" ssl Archives - Page 4 of 6 - LuxSci

Posts Tagged ‘ssl’

Did You Know? S/MIME is like SSL for Email Encryption

Tuesday, March 24th, 2015

S/MIME is a popular technology for end-to-end email encryption and is analogous to PGP in the way that it works.  It is commonly available in most modern email programs and in many server-side email and WebMail encryption services like LuxSci SecureLine.

Folks are used to thinking about Internet security and encryption in terms of web site security. E.g. the “https://” that secures our everyday life working in our web browsers is the signal that SSL/TLS is being used to encrypt traffic between ourselves and the web server.  People are even becoming used to the fact that TLS (with SMTP) is also commonly used to secure the transport of email messages from server-to-server.

These are all good things!

S/MIME (like PGP) is different — it encrypts the email message before it is sent and the message stays encrypted until the recipient opens it.  It “doesn’t matter” how this message is transported to the recipient … its secure the whole way.[1]  But did you know that S/MIME is really just an application of the same SSL/TLS technology that secures your traffic to securing your messages?

[1] S/MIME (and PGP) do not secure your message headers (e.g. the subject, recipients, etc.), it only secures the message body and attachments.  So, the added security of SMTP over TLS does serve to protect those things that S/MIME does not protect.

Read the rest of this post »

6 ways to improve your website forms

Wednesday, February 18th, 2015

Website forms are ubiquitous. Every site needs them to engage visitors, collect information, makes sales, etc. They are easy to add to your site but not necessarily easy to do right.

There are plenty of free or cheap tools for creating web forms, but these tools may cause serious issues:

  • Incomplete Forms: Users submitting incomplete forms (e.g., not filling out all of the essential fields)
  • Invalid Inputs: Users not entering the “right” information (e.g., not putting an email address in the email address field)
  • Form Spam Bots: Automated programs may fill out and submit your forms, sending you junk in the form of gibberish or website URLs they hope you will visit and buy stuff from.
  • Form Insecurity: If your form collects sensitive information, from passwords to medical data, it could easily be set up incorrectly and enable phishing attacks or data leakage.
  • Stale Forms: You updated your form, but someone just somehow submitted the old version, which is not even on the internet anymore!
  • Connectivity/Server Issues: You don’t want your users to give up because their network is down or your site is down for a few seconds.

All of these problems impact the success of your site — causing everything from annoyance to the inability to contact your sales leads to breaches of privacy. Fortunately, it is not hard to plug these gaps and have a solid, productive, and secure web form.

Read the rest of this post »

Do you need a VPN for Secure Email in a Wireless Hotspot?

Tuesday, January 28th, 2014

LuxSci has been approached by many people asking for VPN (Virtual Private Network) services.  When we ask them why, they indicate that they use wireless hotspots (like at Starbucks and other public places) that are insecure and untrusted and they want to be sure that their email is secure and encrypted there.*

Note that even if the hotspot is password protected and “secure”, that does not mean that it is “trusted”.  The hot stop administrators or other users of that hotspot could still try to intercept your Internet traffic.  So, just because it is a “secure” hotspot with the little lock next to it and a password that you must enter, do not assume you are safe at all.

Read the rest of this post »

Do I need to Buy an SSL Certificate to use Secure Email?

Monday, September 23rd, 2013

Our sales staff have been asked this question countless times.  It is a natural assumption that because SSL and TLS encryption of email (and web sites) requires use of an “SSL certificate“, that one must buy an SSL certificate in order to use such a service.  Fortunately, the answer is always

You do not need to buy your own SSL certificate to use secure email.

We’ll explain why.

Read the rest of this post »

Alternate SMTP Ports – Send Email From Any Location

Tuesday, September 10th, 2013

When sending outbound email from an email program (like Outlook or Thunderbird) or from a mobile device (like iPhone or Blackberry) that is not using Premium MobileSync, your program or device connects to our outbound email servers using an Internet protocol called “SMTP” (The Simple Mail Transport Protocol).

An email server, however, does lots of different things in addition to sending outbound email.  It may allow checking of email via POP or IMAP, or checking your address book using LDAP, or other things. So, when your email program connects to the server it has to specify what it wants to do (i.e. send an email).  It does this by connecting to a numbered “port” on the server.  Port number “25” is the Internet standard for “regular outbound email”.

However, because port 25 is standard for outbound email, many ISPs, wifi networks, hotels, airports, and other locations that provide Internet access will arbitrarily block any connections to servers (except perhaps their own) on port 25 in order to stop spammers from using their services for the sending of spam, viruses, or malware and to prevent their IP addresses from being black listed.

Read the rest of this post »