CAT | Email Security
The ability to use remotely loaded images in HTML emails for tracking has been known for years, but perhaps not widely known.
The On The Media: TLDR podcast just re-surfaced the issue in the above article, where they talk about a free Gmail plugin called Streak, which provides this capability.
It automatically embeds the hidden images in emails you send, then lets you see when and even where the recipient opens them.
Because they appear to use IP address based locations, you can block the “where” part by using Anonymizer Universal.
You can block this tracking completely by turning off the loading of images in your emails. Of course, if you then choose to load images, know that you are also enabling tracking. If you block image loading you will also find that your email become much less attractive and significantly more difficult to read.
Welcome to Episode 11 of The Privacy Blog Podcast, brought to you by Anonymizer.
In this episode, I’ll discuss the shutdown of secure email services by Lavabit and Silent Circle. In addition, we’ll dive into the problem with hoarding Bitcoins and how you can protect yourself while using the increasingly popular online currency. Lastly, I’ll chat about whether teens actually care about online privacy and an ad agency’s shocking decision to use high-tech trash cans to measure Wi-Fi signals in London.
Please leave any questions or feedback in the comments section. Thanks for listening.
There has been a lot of chatter about implications of first Lavabit and then Silent Circle’s Silent Mail being shut down by their operators.
In both cases, it appears that there was information visible to the services which could be compelled by search warrants, court orders, or national security letters.
I want to assure Anonymizer users that we have no such information about Anonymizer Universal users that could be compelled. While we know who our customers are, for billing purposes, we have no information at all about what they do.
This has been tested many times, under many different kinds of court orders, and no user activity information has ever been provided, or could be provided.
The House Judiciary Committee is going to be discussing the Electronic Communications Privacy Act. There is a chance that they will strengthen it.
This act was written decades ago, before there were any real cloud solutions. Email was downloaded by your email client, and immediately deleted from the server. They law assumed that any email left on a server more than 180 days had been abandoned, and so no warrant was required for law enforcement to obtain it.
These days, with services like gmail, we tend to keep our email on the servers for years, with no thought that it has been abandoned. Law enforcement is opposing reforms of this law because it would make their work more difficult. Doubtless it would, as does almost any civil liberty.
Earlier this month Zoe Lofgren introduced the Online Communications and Geolocation Protection act, amending ECPA. It would require a warrant to obtain cell phone location information. There is clearly some momentum for reform.
Welcome to Anonymizer’s inaugural episode of The Privacy Podcast. Each month, we’ll be posting a new episode focusing on security, privacy, and tips to protect you online.
Today, I talk about non-technical ways your online accounts can be compromised, focusing on email address and password reuse, security questions, and using credit card numbers as security tokens. In part two, I give power user tips for getting the most out of your Anonymizer Nyms account.
Hope you enjoy the first episode in our monthly series of podcasts. Please leave feedback and questions in the comments section of this post.
Download the transcript here
Forbs recently noticed that Facebook suddenly and basically without warning made @facebook.com your default visible email address on your timeline.
I had no idea that such an email address even existed! I certainly don’t check it explicitly. Emails to that address end up in your standard Facebook messages queue, which for me is mostly a black hole.
LifeHacker has a nice article on how to change the settings back to how you might want them.
You may not want some spammer to get that address and start filling up your Facebook messages queue.
Bruce Schneier on the real world effectiveness of a very simple domain name based man in the middle attack.
Here is a Wired article on the same issue showing how it was used to steal 20 GB of email from a Fortune 500 company.
While the technique would not allow them to identify your anonymous emails in an ocean of others, that is rarely the real world threat scenario.
In many cases there is a relative hand full of likely authors of a given email or group of emails. It is often possible to gather large samples of emails known and acknowledged to be from the likely authors. In that case this technique has a small group of targets and excellent training materials which allow for very high levels of accuracy (the authors of the paper claim 80% – 90%). That is probably enough to get a warrant to search your home and computers.
Unless you have been unusually careful, the gig is probably up by then. Remember, this might not be for criminal matters. It many cases this would come up in whistle blowing or other non-criminal situations.
A reader of this blog recently emailed me to ask:
What s/w do you recommend to keep anonymous while using Gmail, IE, Outlook, and Facebook on a laptop?
This is actually a very tricky question because the nature of all of these tools, except Internet Explorer (IE), is to be associated with a visible and discoverable account and identity in the “cloud”. I will discuss IE last and separately.
Gmail ties to your gmail and other Google accounts. Outlook ties to some existing email account at some email provider. Facebook is tied to your Facebook account and is explicitly designed for making your information public.
The profound question here is, what do we even mean by being anonymous using these services? I would argue that the best one can manage is to be pseudonymous; that is to maintain a persistent and visible pseudonym / alias which, while discoverable, is not associated with your true identity.
Fortunately Gmail and Facebook are free and typically do not require any real credentials to set up an account, and many of the free email providers work similarly. Using Anonymizer Universal (AU), and a browser with no history or cache to set up the accounts would ensure they were not connected to your real identity. It is important that the accounts never be accessed in any way except through AU, or they will be forever after associated with your real IP address. Furthermore, it is critical that the browser used is never used for any activity connected to your real identity, or the cookies and other digital detritus in your browser may allow these sites (or other folks) to tie the pseudonym to your other real name accounts.
IE is in many ways the easiest because there is no underlying account, but all the same rules apply. You need to ensure that you isolate your anonymous or pseudonymous activity from your real name activity.
For all of this activity a virtual machine can be a very effective tool. For example, if you use a Mac you can use a virtual machine running Windows or Linux for all of your alias activities and use the normal operating system for your real name activities. Similar tools exist for other operating systems.
The announcement provides very little information about what RIM did to avert the ban, whether they made significant changed (compromises) to their system, or whether the UAE blinked and backed down from the threatened ban.