The Privacy Foundation has recently learned of an exploit that allows the sender of an e-mail message to see what has been written when the message is forwarded with comments to other recipients. We have nicknamed this problem "e-mail wiretapping" because the exploit allows someone to surreptitiously monitor written messages attached to forwarded messages. http://www.privacyfoundation.org/advisories/advemailwiretap.html
I've taken the measures to make my outlook secure, but any email I send out and forwarded by someone with an unsecure email program, could unknowingly be sending our correspondence to another person.
------------------
GEM
Your email could be 'tapped'!
Moderator: Scott Danziger
-
Allen M.
Your email could be 'tapped'!
Can you encode smoke signals, George?
Let's face it, they already have the ability to monitor your every keystroke. And they want to make it illegal to encrypt msgs too.
Let's face it, they already have the ability to monitor your every keystroke. And they want to make it illegal to encrypt msgs too.
-
Tony-San
Your email could be 'tapped'!
Allen,
Don't get me started!!!!
Get PGP and encrypt your sensitive mail.
Don't get me started!!!!
Get PGP and encrypt your sensitive mail.
-
dakkon98
Your email could be 'tapped'!
The "wire-tap" in email has been around for about 3-4 years. The java source code was posted by the discover.
Tony, the way this "Wire-tap" works PGP doesn't help. It reads the msg body when it's opened by anybody. Really really nasty !
Disable HTML and Java on your mail readers is the only real way to beat it.
Tony, the way this "Wire-tap" works PGP doesn't help. It reads the msg body when it's opened by anybody. Really really nasty !
Disable HTML and Java on your mail readers is the only real way to beat it.
-
gmattson
- Site Admin
- Posts: 6073
- Joined: Wed Sep 16, 1998 6:01 am
- Location: Lake Mary, Florida
- Contact:
Your email could be 'tapped'!
A small committe of IUKF is working with a person who was part of a very abusive martial art school. As part of the healing process this person has been documenting the experience and will be writing an article to help others in this situation.
The person mentioned that the school "masters" bragged that they knew everything that members of their school was doing. The person related during the email exchange, that someone mailed information that was sent to our committee, to this person as a warning. The only way this could have happened was if email somewhere was intercepted.
I recommended that the person contact AOL and ask if email was being forwarded. The person was told that AOL email could not be intercepted. My question:
Although AOL email may not get 'tapped', they can be forwarded to another server. If someone knows your "username" and "password", they could contact AOL and request that your mail be forwarded to another server/address. I believe AOL would then forward all your mail and, if requested by you (or the person with your security info) would not delete your mail on AOL. Hence, you would not know it is being forwarded.
I would guess that AOL would be able to tell you if your mail is being forwarded.
The person mentioned that the school "masters" bragged that they knew everything that members of their school was doing. The person related during the email exchange, that someone mailed information that was sent to our committee, to this person as a warning. The only way this could have happened was if email somewhere was intercepted.
I recommended that the person contact AOL and ask if email was being forwarded. The person was told that AOL email could not be intercepted. My question:
Although AOL email may not get 'tapped', they can be forwarded to another server. If someone knows your "username" and "password", they could contact AOL and request that your mail be forwarded to another server/address. I believe AOL would then forward all your mail and, if requested by you (or the person with your security info) would not delete your mail on AOL. Hence, you would not know it is being forwarded.
I would guess that AOL would be able to tell you if your mail is being forwarded.
-
Tony-San
Your email could be 'tapped'!
Chuck,
What if you use the secure viewer to read it?
One way to really cut down on alot of these viruses and mailbombs and wiretaps is to send your email as plain text! If everyone did this, there would be alot less of these nasty things going around.
Tony
What if you use the secure viewer to read it?
One way to really cut down on alot of these viruses and mailbombs and wiretaps is to send your email as plain text! If everyone did this, there would be alot less of these nasty things going around.
Tony
-
Allen M.
Your email could be 'tapped'!
Carnivore is a small sample of email monitoring. Not only does that, but it allows remote snooping og your entire PC!
And the plain email business.... How many of us receive SPAM that is wrapped in HTML? Java script that comes in attached to this email can actually control your pc behind the scenes without your knowing.
Another insidious plot which was exposed recently is that there are a growing number of spouses who hire private detectives to "break into" their mate's PC to discover if there is a cyber-romance going or two going on. These detectives have all the tools.
If someone REALLY wants to know what you do electronically, they WILL find out. Years ago there was a van parked in front of my house and across the street doing electronic surveillance work. They can pick up every single keystroke you make with a radio receiver.
The old saying is today still true. "If you don't want it published in the New York Times, keep it to yourself."
------------------
Allen Moulton from Uechi-ryu Etcetera
And the plain email business.... How many of us receive SPAM that is wrapped in HTML? Java script that comes in attached to this email can actually control your pc behind the scenes without your knowing.
Another insidious plot which was exposed recently is that there are a growing number of spouses who hire private detectives to "break into" their mate's PC to discover if there is a cyber-romance going or two going on. These detectives have all the tools.
