E-mail Security Question

[chemfert]

IN CASE I SEND AN E-MAIL, WITHOUT SAVING ON MY COMPUTER, CAN ANY ONE BY USING ANY PROGRAMME FIND OUT ME E-MAIL ADDRESS, PASSWORD AND CAN HE ACCESS WHAT E-MAILS I HAVE SENT ?

[hesperus]

Yes and no. Emails themselves can be saved in several places -- on your server, the server of your reciepient, the computer of your rcpt. Anyone with access to these can read what is in them (unless they are encrypted) and your email address.

Your password is a different matter since it is not part of the email itself but is sent to the server to allow you to view/send your messages. Anybody who is able to monitor your login can get your password. Usually this is done with malware secretly installed on the computer you use.

Unless you make the effort to secure them, and even then, emails are more or less a public medium. You should not consider them safe for things you want kept secret.

If you suspect someone has your password, change it. But first do a search on this site for 'removing spyware' and follow the directions.

By the way, KEEP IT DOWN. CAPS are hard to read.

[XTC46]

Email is not secure. Yes others can read it. But generally they dont becasue they dont give a ****. Your password is probably being sent in plain text over the net when you recieve your email, and if your SMTP server requires authentication but does not use ssl then it is sent when you send mail as well. As far as if it is saved on your computer it depends on you. Do you use an email client like out look? if you do it creats a temp file with the email you typed and then saves a copy in your sent folder, so do MOST other mail programs including webmail. When you delete a message it goes to a trash bin usually, so its still there.

[nihil]

Hello chemfert , and welcome to AO.

As you can see from the previous responses, your question is not quite as simple as you might think

From the question you ask, there are two sorts of mailing systems:

1. Those that run locally on your system (Outlook, Outlook Express and so on.............)

2. Those that operate remotely over the internet (Gmail and so on....)

IN CASE I SEND AN E-MAIL, WITHOUT SAVING ON MY COMPUTER, CAN ANY ONE BY USING ANY PROGRAMME FIND OUT ME E-MAIL ADDRESS

Well, your address is in the e-mail header, and most operating systems have cache, temporary and history files, as do browsers, and applications. It would be wise to assume that the answer is "yes" unless you know where this information is stored and can clear it.

This is why I advise caution when using "public" facilities such as internet cafes, libraries et cetera.

PASSWORD AND CAN HE ACCESS WHAT E-MAILS I HAVE SENT ?

If you are using a local system you will have already entered your password to access the computer, so I do not think that is your question. For a remote system, you will have keyed in the password to your e-mail account. As I said, there are a lot of temporary (not so temporary, actually!) storage areas.

If you think about it, you are talking to your local PC which then communicates with the remote server, so it is at least storing the information temporarily for a certain time. You are not communicating with the remote system in real time, you are keying into the box in front of you. Only when you hit "send" does the message get transmitted.

Once again you would be wise to assume that the data are still available locally, at least until the next re-boot of the computer, and often for longer than that.

You should also be aware that Windows, for example, uses a system temporary file called the "swap" or "page" file. This can contain all sorts of interesting information, including that which you mention. This is in "plain text" even if the end result was encrypted.

There is even residual information in the RAM sticks!!!!!!!!!!!!!but we are now talking serious security agency resources and budgets

Hope that helps.

[Tedob1]

because you 'didn't save a copy' and didn't mention deleting sent items im going to assume your using a web based email system and the person your worried about has physical access to your computer.

if this is the case then your user name and password are sent out as part of the form information in the http request to log in, although the password is usually encrypted. every http request you make is stored on your computer. your account name can be viewed in plain text. many people use the same password for allot of things so a quick look in the protected storage area using something like pstore.exe could also reveal the password or... your password can be guessed which is easy for someone who knows you and is even semi-adept at social engineering. a program that logs key strokes could also be used. without knowing more about your situation thats about all i can say.

[nihil]

Tedob1

Has some good points there. The keylogger is a particular risk when using public facilities such as internet cafes and libraries, as you have no control over the software on the machine or its security.

