The Old Bear, On eMail Security,

tells you why
You Need to use A Private-Server
E-mail Address for personal messages!

        

"After all," you say, "I have an email address at my office that all my friends know, I wouldn't want to confuse them by changing or adding another mail address!"

OK, Bears, and all you other friends out there (in any kind of government or corporate service), I'll make this real plain, and write slowly, so you can understand where your personal security is at with eMail:

First of all, the rights to use eMail on any government (or corporate) computer is controlled by law the same as any other government (or corporate) property is; "for official use only", or "FOUO"

Second, the email that passes through those servers belongs to the owner of the computers and servers , and they have incredible control and ability to read any of it they want to. Just about anybody in your government or corporate chain-of-command can monitor your email with a very simple script that duplicates your incoming/outgoing and scoots it over to a private manager's directory where it can be perused at will. This means that anybody from the SysOp to the unit commander can read your email anytime, without obtaining any court order of any kind.

The latest 2004 court positions on this can be found at This Link.

"Well, why should I care," you ask, "if they want to read my email let 'em have a ball!" Sure, O.K., but just like today I get an email from an employee of a government agency, using his government desktop computer and his government email address. He's expressing an opinion on legislation pending in the U.S. Senate. No biggie, right? He's on his lunch break, and there is nothing wrong with exercising your first ammendment rights.... Right? ... Wrong! All he needs is just one supervisor, anywhere up his chain of command clear to the President of the U.S., who doesn't agree with his position, or somebody in the SysOp crew that doesn't like something he did or said, or who is just out to make points with the CID or a cranky commander, or... Oh, hell, just somebody that finds it exciting to intercept everyone's mail, then classify it for future reference. Anybody heard about the "Carnivore" program, originally written by hackers then modified by one of the important investigative arms of the Federal Government? There are a dozen similar programs, all available to anyone who wants one. Just like it's name, it resides on any mail server (Government need a federal court order based on cause to Carnivore force-monitor a private server, but they can monitor any government server they want to without "permission" from anyone... Read that twice, please!) and eats all the email that floats through, then sorts it by several parameters into neat stacks for examination. A thousand key-words or so makes up the sort sequence. Then there is.... Owell, you should get the idea by now, or didn't I write this slowly enough?

Why would you want an E-mail account on a web-based system such as Smokey's Mailbox?

        

First, and most important, you are not violating any government or corporate "equipment use" rules when you send and receive personal email, or email that may have a controversial edge to it, corporate or politically speaking.

Second, your mail does not have to go thru any pipelines controlled by your chain of command, so self-appointed snoops can't duplicate your mail and divert it to the manager's exception directory for later examination. (see *NOTE below!)

Third, there is nobody at Smokey's Mailbox that knows your password. We can give you a new one if you forget your old one, but we absolutely cannot retrieve your email password. (Yes, your government eMail password is in a file controlled by your government SysOp).

Fourth, if you want to be really safe in your private eMails, you should access your account from your home computer, not your office computer, and use SSL. Why? Well, even though you go on-line to retrieve your mail, and it still resides on the on-line server, your keyboard keystrokes can be tracked by your government server. They most probably are not, but they can be, with a very simple script on your office machine. And your corporate SysOp can install it on your desktop from his master terminal. What that would tell them is where you went, what passwords you used, who you talked to, and what you wrote. Like I said, the keystroke tracking is most probably not being used on your government or corporate server, but it is very, very, possible.

Now, the Old Bear doesn't mean to make anyone nervous about using electronic-Mail, 'cause it's about the slickest thing to come down the pike since they did away with carbon-paper, manual typewriters and goat-glue stamps. We would just like to help you stay out of trouble with your government or corporate agency. Whether you're the rookie in the office, or got stars on your shoulders, this applies to you. Just 'cause you're the top dog, can hire, fire, promote, de-mote and just generally make people shake and quake, what makes you think you're immune from the snoopy-dude I told you about up above? You know what position you are in when you're at the top? The center of the target! Every subordinate or superior that has visions of greatness and considers you a prime target (for some reason you might not even suspect) could be keeping tabs on you. You're on the bottom of the pecking-order? What makes you think they wouldn't like to get rid of you but you just passed your probationary period?

Well, you get the idea, and I apologize for getting a little testy with you up there at the start. But when my partner in this enterprise, designed and operated for the free personal good of Bears and friends of bears, is getting hit with really tech-stupid comments from someone who should know better, well, it's time for The Old Bear to talk plain and write slow. The Old Bear loves every one of you friends, and sure as the devil doesn't want to see any of you get into any unnecessary trouble! Hell, you get into enough trouble, just trying to do your job !!!

Go on, friends, go get your own Smokey's Mailbox account right now...
Then USE it, dammit, USE IT!!

        

Very Best Regards, and be sure to ask for your private eMail account    RIGHT HERE!

The Old Bear.


*NOTE For users of Smokey's eMail service, (UtahStateTrooper.com and UtahTrooper.com) if you choose SSL online service when you check in to your mailbox with your browser, and your recipient also chooses SSL when they pick up their eMail online with their browser, the message is encrypted from keyboard to keyboard. If the sender chooses SSL online, but the receiver chooses Non-SSL, it will be encrypted only from the sender to Smokey's server. If the sender does not use SSL, but the reciever does choose SSL when picking up mail online from Smokey's server (receiver also has to have a Smokey's eMail address), then the receiver is using encryption from the server to their desktop. Pretty flexible, and just as secure from those snoopy dudes as you want it to be!. Just one more perk in the menu at UtahStateTrooper.com and UtahTrooper.com


RETURN