If someone REALLY wants to know what you do electronically, they WILL find out. Years ago there was a van parked in front of my house and across the street doing electronic surveillance work. They can pick up every single keystroke you make with a radio receiver.
The old saying is today still true. "If you don't want it published in the New York Times, keep it to yourself."
------------------
Allen Moulton from Uechi-ryu Etcetera
-
Tony-San
Your email could be 'tapped'!
Allen...
C'mon man... you actually believe that crap? Some folks just love to be afraid of "big brother".
I worked in Weather Radar and Navagations for years and have a pretty good understanding of RF Propogation. Unless your "keystroke" generates a unique DTMF tone, there is no way an RF device, listening device or anything for that matter will pick up on your keystrokes. If that where the case, the FBI would not have broken into that mobsters house recently.
I do agree that there are Trojans out there that can give folks control of your PC. I recieved two of them yesterday. They where removed immediatly. Wether they are written in Java of C++ makes no difference, a virus scanner will eliminate that threat, even it the government is the one that emailed it to you.
I don't know much about Carnivore, but if prompted to do so, I will look into it. I'm certain that I will find out that for Carnivore to "snoop", not only do a myriad of court orders need to be in place, a server would no doubt have to be installed on this machine.
C'mon man... you actually believe that crap? Some folks just love to be afraid of "big brother".
I worked in Weather Radar and Navagations for years and have a pretty good understanding of RF Propogation. Unless your "keystroke" generates a unique DTMF tone, there is no way an RF device, listening device or anything for that matter will pick up on your keystrokes. If that where the case, the FBI would not have broken into that mobsters house recently.
I do agree that there are Trojans out there that can give folks control of your PC. I recieved two of them yesterday. They where removed immediatly. Wether they are written in Java of C++ makes no difference, a virus scanner will eliminate that threat, even it the government is the one that emailed it to you.
I don't know much about Carnivore, but if prompted to do so, I will look into it. I'm certain that I will find out that for Carnivore to "snoop", not only do a myriad of court orders need to be in place, a server would no doubt have to be installed on this machine.
-
Tony-San
Your email could be 'tapped'!
All Carnivore is, is just another packet sniffer with a very powerful filtering capability which ensures that everything the feds sniff, is legal. It does not work in conjuction with a server to monitor your keyboard nor does it intrude on your pc at all.
http://www.fbi.gov/programs/carnivore/carnivore2.htm
http://www.fbi.gov/programs/carnivore/carnivore2.htm
-
Allen M.
Your email could be 'tapped'!
Tony, your keyboard transmits emf signatures. ALSO many companies can and do record your keystrokes. My post of a few days ago contained a good link to Carnivoire.
------------------
Allen Moulton from Uechi-ryu Etcetera
------------------
Allen Moulton from Uechi-ryu Etcetera
-
Tony-San
Your email could be 'tapped'!
Allen,
I understand keyboard loggers. you are talking about the feds outside your door with a reciever sensitive enough to interpret magnetic fields in probably the
-300 dbm range.
C'mon!
Give me a link to a company which makes a reciever that sensitive that can discriminate keyboard strokes!
I understand keyboard loggers. you are talking about the feds outside your door with a reciever sensitive enough to interpret magnetic fields in probably the
-300 dbm range.
C'mon!
Give me a link to a company which makes a reciever that sensitive that can discriminate keyboard strokes!
-
Allen M.
Your email could be 'tapped'!
C'mon, you know I can't do that. These are homebrew devices.
-
Tony-San
Your email could be 'tapped'!
Allen,
The problem here is that a keyboard is a serial device, as is a mouse. It is also a digital signal. Aside from being so small that I find it hard to believe we have discriminator circuitry that acute yet, how would a reciever interpret mouse movement from keyboard strokes? Wouldn't the EMF field from the monitor coils disrupt this intrusion?
The FBI probably used something like this to snag that mob guy:
http://www.keyghost.com/
note that it doesn't work with USB keyboards... hah hah
that is why the broke into his house. Keyboards work on a +5v power supply and transmit serial data. if this data was analog and sent to the box as FSK, I could see this being a reality, but..... beings the box is right there....
Tony
The problem here is that a keyboard is a serial device, as is a mouse. It is also a digital signal. Aside from being so small that I find it hard to believe we have discriminator circuitry that acute yet, how would a reciever interpret mouse movement from keyboard strokes? Wouldn't the EMF field from the monitor coils disrupt this intrusion?
The FBI probably used something like this to snag that mob guy:
http://www.keyghost.com/
note that it doesn't work with USB keyboards... hah hah
that is why the broke into his house. Keyboards work on a +5v power supply and transmit serial data. if this data was analog and sent to the box as FSK, I could see this being a reality, but..... beings the box is right there....
Tony
-
Tony-San
Your email could be 'tapped'!
Also, heres a really good FAQ on Keyboards
http://www.arne.si/~mauricio/Kbdfaq.htm
http://www.arne.si/~mauricio/Kbdfaq.htm
