How Secure are You????

Secure 1

So today I wanted to share something a bit off topic, but it is something really important to consider in this modern digital age. Some of you may already be aware that I am in the process of changing carrers. For the last 15 years or so, my day job has been in physical security. So recently I decided to jump across into the information security industry. Why? Well mainly because thats were all the money is. And my motivation is quite simple. Like many, a wife, three kids, mortgage and all the other bills need to be looked after and sadly the life of a Ruinhunter dont pay the bills, so in order to take care of all these things and continue my Ruinhunting activities a change is needed.

My first step on this journey was to complete a cyber security course, which I just finished this week. It was a real eye opener and learned alot about securing both personal and work data and information. One major issue I came across was email? We send emails every day, some are mere chat messages, but many can be confidential. Ask yourself this question?

How Secure am I???

Despite what you think, and what the big providers would have you believe. When you send an email, it is like sending a postcard in the regular mail. Anyone can read your message on a postcard as it travels to its destination and you will never know. But then again, postcards would never really contain any private or sensitive information right. Its usually a message from Auntie MAry to let you know she is having a great time on holidays. Well your email works the same way. Any most likely it contains information which might be sensitive. Have you ever sent details in an email that you wanted to be private? Maybe copyrighted images or a transcript of your next novel to your publisher? Perhaps communications with your bank or solicitor? Well the fact of the matter is you might have well sent them on the back of a postcard!

Security 2

Never fear, all is not lost, you dont have to discard your Gmail, Yahoo or Outlook acccounts just yet. There are a number of encryption prograpms that can be used to secure these email messages. Some examples of tools available for encrypting emails include:

  • GPGMail – this tool is designed to integrate with the Mail software provided by Apple. It can be used to both encrypt and digitally sign your email. It is easier to configure and use than the Windows tools, but is only useful if you use a computer running OSX.
  • Mailvelope – this is a plug-in for Google’s Chrome browser that uses an implementation of the Open PGP standard. It works with a variety of web-based email systems, such as Gmail or Yahoo Mail.

The problem with these tools is that they can be quite awkward to use and require the reciever to also have the program. I wont bore you with all the tech jargonbut suffice to say that the encryption process requires both parties to have a private and public key each. These keys are used to secure messages.

Well to the purpose of this article. I have found a solution to easily send and recieve secure mail which is pretty much hassle free. Many would have heard of the CERN facility in Switzerland, famous for its Hadron particle collider. Well a bunch of brains from the facility got together on a little side project in reaction to  the 2013 disclosure of global surveillance and interception of email by the NSA. And what they came up with is ProtonMail.

Security 3

ProtonMail uses a combination of public-key cryptography and symmetric encryption protocols to offer end-to-end encryption. When a user creates a ProtonMail account, their browser generates a pair of public and private RSA keys. The public key is used to encrypt the user’s emails and other user data. The private key, which is capable of decrypting the user’s data, is symmetrically encrypted with the user’s mailbox password in the user’s web browser using AES-256. The public key and the encrypted private key are then both stored on ProtonMail servers. Thus, ProtonMail stores decryption keys only in their encrypted form, so ProtonMail developers are unable to retrieve user messages.

Idealy this system works when both sender and reciever use it, but you can also send secure messages to a non user at the click of a button. They will however need a password (temporary key) created for that message which you can send them via other means. when they recieve the encrypted mail, they will be prompted to enter the key in order to view the message. After waiting for two months, I finally got my Proton account and have been using my new  security knowledge to put it through some tests. I must admit, Im really happy with it, and feel quite confident using it to send secure messages which cant be intercepted by anyone, even the proton developers, its almost foolproof. You can find out more about it by checking out the Protonmail website HERE. On the downside getting an account takes some time as it is a free service, the amount of accounts is limited due to resources, but I for one think it was well worth the wait. If you would like to tey it out you can mail me at edmooneyphotography@protonmail.ch and ill send you back a secured message. Please feel free to leave a comment, I would love to hear your thoughts. Normal Ruinhunting posts shall resume tomorrow 🙂

Advertisements

About edmooneyphotography

Photographer, Blogger, Ruinhunter, with an unhealthy obsession for history, mythology and the arcane.
This entry was posted in Technology and tagged , , , , , , . Bookmark the permalink.

29 Responses to How Secure are You????

  1. Rajiv says:

    protonmail? very cool. i must try this

  2. Moreh Richard Fulk says:

    Reblogged this on Ancient Truths Hidden Ministry and commented:
    With this new windows 10 I also installed, none of us will ever be able to securely send a future email to anyone period. Unless we change our login to manual rather than that sinc crap where they spy for the NSA etc….daily saving all of a persons files up on their own personal cloud servers.

  3. beetleypete says:

    I have heard of Proton mail, and other encrypted sites before. For business users, or anyone requiring privacy, they seem like a good idea. I try to never send private information through the email system, but of course, both log-in details and password confirmations are supplied by the providers via email, somewhat defeating the object in those cases!

    Good luck with your new career, Ed. It is a burgeoning industry, and I hope that you have got in early enough to do well.
    Best wishes, Pete.

  4. Ali Isaac says:

    I had no idea what you did for a living, or that you are changing your career. Good fr you, it is a big step which takes a lot of comitment and determination when you have a mortgage and young family… I know, having gone through it in the last few years too. You are the kind of person to make it work though. Good luck, Ed! Sounds like you’re getting involved in this industry just at the right, critical moment!

  5. Donna says:

    Interesting! I try not to put anything too personal / private in emails. Good luck in the new career

  6. Good luck with your new endeavors.

  7. oglach says:

    Not what I expected from your site, but it is brilliant! Can’t wait to research it some more. Best of luck with your new career; I worked in physical security for a long time too, and ya can’t do it forever. No country for old men.

  8. Excellent post, Ed. Valuable information here. I’m keeping this in my Security Folder for future action. Best of luck on your new career.

  9. John says:

    Very interesting. I know these folks are spying on us and frankly I don’t much care because I never say or do anything online that is a concern. I will bore them to death! Thank you for sharing this information. Best wishes for your new career, Ed.

  10. Good work Ed, I shall remember this for future reference. I run a Mac and in the past there was very little to worry about but for the past two years I have used Clean My Mac to remove anything not too clever on the Mac and then ESET for all of my security. So far so good but as people become more and more aware, these programs become less effective for sure.
    Thanks for the share.

  11. willowdot21 says:

    Very interesting and scary!

  12. Good for you Ed – I wish you could make a living at ruin hunting!! – and this is very interesting about Protonmail!

  13. Most interesting post. I’m bookmarking it for further consideration. Congratulations on your new career path, Ed!

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s