• Flattr FoI: 
Falkvinge &Co. on Infopolicy
BEFORE-FALKVINGE-IF-ANY FALKVINGE &CO. ON
INFOPOLICY
Falkvinge on Infopolicy - Home
»
email security

Your Email Privacy Is Under Increasing Threat

6

Civil Liberties – Andrew "K`Tetch" Norton

Civil Liberties – Andrew "K`Tetch" Norton

Over the last few days, two stories about emails have hit the headlines, and it leads to questions over the future security of email as a communications medium. What has been considered a fairly private method of communication is now under increasing threat from both government and corporate scrutiny.

Our email accounts carry more than just messages, they are the primary way we sign up for accounts, and verify our identity online. With our email accounts being made insecure, our whole online identity becomes compromised. Everything we do online, comes down to our email addresses. It could be said that they are our online identities. That’s why the threat to the privacy of them is one that should not be taken lightly.

By far the more well-known of the stories was about Facebook, and their decision to change the displayed email of every user on the social network to one @facebook.com. The insidious nature of this change – made without notice let alone fanfare – meant that from the time of the change, which happened sometime Friday, until it gained widespread notice on Monday, people who believed they were emailing a friend were actually sending their email into the internal Facebook message system.

Had they enabled the addresses, and sent out a notice, there wouldn’t have been much of a problem. That they decided to REMOVE any visible email address, and display this Facebook one publicly instead is the problem. All of a sudden there’s one approved email contact published and it happens to be one where the information goes to Facebook’s servers.

An email intended for a private email box, sent by someone unaware of the swap or the nature of the email address could send information to it, unaware that it is feeding the Facebook advertising machine. The message enters Facebook’s systems, if the sender’s email address is associated with an account, it’s shown as being from that account (and is virtually indistinguishable from an internal Facebook message)

In a quick test I ran, I sent my Facebook email a message from another email address. One not associated with a Facebook account. Within a minute, the message was sitting in Facebook’s message centre, but hidden in ‘other’ messages. I got no notification of it, no number in the message icon, no email notice. When an email is sent from an address with an associated account, it looks almost indistinguishable from a regular chat message, and again, no email notice, although this time the site does alert you to a message.

this is what an email from an address without a Facebook account looks like

this is what an email from an address without a Facebook account looks like

So either way, unless you log in to Facebook, you won’t know you have been sent an email. Unless you check a folder most aren’t aware of, you won’t know of messages from non-Facebook associated email addresses. Meanwhile, Facebook has access to contact information and message contents, because of how they’ve changed your displayed information. This could in fact be described as a Man-in-the-Middle attack, for email.

For a company that’s in hot water already over the way its IPO was handled (again, an issue of information disclosure) this was not a smart move.

Meanwhile, on the other side of the world, border officials in Israel have a different opinion on email privacy. If they want to read your private emails at will, you will give them access or forget about entering the country.

Think about that for a moment. This goes beyond the US border searches (where you can at least exert some control over what you have on you) which were already excessively intrusive. In one case, reported on by the Times of Israel, a suspected Palestinian supporter and activist was placed before a computer screen at Israel’s International Airport.

The traveller, 42-year-old American citizen Sandra Tamari, was then told to log into her personal Gmail account, so that a security agent could search it for incriminating evidence. Tamari declined the request and was denied entry into the country. Nor is she alone in this – at least three other American women have been expelled from Israel for similar reasons. The email search was not premeditated, or backed by any sort of court; the agent only became aware of the address during a physical search of Tamari’s belongings.

It’s not just confined to emails either. There are reports that other people have been asked to log into Facebook or other services so that Israeli officials can determine if someone is Palestinian supporter.

Israeli officials portray these data-mining fishing trips as normal security practice, for a country constantly under threat. Yet it is Israel that is clearly the rogue state here, rather than one who should be applauded or seen a security visionary. While Iraq was invaded by the US for possibly being in violation of UNSC Resolution 1441, (which turned out to not be the case) Israel has violated over 20 UN Resolutions, and has been called on to respect the 4th Geneva Convention.

