Way back in the early 90’s, I was responsible for implementing the first e-mail system throughout our organization and it probably included over 1,000 users. In preparation for this, I attended some kind of a course/seminar during which an IBM Customer Engineer gave us the following e-mail advice to pass on to new users:
“Never write anything in an e-mail message that you would not be comfortable seeing on the front page of your local paper.”
It was great advice then and, judging by the news dominating the headlines this week, it’s even better advice today! I’m speaking, of course, about the General David Petraeus situation - but only the actual e-mail component as the intrigue, extra-marital affair and politics of it, I’ll gladly leave to others.
Email Security systems are terrific – it’s the user’s who fail
It still astounds me whenever I hear of highly intelligent individuals being tripped up by their own e-mail messages. To me, it’s the equivalent of going to bed at night and leaving the key in your door; or, parking your car in a busy mall and leaving it with the motor running. It’s just plain stupid. Yet, for reasons unknown, many people still think their e-mails are private and untraceable.
E-mails are not private. They are easily traced by techs with basic knowledge of communications messaging protocols. Even more troubling is the fact that you have no control at all over what the recipient of your e-mail message may choose to do with it. How many of you have been burned by an e-mail you sent to someone only to discover it was forwarded without your approval?
No Email security system can protect users from themselves
Even the most nefarious plans of mice, men and women in illicit relationships can go awry. Take the little scheme cooked up by the two at the center of the latest scandal – General Petraeus and his biographer Paula Broadwell. It was a simple idea, almost perfect, except for one fatal flaw – a lack of appreciation for the extent to which Google, Microsoft, Yahoo and others save email messages.
Here’s how the Petraeus/Broadwell plan is alleged to have worked:
- Person ‘A’ creates an anonymous Gmail account and password
- ‘A’ shares the account ID and password with Person ‘B’
- ‘B’ signs in, creates an email message saving it in draft mode
- ‘A’ then signs in, reads message and deletes the draft
- ‘A’ then creates a new message for ‘B’ and saves it in draft
- This process is repeated over and over again
- Only 1 draft message is ever visible in the email account
Pretty simple, right? Foolproof? Not by a long shot. If you’re a Gmail user then you will know that when you create a new email message and exit before actually ‘sending’ the email, then Gmail will save the message in Draft form. Once the draft is saved it’s a done deal as the ‘Google Gods’ have it permanently on their servers even though you have deleted it.
This is the huge mistake that the Petraeus/Broadwell combo made (well, one of the huge mistakes anyway). Did they think that simply deleting the draft message after reading it got rid of the email for good? This is the kind of mistake one might expect kids to make on Facebook not one made by the Director of the CIA. Good grief!!
As the news of this whole Petraeus situation continues to unfold in weirder and weirder ways, I couldn’t help but think about how much fun it would have been if email had existed when President Richard Nixon and his gang were going through their Watergate shenanigans.
What a bonanza that might have been for political junkies!! All we had then were scratchy audio tapes. Too bad! Those emails would have kept historians and psychologists busy for decades.
While our emails are for the most part safe and secure if we use a reasonable password, the important thing to remember is they are still ‘out there’ in cyberland sitting on someone’s server or even a home computer. So, the best advice is still: “Never write anything in an e-mail message that you would not be comfortable seeing on the front page of your local paper.”
Have a great Wednesday, and thanks again for visiting!
No comments:
Post a Comment