|
|
Edited by Erik Kangas, PhD, President of LuxSci
|
Bringing you news, solutions and insider insight on LuxSci and our digital life
Posts Tagged ‘tls’
Friday, May 22nd, 2009
 It used to be that to send an email, you had very few choices and even less control over what happened once the message was sent, how many emails you could send, or how you connected to the Internet to send email. Well, times have changed, the Internet has evolved, users are more savvy, and expectations are much higher.
Today, LuxSci offers five different ways to send outbound email, each geared to particular uses and needs. In this article, we will describe each method, examine the pros and cons, and end with a feature chart. Our goal is to make your outbound email shopping experience straightforward and to provide you with an email service appropriate for your needs.
Read the rest of this post »
Tags: anonymous, authentication, bulk mailing, disclaimers, location, message, outbound email, ports, recipients, security, sending email, size, smarthost, smtp, ssl, taglines, tls
Posted in Business Solutions, LuxSci Library: The Technical Side of Email
1 Comment »
Saturday, March 14th, 2009
 You thought email was a simple concept, but you are at once confronted with a plethora of acronyms and jargon like POP, IMAP, WebMail, Aliases, Forwards, SMTP, IMAP, POP, Quota, SPAM, TLS, SSL, Archival, and more! This article describes the ins and outs of email, explains these terms, and helps you figure out what services and features you need from your personal or business email service provider.
Read the rest of this post »
Tags: autoresponder, catch-all alias, email, email alias, email archival, email clients, email provider, imap, imaps, Internet Mail Access Protocol, personality, pop, pop3, pops, Post Office Protocol, private labeling, secure imap, secure pop, secure SMTP, security, Simple Mail Transport Protocol, smtp, smtp authentication, SMTP relaying, smtp server, spam, ssl, tls, web-based email, webmail
Posted in AAA Featured Articles, LuxSci Library: The Technical Side of Email, TechNotes
1 Comment »
Friday, March 13th, 2009
Section 1: Introduction to Email Security
 You may already know that email is insecure; however, it may surprise you to learn just how insecure it really is. For example, did you know that messages which you thought were deleted years ago may be sitting on servers half-way around the world? Or that your messages can be read and modified in transit, even before they reach their destination? Or even that the username and password that you use to login to your email servers can be stolen and used by hackers?
This article is designed to teach you about how email really works, what the real security issues are, what solutions exist, and how you can avoid security risks.
Information Security and integrity are becoming more important as we use email for personal communication and business. While you are reading this article imagine how security problems can affect your business or personal life…. if they have not already.
Read the rest of this post »
Tags: asymmetric encryption, eavesdropping, email security, false messages, http, identity theft, imap, invasion of privacy, message modification, Message Replay, opportunistic TLS, pgp, pop, repudiation, s/mime, Simple Mail Transport Protocol, smtp, SMTP relaying, smtp server, ssl, ssl certificate, symmetric encryption, tls, Unprotected Backups
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, TechNotes
1 Comment »
Thursday, March 12th, 2009
 The Secure Socket Layer, SSL for short, is a protocol by which many services that communicate over the Internet can do so in a secure fashion. Before we discuss how SSL works and what kinds of security it provides, let us first see what happens without SSL.
Life on the Internet without SSL
Let us make an analogy between communications between computers on the Internet and communications between people over the telephone. Without SSL, your computer-to-computer communications suffer from the same security problems from which your telephone communications suffer:
Read the rest of this post »
Tags: ciphers, decrypt, eavesdropping, encrypt, key length, private key, public key cryptography, secure port, secure socket layer, ssl, SSL in action, symmetric cryptography, Thawte, tls, trust
Posted in AAA Featured Articles, LuxSci Library: Security and Privacy, TechNotes
7 Comments »
Tuesday, February 3rd, 2009
 Frequently, we are asked to verify if an email that someone sent or received was encrypted using TLS while being transmitted over the Internet. For example, banks, health care organizations under HIPAA, and other security-aware institutions have a requirement that email be secured at least by TLS encryption from sender to recipient. This can and should be locked down to ensure that the email message content cannot be eavesdropped upon. This check, to see if a message was sent securely, is fairly easy to do by looking the the raw headers of the email message in question. However, it requires some knowledge and experience. It is actually easier to tell if a recipient’s server supports TLS than to tell if a particular message was securely transmitted.
To see how to analyze a message for its transmission security, we will look at an example email message sent from Gmail to LuxSci, and see that Gmail does not use TLS when sending messages, even when it can. This indicates that Gmail is probably not a service to be used when you have any kind of encryption requirements.
