Gmail
- Thread starter Squiggy
- Start date
rrfield said:
The time to sit and read everything? No, probably not. The time to scan everything for certain words or phrases? You bet they do. Along with the ability to read whichever ones they want, randomly. My point is simple, people think email is secure, it's not.
Want to read something really scary?
http://www.fbi.gov/congress/congress00/kerr090600.htm
Professur
Well-Known Member
PuterTutor said:
And don't forget that every word of your emails goes through their server, so they could scan every single word of every single email. That's why the smart people use PGP. Even if they have your key, they'd have to decode every message before scanning it. That jumps the possibility of scanning every single word of every single email to near impossible. They'd have to have a damn good reason before they'd dedicate that level of horsepower to the job.
rrfield
New Member
PuterTutor said:
I'm aware of Carnivore and how it's been ruled constitutional using the Patriot Act and old wire-tap laws, despite e-mail being a packet-switched technology while phones are circuit-switched. The wire-tap laws should not apply to e-mail because of how traffic flows in a packet-switched network as compared to a curcuit-switched network, etc. etc...
Unless an ISP has been ordered to do so I don't think they are going to scan every e-mail. It's too time consuming. I work in an IS department in a company with just under 500 employees. We have three of them fancy e-mail servers. Setting up a program to scan e-mails for certain words is not very hard to do. Now, consider the output. We have filters setup to catch spam and viri. Everytime this happens, the program sends an e-mail to a specified address. Guess how often this gets checked? Almost never, the volume is way too high to justify doing this, it could be a full-time job.
Now consider an ISP, potentially with thousands of subscribers. How many people are they going to assign to reading the output from these filters if they aren't required to by law? The ISP is not going to waste money paying someone to sit and read two sports fan's chatting about a football game ("I can't believe he caught the bomb!") or a farmer e-mailing his manure supplier unless they are forced to by a gov't agency.
They have the cabability to read random e-mails, sure, that's easy. I could read any e-mail that comes through our network with no trouble at all. Do I? No, I have too much other stuff to do; my bosses would be pretty pissed off if I wasted time doing that. Why would an ISP be any different?
Frozzy is right that they could just as easily scan for encrypted messages. PGP, however, is exactly what it says...pretty good. Not 100%, not great, pretty good. It can be broken. Any encryption CAN be broken. DES has recently been cracked. AES and 3DES have not, but that doesn't mean they won't be.
Frozzy
New Member
Actually, it would be just as dodgy from the ISPs perspective if you continuously churn out encrypted messages.
Having said that, if they decide to check an encrypted message, then realise it's just the sender being rather fussy about not encrypting, I'm sure the ISP would be more likely to turn a blind eye to it in future.
Having said that, if they decide to check an encrypted message, then realise it's just the sender being rather fussy about not encrypting, I'm sure the ISP would be more likely to turn a blind eye to it in future.