e-mail security

Ten simple, common-sense security tips

A friend took me to task last week for a post I wrote back in January on preventing Google from tracking you when you search. His alternative solution: "Just use Bing."

That got me thinking about other no-brainer approaches to security that thumb their noses at the conventional (and often convoluted and time-consuming) advice of the experts.

Search without footprints via the 'other' search engines Truly anonymous Web surfing requires the use of a VPN service that blocks your IP address as well as other personal information. (For more on VPN, see the tip below.) If you simply … Read more

Google to retire Postini, migrate features to Google Apps

Google plans to shut down Postini, the e-mail security and archiving product it acquired in 2007, shifting users over to Google Apps next year.

The Web announced the transition today, saying that it has spent the last year building Postini's features into Google Apps for Business, a professional suite, and Google Apps Vault, an e-mail archiving and discovery service.

"With this transition to Google Apps, you can receive similar email security, protection, and archiving, but through the more robust Google Apps service," Google said in a company blog post. "Google Apps also works with mail servers … Read more

How to set up Google's two-step verification

Did you read Mat Honan's tale of woe last week? The one where his Amazon, Apple, Gmail, and Twitter accounts were hacked and his digital life was eradicated?

If not, I strongly encourage you to read his story. In a nutshell, hackers strung together pieces of information to gain access to several important online accounts. The results were personally devastating for him. But his story is a good lesson for all of us. After learning the details of the attack -- from one of the hackers himself, no less -- Honan says he regrets three things most of all.… Read more

How to secure your PC in 10 easy steps

There's one thing you can do to avoid being the victim of identity theft: follow this 10-step PC security plan.

Encrypt your network connection Most popular sites offer HTTPS connections at least some of the time. In Gmail, click the gear icon in the top-right corner and select "Always use https" under the General tab.

To select Facebook's HTTPS setting, click the down arrow in the top-right corner and choose Account settings. Select Security in the left pane and Edit in the Secure Browsing section of the main window. Check "Browse Facebook on a secure … Read more

Signing up for Hotmail? Think of a strong password

Hotmail is banning passwords such as "password", "123456", "ilovecats", and "gogiants", in an attempt to make it harder for spammers to hijack users' e-mail accounts.

People who sign up for the Web e-mail service will be prevented from using a password typically used by millions of others, Microsoft said in a blog post on Thursday.

"This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password," wrote Dick Craddock, group … Read more

Privacy-centric alternatives to Google, Gmail, and Facebook

The concern about Google, Facebook, and other popular Web services tracking their customers may have you wondering whether there are more-private alternatives. The Ixquick.com metasearcher, PrivacyHarbor.com and Hushmail e-mail services, and FolkDirect social network promise to stay out of your affairs.

Metasearch minus tracking and history Google lets you erase all or part of your Web history with five clicks: after you sign into your account, click the down arrow in the top-right menu, choose Account Settings, select Web History under "My products" (you may need to sign in again), click Clear entire Web History, and … Read more

E-mail security: Back on the front burner

Earlier this week, German software vendor Ashampoo warned users of its products that the company's servers had been hacked and some of its users' e-mail addresses had been stolen. (CNET's Elinor Mills describes the breach in her InSecurity Complex blog.)

Ashampoo didn't disclose the number of addresses lost, but the breach likely pales in comparison to the e-mail addresses exposed in the massive hack of the servers at e-mail marketing service Epsilon, which was disclosed in the first week of April.

Malware purveyors may not need to hack a company's server to get their hands on … Read more

Apple to fix iPhone security flaw in next iOS

Apple has acknowledged a newly-discovered security flaw in the iPhone and is promising to offer a fix with next month's release of iOS 4.2.

The new flaw allows someone to access the phone dialer on a locked iPhone by punching a certain sequence of buttons, thereby giving them the ability to make phone calls, send e-mails, and access the address book. Confirmed by Wired Magazine, the Boy Genius Report, and other online sources, the flaw was reportedly first discovered and posted by a user on the MacRumors online forum on October 22.

Bypassing the lock requires someone to … Read more

Report: Tens of millions still opening junk e-mail

In this day and age of technological advancement and digital lifestyles, it's incredible to me that nearly half of a recently surveyed audience opened junk e-mail (aka spam), intentionally.

According to an Ipsos Public Affairs Messaging Anti-Abuse Working Group (MAAWG) survey report (PDF), tens of millions of users continue to respond to spam in ways that could leave them vulnerable to a malware infection or bot network.

The results of the survey show that nearly half of the users have opened spam, clicked on a link in spam, opened a spam attachment, replied, or forwarded it--all activities that leave consumers susceptible to fraud, phishing, identity theft, and infection.

Of those who intentionally opened spam, they did so to unsubscribe or complain to the sender or to see what would happen. Fifteen percent clicked to learn more about the products or services being offered.

Read more

Google's Postini suffers prolonged e-mail delays

Some customers of Google's Postini e-mail security product experienced significant problems Tuesday, with reports of hours-long delays in e-mail delivery that are still affecting some customers.

Threads throughout Google's Postini forums spread involving the issue, which seemed to begin overnight on System 7--one of several systems used by the service--and was still affecting some customers as of Tuesday afternoon, although e-mail delivery had resumed for others. Users also reported problems accessing the management consoles used to log into the Postini service, preventing them from understanding exactly what was happening.

Postini, acquired by Google in 2007, offers e-mail security … Read more