Computing August 2008
|Privacy...or the Lack Thereof
By John R. Quain
|Don't do what the politicians do...protect yourself ||
With all the mayoral and gubernatorial shenanigans of late, many have asked how they can protect their private text messages, e-mails, and computer-related drivel from being intercepted and read by others. (Never mind why they asked; we just assume everyone has something to hide.) The short answer is: You can't. The long answer is: You can make it more difficult for someone to peek at your personal digital life.
What Detroit Mayor Kilpatrick didn't realize (aside from the fact that new technologies are just for kids) is that his text messages were being stored on an old paging-style PCS service by SkyTel. So even if he and his paramour weren't keeping their little missives, SkyTel was hoarding them for a rainy day. What many others don't realize is that even if one is using, say, Verizon Wireless for texting, the messages may also be stored for posterity.
Typically, AT&T and Verizon only keep short message service (SMS) text messages for about 3 days. After that they disappear into the Ether. However, many companies store the messages of their own accord to meet legal and fiduciary responsibilities. So if you're using the company cell phone for personal texting and e-mail...well, you've been warned.
And while there have been various self-destructing text messaging services attempted, they all fail for one very simple reason. Basically, the shredder man services send messages to a Web site. The recipient gets the message's Web address, and then after they read the message, it's deleted. The snag: If the recipient decides to cut and paste your witty little note and save it themselves, you're toast. Hence the caveat to never TWD (text while drunk). Indeed, there are even services that help unreceptive recipients store text messages permanently. (See treasuremytext.com) One security expert that works with encryption technologies I spoke to recently put it succinctly: Text messages are like sending postcards.
E-mail isn't much safer. Most companies store e-mail for a long time. Some ISPs store it for 30 days or more. And it's easier to intercept e-mail if you're on a Wi-Fi network at home or in a Starbucks. You can prevent wireless snoops by using a encryption program, however. Probably the best is PGP Desktop Email ($149). It uses a two-key system. When you send a message, it goes out to a PGP server to grab the recipient's key, and then encrypts the message with that person's so-called public key. When it arrives at the other end, that person uses their secret private key to open it. Such an approach means that both sender and receiver have to use the same encryption system, but it's pretty much impenetrable. Well, almost...
Once the recipient has opened the message, they are free to do with it as they please—forward it to friends and family or post it in a blog for public ridicule, for example. So such a pretty good privacy approach is best among trusted friends and for relaying sensitive corporate and financial data.
All of which is not to say that you should not try to protect your data of desire. A stolen laptop can wreak havoc on one's life, forget about privacy concerns. So there are disk encryption programs that should foil even the most persistent hacker. PGP offers Whole Disk Encryption ($119) for example, and there are two solid free programs, TrueCrypt and FreeOTFE. that will hide everything you hold dear on a hard drive. (Note to Mayor Kilpatrick: These are not programs for the technically challenged.).
The bottom line, however, is if you really have something sensitive to say (or you're just plain sensitive), say it face to face—or make an old-fashioned voice call.