e-ignite

I’ve been working as part of the development team on Mobility Email for quite some time, and release day has finally arrived!

In summary, Mobility Email is a distribution of Mozilla Thunderbird that can be run without installation from a USB Flash Drive, iPod or hard disk for example. It has been authorised for release by the Mozilla Corporation.

Mobility Email allows you to transport your entire email inbox simply on a USB stick, allowing you to plug it into any computer with a USB port and an internet connection, and communicate easily by email.

One of Mobility Email’s key features is that it comes with support for both S/MIME and OpenPGP Signing and Encryption features built-in, allowing users to digitally sign and encrypt their emails wherever they are. It includes a new, cutting-edge CVS version of GnuPG allowing users to utilise the new, more secure DSA2 and SHA224 technologies not yet available in any other standard release email client. Mobility Email truly is a plug-and-go solution, requiring no lengthy set-up procedure. Read the rest of this entry »

The US Government currently has an agreement where airlines must send them passenger data of any flight leaving for the US fifteen minutes before take-off. Today, this agreement was ruled illegal by an EU judge.

Again, the US argument was that this “helps us identify potential terrorists” and used this argument to threaten airlines that planes would be denied authority to land, and passengers would be subject to long security checks if they did not comply. However, the EU court ruled that this was illegal on Passenger Privacy grounds.

Read the rest of this entry »

Did you know that AT&T are currently being sued? This may not sound like a big deal – a large US corporation is being sued. But it becomes interesting when you find out what they’re being sued for.

The Electronic Frontier Foundation (EFF) are suing AT&T because they illegally installed methods to tap its customers phones and log all internet traffic. And what was the purpose of this? To pass all the data to the American NSA.

Read the rest of this entry »

Unexpectedly, a US judge has ruled against Apple who were seeking a court injunction requiring an ISP to name a blogger. This started quite a long time ago when Apple were a little upset to discover some of their secrets relating to a forthcoming product release were leaked in a blog. They claimed that the blogger must reveal his source so that they could find out who the leak was.

In the current privacy climate, I was very surprised that the judge ruled in favour of privacy for the blogger – it is fair that bloggers be allowed to protect their sources just like a member of the press has a legal right to do the same. However, the ruling looks far from secure, and Apple may triumph yet.
Read the rest of this entry »

Well, this is a rather strange story. According to Beta News, the EU are planning to introduce a tax on SMS Text Messages and Emails. But this is a strange thing to be on a privacy and security blog surely? Well, not quite…

The basics of the story are that the EU need to raise funds and in order to do so, they are looking at charging $0.015 per SMS message and $0.000001 for each email you send. So far it’s not clear whether the users will have to pay this (less likely IMO) or the service providers. But this will increase either the charges the user has to pay, or increase the advertising required on a free email page. It’s annoying to say the least.

However, the main concern is, yet again, privacy. Read the rest of this entry »

Today’s BBC News story about the “intelligent” semantic web asks some very valid questions. Researchers are claiming that by lumping together as much data that they can get their hands on (including public records, shopping data, photographs, locations etc) then thay can provide a more specifically targetted viewpoint on various aspects of the web. But this presents a real privacy concern. Do you want people to be able to search for information about you and find out where you live, where you’ve been, what you’ve been buying, what books you read, what you look like…? Read the rest of this entry »

In a word… no!

According to this news story, the US Government have been illegally demanding people’s personal data from banks, credit card companies, telephone companies etc without getting the correct court authorisation first. All this at a time when the infamous “Patriot Act” is allowing them to monitor email traffic and internet data… even though they promise not to use it unless there’s “reason for suspicion.” Read the rest of this entry »

As I discussed on my main website, there are two major types of email encryption: OpenPGP and S/MIME. I believe that OpenPGP is a far superior system, although I admit it’s a bit more complex to set up. This is mainly because S/MIME functionality is already built-in to many email client programs.

So first thing’s first: Why is S/MIME built-in to email programs but OpenPGP isn’t? Read the rest of this entry »

It’s been widely published that certain SHA algorithms (used to digitally sign your email) are becoming less and less secure. For example, it’s been proved that the md5 algorithm (widely used for file verification) has been broken. The newer SHA algorithm was also discovered to be very weak when subjected to Cryptographic attack – this lead to a new version of SHA being released called SHA-1 (the original version is now known as SHA-0 and is virtually never used). SHA-1 is a 160 bit hash, and it has been found to have some severe weaknesses too. Read the rest of this entry »

You may or may not be surprised to learn that Google (operators of Gmail – arguably one of the best free webmail systems available on the internet) keep copies of all your emails – deleted or otherwise. This may worry you, or it may not, but a short time ago, Google was ordered by a US court to hand over the contents of a user’s deleted emails. Read the rest of this entry »