CAN WHAT I WRITE IN AN E-MAIL BE TRACKED?

Home

Identity Theft

What Is Identity Theft?

How Identity Is Stolen?

Is Some Theft Worse?

Taking Action

Tracking and Hacking

Online Surfing Tracked

Safe Online Shopping

Tracking E-mail

About

Identity Theft Tips

Add free tips to your site

PAGE TOPICS > CAN AN E-MAIL BE TRACKED? › HOW MUCH DO I HAVE TO WORRY ABOUT HACKING?

CAN WHAT I WRITE IN AN E-MAIL BE TRACKED?

Absolutely. And you can probably bet that it is. Although there is a law that makes it illegal to read or share the contents of an e-mail, there are a couple of important loopholes.

Employers monitoring employees aren't covered (technically, they own the computer, the network, and the software, so they have a right to access the things they own). If the person you send the email to consents to share it, they don't need your permission. Or, as we've learned before, if law' enforcement gets curious, they can take a peek with a court order.

Furthermore, anytime you send an e-mail from point A to point B it goes through any number of Internet companies on its way. Each company has its own set of privacy' policies and its own interpretation of its obligations and rights. You can't even be sure that the companies are all governed by U.S. law. Finally, the biggest and most important exception is that e-mail is considered private only when it is in transit. Once the text resides on a computer somewhere for more than 180 days, it enjoys much less protection.

All of these exceptions mean that, if someone really wants to, he or she can most likely read your e-mail. Practical obscurity, the fact that there are too many e-mails from too many people to make yours worth caring about, will probably protect you in all but the most unusual circumstances. But the safest bet is not to count on it.

HOW MUCH DO I HAVE TO WORRY ABOUT HACKING?

To understand hacking, you first have to understand the reason the Internet was created. In the throes of the Cold War, American policy makers worried about how to maintain communication between cities in the event of a nuclear strike. Some kind of network was needed, but any kind of centralized command center for this network would be too vulnerable to attack. The answer, thought up by the RAND Corporation, a government think tank, was built upon two important principles.

The first was that the network would be a decentralized collection of computers. They would all be joined together, but no one computer would be more important or more functional than any other. Because there was no gatekeeper or mastermind setting up a system of control, each node in the network simply needed to be able to understand the communication protocol in order to pass messages along.

The second was that any information sent over this network would be broken into pieces, with each piece being sent to the recipient's destination via a random, individual route. The pieces would be reassembled once they'd all arrived at the other end.

The result of RAND'S design is that it's very easy for other computers to hook into the system. The first network linked four computers. In three years the number had grown to thirty-seven. Today, the Internet connects over 42,500,000 senders talking to countless individual computers in just about every' country.

While this anarchic style of architecture has allotted for the rapid growth of the Internet, it has also institutionalized certain problems. Because the system was designed to handle a fairly simple exchange of basic information - not the sophisticated transactions for business that require verification and encryption - there are lots of holes. The result is that for every attempt to make the Internet secure, there is another creative way to break the system. It simply wasn't designed to be what it has become.

Because the underlying technology of the Internet makes it difficult to prevent hacking, a sensible way to deal with it is to look beyond technology fixes. You must understand what motivates the hackers.

In this light, it's easy to see that your individual vulnerability is limited. Hackers typically want to disrupt companies, either because of a grudge against them or to get media attention. It is not as common for a hacker to attack your computer at home and mess with your personal data. There is no glory. Don't get me wrong: it isn't unheard of. It's just not all that likely.

If someone wanted to get into your computer at home, he would most likely use a Trojan horse. A Trojan horse is a piece of code that is disguised as another program, video clip, or game that you can be persuaded to download and install in your system. Once installed, the Trojan horse may do any number of things, including giving the hacker access to all your files and e-mails, or the ability to mess with your operating system to create messages that pop up on the screen.

More often than not, however, Trojan horses are used to enable more widespread attacks. One of the most common reasons to hijack an individual's computer is to recruit it for a redistributed denial of services attack. By duping a huge number of computers to visit a Website at the same time, a hacker can overwhelm the Web site's servers and prevent legitimate users from getting on. One of the most famous denial-of-service attacks was launched a few years ago. First Yahoo! was hit. Then, a few days later, eBay, CNN.com, Amazon.com, E-Trade, and other major sites were taken down. The overwhelming traffic to these sites caused them to go offline for hour, resulting in an estimated $1.7 billion in lost business and other damages.

More recently, individual PC`s have been hijacked by another Trojan horse to serve as middlemen for porn Web sites. Instead of connecting directly to the originator anyone clicking on a spam advertisement for porn would connect to some random individual's computer that had been hijacked. That individual's computer would then be forced to connect to the porn site, get the content and pass it along to the requester. In this way, the purveyors of the adult content were able to remain anonymous to the end user-and any law enforcement.

The program that forced unwitting PC users to become porn providers didn't cause huge economic losses, and in many cases went unnoticed by the PC owners themselves. But it does illustrate the basic point: hacking into your computer at home is probably about stealing your bandwidth. It is not likely to result in loss of your personal and critical data. Anyone who wants to do that is going to hack into corporate computers - and into your accounts at major Web sites.