
17 Insincere Traits From People Who Claim To Be Sincere
Malcolm Out Loud
 
When Is Good Good Enough? When Is Excellent Not Enough?
When Is Good Good Enough? When Is Excellent Not Enough?When Is Good Good Enough? When Is Excellent Not Enough?
When Is Good Good Enough? When Is Excellent Not Enough?
Malcolm Out Loud
 
New microsoft word document
New microsoft word documentNew microsoft word document
New microsoft word document
Caey Shahir
 
English 102 6p.m. Edgar allan poe
English 102 6p.m. Edgar allan poeEnglish 102 6p.m. Edgar allan poe
English 102 6p.m. Edgar allan poe
kartoon69
 
MONOGRAFIA DATACION ARQUEOLOGICA 2009
MONOGRAFIA DATACION ARQUEOLOGICA 2009MONOGRAFIA DATACION ARQUEOLOGICA 2009
MONOGRAFIA DATACION ARQUEOLOGICA 2009
burmandaniel
 
Bed
BedBed
Bed
cocodixonpennell
 

Recommended

When Is The RISK Worth The REWARD?
When Is The RISK Worth The REWARD?When Is The RISK Worth The REWARD?
When Is The RISK Worth The REWARD?
Malcolm Out Loud
 
9 Lessons From The 'Iron Lady'
9 Lessons From The 'Iron Lady'9 Lessons From The 'Iron Lady'
9 Lessons From The 'Iron Lady'
Malcolm Out Loud
 
17 Insincere Traits From People Who Claim To Be Sincere
17 Insincere Traits From People Who Claim To Be Sincere17 Insincere Traits From People Who Claim To Be Sincere
17 Insincere Traits From People Who Claim To Be Sincere
Malcolm Out Loud
 
When Is Good Good Enough? When Is Excellent Not Enough?
When Is Good Good Enough? When Is Excellent Not Enough?When Is Good Good Enough? When Is Excellent Not Enough?
When Is Good Good Enough? When Is Excellent Not Enough?
Malcolm Out Loud
 
New microsoft word document
New microsoft word documentNew microsoft word document
New microsoft word document
Caey Shahir
 
English 102 6p.m. Edgar allan poe
English 102 6p.m. Edgar allan poeEnglish 102 6p.m. Edgar allan poe
English 102 6p.m. Edgar allan poe
kartoon69
 
MONOGRAFIA DATACION ARQUEOLOGICA 2009
MONOGRAFIA DATACION ARQUEOLOGICA 2009MONOGRAFIA DATACION ARQUEOLOGICA 2009
MONOGRAFIA DATACION ARQUEOLOGICA 2009
burmandaniel
 
Bed
BedBed
Bed
cocodixonpennell
 
2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
Delhi Call girls
 
Pokemon Go... Unraveling the Conspiracy Theory
Pokemon Go... Unraveling the Conspiracy TheoryPokemon Go... Unraveling the Conspiracy Theory
Pokemon Go... Unraveling the Conspiracy Theory
drae5
 
LC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdfLC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdf
pastor83
 
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
Call Girls in Nagpur High Profile Call Girls
 
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
Pooja Nehwal
 
WOMEN EMPOWERMENT women empowerment.pptx
WOMEN EMPOWERMENT women empowerment.pptxWOMEN EMPOWERMENT women empowerment.pptx
WOMEN EMPOWERMENT women empowerment.pptx
padhand000
 
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Morcall Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
vikas rana
 
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
PsychicRuben LoveSpells
 
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
Delhi Call girls
 
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Call Girls in Nagpur High Profile
 
The Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by MindbrushThe Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by Mindbrush
Shivain97
 
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
Delhi Call girls
 
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
Delhi Call girls
 
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
dollysharma2066
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 

More Related Content

Recently uploaded

2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
Delhi Call girls
 
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
Call Girls in Nagpur High Profile Call Girls
 
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Morcall Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
vikas rana
 
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
Delhi Call girls
 
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Call Girls in Nagpur High Profile
 
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
Delhi Call girls
 
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
Delhi Call girls
 
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
dollysharma2066
 

Recently uploaded (15)

2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Palam (Delhi)
 
Pokemon Go... Unraveling the Conspiracy Theory
Pokemon Go... Unraveling the Conspiracy TheoryPokemon Go... Unraveling the Conspiracy Theory
Pokemon Go... Unraveling the Conspiracy Theory
 
LC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdfLC_YouSaidYes_NewBelieverBookletDone.pdf
LC_YouSaidYes_NewBelieverBookletDone.pdf
 
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
(Anamika) VIP Call Girls Navi Mumbai Call Now 8250077686 Navi Mumbai Escorts ...
 
