With the recent acts of Congress here in the U.S. giving our law enforcement more power to eavesdrop and observe (in the hope of identifying terrorists), the topic of security is high on many people's radar. It doesn't matter if you agree or disagree with the new powers. And whatever your position on personal privacy rights are, it is smart to make yourself aware of the actual state of events.
One comment that I hear frequently is that "they" (agents of the U.S. government and local law enforcement) are going to be reading people's "unopened email." Well, guess what? There is no such thing as unopened email. If you are sending unencrypted email over the Internet it is readable by any system operator on any system through which email passes. In addition, it is readable by anyone who puts a "packet sniffer" on your connection. In today's world of cable modems, this possibility is very plausible.
"I run a firewall," you say. Great--it may keep the bad guys out of your machine but it doesn't prevent a packet sniffer from reading your email or watching where you surf. Once the data passes your firewall it's on the net bound for its final destination. The truth of the matter is there isn't much you can do about it. Fortunately, there is only a slim chance of it happening because no one is really interested in doing this.
Going back to "unopened email." I suggest you use "postcard
mentality" before sending email. Think of your email as being
sent on a postcard. Many people along the way can read the
contents of your message, but in reality most don't bother. It is
the same with email. If you wouldn't send the information on a
postcard you shouldn't send it through email without encrypting
the message first. If you need to encrypt, get PGP and use it. If
the person you are sending email to doesn't have PGP, use the
self-decrypting archive as described in an earlier article in
this series.
http://www.TheNakedPC.com/t/422/tr.cgi?dan4
"What about those devices that monitor every keystroke?" If the government is sneaking into your house and installing these then you have bigger problems than "unopened email!" Similar programs are not that hard to find. For instance, the detective program you see in our classified ads comes with a tool to secretly monitor Internet use. While not on the same level as what the FBI might use, it is the same general idea.
What can you do? If you have files on your system you don't want
others to ever be able to access, don't keep the file on your
system. It is not as simple as it sounds. Think about temporary
files and other remnants that may be left behind. Now remember
PGP, Norton Utilities (WipeInfo), and others have programs that
will really erase a hard drive, making undeleting files much more
difficult. Note I didn't say impossible! But it is *very*
expensive to even attempt to recover a disk that has been erased
with these sort of utilities. Here's one of Lee's recent articles
covering Norton's WipeInfo in detail:
http://www.TheNakedPC.com/t/422/tr.cgi?dan3
To keep your sensitive files off your main hard drive, consider
using an Iomega Zip Disk. It's big enough to hold most files and
you can work directly off the Zip disk. With a USB or parallel
port model the drive is portable.
http://www.TheNakedPC.com/t/422/tr.cgi?dan1
Another good option is rewriteable CD-ROMs. Just make sure you have a working drive on each computer you use. You can always use PGP to encrypt your data if you are worried about people snooping.
I could talk about any of these topics at length. The important thing is to keep yourself informed. We will help you toward that end. We will also help you learn to use some simple tools with your system now. Don't wait until you "have to have them now." You will only get frustrated.
I've put a list of the other articles and examples from this
series here:
http://www.TheNakedPC.com/t/422/tr.cgi?dan2
You can reach Dan Butler at:
mailto:danbutler@TheNakedPC.com
