Gwebs Cryptographer

Some changes ahead

I’m wrapping up my work here in Gwebs company and within China. It has been pleasant to work here and with nice atmosphere. So many new things learned and gained the idea of business in China. But like said, time flies and now it’s time for me to head back to Finland, finish up my studies and head for the new challenges. Anyway before that, I still have some ideas and things to share with you.

I mentioned earlier in my posts that I will test Google Wave, when it will come available for everyone. Well, I have to pass this job to my colleagues, ’cause the Google Wave for regular users hasn’t been released yet. Only the test version for selected persons is available so far. (Here is the post about Google Wave.)

Then some other things which I also mentioned earlier, is that I’m willing to try out the Windows Mobile 6.5 with some email encryption application and see how well it will work with our MailCloak encryption software. Well, guess what ? Windows Mobile 6.5 hasn’t been released yet for HTC Touch Diamond 2, so I have to wait until end of this or next month. So far, the estimated release date is “during October/November 2009″, so still some time to go. Maybe I’ll try it out back in Finland and then just send the results to my colleagues, ’cause I think that this topic is very interesting for mobile users like me. These mobile issues are getting more and more important, because the smart phone markets are increasing rapidly.  (Here is the post about email encryption mobile usage.)

What else ?
I guess, quite many people found out that Windows 7 is finally released and available for consumers. So we took a sneak peek for that to check how different it really is, and how are the security issues handled there. For me it has always been as a thought in my head that Microsoft Windows and security doesn’t really belong in to the same sentence, at least not in a positive way. But we will see, I’m open-minded with this one, so much good I have heard about Windows 7 during the beta-testing.

Gwebs, email, encryption, google, new, software email, Email Encryption, encryption, Google Wave, Gwebs, MailCloak, Mobile, Windows 7, Windows mobile 6.5

Almost every week I can read news about smaller or bigger scandals about passwords or private data exposures. What’s wrong with today’s users ? Lack of common sense or are people just getting more and more stupid ? So many times I have faced these situations that someone is asking my email address and password, just for checking my address book. Or then the Microsoft Messenger trick “See who have blocked you from their MSN”. Or the one with credit card number “So many credit card numbers are exposed, check if your one is on the list”.

Come on, how easy can average user really be ?
I really think that people are getting more and more reliable on internet and all the services, but they really cannot see that there are also thiefs and other “bad people” around. So many of us are thinking that of course it’s safe, because it’s somehow related to service what user is using. But at the same time on the streets when someone is humbly asking to borrow their phone they get scared that the person will steal it or use it for illegal activities. Why this question never comes into their minds when acting in internet ?

At this time, a bit more than a week ago, Google’s Gmail and Yahoo’s Mail were also targeted by a large-scale phishing attack, perhaps the same one that harvested at least 10,000 passwords from Microsoft’s Windows Live Hotmail, according to a report by the BBC.

The BBC also said it has seen a list of some 20,000 hijacked e-mail accounts; the list included accounts from Gmail, Yahoo Mail, AOL, Comcast and EarthLink. The latter two are major U.S. Internet service providers.

I assume that when people are reading these news, they are first over sensitive, maybe one week, after that paying attention what they do online and where they use their passwords, max. one month. And after this, they start acting like before. Maybe that one month they haven’t seen any progress of safety or increased privacy, so “it’s okay to continue the old style, no-one is interested about MY emails and passwords“. But this way of thinking is just that what might lead to scandals. Everyone’s email account is interesting, not necessarily the emails or the content itself, but all Your addresses, contacts, your passwords and login info for everywhere else, because still on these days normally the login infos are posted to one’s email, when starting to use new services.

And also one other thing, which I think is very important here, is that so many users used to use same passwords for different places. I know by myself, that it will be very difficult to remember all the passwords if they are just randomly made. For example 20 passwords for tools at work, 5 for your own emails, 20 for other services online (social networks, online banking, bookstores, games, etc.) And I’m not encouraging people to write them down, but just inventing some patterns to remember them or then using some other tools for securing all those passwords. I know that there are so many nice software available, which are taking care of your passwords, but for me, I don’t know can I trust them or not.

Here are links for more information about this scandal:
http://www.infoworld.com/d/security-central/gmail-and-yahoo-mail-passwords-exposed-737
http://www.techradar.com/news/internet/exposed-the-great-password-scandal-596064
http://www.computerworld.com/s/article/9139000/Gmail_Yahoo_Mail_join_Hotmail_passwords_exposed

Here is nice collection of hints and tips for boosting online security:
http://www.techradar.com/news/internet/10-easy-ways-to-boost-your-online-security-591191

Security, email, google, personal, privacy AOL, BBC, email, gmail, Hotmail, Internet Security, microsoft, MSN Live!, privacy, Yahoo! Mail

I guess most of the people have been following the news about “Bank screws up and sues Google”, which is very interesting news related to Email security. When I read this news at the first time, I just shaked my head and thought “This can only happen in USA”. And the worst thing here was that those emails were not secured at all, just basic emails full of customers’ private data.