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
9892124323, Call Girls in mumbai, Vashi Call Girls , Kurla Call girls
 
WOMEN EMPOWERMENT women empowerment.pptx
WOMEN EMPOWERMENT women empowerment.pptxWOMEN EMPOWERMENT women empowerment.pptx
WOMEN EMPOWERMENT women empowerment.pptx
 
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Morcall Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
call Now 9811711561 Cash Payment乂 Call Girls in Dwarka Mor
 
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
$ Love Spells^ 💎 (310) 882-6330 in West Virginia, WV | Psychic Reading Best B...
 
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Jasola (Delhi)
 
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Tingre Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
The Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by MindbrushThe Selfspace Journal Preview by Mindbrush
The Selfspace Journal Preview by Mindbrush
 
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Mukherjee Nagar (Delhi)
 
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
2k Shots ≽ 9205541914 ≼ Call Girls In Dashrath Puri (Delhi)
 
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
(Aarini) Russian Call Girls Surat Call Now 8250077686 Surat Escorts 24x7
 
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
8377087607 Full Enjoy @24/7-CLEAN-Call Girls In Chhatarpur,
 

Featured

How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 

Featured (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Protect Your Email Communications

  • 1. PROTECT YOUR EMAIL COMMUNICATIONS (From the NSA, FBI, Hackers & Foreigners) E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC White Paper Protect Your Email Communications Exclusive Series 2 of 3
  • 2. Situation All email communication is vulnerable to snooping by official and unofficial entities. What are the options available to protect and secure email commu- nications? There are many alternatives from simple to complex, each provid- ing a varying degree of privacy. Executive Summary & BackGround Billions of email messages flow through thousands of Internet computer servers daily and most are in “plain text” meaning they can be easily read by anyone who intercepts them. The process of sending a simple email involves sending multiple messages over the internet to complete the mail delivery. E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 3. In this graphic we see that a simple message from Alice to Bob involves mul- tiple communications links across the Internet, each one of which may be intercepted using readily available software and hacking techniques. Alice creates her message on her computer, tablet or smart phone and sends it to her email provider (smtp.a.org). The ISP stores the message while it con- tacts the Name Server to convert “b.org” to the IP address of pop3.b.org. With the IP address, the message is forwarded to that email server then into the email box for Bob at pop3.b.org. When Bob next checks his email box he downloads the email message from Alice completing the transaction. Problem In reality, nearly all emails travel a more circuitous route through the Inter- net passing through multiple servers and communications links. At each of these servers copies of the emails are saved, at least temporarily. And, if they are in plain text they can be easily read. Also, they are stored on multi- ple servers, sometimes for years, to prevent loss and for later investigation, review and customer retrieval at email providers such as AOL, Gmail and Ya- hoo. Under various US and foreign laws the service providers are required to provide access to the communications links and messages stored on their mail servers. Hackers and rogue employees also access these messages to steal information or cause harm to account owners. Don’t forget that computers, tablets and smart phones store your email messages until you delete them. Sometimes for years! If your device is lost or stolen, all of these messages are immediately compromised if they are still in plain text. Solution Providing absolute privacy is very difficult or maybe impossible given the ca- pabilities of organizations such as the NSA. However, there are several sim- ple steps that can be taken to make interception more difficult for the casual hackers and snoops. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 4. Here are suggestions for increasing the privacy of emails. 1. Use strong email passwords and change them often. The first and most important step for email privacy is use a strong password and change it often. Yes, remembering passwords and remembering to change them is difficult for most people. And we have so many passwords to remember today for bank accounts, email accounts, credit card accounts, etc. A simple and effective solution is to use a Password Manager. You create one secure master password that you can easily remember and it securely stores all of the rest of your passwords for you. There are several free ones available such as KeePass (www.keepass.com) and Roboform (www.roboform.com) and Dashlane (www.dashlane.com). And they also provide other login information simplifying your account access. Most work across multiple platforms (computers, smartphones, tablets, etc.) so a single master password access all of your passwords and login information. Some of the Password Managers even help you create secure passwords of random characters, numbers and special characters. If you use Norton Antivirus, they provide a free, feature rich program –Nor- ton Identity Safe- that securely stores your login information and shares it securely over the internet with multiple devices. A word of caution. Recently it has been reported that the US Government is demanding that major internet companies turn over their user’s stored passwords. This represents an escalation in surveillance techniques that has not been previously reported. If the government is able to determine a per- son’s password, which is typically stored in encrypted form, the credential could be used to log into an account, peruse confidential correspondence and even impersonate the account holder. Whether the NSA or FBI has the legal authority to demand an internet com- pany divulge a hashed password, salt and algorithm remains murky. The Justice department has argued in court proceedings before that it has broad legal authority to obtain passwords. So far, the results of two court cases ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 5. have been mixed. Both of these cases deal with criminal proceedings when the password holder is the target of a criminal investigation. They don’t ad- dress a hashed password that is stored on the servers of a company who is an innocent third party. If you are concerned about this loss of privacy for your communications then consider encrypting your messages when they are created and stored on your computer. And send them as encrypted attachments to emails. While this does not prevent the government or snoops from accessing your ac- count it does protect the privacy of your communications. For details on us- ing encryption, see paragraph 3 below. 