Aside

2018.1.17

Blew away over 10K emails that were collecting dust in one of my main accounts. My goal over the next few months is to remove the mass majority of old email that serves no purpose. Doing so will both free up some space (not that I really need it) while also cutting down on the possible deleterious effects of having the account in question getting hacked and contents selectively modified and/or leaked.

Contemporary Email is a Threat to Us All

Per researchers:

Companies and other organizations are even more vulnerable than individuals. One person needs only to worry about his or her own clicking, but each worker in an organization is a separate point of weakness. It’s a matter of simple math: If every worker has that same 1 percent chance of falling for a phishing scam, the combined risk to the company as a whole is much higher. In fact, companies with 70 or more employees have a greater than 50 percent chance that someone will be hoodwinked. Companies should look very critically at webmail providers who offer them worse security odds than they’d get from a coin toss.

As technologists, we have long since come to terms with the fact that some technology is just a bad idea, even if it looks exciting. Society needs to do the same. Security-conscious users must demand that their email providers offer a plain-text option. Unfortunately, such options are few and far between, but they are a key to stemming the webmail insecurity epidemic.

Mail providers that refuse to do so should be avoided, just like back alleys that are bad places to conduct business. Those online back alleys may look eye-pleasing, with ads, images and animations, but they are not safe.

The problem is that few people appreciate the dangers of email; their understanding of phishing tends to be centred around the garbage that gets caught by most SPAM filters, when they have any clue what phishing is in the first place. Further, it’s not enough to personally avoid the ‘back alleys’ of the Internet email crowd: you need to excise all email that is received by such providers. And that means the problem is one of herd protection and immunity, which is challenging at best to overcome. Who’s going to unilaterally ban email from all the major email providers in the world today?

Link

More Thoughts on the Yahoo Scan

Macy Wheeler:

To sum up: ex-Yahoo employees want this story to be about the technical recklessness of the request and Yahoo’s bureaucratic implementation of it. Government lawyers and spooks are happy to explain this was a traditional FISA order, but want to downplay the intrusiveness and recklessness of this by claiming it just involved adapting an existing scan. And intelligence committee members mistakenly believed this scan happened under Section 702, and wanted to make it a 702 renewal fight issue, but since appear to have learned differently.

This is the definitive summarization of what Yahoo! (likely) did when they monitored all of their customers’ emails for the US government. Well worth the read for its content and, also, to see what goes into a critical media evaluation of an unfolding intelligence-related series of news stories.

Link

Yahoo May Have Exposed Rogers Customer Emails to US Spies

Motherboard:

“Any program that scans all the mail that Yahoo has access to would have scanned this email,” Gillmor wrote me in a message.

“If Yahoo chose to segment their scanning by limiting it only to mails that have ‘@yahoo.com’ email addresses [and omitted those sent from @rogers.com], of course, then they would have chosen to exclude this email from the scan,” Gillmor continued. “It’s not clear to me whether any such constraint was in place, though.”

“I’d imagine that, yes, the program would have applied to Rogers customer emails, unless Yahoo elected to specifically exclude them,” wrote Marczak in an email.

Yahoo declined to comment on whether the alleged system filtered out emails from Rogers customers.

Tobi Cohen, a spokesperson for the Office of the Privacy Commissioner, confirmed that Rogers consulted the office in the wake of the Yahoo hack. But as far as the possibility that Rogers customer emails had been siphoned into a surveillance dragnet goes, “Given we don’t have detailed information about the matter, we are not in a position to comment,” Cohen wrote.

When asked if Rogers was aware of the allegations against Yahoo or if the company is concerned that a backdoor could have affected its customers, spokesperson Garas referred me to Yahoo’s statement and wrote that “as such, we believe this matter is closed.”

Great to know that Rogers thinks it shouldn’t (or, worse, doesn’t have to) explain how one of its contracted service providers may have grossly violated the privacy of Rogers’ customers.

Link

What’s the big deal about Hillary using her personal email at work?

What’s the big deal about Hillary using her personal email at work?

Christopher Parsons, a Toronto-based cybersecurity expert with the think tank Citizen Lab, explained the security difference between a personal and official government email.

“The core security advantage is that the U.S. government will be attuned to the risk of her communications being deliberately targeted and, as such, would have a chance to maximize protections afforded to her communications,” Parsons said. “Moreover, data sent and received in U.S. government systems could be protected according to the sensitivity of the communications. So when sending classified or secret documents, a higher standard of care could have been provided.”

I would note that I don’t work at a think tank: I work at the University of Toronto, within the Munk School of Global Affairs.

Quote

Shaw email customers are scrambling after an interruption of Shaw’s email services Thursday led to millions of emails being deleted.

About 70 per cent of Shaw’s email customers were affected when the company was troubleshooting an unrelated email delay problem and an attempted solution caused incoming emails to be deleted, a spokesman told The Sunday Province.

Shaw has about 1.9 million Internet subscribers across Canada, with the majority in Western Canada.

Emails were deleted for a 10-hour period between 7:45 a.m. and 6:15 p.m. Thursday, although customers did not learn about the problem until Friday, and only then by calling customer service or accessing an online forum for Shaw Internet subscribers.

Shaw promised to email affected customers some time over the weekend with a list of deleted messages and details such as sender, subject and time sent. The actual content of the emails, however, is unrecoverable.

Count this amongst the many reasons I just don’t trust ISPs to host my email. It’s great that Shaw does this, really, given how it generally interferes with ports used for email: not only are they screwing consumers in how they treat email protocols (you can pay a monthly fee for full port access) but they’re also screwing them by not properly managing their email systems. I bet that Shaw customers don’t receive any restitution beyond an apology.

