*Snapshot of the laptop, Mozilla Thunderbird taken by myself
The article focusing on how a company can position themselves to be less vulnerable to email security breaches. The main points of the article focus around the route an email takes, security threats to your email, encryption and its importance, and how to stay as secure as possible. It became apparent after reading this article, as well as others, that email is far from private.
The threats associated with emails that are problem points to email messages are the following: eavesdropping, identity theft, invasion of privacy, message modification, false messages, message replay, unprotected backups, and repudiation. The eavesdropping can occur as the email is in transit and is copied and read if others are close to the path the email takes. The invasion of privacy occurs mostly with the unprotected backups, which are usually saved on back up servers at text data. The modification of a message can be done by anyone with access as a system administrator. False messages are great ways for viruses to breach into your computer and take form of a known sender and ask for unneeded information.
In regards to the above problems the article holds high consideration of encryption. Encryption creates a secret key that only you and the receiver have access too. The key turns a jumbled message sent by you back into original readable form. This is done by cyphertext, which is a random sequence of characters that makes anyone without a secret key unable to read it. This is a simple way to keep your emails harder to invade. It can still be gone, but it’s less likely to happen if a simple encryption were placed in effect. The encryption used in this project was called asymmetric encryption. Asymmetric encryption involves creating a public key, each person; the sender and receiver get two keys. The keys have two differences one serves as a cyphertext and the other takes the message and decrypts it. The asymmetric encryption does three very special things. First it sends an encrypted message, only viewable by a receiver having the other key to decrypt it. Second it proves you sent the message, which solves the false message factor. Third, it signs the message and shows if the message was altered during transit.
There are multiple ways of keeping information as safe as possible; another way is using a message authentication code. The code passing a message through an algorithm and turns the message into a completely difference sequence of characters. The output of the code is called a fingerprint and is virtually impossible to solve. An example given in the article stated that a fingerprint is so rare it would be like finding two strangers with the same fingerprint. The analogy seems pretty good on the side of those trying to protect themselves.
The last instrument used to better stay protected against privacy falters is using an email provider that is SSL. SSL stands for Secure Socket Layer, which using a combination of asymmetric and symmetric keys. The benefits that the SSL provides is it determines you are connecting to the right server the email address is on and that you and the server can communicate securely. The above devices are ways to decrease the chance of being vulnerable towards privacy issues. It is important to stress that this ways to help secure your email does not completely protect you and can easily be seen if it was a high priority to someone.