2.Use SSL (Secure Socket Layer) and TLS (Transport Layer Security) to encrypt the communications link between your computer or smart phone and your email server. To secure the connection between your email provider and your computer or other device, you need to set up Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption--the same protection scheme that you de- pend on when checking your bank account or making online purchases. This is especially important if you regularly check your email or browse the web over open WiFi systems. Keep in mind that if your email provider is required to give access to government snoops or the system has been compromised by hackers, your emails on their server is plain text! However, securing this link is critical if you are using WiFi, especially in a public location. And, it also protects your privacy while web browsing. If you check your email with a Web browser (whether on a desktop, a lap- top, a smartphone, or a tablet), take a moment to ensure that SSL/TLS en- cryption is active. If it is, the website address (URL) will begin with https in- stead of http; depending on your browser, you should see some additional indication, such as a notification next to the address bar or a small yellow padlock icon on the status bar at the bottom of the browser window. Encrypted connection to Gmail using Internet Explorer 9. Note the 'https' in the address bar. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 6. If you don't see an 'https' address and other indicators after logging into your Web-based email program, type an s at the end of the 'http' and press Enter. If your email provider supports SSL/TLS, that instruction will usually prompt it to encrypt your current connection. Then browse your account set- tings to see whether you can activate encryption by default for future logins, and whether you can create or modify bookmarks or shortcuts to your email site using the 'https' address. If you can't force the encryption, check with your provider as they may not support SSL/TLS. If you use a desktop client program like Microsoft Outlook to check your email, or if you use an email app on your smartphone or tablet, you should still try to use SSL/TLS encryption--but in such situations, encryption is harder to verify or to set up. To do it, open your email program or app and navigate to the settings menu; there, your account will likely be labeled as a POP/SMTP, IMAP/SMTP, HTTP or Exchange account. Look for an option to ac- tivate encryption; it's usually in the advanced settings near where you can specify the port numbers for incoming and outgoing connections. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 7. You can enable encrypted connections in Outlook's advanced settings. It also requires the use of new ports such as 995 for POP3 and 465 for SMTP. If you use an Microsoft Exchange email account for work, for example, you'll find a designated area for security settings where you can clearly see whether encryption/security is enabled for the incoming and outgoing con- nections and for your Microsoft Exchange account. If it isn't enabled, check with your email provider to see whether the provider supports encryption, and consider switching to a service that allows SSL/TLS encryption. 3. Use Encrypted Email Service Using SSL/TLS encrypts the messages on the communications links from your computer to the email server. But, the message remains in plain text on ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 8. your computer/smart phone and on the email servers. Also, from your email server to the recipient the messages are again in plain text and readily available to snoops and hackers. For important messages containing information you do not want to share use f i l e e n c r y p t i o n . S i m p l e a n d f r e e p r o g ra m s l i k e Tr u e C r y p t (www.truecrypt.com) let you easily encrypt documents and files for trans- mission. Once the documents are encrypted, they can be sent as attach- ments to normal email messages. In this case, the files are fully encrypted from end-to-end meaning that at no time are they readable as plain text un- til the recipient decrypts them using TrueCrypt software and the same en- cryption key as the one used to encrypt the message originally. Of course, you must pre-share the key in a secure fashion to allow decryption. How- ever, the metadata is still plain text and may be intercepted, analyzed and stored by snoops and hackers. Also, it is generally believed that when snoops detect an encrypted file they routinely put it aside for future analysis and potentially cracking the encryption to read the message in the belief that it most likely includes valuable information. TrueCrypt is a very powerful and versatile encryption system with many ad- ditional uses. We will cover more of these capabilities in the next White Pa- per on Web Browsing. Some other email encryption products automatically encrypt your email messages for you and manage the process automatically inside email clients such as Microsoft Outlook as well as through webmail. Two of these are Sendinc (www.sendinc.com) and FlexCrypt (www.flexcrypt.com). Both of these offer free and paid services with an annual fee per subscriber. One of the advantages of these products is that the recipient is not required to have the software loaded on his device. To decrypt messages it is only necessary to enter the pre-shared key. And, you can respond to an en- crypted message without having the software loaded on your computer. Un- fortunately, at this time both of these products only work on Windows desk- top systems. