This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Nowadays electronic mail has become the most common mode of communication. People find it very easy to be in touch with each other though electronic mails, fondly known as e-mails. But there exists a large amount of threat when it comes to electronic means of communication.
The Internet is a huge network of various computers that are mostly unprotected against dangerous attacks (malicious attacks). This involves the time it is taken to compose, to the time it is read. This e-mail travels along this unprotected Internet that in turn is exposed to these electronic dangers.
Protecting of e-mail from various unauthorized access and inspection is known as electronic privacy. Here are various businesses nowadays that are increasingly relying on electronic mail to correspond with their clients and colleagues. But as there is more sensitive information that is transferred online, the need of e-mail privacy greatly increases.
About Email Privacy
There was an Electronics Communications Privacy Act introduced in the US, where after 180 days the email messages lose their status as a protected communication and in turn would become a mere database record. The emails sent by the employees through their employer's computers don't have as expectation of privacy as the employer could monitor all those communications. There was also a survey conducted in the year 2005 which said that about 55% of the employers monitor and read their employees' emails.
The various systems for email privacy, encryption and security has become more complex nowadays as the range of electronic threats has widely increased. Also there are various complaints regarding the same from the various users. Users expect a higher level of privacy as well as a better business enabling functionality. As a result of which the businesses are left spending a huge amount of money trying to enhance the security of the systems.
An employer can create the expectation of privacy of its email system for the personal communication among its employees. The employer can permit his employees to use the email system for personal communications by keeping them informed about the policy agreements or personal manuals.
People might consider electronic mails to be a private or a one-to-one communication that is safe from various prying eyes. However that isn't completely true. The messages can be interrupted, read anywhere while in transit, or even reconstructed and read-off from the backup devices for almost an infinite period of time.
In workplace, the emails sent or received can be legally monitored and also reviewed in case of any lawsuit involvement. Whereas in homes the emails sent or received can be intercepted by any anonymous hacker. To an extent even the Internet service provider can legally scrutinize the mails.
In short unless the messages are properly encrypted and sent or received then only, can electronic means of communication be considered as a private and confidential means of transmitting information.
When emails are sent from home then there is no guarantee that the messages are fully protected from prying eyes. Upon leaving the home the email travels over a various online services and also open networks upon reaching the destination. Although intercepting of email messages, also known as snooping, is a federal crime under the Electronics Communications Privacy Act (ECPA), different hackers have still accomplished it over time.
The ECPA also permits an Internet Service Provider (ISP) to look through various stored email messages, including the ones that are unread in the mailbox or recently sent or received. Some of the ISPs temporarily store the messages that pass through their system. In normal circumstances the ECPA prevents the ISP from disclosing the information, i.e. the messages stored in their system, to others. But there are also many exceptions in this case. If the law intervenes like any issue of warrant against anyone then the ISPs can provide the necessary information about that particular user. In this way the authorities can gain information about users' name and also the access to their stored messages. Upon the email reaching the recipients' mailbox the ECPA cannot protect them against snooping.
There is an End User Agreement that reduces the user's expectation of privacy with ISP-favorable terms and conditions. Some of the ISPs require their subscribers to conform to this agreement, as they are worried about their liability.
There is only one way to ensure the privacy of the email messages, which is encryption. Encryption is a method where a sophisticated software is uses various cryptographic algorithms that codes your message, sends it across the network as a coded message and then to the recipient, who then uses the correct digital key to decode the message, which is in turn called an decryption. There are two popular encryption standards, Secure Multipurpose Internet Mail Extension (SMIME) and Open Pretty Good Privacy (OpenPGP).
Risks to user
Emails are very vulnerable to active and passive attacks. There are various threats or risks involved for a user. Some of those are listed below.
Disclosure of information - Usually the emails are transmitted in the clear format. In the other words, it isn't encrypted. Using the some tools, other people can also read the email contents.
Traffic analysis - There are some countries that monitor emails on a routine basis as a part of surveillance. This is to facilitate combat against various industrial espionages and also to carry out political eavesdropping.
Modification of messages - The email messages can be edited and modifies during its transmission or even storage. In this case the control of gateway isn't required as the attacker also resides on the same network, who can use various tools to intercept the email messages and modify according to his own liking.
Masquerade - This is a means of sending messages in the name of another person or organization.
Replay of previous message - The previous messages can be sent again to a different recipient. This may lead to confusion, loss or damage to the reputation of any organization. This is true especially in cases of cases like funds transferring, registration and reservation.
Denial of service - This can put any mail service out of order by overloading its system with various mail shots. This is very vulnerable to eavesdropping.
Email connects through many mail servers and routers during its course of transmission, which in turn makes it vulnerable to physical and virtual eavesdropping. These messages are transmitted in plain text. This makes it easier for any cracker or hacker to read through the messages, who gains access to these messages through an inadequately protected router.
The routers, the Internet connection and the pathway that are involved in the email transmission need to be secured.
Data encryption must be used. This method translates the email's contents into a code that can't be easily read by everyone other than the recipient who decodes (decrypts) it.
At the ISP level the communications between the servers can be encrypted. This can be done using an encryption standard called the Transport Layer Security (TLS).
This ensures that the unwanted users don't have a copy of the email, which is either done by intercepting or hacking the line.
Even Though few ISP's usually accept implementing defending methods while sending, users who usually accepted was been apathetic to accept the habit, citation the abstruse considered attributes of the encryption processing. After the processing participation, email is a alone an adequate intermittently from intrusion.
So the access which is not a technical one,.ie.a non technical one active through some users is to implement borer and assay of their email abstract through email jamming.
The Another approach is to send a message to other user where it does not need to contain any sensitive information or message in it but where it needs to intimate an information waiting for the other user senders secured mail facility. The other user then follows a link to the senders secured site where the other user must logging in with a specified username and password before he see the original message. Some of the solutions mixed up the approaches, and instantly allows for the offline viewing or reading.
As we disscussed before Email has become the most common mode of communication for everyone, for every business. But the Internet is a huge network of various computers that are mostly unprotected against dangerous attacks (malicious attacks) where it involves the time you spent on reading to composing it..So there is an absolute possibility of that one will be reading the others information when it is in the network.Well,with this report we have tried to explained you most of the ways to avoid email privacy and at the same time how to get over it.