Date:         Thu, 13 Jul 2000 05:54:50 +0000
Sender:       The Internet TourBus - A virtual tour of cyberspace
From:         Bob Rankin 
Subject:      TOURBUS - 11 Jul 00 - Email Snoops
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
              TOURBUS Volume 5, Number 108 -- 11 July 2000
[ Tip: Use a monospace font like Courier when reading this message ]
    _________ ____________ ________ __________ _____________ ___ _
   /         |            /        |          |             /   | \
  |            HEY LOOK... GRANDPA'S GONE GANGSTA!         /    |  \
  |__________|__________/__________|__________|___________/_____|   \
 /                                                              |----\
|  Join pop culture comedian Larry Weaver as he teams up with   |////|
|  Weird Al Yankovic at King's Dominion in Doswell, Virginia    |////|
|  July 13 for an evening of laughs and parody.  Bring your     |////|
|  funny bone and Larry will bring "Grandpa's Gone Gangsta",    |////|
|  "Country Folks Can Survive" and "The Oxymoron Song."  For    |////|
|  a taste of what you can get at the live performance, check   |////|
|  out Larry on the web right here:                             |////|
|  CLICK HERE    |////|
       /   \  /   \                                             /   \
       \___/  \___/  T h e   I n t e r n e t   T o u r B u s    \___/
       FIVE YEARS of Searchable Archives at !!
           TODAY'S TOURBUS TOPIC:  Is Your Email Secure?
Sending e-mail is like sending a post card - any postal clerk along
the way can read your note.  In cyberspace, unethical sysops or
hackers may sneak a peak at your digital dispatches.  And even your
boss may be monitoring your e-mail.  But this week, a new threat to
email privacy came to light.  Surprise - it's the FBI!
+------------------ ONLY CHOCOLATE CHIP COOKIES -------------------+
 Need a special way to say Happy Birthday, Thanks, or I Miss You?
 Send the good taste gift - Only Chocolate Chip Cookies. For a lot
 less than you'd expect, we'll send one dozen fresh, delicious
 chocolate chip cookies to your loved one, with a hand-lettered gift
 card via 3-day delivery anywhere in the U.S. or Canada.
+-------------------------- ALLENBEYS.COM --------------------------+
  A Shopping Adventure - 23 Departments For the Unusual, the Hard
  to Find and One of a Kind!  Toys, Home & Garden, Men's Gifts,
  Kitchen/Dining, Clock Shop Santa Fe Gallery, Lingerie, Historical
  Weapons & Replicas, Assisted Living Aids, Military/Outdoor, Smoke
  Shop, Legendary Chess Sets, Tribal Masks, Samurai Letter openers
  and more.  For One Stop Shopping at Allenbeys...
Please check out our wonderful sponsors for this issue, the very funny
Larry Weaver, the very yummy Only Chocolate Chip Cookies, and the very
eclectic Allenbey's store - thanks!
The FBI has revealed that they are using a system called Carnivore,
which can be placed at an Internet Service Provider to scan e-mails as
they come and go.  Supposedly, Carnivore only looks for messages that
might be linked with the target of a criminal probe, and sends copies
of them to FBI HQ.
But imagine what might happen if you had the same last name as the Bad
Guy, or one of his Evil Accomplices?  What if your email address was
very similar to a criminal's, or you were discussing the merits of
purchasing stock in the company that Suspected Criminal works for? A
copy of your email message could very well end up on the desk of an
FBI agent.
Of course the FBI won't say which Internet Service Providers have been
forced to secretly install the Carnivore systems.  And since these are
"black box" devices, nobody can know for sure what's really happening
inside them - not even the ISP.  Naturally, this has stirred up quite
a bit of controversy, which you can read about here:  
 Keeping Your Email Secure
So what's the best way to ensure that no hacker, co-worker, boss or
FBI agent can sneak a peek at your email?  The answer is to put your
electronic communication in a digital envelope, with user-friendly
encryption tools.
If encryption conjures up images of spy, counter-spy and secret
decoder rings, you're thinking along the right lines.  Government and
military agencies have been using encryption to try and keep messages
secret ever since the smoke signal.  In recent years, online privacy
has become a big issue, keeping mathematicians and computer scientists
ever scrambling in the quest for unbreakable ciphers that will keep
sensitive communications from falling into the wrong hands.
 So What Is Encryption?
... and how does it work?  Basically, encryption means scrambling a
message with a hopelessly complicated mathematical formula, rendering
it unreadable to anyone except you and those who have the secret key
to decode the message.  This is a little different than those
crypto-quips on the funny pages where one letter stands for another.
The latest encryption methods are so powerful that it would take even
the fastest computer years to crack the code by trial and error.
