Who’s reading your (e-)mail? Part 1

A little while ago I wrote an article cautioning folks that at your place of employment there are (most likely) people whose job it is to watch everything you do on your computer [read: They ARE reading your mail], and that this ‘safeguarding’ includes reading your e-mail and monitoring your IM’s (if Instant Messaging is allowed, that is).  This should not be news to folks, and everyone –except perhaps the company’s owner — is aware that they have at least one Supervisor looking over their shoulder; and most of us behave accordingly.

But what about when we’re not at work– is someone reading the e-mail you send from home? Are they reading your @comcast.com, @earthlink.net, or your Gmail/Hotmail/AOL Mail? Have you ever wondered about your private correspondence? Maybe you should.

Some writer more creative than me struck a very good analogy (and my hat’s off to you, whomever you were) in that e-mail (electronic mail) is like a postcard… anyone along the way (delivery route) can read it. If you don’t want anyone but the actual, intended recipient to read your letter, you have to put it in a sealed envelope. (And to be especially sure, send it by Registered Mail.)

1) As you may know (from previous postings here.. maybe) e-mail is composed and sent in either plain text or HTML. HTML and plain text can be ‘read’ by the most basic text editor (aka “word processor”) and every machine has one. That means that if an e-mail comes to you, you can read it… and any e-mail that I can get, I can read.

2) Just like the regular mail, an e-mail does not appear in your mailbox by magic — it gets “handled” many times as it travels from Point A to Point B.
To demonstrate, let’s say I am sending a “thank you” e-mail to my friend Marge whose email address is marge.public@bigisp.net. I compose my e-mail using my Hotmail account and hit Send.
My message is uploaded to a Hotmail server for delivery: to continue the analogy, this is like my local Post Office. The Hotmail server examines the “To:” part of the header looking for the recipient’s domain — namely, “bigisp.net” — and forwards the email to Marge’s ISP: this is like the Mail clerk putting it in the “Chicago” bag. The e-mail bounces from router to router as it travels across the land: this is like the “Chicago” bag’s truck ride to the airport, plane ride to Chicago, truck ride to the Chicago Main Post Office, where it is sorted (again) and driven to the Deerfield (sub-)Post Office.
The e-mail reaches the e-mail servers at Big ISP, (Deerfield P.O.) where the address before the “@” symbol is examined — marge.public — and a copy is stored in the address space reserved for Marge.. trucked to her mailbox. When Marge goes to her Inbox, her e-mail client will download the file.. or her browser will Open and view the file. A copy sits on a server until it’s deleted and the Trash emptied.

Also like the “real” mail, the TCP/IP email protocols are very good at getting the e-mail/file from my machine to Marge’s e-mail server, but from time-to-time a slight mishap happens and my letter lands in Marge’s neighbor’smailbox… or in  the mailbox of a “Margy Public”, in Tampa, FL., or in some mysterious mail never-neverland black hole vortex, and never gets delivered to anyone. You could get (and read) Marge’s ‘Thank you’, and I would never know. It doesn’t happen often…but it happens.
(Yes, there are similar laws regarding e-mail as there are the US Mail, but.)

And just like the real mail, criminals steal it. Criminals (and soon-to-be-Ex-spouses?) can “intercept” your mail with “sniffer” tools. Or they can log into your Inbox if they’ve learned your password… maybe while watching you enter it [“shoulder surfing”] at a public place, like your library, or by keylogging. Or maybe Big ISP’s servers have been compromised. (If you use weak, or obvious passwords, they may simply guess it.. or run a dictionary crack on it.)

Someone very wise once said, (and I paraphrase here, I’m sure) “Never put into writing what you wouldn’t be proud for the whole world to read.” I believe this is good advice. E-mail is not terribly secure nor is it truly private. It is transmitted “in the clear”, over wires (or by radio, if you {or Marge} use wireless). A person should keep this in mind when using e-mail to communicate.

Should you need (or have a strong desire) to keep your e-mails private between the two parties (You might be thinking to yourself, “if anybody read my e-mails, they’d be bored to tears!”), you need to put the letter in an “envelope”, and the way to do that is to encrypt them. Not only does encryption ensure privacy, by obfuscating the message as it travels, it gives security because only the person with the key can decipher the secret code and read the message. (A mail-thief will not have the key.)

As you will note from the “Part 1” in the title of today’s, I intend to explain encryption in more detail, and show you the steps for installing and using a free e-mail encryption program in a series of articles. So be sure to tune in tomorrow (which you would have done anyway.. right?) for the next instalment.

Copyright © 2007-8 Tech Paul. All rights reserved.

Share this post :

January 28, 2008 - Posted by techpaul | advice, computers, encrypting files, PC, privacy, security, tech | e-mail, e-mail encryption, e-mail privacy, keeping your e-mail private, secure your e-mail