March 11th, 2004, 05:46 AM
I have a question about emails. I believe someone is reading my email that I receive at work and opening it with their home computer. Is there anyway I can tell? We were told to give our passwords to the assistant (just in case our superiors needed to access our computers if we were out of the office) and I think that this person got my password.
I know this is a strange question.
Conversations that I have had with this person make me believe that he is reading my mail.
Can someone help me out?
March 11th, 2004, 06:01 AM
There's no way to find out that I know of, from the user-end anyway. Your mail should be sitting on a mail server at your office, and this "assistant" must then have administrative access to that server. Since you won't have such access, you can't hop on the server and see who's reading it. Best thing to do in this case is just have no secrets to keep, unless some of your business mail is highly sensitive, in which case you need to consult someone else higher up the chain of command. If not, just make sure you keep all your personal mail/mail you don't want read run through another e-mail service.
Best advice I can give. Can any of you more experienced AntiOnliners improve upon this?
March 11th, 2004, 06:08 AM
You can take this issue up with your admin. He/she should be able to tell you what computer in the office that your mail is going to or if it is an outside network request. Most likely what he'll have you do is change your password and have you not give it out.
Ben Franklin said it best. \"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.\"
March 11th, 2004, 06:24 AM
There are two things you can do, report it to an admin, and encrypt any personal email.
http://<a rel="nofollow" href="http:...k/pgp.html</a>
As far as end-user detection, there really isn't much that you are going to be able to do. You might try sending yourself something that you think he'd read, and then when you check your mail, see if it's marked as read.
Real security doesn't come with an installer.
March 11th, 2004, 08:30 AM
For official purpose report to u r adminmistrator(safety on u r side).
change the password first.
which mail server u r using.(pop3/smtp) or any free mail service
such as yahoo,rediff,hotamil...
The mail server is maintained in u r office.
March 11th, 2004, 11:54 AM
There is a little trick involving creating an HTML email that tries to get a page or picture or anything from a website you control. The website logs every request sent to it. So if you send yourself an email with a nice "juicy" title that will attract the potential reader's eye and curiosity that has a link to the site then you will be able to see the IP address, date/time etc. that the email was opened from. From there it will probably be fairly easy to determine who is doing it because they are probably not really trying to hide their activity.
This may sound all a little complicated but maybe you have a friend who is a bit "geeky" like us who can set this up for you.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
March 11th, 2004, 12:44 PM
Re: email question
Ouch! Don't you have privacy laws that prohibits this?
Originally posted here by lucy
We were told to give our passwords to the assistant (just in case our superiors needed to access our computers if we were out of the office) and I think that this person got my password.
Just change your password and do NOT give your password to ANYONE.
If they need to access your computer when you're not there they can ask any administrator to give them access. There's absolutely no need for anyone else to know your password.
Experience is something you don't get until just after you need it.
March 11th, 2004, 12:53 PM
the sneaky side of me sides with Tiger, but SirDice just shades it for practicality. When you gave the pass to the assistant, did they store it on the system, or write it down on a post-it <LOL> change pass NOW, admin can always access if required, as SirDice says, 'there is NO reason for anyone to know'
55 - I'm fiftyfeckinfive and STILL no wiser,
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
March 12th, 2004, 02:32 AM
The passwords were written down and put in her file, somewhere. It's strange, I don't want to accuse anyone of anything unjustly if it truely is unjust.... I would love to know for sure before bringing it the administrator. This person could make my job very difficult if it is unfounded. Sticky situation. What is Tiger talking about? Is this something I could do on my own?
Thanks for all the advice and help. You all are wonderful!
March 12th, 2004, 03:36 AM
How would you know this?
The passwords were written down and put in her file, somewhere. It's strange, I don't want to accuse anyone of anything unjustly if it truely is unjust....
That person could. But all you have to tell the administrator is that you think your current password hasn't been changed in a long time and for security purposes you want to change it. He/she will gladly explain you how to change the password for your system.
I would love to know for sure before bringing it the administrator. This person could make my job very difficult if it is unfounded.
Secondly I would ask for an alias, where business critical messaging should be sent to if you are not *available* instead of the direct e-mail adres. This way you can fetch internal e-mail in your own account and can use informal phrasing without jeopardizing the company you work at and maintaining your privacy.
Depends how good your skills are. You could use HTML coding in a e-mail to your address which you think could be sniffed (term of east-dropping in wizard language) using simply in the plain-text with <IMG SRC="www.some-domain-you-can-admin.com/nonexisting.jpg"></IMG> and refer to an non-existing image on a webserver where you have access to the weblogs, then search for the GET action to the non-existing image. There are many ways, but you should (according to my opinion about your *programming* skills) contact *wizardly* friends who will help you with the technical concept.
Sticky situation. What is Tiger talking about? Is this something I could do on my own?
Thanks for all the advice and help. You all are wonderful!
Hope this helps.
1 line FAQ writing \"Don\'t do that, than!\"...