So today I wanted to share something a bit off topic, but it is something really important to consider in this modern digital age. Some of you may already be aware that I am in the process of changing carrers. For the last 15 years or so, my day job has been in physical security. So recently I decided to jump across into the information security industry. Why? Well mainly because thats were all the money is. And my motivation is quite simple. Like many, a wife, three kids, mortgage and all the other bills need to be looked after and sadly the life of a Ruinhunter dont pay the bills, so in order to take care of all these things and continue my Ruinhunting activities a change is needed.
My first step on this journey was to complete a cyber security course, which I just finished this week. It was a real eye opener and learned alot about securing both personal and work data and information. One major issue I came across was email? We send emails every day, some are mere chat messages, but many can be confidential. Ask yourself this question?
How Secure am I???
Despite what you think, and what the big providers would have you believe. When you send an email, it is like sending a postcard in the regular mail. Anyone can read your message on a postcard as it travels to its destination and you will never know. But then again, postcards would never really contain any private or sensitive information right. Its usually a message from Auntie MAry to let you know she is having a great time on holidays. Well your email works the same way. Any most likely it contains information which might be sensitive. Have you ever sent details in an email that you wanted to be private? Maybe copyrighted images or a transcript of your next novel to your publisher? Perhaps communications with your bank or solicitor? Well the fact of the matter is you might have well sent them on the back of a postcard!
Never fear, all is not lost, you dont have to discard your Gmail, Yahoo or Outlook acccounts just yet. There are a number of encryption prograpms that can be used to secure these email messages. Some examples of tools available for encrypting emails include:
- GPGMail – this tool is designed to integrate with the Mail software provided by Apple. It can be used to both encrypt and digitally sign your email. It is easier to configure and use than the Windows tools, but is only useful if you use a computer running OSX.
- Mailvelope – this is a plug-in for Google’s Chrome browser that uses an implementation of the Open PGP standard. It works with a variety of web-based email systems, such as Gmail or Yahoo Mail.
The problem with these tools is that they can be quite awkward to use and require the reciever to also have the program. I wont bore you with all the tech jargonbut suffice to say that the encryption process requires both parties to have a private and public key each. These keys are used to secure messages.
Well to the purpose of this article. I have found a solution to easily send and recieve secure mail which is pretty much hassle free. Many would have heard of the CERN facility in Switzerland, famous for its Hadron particle collider. Well a bunch of brains from the facility got together on a little side project in reaction to the 2013 disclosure of global surveillance and interception of email by the NSA. And what they came up with is ProtonMail.
ProtonMail uses a combination of public-key cryptography and symmetric encryption protocols to offer end-to-end encryption. When a user creates a ProtonMail account, their browser generates a pair of public and private RSA keys. The public key is used to encrypt the user’s emails and other user data. The private key, which is capable of decrypting the user’s data, is symmetrically encrypted with the user’s mailbox password in the user’s web browser using AES-256. The public key and the encrypted private key are then both stored on ProtonMail servers. Thus, ProtonMail stores decryption keys only in their encrypted form, so ProtonMail developers are unable to retrieve user messages.
Idealy this system works when both sender and reciever use it, but you can also send secure messages to a non user at the click of a button. They will however need a password (temporary key) created for that message which you can send them via other means. when they recieve the encrypted mail, they will be prompted to enter the key in order to view the message. After waiting for two months, I finally got my Proton account and have been using my new security knowledge to put it through some tests. I must admit, Im really happy with it, and feel quite confident using it to send secure messages which cant be intercepted by anyone, even the proton developers, its almost foolproof. You can find out more about it by checking out the Protonmail website HERE. On the downside getting an account takes some time as it is a free service, the amount of accounts is limited due to resources, but I for one think it was well worth the wait. If you would like to tey it out you can mail me at edmooneyphotography@protonmail.ch and ill send you back a secured message. Please feel free to leave a comment, I would love to hear your thoughts. Normal Ruinhunting posts shall resume tomorrow 🙂
protonmail? very cool. i must try this
LikeLiked by 1 person
It sure is, let me know how you get on 🙂
LikeLike
I wrote to them!
