Changes between Version 6 and Version 7 of WebInfoPamphlet


Ignore:
Timestamp:
May 19, 2008, 7:09:05 PM (13 years ago)
Author:
alfredo
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • WebInfoPamphlet

    v6 v7  
    7171
    7272
    73 Do you use starttls so all email data is encrypted from point-to-point with other email providers using starttls? Do you enforce https only web access to webmail?
     73Do you use starttls so all email data is encrypted from point-to-point with other email providers using starttls?
     74
     75Starttls is not common among commerial providers and it's possible that the person you're talking to won't even know what you're talking about. But consciousness of this "security trigger" is as important as anything we've talked about here.
     76
     77Starttls is a keyword-based interaction between two providers doing email. You want to email someone on our system, you enter a keyword and that triggers a reaction from the other provider that puts your interaction into secure and encrypted mode. Now the email being transferred, its content and both email address is completely encrypted. Nobody can effectively steal them.
     78
     79You can see how important this can be to you. Does you provider see that as well? If not, your provider isn't thinking about your security or privacy and you should start thinking about another provider.
     80
     81Do you enforce https only web access to webmail?
     82
     83Straight and to the point. When you do webmail with your provider and the url begins with "http" rather than "https", your email is insecure and your provider is not thinking about your security.
     84
     85The secure layer for web access, https, is the only way to make sure your email is traveling through a secure tunnel and is not visible or viewable to hackers. Put it this way: you see that website you got to through http? You can see everything on it? Your webmail is a website. All you need is a password and someone can steal the password or guess it. Ask yourself this question: why do people who take credit card information on the Internet use https pages? Is your email less valuable than a credit card number?
     86
     87
    7488
    7589 == DNS ==
    7690
    7791Can do I have full control over my domain name (ability to change the authoritative DNS servers)?
     92
     93This is quite possible *the* most torturous "lesson" many experienced activists learn on the Internet.
     94