WAS A SECURITY BREACH BY THE FDA ..
Ok, there are several things to cover. First, if you use webmail, s/mime
> won't work, as there's no decent way to decrypt the messages in a browser.
> This is why we allow PGP, which will work with webmail.
>
> If you use PGP, it will work with a mail client or webmail.
>
> To get PGP, you go to
http://www.pgpi.org/products/pgp/versions/freeware/
> and select your operating system. Download the package, and do a custom
> install, making sure to not install PGPNet. You then follow the on-screen
> instructions to generate a key for *******@securenym.net (whatever your
> account name is). Once that's done, you upload your key to our servers by
> logging on at
www.securenym.net, and selecting Preferences/PGP Key/Upload.
> You then need to close and reopen the Preferences window, and select
> Preferences/PGP Encryption/Toggle.
>
> If you use s/mime, all you need to do is to get a certificate from
> Thawte.com (free, personal certificate). You should request the certificate
> as train@securenym.net. They send it in less than fifteen minutes.
>
> Once they send you the cert, you log in at
www.securenym.net, and select
> S/MIME Enable/Disable. This will open a screen asking which key you want to
> upload (you should only have the one you just got installed, so that's what
> you want. You'll see several dialogues, but when it's done, your key is
> installed, and all of your messages will be encrypted while the are on our
> servers.
>
> Whichever method you use, all that we're encrypting is the messages
> arriving at your mailbox. That way, just in case someone gets into your
> mailbox, they still can't see didley squat. To do this, you don't need to
> exchange keys with anyone. We don't want your private key, under any
> circumstance, so you upload only your public key.
>
> Your messages to others will still leave our servers in plain text, and
> their messages to you will arrive at our servers in the same manner. All
> you're doing is adding another measure of security at the mailbox. There
> remains no way for anyone to intercept your traffic between your computer
> and our servers, but the mailbox is a weak link if someone gets your password.
>
> If you want butt tight security, you use PGP or S/mime to encrypt your
> outgoing messages too. This requires that your recipient have the
> capability to use the same encryption, and that you and he have exchanged
> public keys perviously.
>
> The account in question was already expired, so it didn't pose much of a
> threat. This person used the same password here as he had at his ISP, and
> the ISP coughed it up. It was a simple mistake, but a bad one.
>
> All we recommend is that users take appropriate measures to cover the
> bases. Passwords need to be secure, as they're the most commonly used means
> of compromise. Birthdates, SS #'s, phone numbers, nicknames, and similar
> things are so easily guessed that it doesn't even slow them down. We can do
> everything in the world to protect our users, but it's all for nothing if
> the user isn't careful.
>
> The WORST thing in the world is to leave old messages archived in any
> mailbox. It's a disaster waiting to happen. You could help others by
> passing that information along.
>
> Admin
> SecureNym.net
BLOODLINE-Disclaimer:
STK is presenting fictional opinions and doesnt in any way, shape or form encourage, use, nor condone the use of any illegal substances in an unlawful manner. The information discussed is strictly for board game purposes and shall not be taken seriously nor shall it take the place of a qualified medical professionals advice.
SouthernTrendKiller
--KiLLDeviLLPaiN--