Encrypted Email Service ProtonMail is Being Blocked in Turkey

I have written before about encrypted email provider Proton Mail. In fact, I used Proton Mail last week when I was in China as it was the only email service I could find that was not blocked by the Great Firewall of China. (I bet that changes soon!) Now the government of Turkey isn’t allowing its citizens access to the privacy-enabled email service.

See https://protonmail.com/blog/turkey-online-censorship-bypass/ for the details, unless you are in Turkey in which case the article is blocked.

Use Encipher.it to Quickly and Easily Encrypt Your E-mail Messages

Encipher.it is an amazing service. It secures your email messages and other data so that none of the bad guys can read it, it protects your work or personal files from identity thieves, it allows you to share confidential information easily with friends or co-workers, and it is available free of charge. What is there to dislike about Encipher.it?

Encipher.it offers several methods of use. In its easiest-to-use form, simply type your text into the Encipher.it web site (or copy-and-paste the text), click on ENCIPHER IT, enter an encryption password of your choosing, and your text is instantly converted into what looks like mumbo-jumbo. Here is a snippet from a message I just created:


Decrypt it at https://encipher.it

Then you can copy-and-paste that mumbo-jumbo into an email message and send it to anyone of your choosing. You also need to tell the person the encryption password you used. (Don’t send the encryption password in unsecured email!)

Continue reading

You Absolutely Must Secure Your Home Router and You Probably Can’t

Your in-home router/modem may be the most insecure piece of hardware you own. Luckily, there is an easy fix although it isn’t cheap for many people: replace your present router’s internal software with a security-focused product, such as the free and open code, DD-WRT. The expense arises from the fact that most routers cannot easily replace the internal software. If you are one of the majority who owns a non-modifiable router, you will have to purchase a new router (which is a good idea anyway) and then install DD-WRT or a similar product yourself. If you are one of the fortunate few who do own a router that allows for modifying the internal software, you can upgrade to DD-WRT at no charge. Another alternative is that a few companies will sell new routers with DD-WRT or similar software already installed.

You can read much more about this topic in You Absolutely Must Secure Your Home Router and You Probably Can’t in the BoingBoing.net web site at: http://bit.ly/2Cpdspj. That article provides an overview in plain English of a somewhat more technical article, How to Protect Your Home Router from Attacks, by Lucian Constantin, available at: http://bit.ly/2CBh36N.

For the past 3 or 4 months, I have been using DD-WRT installed in a Linksys WRT3200ACM DD-WRT FlashRouter. It includes all the security enhancements of DD-WRT plus it also has a VPN installed. Not only are all connections from my desktop computer, laptop computer, tablet, and even my cell phone protected by the VPN, but even my Roku box, Apple TV, VoIP telephone, security video cameras, and even the Nest thermostat in my home are now connected to the Internet via a safe and secure VPN connection.

Continue reading

Buggy Microsoft Outlook Sending Encrypted S/MIME Emails With Plaintext Copy For Months

Do you use Microsoft Outlook to send supposedly-encrypted S/MIME email messages? If so, for at least last 6 months, your messages have been sent in both encrypted and unencrypted forms, exposing all your secret and sensitive communications to potential eavesdroppers.

If you are using Microsoft Outlook, you need to read an article in The Hacker News at http://bit.ly/2gbfpvW before you send your next message!

Comment: There are several better, more secure email programs than Microsoft Outlook. If you have a need for email security, you should investigate other solutions! You might start by looking at past articles about encrypted email services that have published in this blog. Start at: http://bit.ly/2gafXCb.


Privacy Implications of Email Tracking

“What happens when you open an email and allow it to display embedded images and pixels? You may expect the sender to learn that you’ve read the email, and which device you used to read it. But in a new paper we find that privacy risks of email tracking extend far beyond senders knowing when emails are viewed. Opening an email can trigger requests to tens of third parties, and many of these requests contain your email address. This allows those third parties to track you across the web and connect your online activities to your email address, rather than just to a pseudonymous cookie.”

You can read much more about this privacy invasion in an article by Steven Englehardt in the Freedom-To-Tinker web site at: http://bit.ly/2wvcuF6.

The Only Safe Email is Text-Only Email

Interesting article: “The real issue is that today’s web-based email systems are electronic minefields filled with demands and enticements to click and engage in an increasingly responsive and interactive online experience. It’s not just Gmail, Yahoo mail and similar services: Desktop-computer-based email programs like Outlook display messages in the same unsafe way. Simply put, safe email is plain-text email — showing only the plain words of the message exactly as they arrived, without embedded links or images.”

The full article by Sergey Bratus, Research Associate Professor of Computer Science, Dartmouth College, and Anna Shubina, Post-doctoral Associate in Computer Science, Dartmouth College, may be found at: https://theconversation.com/the-only-safe-email-is-text-only-email-81434

ProtonMail now includes Bitcoin Support

ProtonMail is a popular and highly-respected email provider that offers excellent privacy. I have written before about the advantages of ProtonMail. See http://bit.ly/2wfhD6G for a list of my past articles about ProtonMail.

Now ProtonMail has introduced a new feature that apparently has been requested for some time. In order to improve privacy even more, customers may now pay for ProtonMail accounts by using Bitcoin, the semi-anonymous (see the footnote below) cryptocurrency. Quoting from the ProtonMail Blog at https://protonmail.com/blog/bitcoin-secure-email/:

“Starting from version 3.11 of ProtonMail, it is now possible to pay for premium ProtonMail secure email account using Bitcoin. We have designed the payment system to work seamlessly so that Bitcoin payments are automatically converted to ProtonMail credits which can be used to pay for upgrades, pay invoices, or top up your account. This feature was long overdue, so we are glad to finally introduce this.

Continue reading