|
| Information Security This Week (EU-IST) | ||
| Published | 03 March 2006 | |
| Editor | Urs. E. Gattiker | |
| ISSN | 1600-1869 | |
| Related Links |
We searched at Bluewin for 'sicheres pop3 email' and got this - meaning - Bluewin does not provide secure pop3 mail services. |
|
| Public hotspot - downloading mail securely with your favorite program while sitting at the coffee shop | ||
| When checking email via a program (e.g., Outlook, Eudora, Thunderbird) by connecting to the mail server through a public hotspot the security risk occurs when 1) checking either through using POP3 or IMAP, and when 2) using SMTP for sending the mail |
||
| If the above connections are not protected (e.g., by encrypting or using a VPN - see first related story), then actual emails, usernames and passwords for logging in to check or send email are in public view. An easy way is to use a secure wrapper like SSL (the same technology that protects credit card transactions on https web sites) so that someone listening in gets gibberish and nothing else. You have to check with your mail provider if they support secure POP3 (or secure IMAP). You can also try a search for "[your email company] secure pop3 email". |
||
| Bluewin - Switzerland's largest mail provider fails to offer secure pop3 email even with a ADSL subscription - you should change provider If the email provider such as, Bluewin, fails to offer secure POP3 or IMAP, this would appear unacceptable nowadays and you should change your e-mail service provider quickly (get a free Gmail account, see related story on how). |
||
| When it comes to sending email from a coffee shop, it could be that the network is set up to allow one to send email using their ISP only. And while the ISP serving your restaurant's hotspot might offer secure SMTP, the boys and girls behind the counter making your coffee won't have the slightest clue what settings you should use. If your ISP allows for secure SMTP you are all set. For instance, you can send and receive e-mail messages by using your Google Gmail e-mail account and Outlook, Eudora or Thunderbird. Gmail requires a Secure Sockets Layer (SSL) for retrievin and sending e-mail. TIDBIT 1 Secure Sockets Layer (SSL) is an open standard that was developed by Netscape Communications for establishing a secure communications channel to prevent the interception of critical information, such as credit card numbers. TIDBIT 2 Gmail uses POP3 (POP3 to retrieve e-mail messages and port number 995 and Simple Mail Transfer Protocol (SMTP) (Simple Mail Transfer Protocol (SMTP) with port number 465. |
||