Re: scroogled?

Subject: Re: scroogled?
From: Editor in Chief <editorialstandards -at- gmail -dot- com>
To: sphilip <philstokes03 -at- googlemail -dot- com>
Date: Tue, 26 Feb 2013 10:46:24 -0500

If you use someone's servers, that someone has access to what you write,
whether you formally "Send" it or just save it, without sending... ON THEIR
SERVERS.

If it goes through somebody's servers, in the clear, they can read it. All
that's needed is motivation. Once somebody figures out an algorithm for
discovering/recognizing a particular sort of information - be it
needs/interests that might suggest profitable targeted advertising, or be
it state or commercial intelligence (like a discussion about your company's
next product or the possible routes for the nuclear-waste convoys) - that
algorithm will be implemented and that information will be sifted
automatically from the data stream or from archived material.



Whether or not they take advantage of that ability is entirely a matter of:

a) their policy and what you agreed to

b) how honestly they adhere to stated policy (if it wasn't what you agreed
to)

c) whether some level of government comes knocking at their door.

So if you want to use a mail system with unencrypted content, you rely on
the ethics or policies of the provider.

If you choose encryption, but rely on the provider to perform that
encryption... then your data and communications privacy is as good as their
willingness to not snoop. Then, you add the fact that all online systems
are now required to provide back doors for access by government in
pretty-much every technologically advanced country, often without subpoena
or notification.

Then, then, you catch yourself relaxing because you feel safe from your own
government... but you pause and realize that your data packets are very
likely going through the jurisdiction of various other governments as
well. For example, as a Canadian citizen, not USian, I'm not totally
thrilled that every bit and byte I ever send or receive is automatically
scrutinized by Echelon, simply because of the way internet traffic is
routed in North America.

TWs working contract for organizations that handle sensitive material
should pay attention.

Normally, such organizations would be sufficiently aware that they would
have VPN access available, and require all communication to take place by
that route, or else they should specify handling and encryption procedures.
For employees, companies routinely impose profiles that encrypt laptop
contents and either encrypt files saved to external media, or simply refuse
to save to USB-, Firewire-, or Thunderbolt-connected devices.

If you work for (say) a Chinese company, you can bet that every e-mail you
send, every file you ftp, is scrutinized at a higher level than the mail of
somebody who works for Chucky Chicken. Chances are, you have
security-by-obscurity, as long as you never write a flagged keyword/phrase,
or never utter one in proximity to a phone or a public microphone. If you
think Google has spooky access and ability to correlate your words in mail
and messaging, and your browsing and YouTube habits, your online shopping
choices, and your physical location (Android phone? Or other phone, but you
let Gmail access your phone contact info, or you installed an app that has
access to your phone's GPS system, geo-tagged photo uploads...?), just
imagine how much access and correlation are available to governments, and
not just your own.

I work for a company in the data security and encryption biz, that also
does business with assorted government agencies, in addition to the
commercial side, so I have more awareness than some, both by osmosis and by
necessity.

Most TWs are probably correct in being complacent that their personal
correspondence will never be flagged for notice by government, it'll just
be part of the background noise, but your correspondence with/for your
employer or contractor/contractee might very well be of interest to
competitors. The obvious would be if you routinely mailed design or
marketing documents, discussions about dev or testing, review copies of
customer docs for product that isn't yet released. Less obvious ... well,
that's for another time.


On Mon, Feb 25, 2013 at 8:18 PM, sphilip <philstokes03 -at- googlemail -dot- com>wrote:

> Since we're on this topic, and purely for theoretical reasons - it would
> be impractical as a general means of conducting business - another way to
> communicate privately with someone using public webmail accounts is to set
> up an account and share the password with the person you wish to
> communicate with. The correspondents write messages to each other by saving
> them in the drafts folder, where they can each read and respond to when
> they log in.
>
> Since the messages are always 'draft's and never leave the server as
> 'sent', they don't get scanned either by Google or by anyone eavesdropping
> on internet traffic. Sharing the password of a Gmail account with someone
> else probably violates Google's terms of service and could lead to your
> account being suspended if detected (which they might do if you're
> regularly logging in from different sides of the world), but like I said, I
> mention this only out of technical interest.
>
>
> Best
>
> Phil
> http://applehelpwriter.wordpress.com
>
> On 26 Feb 2013, at 05:27, "McLauchlan, Kevin" <
> Kevin -dot- McLauchlan -at- safenet-inc -dot- com> wrote:
>
> > If you'd like some privacy, think asymmetric cryptography.
> >
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> EPUB Webinar: Join STC Vice President Nicky Bleiel as she discusses tips
> for creating EPUB, the file format used for e-readers, tablets,
> smartphones, and more.
>
> Learn more: http://bit.ly/12LyN2z
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> You are currently subscribed to TECHWR-L as editorialstandards -at- gmail -dot- com -dot-
>
> To unsubscribe send a blank email to
> techwr-l-leave -at- lists -dot- techwr-l -dot- com
>
>
> Send administrative questions to admin -at- techwr-l -dot- com -dot- Visit
> http://www.techwhirl.com/email-discussion-groups/ for more resources and
> info.
>
> Looking for articles on Technical Communications? Head over to our online
> magazine at http://techwhirl.com
>
> Looking for the archived Techwr-l email discussions? Search our public
> email archives @ http://techwr-l.com/archives
>



--
__o
_`\<,_
(*)/ (*)
Don't go away. We'll be right back.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
EPUB Webinar: Join STC Vice President Nicky Bleiel as she discusses tips for creating EPUB, the file format used for e-readers, tablets, smartphones, and more.

Learn more: http://bit.ly/12LyN2z

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

You are currently subscribed to TECHWR-L as archive -at- web -dot- techwr-l -dot- com -dot-

To unsubscribe send a blank email to
techwr-l-leave -at- lists -dot- techwr-l -dot- com


Send administrative questions to admin -at- techwr-l -dot- com -dot- Visit
http://www.techwhirl.com/email-discussion-groups/ for more resources and info.

Looking for articles on Technical Communications? Head over to our online magazine at http://techwhirl.com

Looking for the archived Techwr-l email discussions? Search our public email archives @ http://techwr-l.com/archives


References:
Re: scroogled?: From: sphilip

Previous by Author: Re: Outlook, thunderbird, or...
Next by Author: Re: Yahoo!'s telecommute policy
Previous by Thread: Re: scroogled?
Next by Thread: Workplace aural accompaniment (was RE: Telecommuting ...)


What this post helpful? Share it with friends and colleagues:

Sponsored Ads


Sponsored Ads