Now Playing Tracks

They were instead focused on potentially profitable uses of your email. This is a point that can easily get lost in the coverage of nightmare hacking scenarios like the 2012 instance in which Wired writer Mat Honan had his Gmail and iCloud accounts hijacked, then saw his iPhone, iPad and MacBook remotely wiped, all so a teenage guy could have fun broadcasting inanities from his three-character Twitter handle @mat. “For the most part, compromised webmail accounts are used to send spam (some of which may contain links to malware),” writes Johannes Ullrich, chief research officer at the SANS Institute. In a subsequent conversation, he said that not only has the use of hacked email addresses for spam stayed pretty much constant, but in some ways such addresses have become more valuable. Stronger authentication systems deployed by major mail services have made it harder to send a spoofed message — one that looks like it’s from a legitimate address when it isn’t. McAfee public-sector chief technical officer Scott Montgomery sketched out one easy possibility: “Let’s say I compromise your Yahoo mail, your Google mail, whatever — what is the likelihood that you have reused that same password at multiple locations?” That’s right.

Email is getting safer for you — provided that your mail service and your correspondent’s both use a standard called “TLS,” short for Transport Layer Security. Finally, Google and other providers are starting to turn on TLS for the public. Read more: 4 Ways Your Email Provider Can Encrypt Your Messages TLS, then and now The move to the use of TLS could have happened more than five years ago: A 1.0 version of the TLS specification emerged only four years after Schneier’s essay, and the current 1.2 version dates to 2008. But even as mail services secured people’s log-ins, they did not take the extra step of scrambling their messages while in transit.

We make Tumblr themes