E-Mail Privacy FAQ

From: modemac@netcom.com (Modemac)
Date: Mon, 17 Apr 1995 21:50:56 GMT

[ Article crossposted from alt.conspiracy,alt.politics.datahighway,alt.privacy ]
[ Author was Andre Bacard ]
[ Posted on 17 Apr 1995 02:13:39 -0500 ]

-----BEGIN PGP SIGNED MESSAGE-----

*** Frequently Asked Questions About E-Mail Privacy ***
by
Andre Bacard, Author of
(The) COMPUTER PRIVACY HANDBOOK
"The Scariest Computer Book of the Year"
[FAQ Version April 12, 1995]


======================================================
======
This article offers a nontechnical overview of possible
threats to YOUR e-mail privacy, and it suggest two key
steps that you can take to guard your privacy. I have
written this especially for persons with a sense of
humor. You may distribute this (unaltered) FAQ for non-
commercial purposes.

======================================================
=====

Can people (secretly) read your e-mail?

Very likely yes. Most electronic mail is notoriously
UNPRIVATE. E-mail is less secure, and in many ways more
dangerous, than sending your personal or business
messages on a postcard.

Who secretly reads your e-mail?

A MACWORLD survey found that roughly 25% of the
businesses contacted admitted that they eavesdrop on
employee computer files, e-mail, or voice mail. This 25%
excludes unauthorized e-mail monitoring. When I asked a
Silicon Valley C.E.O. if he uses e-mail, he said: "Hell
no, Andre. Half the nerds in my company can hack e-mail.
E-mail is a party line!"

Internet e-mail, the kind that brought you this FAQ, is
child's play for some people to intercept. Your typical
e-mail message travels through many computers. At each
computer, people can access your personal and business
correspondence.

It's a safe bet that administrators (not to mention
hackers) on Bulletin Board Systems, college campus
systems, commercial information services, and Internet
hook-up providers can read your e-mail. Of course most
snoops will deny they're reading your e-mail because they
want to continue doing so.

Doesn't my password protect me?

Charles Piller, in his excellent article entitled "Bosses
With X-Ray Eyes," reports on a study MACWORLD made of
Macintosh software. Here is part of Piller's conclusion:

"All the major electronic-mail and groupware
products that combine messaging, file
management, and scheduling (such as
WordPerfect Office) allow the network
administrator to change passwords at any time,
then read, delete, or alter any messages on
the server. With few exceptions,
network-monitor programs such as AG Group's
LocalPeek, Farallon Computing's Traffic Watch
II, and Neon Software's NetMinder, allow
astute managers to read files transmitted over
the net. In short, these tools are only
slightly less invasive than others
specifically designed for surveillance and
used primarily on mainframe systems."

Unix, Dos and other software networks are just as easy
for administrators to manipulate. Who is to stop your
Internet hook-up provider or any network supervisor from
using or distributing your password?

Doesn't my e-mail vanish after I read and "delete" it?

In many cases, NO! Many Internet providers and network
administrators "archive" (store) your incoming and
outgoing mail on a computer disk for six months or more
AFTER you think that you've deleted your mail. If someone
sues you (for example, in a divorce), he or she may be
able to subpoena and READ your previous correspondence.
Of course, unauthorized snoops might chose to read your
archive for their own reasons.

What motivates a snoop?

Maybe he's a thief who sells company business plans or
customer lists. Perhaps she's the office intriguer trying
to play people against you. Possibly he's a computer
stalker like the fellow who shot actress Rebecca Schaffer
to death. Conceivably she's a blackmailer. Maybe he's an
old-fashioned voyeur. Information is power. Snoops want
power.

Whatsamatter, I've got nothing to hide. Why do I need e-mail
privacy?

Show me an e-mail user who has no financial, sexual,
social, political, or professional secrets to keep from
his family, his neighbors, or his colleagues, and I'll
show you someone who is either an extraordinary
exhibitionist or an incredible dullard. Show me a
corporation that has no trade secrets or confidential
records, and I'll show you a business that is not very
successful.

Robert Ellis Smith, Publisher of the PRIVACY JOURNAL,
quips, "An employee with nothing to hide may well be an
employee with nothing to offer."

Privacy, discretion, confidentiality, and prudence are
hallmarks of civilization.

OK, maybe I could use e-mail privacy. What can I do?

There are two big, practical steps that you can take.
First, use PGP (Pretty Good Privacy) software to encrypt
your e-mail (and computer files) so that snoops cannot
read them. PGP is the de facto world standard software
for e-mail security. Second, use anonymous remailers to
send e-mail to network news groups or to persons so that
the recipient (and snoops) cannot tell your real name or
e-mail address.

Where can I learn more about these privacy tools?

Two excellent places to start are the Usenet news groups
alt.security.pgp and alt.privacy.anon-server.

Also, I've written FAQs about Anonymous Remailers and PGP
(Pretty Good Privacy). See below.

Anything else I should know?

Yes. YOUR privacy and safety are in danger! Prolific
bank, credit and medical databases, computer matching
programs, cordless & cellular phone scanners, the Clipper
Chip Initiative, the Digital Telephony law, and (hidden)
video surveillance are just a few factors that threaten
every law abiding citizen. The COMPUTER PRIVACY HANDBOOK
gives many chilling examples. In short, our anti-privacy
society serves criminals and snoops computer data about
YOU on a silver platter.

If you want to protect YOUR privacy, I urge YOU to
support groups such as the Electronic Frontier Foundation
<membership@eff.org> and the Electronic Privacy
Information Center <info@epic.org>.

Andre, have you written other privacy-related FAQs?

I'm circulating an (1) Anonymous Remailer FAQ, (2) E-Mail
Privacy FAQ, and (3) PGP (Pretty Good Privacy) Software
FAQ. To get these FAQs, send me this:

To: abacard@well.sf.ca.us
Subject: Send FAQs Info
Message: [Ignored]

****************************************************************
Bacard wrote "The Computer Privacy
"Privacy permits you Handbook: A Practical Guide to E-Mail
to be yourself." Encryption, Data Protection, and PGP
Privacy Software" [for novices/experts].

Introduction written by Mitchell Kapor, Creator of Lotus 1-2-3
and Co-founder of the Electronic Frontier Foundation.

Book Available from Bookstores or:
Peachpit Press, 2414 Sixth Street, Berkeley, CA 94710
Call (800) 283-9444 or (510) 548-4393
ISBN # 1-56609-171-3
*****************************************************************

-----BEGIN PGP SIGNATURE-----
Version: 2.7

iQCVAwUBL4tEvN6pT6nCx/9/AQHnHAQAsuh3OWSofVvJYp8aZSLi2/T/DXCI4pL9
q6+WFQvd96MK6DhH6M8bD6yPgXe7K6qWktjht+6SnHNIwAwTc1ikd3UFbunfkP2u
0QCRg+eestjfGTeiw65Fcc6IiPq0zRYT+G+d+NnwOGlxDISO4+2Z2fXPS57MDCqk
1cfmDFLEq+Q=
=lk6W
-----END PGP SIGNATURE-----

--
+---------------------------------------+
| Reverend Modemac (modemac@netcom.com) |
+-------------+ "There is no black and white." +------------+
| First Online Church of "Bob," A Subfaction of the Excremeditated |
| Congregation of the Overinflated Head of L. Ron Hubbard |
+------------------------------------------------------------------+
FINGER modemac@netcom.com for a FREE SubGenius Pamphlet!

----------------------------------------------------------------------



Back to document index

Original file name: PRIVACY.FAQ

This file was converted with TextToHTML - (c) Logic n.v.