Encrypted connections

Revision as of 18:33, 27 May 2014 by Ben (Talk | contribs)

In what become known as the Crypto Wars, “...for several decades, individuals and organizations concerned with protecting their personal privacy and corporate secrets have been engaged in a heated battle with government officials to gain the right to freely employ encryption techniques and technologies to safeguard their information.” Eventually a layer of encryption was built into the Internet's infrastructure to allow for secure connections between two computers. It is called the Secure Sockets Layer and is often abbreviated to SSL. The advantage of using SSL in webmail services is that the technology is already built into the framework of the Internet and does not require any additional tools or action from the user. Companies and non-profit organisations can (and often do) offer webmail services protected by SSL connections. It is the minimum requirement today for a degree of privacy in email and Internet communication.

SSL

The existence and properties of an SSL connection to a particular website can be identified by two distinguishing features:

The address for the website will begin with https:// (the 's' standing for secure!) A little padlock will appear in the address bar or on bottom toolbar, depending on your Internet browser

HTTP

This means that the website you are visiting and your Internet browser have agreed upon an encrypted communications channel. You can click on the padlock to view the details of this secure connection.

<vid>


Note: Email is a medium where the receiver of your message is responsible for your privacy. Imagine you are using an SSL enabled webmail service and your recipient is using an insecure webmail provider. When they read your message, it will be accessible to the recipient's Internet Serrvice Provider and at the national gateway of the country they reside in. Pay careful attention to the providers used by your email's recipient.


<img>

It is advisable for both parties to use the same SSL webmail service provider. Email, travelling on the Internet between servers, is usually unencrypted and can easily be intercepted. Keep in mind that even though your connection to the server is encrypted, the message itself is sent unprotected through this connection. This means that the webmail service provider will have access to your messages. Perhaps this is not a game changer for you, nevertheless you should be aware of it.

Note: A 'Man-in-the-Middle' attack poses one of the biggest threats to using SSL securely. The topic is explained in more detail in the Digital Security and Privacy manual and (as always) in Wikipedia.

The ability to protect your information further by encrypting its content before it leaves the computer can be done manually by using tools such as PGP/GPG. This is the best (and the security expert's choice) way to ensure that no one interferes with your communications and your message can only ever be read by its intended recipient. Public key encryption may not come naturally to you and there are services which will perform the complicated processes for you (for this reason they are not liked by some security experts).

<img>

Media: Public key cryptography explained

<vid>