People who don't protect their communications, are exposed to greater risks than
they probably assume. One single incident that can occur may break down
all other benefits of internet use and/or cause moral harm. Initially, the
Internet was developed as an open medium. Internet traffic is
predominantly unencrypted data, thus electronic messages, passwords and
files can be easily intercepted, monitored and altered. Although email is
a very convenient and useful instrument of communications, it is the most
vulnerable spot on the Internet. The
low cost of electronic communications has both benefits and drawbacks.
Most of us take for granted, and gladly take full advantage of the ability
to send a written communication delivered directly to the desktop of our
correspondent thousands of miles away in a matter of seconds at negligible
cost, using email software. What many of us are beginning to discover,
however, is that there are hundreds of thousands of marketeers out there
who want to send written communications to our desktops at a negligible
cost. These unexpected, unsolicited and often intrusive emails are
referred to as Spam.
The
facts are:
No
standard email protocol (SMTP, POP3, IMAP) provides encryption that
can guarantee the confidentiality of the correspondence.
Ordinary
email messages and attached files can easily be cracked and read by
third parties.
Ordinary
email messages can hoodwink the recipient due to its low identity
verification of the sender
Ordinary
email message can be altered, because a standard SMTP cannot check
whether it has been delivered safely or not.
All
such problems are solved by Safe Express, which is a comfortable and easy-to-use
solution for secure emailing. For Safe Express users the overall correspondence is absolutely secure and safe.
No one, except the sender and the recipient are able to handle the email
concerned.
How do encryption/decryption
functions work in Safe Express?
Public
key cryptography. Safe
Express has been developed upon the principles of public key cryptography.
The user must have the key, which consists of two parts - public and
private. Private key is kept with the user; public key is distributed
between the user's correspondents. If anyone from the user's
correspondents wants to write a protected letter to that user, he/she will
encrypt the letter using the public key of the user. When the email letter
is received the user decrypts it using the private key. No one can decrypt
the message without the private key. It is not possible to retrieve the
private key on the basis of the public key.
Public
and private keys generation process. Upon
installation, Safe Express generates a key for the user, which consists of
two parts - private and public. Public key is stored on the public keys
server. Private key is stored on your computer.
Delivering
an encrypted message. If
the sender, who is a Safe Express user, sends a message to the recipient,
who is also a Safe express user, the system analyzing 'to:' field (which
contains the email address), retrieves the recipient's public key from the
public key server. Having retrieved that public key, the client's program,
which is activated on the sender's PC, generates the session key - "SK".
The message is then encrypted using the "SK" key as an
encryption key. Then the "SK" key itself is encrypted with the
use of the sender's public key and is attached to the body of the
encrypted message. When all operations are completed, the compound
encrypted message is sent over to the recipient's mailbox.
Decryption
process. When
the recipient wants to read the message Safe Express decrypts it
automatically.
Emails
delivered to non Sefe Express users. Incoming emails at Safe Express.Safe Express freely communicates with all other web-based email systems and clients.
What algorithms does Safe Express use to encrypt message? Safe Express uses Blowfish (448 bit keysize), AES (256 bit
keysize), 3DES (168 bit keysize) GOST (256 bit keysize) and El
Gamal encryption algorithm, with a key size of 512 to 4,096 bits.
If
a malefactor intercepts my email, is it possible to decrypt it?
Any encryption can be broken. But, the algorithms used at Safe Express
would require very profound cracking procedures. It takes a thousand years
to break down well-generated passwords, like those used at Safe Express.
What is Spam?
The term Spam refers to unsolicited, unwanted, inappropriate bulk email,
Usenet postings and MUD/IRC monologs. For the purposes of this discussion,
we will use the term Spam primarily in reference to email, which is what
it is generally understood to mean when used in connection with the
Internet. Spam is often referred to as Unsolicited Bulk Mail (UBM),
Excessive Multi-Posting (EMP), Unsolicited Commercial email (UCE), spam
mail, bulk email or just junk mail.
Why do people send spam?
Spam is the electronic equivalent of junk mail. People send Spam in order
to sell products and services or to promote an email scam. Some Spam is
purely ideological, sent by purveyors of thought. The bulk of Spam is
intended, however, to draw traffic to web sites or to sell sex and money
making schemes. Unlike junk mail in your physical mailbox, Spam does not
abait if it is unsuccessful. When marketing departments send junk mail at
considerable expense, without success, they generally cease, or try a
different sales pitch. Spam on the other hand can be entirely unsuccessful,
but the large number of wannabe spammers waiting in the wings ensures that
we will continue to receive lots of it.
How do spammers get my email address?
Through many means. Some companies you may have had dealings with sell
their mailing lists to third parties, spammers included. Spammers also use
“robots” to scour the Internet and harvest any email addresses that
they find. If you post to newsgroups you are also at risk of spammers
picking up your email address and sending you junk email. To get adequate
spam protection and get rid of Spam, you really need more than one email
address. This is an essential element of proper Spam control.
How can I tell who the spam is from? Normally you cannot. Spam control can become very sophisticated.
More experienced users can look at the email
“headers” to find the
origin of the message but frequently the spammer will set up a one-time
email account purely to initiate the spam email shot. When the email shot
is finished, the account is closed. At other times, the spammer will forge
headers making it difficult or impossible to trace the origin of the Spam,
so finding the original sender will very often prove fruitless. Spam
protection and junk email prevention require more subtle measures than
just finding the culprit.