A Poignant Comment on Deleting Email

For the past two months I’ve been trying to figure out what to say about something Peter Fleischer, Google’s Global Privacy Counsel, wrote about his personal email retention and deletion policies. After talking about whether people should worry about “covering their tracks” from government snooping, he writes (emphasis added):

In the meantime, as users, we all have to decide if we want to keep thousands of old emails in our inboxes in the cloud.  It’s free and convenient to keep them.  Statistics published by some companies seem to confirm that the risks of governments seeking access to our data are extremely remote for “normal people”.  But the laws, like ECPA, that are meant to protect the privacy of our old emails are obsolete and full of holes.  The choice is yours:  keep or delete.  I’m a pragmatist, and I’m not paranoid, but personally, I’ve gotten in the habit of deleting almost all my daily emails, except for those that I’d want to keep for the future.  Like the rule at my tennis club:  sweep the clay after you play.

His comments struck me as being incredibly poignant when I first read them, and remain so today. I’ve stopped archiving email. I delete email (as best I can, given cloud data retention policies and all…) on a regular basis. Over the Christmas break I removed an aggregate of about 6 GB of mail that had just…accrued…in my various accounts over the past decade. In short, his post motivated me enough to spend the better part of 3 or 4 days sifting and sorting through my digital life. Ultimately I removed an awful lot of what was there.

At some point I hope to spend more time writing about, and thinking through, some of Peter’s points. At the moment, however, I’d just recommend you think about what it means when Google’s Global Privacy Counsel – the guy who is best able to go to the mat to protect the privacy of his own inbox – chooses to routinely delete his email from the cloud. If he takes that precaution, and he has the influence that he does, shouldn’t you at least consider following his lead?

Link

Could Email Undermine the 2012 American Election?

In the aftermath of Hurricane Sandy, some of the polling stations that would have been used by Americans to cast ballots are gone. Moreover, some citizens in New Jersey are unlikely to either find their new polling station or take the time to find a station and vote. Quite simply, they’re rebuilding their lives: presidential politics aren’t necessarily centre of mind at the moment.

In the wake of the disaster, New Jersey will let some voters cast their ballots by fax and email. One American expert has identified a range of possible attack vectors that could be used to compromise people’s votes. He’s quoted as saying,

Those are just some of the more obvious and potentially catastrophic ways a direct security failure could affect this election … The email voting scheme has so many ways it can fail or that doubt can be cast on the integrity of the results, that if a race somewhere in New Jersey is decided by email ballots, it seems almost guaranteed that we’re going to have a bunch of mini-2000-in-Floridas all over the state.

In addition to basic security concerns around voting, it’s critical to understand that voting by email (effectively) removes secrecy provisions. Messages will not have to be encrypted, meaning that if employees cast their ballots at work then their employer(s) could ascertain how their employees are voting. This is an incredibly serious issue.

In the best of worlds, the New Jersey elections won’t rely or depend on the emailed votes to determine a winner. This said, even if the votes don’t change the local results – if individuals win seats by sufficient margins that the emailed ‘ballots’ wouldn’t affect who won – the national vote could the endangered if the New Jersey voting system is connected to the national system. The risk, here, is that if an attacker could compromise the New Jersey voting infrastructure (perhaps by sending an infected attachment to an email message) then the rest of the infrastructure could also be compromised. Such an attack, were it to occur, could compromise not just the New Jersey results but, potentially, races across the United States.

While it’s evident why the government decided to let people vote by email – to ensure that Americans could cast their ballot despite the horrific natural disaster – these good intentions could result in very, very bad results. Worse, it could encourage trust and confidence in online voting systems more generally, systems that simply cannot be adequately secured (for more as to why, see this and this). While paper ballets are infuriating for many they remain an ideal means of confidently expressing voting intentions. While alternate approaches certainly need to be considered to let people vote, especially in times of crisis, voting by email is not an idea that should have been contemplated, let alone adopted, as a solution to the Sandy-related voting problems.

Windows 8 has a new design paradigm; to find programs’  settings you must hover your cursor to the right of the screen. There is no indication that these settings panels exist.

The new paradigm can be contrasted against the ‘early’ Metro paradigm in Windows Phone. Under the ‘old’ paradigm ellipses are used to indicate additional options. The translation of Metro to the desktop – insofar as ellipses are being removed – strikes me as a poor decision for two reasons:

  1. It breaks Metro UI tenants that Windows Phone users have learned;
  2. The Mail settings aren’t linked with any OS-wide settings (so far as I can tell), which means that if you don’t figure out the ‘hover to the right’ paradigm you can spend considerable time getting frustrated trying to just add a new mail account.

There has to be some indication to users that additional information (i.e. the settings panel) exists or the settings should be accessible in multiple locations. Failure to accommodate these needs should be understood as design failures insofar as UI parsimony is damaging the overall UX.

Link

Canada Post Sees Today, In The Future

National mail carriers are important for loads of reasons, including legal protections around letters carried by them versus those carried by couriers. These mail carriers are far less agile than their private competitors and have been incredibly slow to recognize the need to change existing processes and practices. They desperately need to find new growth avenues to remedy declining gross and net revenues.

As a demonstration of how little Canada Post ‘gets’ the market and business it’s in today, we can turn to this comment:

Canada Post chief executive officer Deepak Chopra foresees a future in which consumers receive and pay their bills, get their paycheques, renew drivers’ licences, pay parking tickets, buy magazines and receive personalized ad pitches – all online, through ePost.

This isn’t a future: it’s the present. The only ‘future’ part of what he is outlining is that all these (already daily) functions would be routed through ePost. Unless Canada Post has an incredible value proposition – security, government mandates, or somehow implementing these functions better than existing services are mechanisms that immediately come to mine – I can’t see how the organization will exist in any semblance of what it is today, tomorrow.