Leave no trace – Avoid the gotcha text

Locked mobile phoneTiger Woods. Kwame Kilpatrick. Mark Foley. John Ensign. Jim Gibbons. They’ve all given us reason to reconsider how we communicate with others online and via text message. Those chats aren’t as private as we all thought and the misunderstanding is bringing down some big names.

Many of these stupid mistakes are the result of a failure to understand where these messages go, who sees them and how long they sit around on servers for retrieval. Here are a few tips to securing your conversations and some common pitfalls in leaked communications.

Secure your Gmail
When you’re using WiFi, especially one that’s publicly available, someone can eavesdrop on your web surfing with surprising ease.  That includes your email, downloaded files and websites.  If you see the padlock icon on your browser, it means the website you’re visiting is transmitting that information securely – banks, e-commerce and most login pages are secure.  But, most email websites are not.

Gmail HTTPS Seetings

In Gmail, click on ‘Settings’ and set ‘Browser Connection’ to ‘Always use HTTPS‘.  This forces Gmail to transmit your data securely every time.  Phew, emails and juicy gchats secure.  Glad that’s done.

Go ‘Off the Record’
Google Talk, or gchat, swiftly brought about the end of AOL Instant Messenger’s reign when Google folded it into Gmail.  Aside from being more convenient, an ‘improvement’ in gchat involves saving every conversation you have for eternity.  I can’t even imagine how much fun it would be to read through a database of gchats.  What a treasure trove.

Off the Record in gchat

Make it your policy to “Go off the record” in every chat.  Once you initiate OTR, it stays on for every future conversation you have with that person until you turn it off.  This guarantees that the conversation is not stored in your account or theirs.  Also, it adds great emphasis to what you’re about to say.

Note: If they’re connecting to Google Talk with a third-party program, however, the chat may be stored on their computer.  Foiled.

Watch your BBM and PIN use
I can’t count the number of times I’ve been told by friends and colleagues that they prefer to communicate via BlackBerry Messenger and the internal “PIN” system because its untraceable and no one can read it.  This is not true.  If your BlackBerry is owned by your employer, every message sent and received over BBM is stored on the company’s server and easily retrieved by the system administrator.  Every company has different policies regarding this information, but never be fooled into thinking that what you do online and on your berry is ever secret.  (Update: The Supreme Court on Dec 14th granted cert to a case from a federal appeals court in California that will determine whether text messages sent by an employee on a company device are considered ‘private’.)

Encrypted Emails
contextmenu.128You can encrypt the emails you send with FireGPG and a handy Firefox plugin for Gmail.  It’s burdensome to set up, but once you’ve exchanged public keys with the people you want to email with securely, the encryption happens in the background and the message cannot be read by anyone without the key.  Iranian revolutionaries are using it to coordinate protests and the public keys used to unlock emails that could be evidence are at the center of some court cases.

Even though these technologies exist, they really only protect against people eavesdropping on your conversation or intercepting your messages.  If the person you’re communicating with isn’t trustworthy and will just give up all that info…well, then…you’re pretty much screwed.  This post will self-destruct in….5….

View Comments to “Leave no trace – Avoid the gotcha text”

  1. Dave  on December 16th, 2009

    re: supreme court cert grant. you are welcome

  2. Dave  on December 16th, 2009

    re: supreme court cert grant. you are welcome


Leave a Reply

blog comments powered by Disqus