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 9. Other products such as SilentCircle (www.SilentCircle.com) offer a suite of products for securing all communications, including email. It establishes a completely private communications network between clients and is not in- tended for general communications to Internet subscribers. For $10 per month, personal users get a comprehensive package of services. All commu- nications from users is encrypted peer-to-peer and SilentCircle does not have access to the plain text of communications. Their servers are outside the US which provides some protection against legal snooping but some lim- ited metadata is available, For commercial customers there are many more solutions for managed se- cure email and other communications services available at prices from low to very high. Banks, financial institutions and medical facilities are required to have and use these systems. 4. Hiding information in plain sight--Steganography Sometimes, when you really want to make sure people aren’t able to read your email or data, encrypting it may not be enough. While people won’t have immediate access to encrypted files, they may eventually find a brute force way to decrypt it, or they may force you to share the password and encryption algorithm. For cases like those, you’ll not only want to encrypt, but hide the data. Steganography, or hiding messages in plain sight, is another choice for se- curely sending messages and files. And they can be sent by open email sys- tems. In modern practice, steganography means taking a media file such as an MP3 or a jpeg image and burying data in it. The file still works as usual, and if you don't specifically look for the hidden data, you'll have no idea the encrypted information is even there. One good tool for this is OpenPuff, a powerful open-source steganography application that supports a wide variety of "carrier" formats for hiding data in, including MP3, JPG, and more. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 10. OpenPuff’s interface looks simple at first, but it does take some getting used to. For example, you could hide an important text message in an image file, and then post that file publicly online. Another party could then download the file and—using OpenPuff and a password you both shared in advance—process the file and extract whatever information you've buried in it. By default, OpenPuff asks you to protect your information with three differ- ent passwords, although it does let you dial that down to just a single pass- word. It even supports plausibly deniable encryption, and this is where things get really paranoid: Even if someone somehow realizes your seem- ingly innocent image or music file contains a hidden message, OpenPuff lets you hide a decoy along with the real message. Simply provide a different password, and the other person will extract the decoy out of the image, thinking they've won–but actually, your real secret will still be hidden in the file. ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 11. OpenPuff lets you select the level of encryption and suggests that you use three passwords. Steganography usually works well for hiding short text messages or other condensed information; obviously, you can't hide an entire video file within another video file using steganography–there's just no room for all of those extra bytes. Still, if you need to hide a large amount of information, Open- Puff lets you chain multiple carrier files together into one large message. To extract the information, the recipient (or yourself) needs to have all of the carrier files, and feed them into OpenPuff in exactly the right sequence, along with the correct password or passwords. Not for the faint of heart. Summary For those needing the ultimate in email privacy, a combination of techniques are required. And, there is not 100% certainty that any of them, or all of ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 12. them combined, cannot now or in the future be compromised by govern- ments or determined hackers. The techniques discussed in this White Paper provide starting points for the various techniques but are not intended as a full analysis of everything available today in this marketplace. There are many more products and techniques available that are not covered here in the interest of time. Some may be exactly the solution you prefer. With the current interest in communications privacy, many new products are being released to the private market. Systems and products that previously were only available to governments or large corporations are now releasing versions intended for small companies and individuals. Stay tuned, these are exciting times! ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC
  • 13. About The Author Robert D. (Bob) Francis Technology Expert Managing Partner Milford Communications Partners After an extensive career in telecommunications and data communications companies, Francis founded Milford Communications in 1993 to promote the development of high technology companies and projects. Francis directed a high technology practice in Washington DC with a focus on Satellite, Inter- net, Multimedia and Wireless technologies. www.milfordcommunications.com Malcolm Out Loud Chairman, The Out Loud Network TV and Radio Host The brand of Malcolm Out Loud is delivered around the world and across multiple platforms. We live in a world that is communications rich and fast changing... which creates a thirst for knowledge and an appetite for truth! Malcolm is a great alternative to the talking heads that influence the head- lines with their agenda driven analysis. Malcolm is first and foremost an In- novator and a Visionary who inspires and encourages people around the world to tap into their greatest strength; themselves! www.MalcolmOutLoud.TV www.BrinkThinking.com ! E mai l Mal c o l m at : SpeakUp@Mal col mO utLoud.com © 2013 Mal col m O ut Loud, LLC