Clearly not a country whose actions we should be following, but yet is anyone in any doubt that this idea will spread? It remains to be seen just how much longer email, for a long time considered to be private as far as online communications go, will keep that status. Of course, technology can help mitigate things somewhat, as public/private key encryption remains a possibility. Yet don’t expect them to let you in if you don’t decrypt emails for them as well.

INFO
I use Enigmail for Thunderbird for my emails. My public key ID is 0xD6DD7E47

The end of the day it’s a no-win scenario for free speech activists. They are, after all, the easiest to go after and make headlines about, giving the impression to the masses of security without actually making anything secure. In fact, since such measures only foster ill-feeling, such policies only make things LESS secure… but that’s acceptable to those behind it, because there has to be a reason to implement even more intrusive policies at a later date. That is the real (and only) effect of such policies after all.

Meanwhile, your email security is under increasing threat, from companies wanting to monetize it, or Governments wanting to monitor it.

You've read the whole article. Why not subscribe to the RSS flow using your favorite reader, or even have articles delivered by mail?

About The Author: Andrew "K`Tetch" Norton

Andrew Norton is the former party leader of the United States Pirate Party and the first head of the international umbrella organization Pirate Parties International, as well as a member of the UK Pirate Party and Pirate Party of Georgia

Liked This?

By participating in the discussion and posting here, you are placing your contribution in the public domain (CC0). If you are quoting somebody else, credit them.

Contributors take own responsibility for their comments.

6

  1. 1

    This is exactly why i run my own opensource exchange server and jabber server offshore and full disc encrypted in case of server seizure. Too bad the average netizen joy cant afford or have the know how to setup/maintain there own solution which is ideal. Suppose if you were to use AnonymousSpeech.com via imap/thunderbird with enigmail it would be a close solution.
    Rule of thumb encrypt everything :) they cant plant evidence in something that’s encrypted :)

  2. 2

    Try email security from Comodo!!

  3. 3
    Alakh Sathi

    Dear all,

    One would like to bring to your attention a new vehicle of censorship now being used to prevent free speech on the internet; an international (and anonymous) organisation called ‘Spamhaus’.

    My ISP address range has been blocked by this international organisation twice, and my IP address range is now listed by Spamhaus as an address that allegedly sends out spam. Because of this fact, I have been prevented from sending legitimate e-mail and participating in online forums; in effect, my right to free speech has been removed by the anonymous people whom hide behind the name ‘Spamhaus’.

    I am an average PC user, web-browsing, the occasional forum, YouTube, e-mail to friends and family.

    Now one finds oneself being prevented by an anonymous international organisation called ‘Spamhaus’ from free and open discussion on the internet.

    If that is not censorship, then I don’t know what is!

    Has anyone else here had this same problem?

    Your help in this matter is appreciated.