I really cannot understand about the result that Judge orders Google to deactivate some random users accounts because of someone made a mistake, humane mistake. Especially one, whom these random users are not related to. I can say that I might go crazy if one day my email is de-activated without noticing it before, just because someone has sent some email to my email address which doesn’t belong to me.

The situation is easy to compare to non-digital world. Let’s think that post is delivering to your postbox someones bank statements, without being in a letter. Just papers to your postbox, will you feel safe ? Will you think that is that the common policy of this bank ? Anyone can read that information on the way, the staff at post office, the delivery guy and anyone who is just on the way. Will you also consider that it’s reasonable that the Bank will sue the owner of your postbox, because they made the mistake ? And even worse, do you think that it’s reasonable that they will vanish/seal up your postbox, ’cause there is some information that doesn’t belong to you.

For me, this all sounds so ridiculous. If someone needs to be sued or punished the person will be within the bank staff. Also I really feel unsafe for this bank, that they didn’t use any encryption for those emails. Anyway, I assume that they are using letters when posting bank statements to their customers, so why not using encryption when data is in digital form ?

Luckily, I’m not a customer of this bank, and I feel safe with my own bank accounts. Banks that I’m using are really investing money for security and also offering the best service for their customers. Of course the situation is currently better in Europe than it is in Asia, but Asia is growing fast, very fast. About USA I really cannot say, I always feel unsafe about money issues there. The credit card policies are so loose and all the security issues seemed to be popping up all the time. I guess it’s only the matter of time that people are getting annoyed for so bad and unsecured service.

But luckily on the mean time suing in US is so easy and convenient so why not suing everybody and make people suffer about mistakes, maybe the ones they couldn’t prevent at all, ’cause that’s what it’s all about. I’m really happy about Google’s services so far, but this case is just a bad example how vulnerable this huge company is also for crazy laws and policies in US.

Although, I don’t know where is better, maybe in Europe. I’m currently living in China and getting so frustrated about governmental actions to limit access to “out there”, I mean the Chinese Great Firewall (GFW) is really bugging my nerves all the time. But that’s another story.

Here is the case file for you to make your own judgement “The Rocky Mountain Bank Vs. Google” (pdf-file).

Security, email, encryption, google, privacy bank, email, encryption, google, privacy, Security

I guess everyone who is using Gmail and/or other Google Apps have heard about this new Google Wave, which suppose to be mind blowing and transform the concept of email. Well, so far it’s a bit too early to say will this happen, because the release date of Google Wave will be at the end of this month, Sep 30th.

According several blog writings and articles Google Wave won’t put Gmail or Google Apps aside, at least not yet. It just seems to be Gmail with some extra features. So far, I have been using Gmail, G-talk (also with voice and video), Google Docs, calendar and other functions too as well. So when I’m watching the picture, it doesn’t seem to be SO different than Gmail. It just that all the functions and features are in a same box, inbox.

At the beginning this seems to be a bit confusing, but unfortunately the pictures or videos are not giving the whole truth. For me, I really want to experience it by myself before making any judgement.

Some other concerns, mostly about our business, is that will Gmail change too much when Google Wave is released, I mean that will our product MailCloak still work with this new concept of email. Like said, too early to say, because we didn’t get developers’ access to the Wave. Of course, we are going to test Wave immediately when it’s released so we can check the functionalities and see if our software is adaptable enough, or should we make some changes.

I guess, the biggest change will be the “waves”, that in what kind of concept they really are. And how easy it will be to secure all that data which is shared through those waves: Text, pictures, videos, links and other stuff.

Well, I go with the Google specialists’ comments “It’s very, very early to say..”. But we will see, in near future what’s gonna happen. I anyway assume that Gmail will still stand there for users at least for a while that the adaptation for the new system will be easy.

Thanks for Google’s official Blog and Gina Trapani about the pictures and all the information!

From the following links you’ll find more information about Google Wave:
http://googleblog.blogspot.com/2009/05/went-walkabout-brought-back-google-wave.html
http://smarterware.org/2021/google-wave-qa

Click the pictures to see them in full-size!

Gwebs, Security, email, google, privacy gmail, Google Apps, Google Docs, Google Wave, MailCloak, Security

These great tricks will have you using Gmail with multiple accounts. And doing it in style: faster, easier, safer, and with less trouble then ever before. Check ‘em out and let us know your favorite tricks.

1. (Automatically) Reply from the same address the message was sent to.

