Helping people with computers... one answer at a time.
Hiding emails online in the Drafts folder does not add a layer of security. It can still be accessed by the authorities.
Regarding the current scandal involving former CIA director, General David Petraeus, did we learn anything new about email security or the lack thereof? Were you surprised at what the FBI was able to find out about the parties to this scandal before the FBI even obtained a court order or a warrant or subpoena?
In this excerpt from Answercast #74, I look at how email can be accessed easily by the authorities if it is available in an online service.
Was I surprised? Absolutely not.
Did we learn anything? Well, I think a lot of people learned something. But it's not something that wasn't already out there to be learned.
The fact is when you store email on a service provider like Gmail or Hotmail or whatever, the email in many cases is legally accessible to law enforcement if they have a good reason.
Now, I don't want to get into the legalities and picking apart the law. For one thing I'm not a lawyer. For another thing the law keeps changing. But as I kind of sort of understand it, if you leave email on your email server for long enough, the email is (currently under the law, I think) deemed as being abandoned, or available, or whatever. What that means is that if you are honestly, truly concerned about the government accessing your email, don't leave it on a common server like Gmail - or your ISP, or wherever.
That's an important lesson to be learned.
The other lesson to be learned, by the way, is about this technique they were using: where they didn't actually send mail. They were sharing access to a single account and leaving each other messages in the Drafts folder.
In other words - they would type up a message, but leave it in "Drafts" and never hit send.
That didn't help them. The fact is that the email account is available. These folders are available to law enforcement.
Apparently this is a technique that's been used by others before. I think you can see that it is not something that is particularly secure, and is not something that adds a real layer of security to what you're doing.
The important things to take away from this are:
If that's a problem then you want to take steps to make sure that's not your situation.
(Transcript lightly edited for readability.)
Next from Answercast 74- Is there a downside to storing files in recycle bin?
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.