January 24th, 2009, 10:13 PM
monitoring a 'drop box'
what is the general consensus here of this technique for privacy (not anonymity) when there can be a delay in your message being read?
"Uninterceptable electronic messages"
Webmail account if you had full SSL session encryption not just SSL-secured login and you can attach files too.
It still would circumvent the SMTP and email header traffic monitoring.
Actually is there anyway this can be monitored?
I'm sure the big webmail providers yahoo, hotmail, gmail have some sort of monitoring of this? Anyone?
January 24th, 2009, 11:13 PM
I would guess that if you have an e-mail account that is accessed from different places/providers and never actually sends any mail it would tend to stand out, particularly if it was growing in size (due to the saved drafts).
If you were going to get it to work you would have to create innocuous "normal" traffic to avoid appearing abnormal. I would probably go to shopping and software providers sites and check the boxes to get e-mail notifications.
January 24th, 2009, 11:45 PM
Originally Posted by nihil
To keep things uninterceptable setup accounts at a half dozen of sites and then snail mail a list of sites to your colleague with instructions to only use each registered account once for 3 messages only. Delete each draft message once it is read by the other party.
Delete the account 2 days of receiving the last message, and then use the next registered account at another website on the list.
Even if you choose not to use GnuPG encryption you still will have SSL during transfer to a private message box that won't leave that server.
When you are setting up these email accounts you could also send innocuous emails to things asking dumb customer questions about a product so you have sent emails in your SENT box. And like you said also sign up for a couple of email lists for things like airline deals of the week or something or some club events weekly mailing list in Las Vegas.
January 25th, 2009, 12:56 AM
Come to think of it, the best source of regular incoming mail is to sign up with a few jobfinding sites and opt for e-mail notification.
Also, quite a few people i know have "disposable" e-mail accounts that they use for registering with websites and the like, so a small volume of outgoing mail is not uncommon, provided that you have the other traffic.
By str34m3r in forum The Security Tutorials Forum
Last Post: September 25th, 2006, 02:20 AM
By tenzenryu in forum The Security Tutorials Forum
Last Post: July 11th, 2005, 03:57 AM
By coderecycle in forum Newbie Security Questions
Last Post: October 3rd, 2004, 06:02 PM
By gore in forum Newbie Security Questions
Last Post: December 29th, 2003, 07:01 AM
By Natasha69 in forum *nix Security Discussions
Last Post: November 8th, 2002, 08:45 PM