Email is NOT an inherently secure method of communication. Although most of the popular webmail providers now utilize HTTPS connections by default, that still doesn’t mean that your provider does not have access to your message’s contents.
Since most of us now access email through web clients, it would be beneficial to have a way to utilize the convenience of a webmail account, while having the assurance that our correspondence was more secure. If you are a Gmail user, you can try the previously covered SafeGmail, but what if you use another webmail provider?
Mailvelope might be a viable option.
Mailvelope is an extension for Chrome and Firefox that offers free, OpenPGP encryption for many popular webmail providers, including Gmail/Google Apps, Outlook, and Yahoo!. Once installed, you generate your own public/private key pair within the extension’s preferences. After key generation is complete, you will now see a lock icon in the compose window of your webmail provider. Click it to encrypt the contents of your message.
Once your receive an encrypted message, the process will work in reverse. Simply click the lock icon, again, to initiate decryption and enter your password. The Mailvelope service will search your keys to find the appropriate match and decrypt your message.
Keep in mind that no security solution is perfect. If you’d like to explore more about PGP encryption and what Mailvelope can and cannot do, please head on over to their help guide.
With concerns about government spying seemingly at an all-time high, a new iOS app allows users to make secure phone calls from one iPhone to another at no cost.
Signal is a new, open-source software application for the iPhone that was released this week. It allows iPhone users to easily make calls — over Wi-Fi and cellular data networks — that are end-to-end encrypted for complete privacy.
The app, which uses the popular open-source ZRTP protocol for voice communication, uses the users’ cell phone number as a login with SMS text verification. There is no password or login required, and the app pulls contact information from the iPhone’s own address book for a more seamless experience.
By default, only users who have already downloaded Signal will show up in the contacts list. However, placing a call to others will send a text message that prompts them to download the free app.
To assure that the call is secure, users are shown a pair of code words on their iPhone’s screen at the start of a Signal call. If the words are the same to both users, it means a secure connection has been implemented. Were the conversation intercepted by a third-party, the words would not match.
Signal is able to make calls to other iPhones using this app, plus Android devices running RedPhone, a similar app for Android devices.
Currently, the app can only make voice calls, but the company says it’s planning a secure text communication component later this year that will be compatible with TextSecure, a secure texting app on the Android platform.
Both TextSecure and RedPhone are made by Open Whisper Systems, the same company that makes Signal, and it said that both apps will be combined into a single Signal app on Android as well. There is also a browser extension being developed.
During testing, the voice quality of Signal was similar to a normal phone call, though with the added benefits (and negatives) of other VoIP calling services. All calls are free, even when made between international destinations.
For business customers looking to ensure that their calls are kept private, particularly when traveling overseas, Signal could be a great solution. The (relative) ease of setup, along with automatic and password-free logins make this a fairly seamless solution for the security-minded user.
Signal uses Apple’s iOS push notification system to notify the user of incoming phone calls, which saves battery life and keeps the app from needing to run constantly in the background.
Of course, there is never certainty when working with allegedly secure communications platforms, but the open-source Signal is open to investigation by security specialists.
The ZRTP protocol is also used by Silent Circle, a similar encrypted text and voice calling app. However, it charges users $20 (USD) per month, while the Signal app is free.
How do you make secure calls on your iOS device? Let us know in the discussion thread below.
Demo mode is designed for windows but will also work on MACs. This is not something supported by Cisco or found in there docs. It is more of a hack, but a useful one for those (like me) that don’t like to run fusion on their MACs. Here is how you get it to work on a MAC running Lion:
-First, On your MAC install the ASDM launcher by connecting to an ASA via a web browser and clicking install launcher.
-Second, download and install ASDM demo .msi on a Windows PC.
-Next, Copy the Demo folder contents from C:\Program Files\Cisco Systems\ASDM to your MAC.
-On your MAC, open the folder the launcher app is in (usually applications\Cisco) and right click on the launcher app. Now click show package contents
-A new finder window will open. Navigate to /Applications/ASDM/Cisco ASDM-IDM.app/Contents/Resources/Java/demo
-Finally, copy the contents of the windows demo folder into this folder. Now Mac launcher demo should work great!