His other point also applies to the situation where you have automated your login to your mail provider. That means that your user name and password are permanently stored on your machine and can be recovered.

Your e-mail address is easy to derive as it will follow the pattern: username@mailprovider, for example: myname@gmail.com

[Black Cluster]

Originally posted here by nihil
Tedob1

Has some good points there. The keylogger is a particular risk when using public facilities such as internet cafes and libraries, as you have no control over the software on the machine or its security.

.

Even your personal computer can be infected with a remote keylogger, without asking you "May I install this keylooger in order to sotre you key strokes?"

I prone to believe that your password exposure has been exposed by your, supposedly, easy to guess password .... or even easy-to-guess security question .. in case of using a web-based email service ....

More details can really help us to help you out .....

[Katja]

First of all, how do you send email? If you're using Outlook or Outlook Express, then these applications might store a copy of the sent email, if you've configured them that way. The same can be true for other email applications. And most of those applications will store your password and other sensitive information somewhere so you don't have to retype it every time, although this too is often optional.
Anyone with physical access to your computer might attempt to retrieve this information from your PC, but it might take them a long time to get it.

If you use webmail (which means you access your emails through a webbrowser) then nothing is stored on your computer. (Unless your webbrowser is set up to remember passwords and you've told your browser to store the password for this webmail page.) However, you are communicating with another computer and this communications can be tapped by someone. Thus, unless you are visiting a secure webmail server, it is pretty easy for others to intercept your password. Fortunately most webmail servers do use secure pages so the password is encrypted and this is very difficult to decrypt. (But not impossible.)

If you send email through a proxy server, you make it a lot harder for you to be traced back as the origin of the email. This trace would lead to this proxy first and they would have to start looking again from that point. Still, the sender address in the email will give you away as the most probable sender of this email.

Some spammers make use of "ghost computers" as their proxy systems. Basically, they just hack into some remote computer and install some software on it. This software will start sending emails from this ghost machine using fake sender addresses. This trick is very hard to discover because first the ghost computer needs to be found. And if this ghost is using other proxy systems, then it can become a very time-consuming task. And once the ghost is found, they need to discover who has been sending commands to this ghost. And that will be near-impossible, unless the spammer continues to use this ghost system.

This is why computer worms are so popular. It gives hackers a chance to break in remote systems and then use those systems for their own gain. They could use it to just spam millions of people. They can use it to do a "Denial Of Services" attack. They can try and use those ghosts to steal creditcard information or other valuable data. Or whatever else they like. They have access to this system so it's basically theirs.

Computer systems aren't really as safe as people want them to be. It's just that most attacks will take a considerable amount of time. And hackers don't want to spend too much time on breaking in somewhere, unless it's really worth the efford. Compare it to a long , basically, your security doesn't have to be the best. It just needs to be better than that of others in your area.

[Tedob1]

"If you use webmail (which means you access your emails through a webbrowser) then nothing is stored on your computer."

http://www.securityfocus.com/infocus/1827

[Katja]

That's partly true, tedob1! If you use webmail then there might be more stored on your computer than you expect.

First of all, cookies... Your webmail page might be using cookies to remember the connection. If you log off and someone else logs on right after you, he might access your webmail session through that cookie!
And of course modern browsers have a cool password storage functionality that you can use to store your passwords. So you don't forget them. Unfortunately that means that anyone else might "remember" them too. The browser doesn't know if it's you or someone else who wants to know the password. It just fills it in.
There are, of course, the temporary Internet files that are stored on your machine. Those can contain the contents of your emails. Of course, combined with the browser history, people might trace all your online actions.

However, it is possible to set up your system to not store any of this data. Performance will be slowed down if pages aren't cached and no history is kept. And of course you have to remember your password when you disable that password storage. And if you clean all cookies and temporary files after closing the browser, making sure they are really cleared from your system, you do have a pretty secure environment that will take a while before someone will be able to retrieve some information from it. Many computers in public environments (e.g. libraries) are supposed to be set up this way so the next user of the system is unable to see what the previous user did on it. (Then again, this is often not the case.)

So if you take proper care, the use of webmail should leave no files on your system.