Internet Security Threats: Who can read your email? =================================================== Nov 23, 2003 Before being able to choose a secure Internet communication system, you need to understand threats to your security.Since beginning of Internet there has been a naive assumption on part of most email users that only people who are reading their email are people they are sending it to. After all, with billions of emails and gigabytes of data moving over Internet every day, who would be able to find their single email in such a flood of data?
Wake-up and smell coffee! Our entire economy is now information based, and majority of that mission critical information is now flowing through Internet in some form, from emails and email attachments, to corporate FTP transmissions and instant messages.
Human beings, especially those strange creatures with a criminal mind, look for every possible advantage in a dog eat dog world, even if that advantage includes prying into other peoples' mail or even assuming your identity. The privacy of your Internet communications has now become front line in a struggle for soul of Internet.
The New Generation Packet Sniffers: ===================================
At beginning of 2001, most computer security professionals began to become aware of an alarming new threat to Internet security, proliferation of cheap, easy to use packet sniffer software. Anyone with this new software, a high school education, and network access can easily eavesdrop on email messages and FTP transmissions. Software packages such as Caspa 3.0 or PassDetect - Ace Password Sniffer automate task of eavesdropping to point were if you send an email messages over Internet with phrase "Credit Card", it's almost a certainty that someone, somewhere will capture it, attachments and all.
(Caspa 3.0 - from ColaSoft Corporation, located in Chengdu, China http://www.colasoft.com,PassDetect - a product whose advertised purpose is to sniff passwords sent in email, over HTTP, or over FTP from EffeTech Corporation, http://www.effetech.com )
A good example of this new class of software is called MSN Sniffer, also from Effetech, and it highlights "party line" openness of today's LAN and Internet environments. Just like old telephone party lines, MSN sniffer lets you listen-in on other people's conversations, just like picking up another phone on a party line.
On their web site, Effetech advertises MSN Sniffer as:
"a handy network utility to capture MSN chat on a network. It records MSN conversations automatically. All intercepted messages can be saved as HTML files for later processing and analyzing. It is very easy to make it to work. Just run MSN Sniffer on any computer on your network, and start to capture. It will record any conversation from any PC on network."
Just as Internet has been flooded by a deluge of spam messages after introduction of cheap, easy-to-use spam generation software, same effect is now taking place with sniffer software. The major difference is that, unlike spam, Internet eavesdropping is totally invisible, and ten times as deadly. How much of identity theft being reported today is a direct result of Internet eavesdropping? Its hard to tell, but with every growing dependency by individuals and corporations on Internet communications, opportunities to "capture" your sensitive data abound.
Most FTP transmission are unencrypted! =====================================
As of November 2003, majority of corporate FTP transmissions are still unencrypted (unencrypted is geek speak for "in clear" ) and almost all email communications take place "in clear". Many email and FTP transmissions travel over 30 or more "hops" to make its way from sender and receiver. Each one of these hops is a separate network, often owned by a different Internet Service Provider (ISP). Any Idiot in Middle Even a well run corporation must still primarily rely on trusting its employees, contractors and suppliers to respect privacy of data flowing over its networks. With new sniffer technology, all it takes is one "idiot in middle", and your security is compromised. It could be admin assistant sitting in cubical next to you, or a network assistant working for one of many ISPs your data will travel over, but somewhere, someone is listening. Maybe all he is looking for is his next stock trading idea, or maybe he wants to take over your eBay account so he can sell a nonexistent laptop to some unsuspecting "sucker" using your good name. its all happening right now, at some of most respected companies in world. Access to your network doesn't have to come from a malicious or curious employee-many Internet worms, Trojans and viruses are designed to open up security holes on a PC so that other software can be installed. Once a hacker has access to one computer in your network, or one computer on your ISP's network, he can then use a sniffer to analyze all traffic on network.
So I'll password-protect my files, right? : =========================================