Several years ago, a programmer by the name of Phillip Zimmerman
invented some encryption software that could create mathematically
unbreakable ciphers.  The U.S. government considered this a threat to
national security, since it would allow foreign spies to communicate
securely.  So they classified Zimmerman's PGP (Pretty Good Privacy)
software as a munition, and made it illegal for export. But of course
that didn't stop it from spreading all over the world, and it got poor
Zimmerman in a heap of legal trouble.
Eventually, the Feds dropped charges against Zimmerman and liberalized
policy concerning the export of cryptographic software. Zimmerman
founded PGP, Inc. which offers an array of security and crypto
software that makes it easy for any computer user to encrypt files and
electronic messages.  PGP, Inc. was later acquired by Network
Associates, where Zimmerman is now a Senior Fellow.
PGP software uses a system where two keys, one public and one private,
are used to encrypt and decrypt information.  In order to send an
encrypted message, the sender must know the recipient's public key.
Once the message is encrypted, only the recipient can decode it with
his private key.  It's kind of like a public vault with a key hanging
next to it.  Anyone can walk by, put a package in the vault and lock
it, but it can only be opened by the person who has the private key.
 Do I Really Need Encryption?
Businesses rely on the Internet every day to send confidential
information back and forth between customers, suppliers and employees.
And individuals use e-mail to send messages that may contain sensitive
information.  If you're worried about competitors stealing your plans,
if you're afraid to tell a co-worker what a jerk your boss is, if
you're concerned that someone in cyberspace may be reading your love
letters, then you really do need encryption!
You wouldn't want to plan corporate strategy or negotiate a sensitive
business deal in a crowded elevator.  And you'd never send tax records
to your accountant on a post card.  So if it's important and has to
travel by e-mail, assume that someone is watching, and assure your
privacy with encryption.  The point is, your electronic mail and
computer files deserve the same protection routinely given to other
forms of communication.
  [Queue scary music]
Remember too, the threat doesn't always come from evil hackers lurking
in the shadows of the online world.  If a co-worker nabs your password
by watching over your shoulder, kiss your private files and e-mail
good-bye.  Same thing applies if your PC or laptop is stolen. If your
LAN guru has too much time on her hands, she can probably view your
files or intercept any data that gets passed around the office.  You
may even fall victim to company policy which gives managers the right
to monitor electronic correspondence.  Or that FBI thingie might be
silently snooping away in your Internet Service Provider's computer
room.  Ya never know...
 How Can I Get This PGP Software?
If you've never used encryption technology, all this stuff about
ciphers and secret codes may seem a bit daunting.  The good news is
that now you can easily secure your files and messages with a point
and a click.  PGP Desktop Security is a package that integrates nicely
into the Windows and Mac desktops as well as popular e-mail clients
like Outlook, Eudora and Claris Emailer.  Command-line versions are
also available for Unix/Linux users.  PGP Desktop Security is
available for purchase from Network Associates, here:  
If you're looking for crypto on a budget, try PGP Freeware instead.
It's free for non-commercial use by individuals, includes the
easy-to-use graphical user interface, but lacks some of the advanced
features found in the commercial version.  Which ever version you
choose, be aware the the recipients of your encrypted messages will
also need PGP software to decode them. 
 But Is It *REALLY* Secure?
If you're worried about the FBI or anyone else having secret keys to
decrypt PGP messages, you can stop now.  I suggest you read the
statement from Phil Zimmermann about rumors concerning the
cryptographic integrity of PGP, which allege that some versions of PGP
contain "back doors" for the US government to access the encrypted
messages or keys.
In a nutshell, Zimmerman says: "I do not know how such sensationalist
conspiracy theories get started, but they seem to come from people who
believe The X-Files is a documentary...  We have always published the
PGP source code for peer review purposes and anyone may examine it."  
PGP is a safe and proven encryption technology that's sure to keep
your email
That's all for now, see you next time!  --Bob Rankin
The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
Copyright © Bob Rankin and Patrick Crispen - All rights reserved
=====================[ Tourbus Rider Information ]===================

   The Internet Tourbus - U.S. Library of Congress ISSN #1094-2238
     Copyright 1995-2000, Rankin & Crispen - All rights reserved
 Like Tourbus?  Recommend It!  You could Win $10K or a Sony DVD Player
 Help the hungry, poor and sick - for free!
 Note : Put LISTSERV commands in the message BODY, not SUBJECT line.
 Tourbus Home: Archives, Free Stuff and More -

TOURBUS - 11 JUL 00 - Email Snoops, viruses, hoaxes, urban legends, search engines, cookies, cool sites
TOURBUS Site Search