LikeLiked by 1 person
Reblogged this on Ancient Truths Hidden Ministry and commented:
With this new windows 10 I also installed, none of us will ever be able to securely send a future email to anyone period. Unless we change our login to manual rather than that sinc crap where they spy for the NSA etc….daily saving all of a persons files up on their own personal cloud servers.
LikeLike
I have heard of Proton mail, and other encrypted sites before. For business users, or anyone requiring privacy, they seem like a good idea. I try to never send private information through the email system, but of course, both log-in details and password confirmations are supplied by the providers via email, somewhat defeating the object in those cases!
Good luck with your new career, Ed. It is a burgeoning industry, and I hope that you have got in early enough to do well.
Best wishes, Pete.
LikeLiked by 1 person
Thanks a mill Pete, as long as I can look after the clan and do what I enjoy, ill be a happy camper 🙂
LikeLike
I had no idea what you did for a living, or that you are changing your career. Good fr you, it is a big step which takes a lot of comitment and determination when you have a mortgage and young family… I know, having gone through it in the last few years too. You are the kind of person to make it work though. Good luck, Ed! Sounds like you’re getting involved in this industry just at the right, critical moment!
LikeLiked by 1 person
Thanks Ali, still alot to learn, I forsee alot of study and exams in the future 🙂 But it will be worth the effort in the end 🙂
LikeLiked by 1 person
Good for you Ed! So hard to work, study, maintain a blog, and be a good parent and partner. I am in awe! 😊
LikeLiked by 1 person
It sure aint, all we can do is try our best and hope to learn from our mistakes. You dont get a manual for life unfortunatley, it would come in handy from time to time 🙂
LikeLiked by 1 person
Lol yeah it would!
LikeLiked by 1 person
Interesting! I try not to put anything too personal / private in emails. Good luck in the new career
LikeLiked by 1 person
Thank you Donna, thats a good practise to follow 🙂
LikeLike
Good luck with your new endeavors.
LikeLike
Thank you Victor 🙂
LikeLiked by 1 person
Not what I expected from your site, but it is brilliant! Can’t wait to research it some more. Best of luck with your new career; I worked in physical security for a long time too, and ya can’t do it forever. No country for old men.
LikeLiked by 1 person
LOL, its a very unrewarding industry and all the money seems to be in IS, gad you liked the article, I know its not my norm, but it was something I was excited about and wanted to share 🙂
LikeLike
Reblogged this on TheFlippinTruth.
LikeLike
Excellent post, Ed. Valuable information here. I’m keeping this in my Security Folder for future action. Best of luck on your new career.
LikeLiked by 1 person
Much appreciated Jack, Glad you liked it 🙂
LikeLiked by 1 person
Very interesting. I know these folks are spying on us and frankly I don’t much care because I never say or do anything online that is a concern. I will bore them to death! Thank you for sharing this information. Best wishes for your new career, Ed.
LikeLiked by 1 person
Thanks a mill John👍
LikeLike
Good work Ed, I shall remember this for future reference. I run a Mac and in the past there was very little to worry about but for the past two years I have used Clean My Mac to remove anything not too clever on the Mac and then ESET for all of my security. So far so good but as people become more and more aware, these programs become less effective for sure.
Thanks for the share.
LikeLiked by 1 person
Very interesting and scary!
LikeLiked by 1 person
It sure is, I always thought I was pretty savy when it came to computers, but the course really opened up my eyes to what happens 🙂
LikeLiked by 1 person
Yes and thanks for the tip!!
LikeLike
Good for you Ed – I wish you could make a living at ruin hunting!! – and this is very interesting about Protonmail!
LikeLiked by 1 person
Most interesting post. I’m bookmarking it for further consideration. Congratulations on your new career path, Ed!
LikeLiked by 1 person
Thank Elen, glad you liked it 🙂
LikeLike