    Best regards,

    Jack

Add a Comment

4 + = 13  

On Facebook

Popular Articles

Adobe the leech - original photo by OakleyOriginals on Flickr
160

Swarm Economy – Zacqary Adam Xeper

Swarm Economy – Zacqary Adam Xeper

Money cut into pieces - Photo by Flickr user Tax Credits
72

Swarm Economy – Zacqary Adam Xeper

Swarm Economy – Zacqary Adam Xeper

Librep July 12 frame
32

Civil Liberties

Civil Liberties

colorblindflag
22

United States – Zacqary Adam Xeper

United States – Zacqary Adam Xeper

peter_sunde_0237
11

Swarm Economy – Lionel Dricot

Swarm Economy – Lionel Dricot

More in Civil Liberties

Burned book
35

Civil Liberties – Henrik Alexandersson

Civil Liberties – Henrik Alexandersson

threwitontheground
16

Activism – Travis McCrea

Activism – Travis McCrea

Louis Michel
10

Corruption – Lionel Dricot

Corruption – Lionel Dricot

GuyFawkesMask_photo_by_MattCunnelly
8

Civil Liberties

Civil Liberties

Angela Merkel. Photo by ILRI.
7

Civil Liberties

Civil Liberties

cheerse
11

Activism – Travis McCrea

Activism – Travis McCrea

Judge's gavel, marked "For Sale"
18

Corruption – Henrik Alexandersson

Corruption – Henrik Alexandersson

Other Recent Headlines

solarroad
15

Swarm Economy – Zacqary Adam Xeper

Swarm Economy – Zacqary Adam Xeper

European Parliament
70

Pirate Parties

Pirate Parties

NSA Seal Holding the Heartbleed Logo
40

Infrastructure – Zacqary Adam Xeper

Infrastructure – Zacqary Adam Xeper

PPEU founding in European Parliament, March 21, 2014.
17

Pirate Parties

Pirate Parties

About The Author

Andrew Norton is the former party leader of the United States Pirate Party and the first head of the international umbrella organization Pirate Parties International, as well as a member of the UK Pirate Party and Pirate Party of Georgia

More On Infopolicy

Bitcoin concept by Antanacoins. CC-By-SA, Flickr.
42

Cryptocurrency – Charlie Shrem

Cryptocurrency – Charlie Shrem

Bottles of Snake Oil - Photo by Jagrap on Flickr
29

Copyright Monopoly – Zacqary Adam Xeper

Copyright Monopoly – Zacqary Adam Xeper

facebook
12

Swarm Economy – Zacqary Adam Xeper

Swarm Economy – Zacqary Adam Xeper

523377_63619557
4

Infopolicy – Henrik Brändén

Infopolicy – Henrik Brändén

photo_10071_20090418-646x363
71

Copyright Monopoly – David Collier-Brown

Copyright Monopoly – David Collier-Brown

National_Security_Agency_headquarters,_Fort_Meade,_Maryland_public_domain_image
149

Infopolicy – Christian Engström

Infopolicy – Christian Engström

"God Hates Signs" next to "God Hates Fags" protesters
8

Freedom of Speech – Zacqary Adam Xeper

Freedom of Speech – Zacqary Adam Xeper

Many different currencies - CC photo by epSos.de
45

Diversity – Zacqary Adam Xeper

Diversity – Zacqary Adam Xeper

le_tresor_rackham_le_rouge_1280x1024
11

Copyright Monopoly – Lionel Dricot

Copyright Monopoly – Lionel Dricot

Valve mechanism
92

Freedom of Speech

Freedom of Speech

Books before copyright
99

Copyright Monopoly – Johnny Olsson

Copyright Monopoly – Johnny Olsson

Collaborative whiteboard at OuiShare 2012, full of wonderful ideas for venture capitalists to ruin - photo by Natalie Ortiz
14

Swarm Economy – Zacqary Adam Xeper

Swarm Economy – Zacqary Adam Xeper

Border Patrol In Montana
25

Activism – Travis McCrea

Activism – Travis McCrea

Spices - Marrakech 09 Souks
58

Swarm Economy

Swarm Economy

Screen Shot 2013-06-27 at 7.23.12 PM
33

Copyright Monopoly – Travis McCrea

Copyright Monopoly – Travis McCrea

An Ouya console and controller
15

Infopolicy – Zacqary Adam Xeper

Infopolicy – Zacqary Adam Xeper

Smári McCarthy
36

Privacy – Christian Engström

Privacy – Christian Engström

This publication is protected under the Constitution of the Kingdom of Sweden. Any problem you have with this publication remains exclusively yours. Accountable publisher: Rick Falkvinge.
All text on this site is Public Domain / CC0 unless specifically noted and credited otherwise. Copy, remix, and inspire. (Troll policy.)
Log in | Original theme design by Gabfire themes (heavily modified)