 |  |  |  |  |  |  |  |
Email Security - Must Read……
 |
•
•
Join Date: Dec 2006
Posts: 645
Reputation: 
Solved Threads: 17
DaniWeb Expert
Along the web development, email has made a huge contribution in wide spread of internet. E-mail is widely used and has a well-defined and universally implemented protocol and, it is a hot cake for hackers. It is easily done. Attacks on e-mail focus on two areas: the delivery and execution of malicious code (malcode) and the disclosure of sensitive information. E-mail has great latent risk due to the very sensitive nature of the data or information that is transmitted. E-mail can disclose a huge amount of company and personally sensitive data. The security risks linked with e-mail are often perplexed with the risks associated with collaboration tools that also serve as e-mail clients. Microsoft Outlook is one such tool.
The following are two issues to consider when comparing e-mail and collaboration tools:
ASCII text. ASCII text cannot be executed directly. This can be a serious mutilation for malcode, which needs to be executed, promulgate, or do damage. Therefore, e-mail at its very basic core is safe because it does not transmit directly executable (binary) code.
When an e-mail client starts adding features to be more of a collaboration tool, such as Outlook, the malcode has many avenues of being decoded and launched. The goal of these tools is to make life easy and suitable for the users. This ease and expediency leads to the tools providing features for the user that the malcode can use to its advantage.
The basic protocols used in e-mail may not be inherently susceptible to malicious code such as worms and viruses, but the same cannot be said for protecting personal and sensitive data. For many years, the popular e-mail protocol, Post Office
Protocol (POP), was used in the clear (not encrypted). Even in today’s security-conscious society, most e-mail is still transmitted in the clear.
The following are two issues to consider when comparing e-mail and collaboration tools:
- <LI class=MsoNormal>The acquisition and propagation of malcode
- The loss of privacy data.
ASCII text. ASCII text cannot be executed directly. This can be a serious mutilation for malcode, which needs to be executed, promulgate, or do damage. Therefore, e-mail at its very basic core is safe because it does not transmit directly executable (binary) code.
When an e-mail client starts adding features to be more of a collaboration tool, such as Outlook, the malcode has many avenues of being decoded and launched. The goal of these tools is to make life easy and suitable for the users. This ease and expediency leads to the tools providing features for the user that the malcode can use to its advantage.
The basic protocols used in e-mail may not be inherently susceptible to malicious code such as worms and viruses, but the same cannot be said for protecting personal and sensitive data. For many years, the popular e-mail protocol, Post Office
Protocol (POP), was used in the clear (not encrypted). Even in today’s security-conscious society, most e-mail is still transmitted in the clear.
|
Similar Threads
- Security issues around publishing email addresses on webpages (HTML and CSS)
- AVG not healing viruses + Security Alerts not recognising security software (Viruses, Spyware and other Nasties)
- Freeware Security VS Priced Security (Viruses, Spyware and other Nasties)
Other Threads in the Network Security Forum
- Previous Thread: network attack
- Next Thread: Online payment service relies on snail mail and a prayer data security
| Thread Tools | Search this Thread |
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
Tag cloud for Network Security
adobe advice antivirus apple attack banking blackhat bot botnet breach browser business cellphone china crime cybercrime cyberwarfare daniweb data database dataloss dataprotection development email emailretention encryption exploit facebook firefox flash forensic fraud google government gps hack hacker hacking hardware identity idtheft information internet iphone kaspersky koobface law linux malware mcafee mckinnon microsoft military mobile nasa nationalsecurity network news obama olympics p2p password passwords pdf pentagon phishing php politics privacy report research review sans satnav scam school search security socialnetworking software spam survey symantec symbian terrorism terrorist trends trojan trojans twitter uk usb virus vulnerability warning web word worm yahoo zeroday