2. Check your POP Mail NOW!

3. Label Mail by account.

4. Use Colorful Labels to make them stand out!

5. Choose the right email address when sending mail.

6. Add Email Encryption

And: Reader Tricks (in comments)

Read more…

Security, email, google email, Email Security, gmail

Just because you typed in a password before accessing Gmail doesn’t mean you are the only one who reads your email.

It is a well-known fact that Gmail reads the contents of your email messages in order to determine which AdSense ads should be displayed.

Don’t believe me? Check this out.

Read more…

email, google, privacy

Google just proved that it’s never too late to introduce great features.

I have been using Gmail to send myself notes and to do’s forever. I just write myself an email and save it as a draft. MailCloak even lets me keep my drafts encrypted… but now Google has finally added tasks to Gmail, so I’ll be upgrading my habits accordingly.

The good news:

Google tasks is fast, easy, and powerful.

Features include multiple lists, pop-out windows, useful tool-tips, integration with calendar, keyboard navigation, and probably a lot more I have’nt even found yet!

The bad news:

It takes a lot of screen real estate. And it’s not always easy to find.

Also, surprisingly, there’s no integration with email or google apps other then calendar, but maybe that’s a good thing.  A to do list is a to do list (K.I.S.S.).

That’s it. This is a small feature, so I’m gonna keep this review short.

email, google gmail, google, tasks

You probably know that Google’s Gmail allows you to access Gmail email from any internet connected-computer, but you may not know that Gmail also allows you to check any of your other email accounts, from any internet computer.

That’s right, Gmail will work as a POP3/IMAP/SMTP mail client, allowing you to check your other email accounts with Gmail!

Translation: you can use Gmail to check your ISP (like Verizon) email account, your business email account, or whatever email accounts you currently use that doesn’t have webmail, or doesn’t have webmail that’s as easy to use as Gmail. You can use Gmail to check your home email accounts when you’re away from home, and you can even use Gmail to check multiple accounts – up to five.

Using Gmail will also allow you to gWebs MailCloak to protect almost any email address out there – just add an address to your Gmail account, and your account will now support MailCloak!

So here’s the quick and dirty on how to get ‘er done!

1) Create a Gmail Account & sign in.

2) Go to your account settings and click “Add an account.”

3) Gmail has account settings for most major ISP’s already in their database, so all you have to do is give them your login information.

4) We suggest using colored labels to identify accounts.

5) Sending mail from a POP account within gmail is easy too! Just click on your email address (or think link that says “change” right next to it) when composing mail, and select the account you wish to send from.

Some of you tech-savvy geeks are saying “Got’er done, kthxbye!” right now, but if your’re still scratching your head, read on after the break for a super-detailed walk through of the whole process!

Read more…

email, fun, google, walkthrough client, email, gmail, gmail tricks, life hack, quick tricks, smtp, tricks, tutorial, Walk Through, webmail

Here at Gwebs, the makers of the world’s easiest encryption software, we’ve been hard at work on a new, completely re-written and altogether better version of WebmailSafety. So much about this product has changed that we’re even changing the name!

Gwebs WebmailSafety, which offers email encryption for Webmail and desktop clients, is now called MailCloak, and with version 3.0 on the way webmail users are in for some great surprises.

Like what?

The world’s easiest encryption software just got even easier!

Here are the basic features:

• Free!
• Automatic protection for emails and attachments.
• Supports Internet Explorer、Firefox and Outlook.
• Supports Gmail, Hotmail, Live mail, AOL Mail, Yahoo mail, 126 mail, QQ mail and 163 mail.
• Auto-update keeps you secure with the latest features and bug-fixes installed as soon as they are available.
• Simplified backup.
• Automatic Key Management.
• No Adware, Spyware, or Malware.
• Easy invitations.
• Automatic draft encryption.
• Enable/Disable with a single click.
• Supports English, Simplified Chinese, Traditional Chinese and French.

Read more…

Security, email, email encryption, encryption, google, personal Email Encryption, Email Security

I Just came across this article on why you should encrypt all your Google activities. The author notes that Google, like most other sites, doesn’t encrypt your connection data…

Google, like most other similar services, encrypts login traffic but not your content. So the moment you’re signed in they switch to plain-text communications and send everything to you in the open.

This means your mail, the news sources you read, your calendar events — are all able to be read by someone with access to any part of the network between you and Google. This could be your employer at work, the wireless network at your local coffee shop, whatever. This isn’t good.

And his commentors note a few things you can do about it:

1) log in to https://mail.google.com/mail (note the httpS://, the s stands for SSL)

2) Install the “Customize Google” Firefox Add-On to force the use of https for all google services. Also check out “Better gCal,”  and “Better GMail 2”

3) One user suggested  Google Secure Pro.

Security, email, google, privacy email, encryption, google, software