Read the rest of this post »
Tags: bank, gmail, google, headers, hipaa, mx logic, private, received, secure, security, smtp, ssl, tls, transmission
Posted in LuxSci Library: Security and Privacy, TechNotes
No comments »
Tuesday, January 20th, 2009
 SSL and TLS are the workhorses that provide the majority of security in the transmission of data over the Internet today. However, most people do not know that the degree of security and privacy inherent in a "secure" connection of this sort can vary from "almost none" to "really really good … good enough for US government TOP SECRET data". The piece which varies and thus provides the variable level of security is the "cipher" or "encryption technique". There are a large number of different ciphers — some are very fast and very insecure. Some are slower and very secure. Some weak ones (export-grade ciphers) are around from the days when the USA did not permit the export of decent security to other countries.
AES, the Advanced Encryption Standard, is a relatively new encryption technique/cipher that is the successor of DES. AES was standardized in 2001 after a 5 year review, and is currently one of the most popular algorithms used in symmetric key cryptography (which, for example, is used for the actual data transmission in SSL and TLS). It is also the "gold standard" encryption technique; many security-conscious organizations actually require that their employees use AES-256 (256-bit AES) for all communications.
This article discusses AES, its role in SSL, which web browsers and email programs support it, how you can make sure that you only use 256-bit AES encryption of all secure communications, and more.
Read the rest of this post »
Tags: 128-bit rc4, 256-bit AES, aes, apache, chrome, cipher, encryption technique, fips, firefox, gpg, internet explorer, iphone, mail.app, opera, outlook, pgp, safari, secret, side channel attack, ssl, symmetric encryption, thunderbird, tls
Posted in LuxSci Library: Security and Privacy, TechNotes
7 Comments »
Monday, January 19th, 2009
 Our sales staff has been asked this question countless times. It is a natural assumption that because SSL and TLS encryption of email (and web sites) requires use of an "SSL certificate", that one must buy an SSL certificate in order to use such a service. Fortunately, the answer is always
You do not need to buy your own SSL certificate to use secure email.
We’ll explain why.
Read the rest of this post »
Tags: client certificate, email security, encryption, secure email, ssl, ssl certificate, ssl email, tls
Posted in LuxSci Library: Security and Privacy, TechNotes
1 Comment »
Wednesday, December 10th, 2008
LuxSci supports a plethora of modern email programs like Microsoft Outlook and Eudora (our blog posting “Head To Head Battle of Email Clients” discuss several of these) and works with any email program and device that properly supports POP, IMAP, or SMTP. However, we do recommend Mozilla Thunderbird in the absence of any personal preferences or specific requirements for things that may only be supported in Outlook or other specific programs. LuxSci’s staff uses Thunderbird with IMAP (or WebMail) uniformly for all email sending and receiving. We discuss the reasons why in the “Battle” blog article. Here, we will give some configuration tips and tricks and recommended add-ons.
Read the rest of this post »
Tags: caldav, configuration, enigmail, imap, imap keywords, iPod, mozilla, optimize, secure authentication, setup, signatures, ssl, tags, thunderbird, tls, webdav
Posted in LuxSci Library: Email Programs and Devices, TechNotes
5 Comments »
Wednesday, December 3rd, 2008
TLS (Transport Layer Security) is the mechanism by which two email servers, when communicating, can automatically negotiate an encrypted channel between them so that the emails transmitted are secured from eavesdroppers.
It is becoming ever more important to use a company that supports TLS for email transmission as more and more banks, health care, and other organizations who have any kind of security policy are requiring their vendors and clients to use this type of encryption for emailed communications with them. Additionally, if your email provider supports TLS for email transmission, and you are communicating with people whose providers do also, then you can be sure that all of the email traffic between you and them will be encrypted.
How do you find out if someone to whom you are sending email uses a provider who’s servers support TLS-encrypted communications? We will take you through the whole process step-by-step, but first let us note some important truths about TLS connection encryption.
Read the rest of this post »
Tags: dig, dns, ehlo, mx records, nslookup, smtp, smtp connection, starttls, tls, tls support
Posted in LuxSci Library: Security and Privacy, TechNotes
2 Comments »
Saturday, November 15th, 2008
The short answer is "no" … unless you need to support web browsers 8+ years old on computers that cannot be patched or upgraded and which are not in the USA or Canada.
Read the rest of this post »
Tags: cipher, export, export grade, pci, security, ssl, tls
Posted in LuxSci Library: Security and Privacy, TechNotes
2 Comments »
|
|
Receive automatic updates via email:
