Sunday, March 27, 2005

Security for All

Online Privacy for Layman

Whenever you use hotmail, yahoo,gmail, lycos etc for sending mails, they get stored in central servers. These mails are readable for the central server administrators . Do you think that no administrator will ever go through your mails. Wouldn't you go through a mail if some one leaves it open in your desktop. True, you may not do any harm to the sender of the mail, but then you never know whether all of them are harmless as you are !

What if your secret business information is revealed to your competitor by the server administrator ?

What if your secret affair with your lady love is broken to your wife !

What if you want the information to be confidential between a group of people ?

Solution: Do not send email messages !

I hear you saying 'Impossible' !

Then what is the solution ?

encrypt your mails ?

But encryption and decryption is for geeks and not for me Alice.

Cheer up !.

Of late there are quite a few who provide encryption services with some amount of simplicity.

For instance, have a look at these people at http://www.keygloo.com/ They seem to have done something good for layman. The solution assigns you a 10-digit number ('keygloo number' )
similar to your phone number.

This number is given to you once you install the software. The software generates a RSA Key pair consisting of the private and public keys. The public key gets registered with the 'keygloo'
server while the private key is stored as a encrypted profile in your local store.

Once you are done with the installation, you can

a) encrypt files in your desktop

b) send encrypted mails for yourself.

For you to send encrypted mails to others, you need to know the keygloo number of them.

Once you specify the keygloo number of the receiver, the component installed on your machine picks up the corresponding key of the receiver and encrypts the message with that key

To cap it all, it works with the popular web mails like hotmail, yahoo and also with Outlook express.

If you think your privacy in the web is at stake, then it is time for you to look at such solutions.

Richard Newman
Security Consultant

Note:The contents above are my personal opinion about technology and problems. It is not my intention to question or belittle the security policies adopted by any vendor or Service provider.