ZeroPaid.com » gmail

How to Master Email Encryption

Hannah — Thu, 09 Feb 2012 17:10:50 +0000

Keep your personal data safe by taking the time to encrypt your emails.

With the government threatening to do all kinds of things to the internet, and stories about email and phone hacking surfacing all over the world, there’s never been a better time to start protecting your online privacy. Email encryption is one way of keeping your personal data safe. Encryption services or third-party software encrypt emails by making them unreadable to anyone other than the intended recipient. When you encrypt your email, you have a public key (usually a mixture of numbers and letters) that others can use to send you encrypted email, and a private key, which you then use to decode the email. When sending encrypted email to someone else, you need to know their public key in order to keep the email secure. You can either get this from them personally, or find it by searching the online key servers. Encrypted email isn’t widely used outside of sensitive situations - such as political or business dealings - however, it can help protect your personal and financial information from prying eyes. Below are some of the tools you can use to encrypt your email and protect your personal privacy. Hushmail Hushmail is a stand-alone email service that enables users to send and receive encrypted emails through their Hushmail address. If you are new to the concept of encryption or aren’t very tech-savvy, Hushmail does all the leg work for you: once you’ve set up a Hushmail account, all you have to do is remember your passphrase. Enigmail (Thunderbird) Enigmail is a plug-in for Mozilla’s Thunderbird email application. Once you’ve downloaded the extension, create your public and private keys, and a passphrase. You can also generate a revocation certificate, which invalidates your public key in the event that your private key is compromised. Gmail Encrypt (Firefox) The Gmail Encrypt extension for Firefox only works with Gmail accounts, and you need to install Greasemonkey before you can use it. Once installed, the extension works in a similar way to Enigmail: you create public and private keys, as well as your own passphrase to access the Gmail Encrypt service. GPG (Apple Mail) This open-source plugin for Apple Mail encrypts, signs and verifies emails sent and received through the Apple Mail client. The plugin is compatible with Lion and has an integrated update mechanism, which means you automatically receive GPG updates using Apple’s software update system. GnuPG and PGP GnuPG and PGP are two types of software you can download onto your hard drive. After installing the software on your computer, you can use it to create keys and encrypt messages sent through certain email clients. Email encryption only works with the computer on which you have installed the encryption software, add-on or plug-in. If someone sends you an encrypted message through Gmail and you try to read it on your phone or another device, you won’t be able to decode it. Although it’s not impossible to decode an encrypted email, using this service will help secure your personal information. To make your email encryption as fool-proof as possible, always check the recipient’s public key before sending - if you get the key wrong, the information inside the email could end up in the wrong hands. Some encryption services don’t encrypt the subject line so include sensitive information only in the body of the email. hannah@zeropaid.com

How To: Find Out if Your Gmail Account Has Been Hacked

Jared Moya — Wed, 18 Jan 2012 22:48:03 +0000

Several handy tips for discovering if your Gmail account has been compromised by hackers.

Hackers are always trying to gain access to the email accounts of unsuspecting users, and unless you're vigilant it can have disastrous consequences if they're successful. Email providers like Google, for example, provide ever expanding storage space in which tons of emails containing sensitive personal information can be stored. A hacked email account can also be used to reset passwords for third-party sites like Amazon.com, eBay, or your financial institution, leading to the leak of sensitive banking information, credit card numbers, purchasing history, and more. Hackers can use Gmail's contacts list to wage phishing attacks on friends and family members in your name. For many the breach can go unnoticed for some time as we take it for granted that our email account is safe and secure. "It could never happen to me" seems to be a common refrain, but we forget that many times we're logging into our Gmail accounts from unsecure locations like coffee shops and libraries where hackers can easily sniff Wi-Fi traffic and pick up user names and passwords. If you suspect your Gmail account has been hacked or just want to make sure it hasn't I'll run through the steps necessary to find out for sure. I'll also go over how to make your Gmail account even more secure to prevent future hacks.

Go to "Last Account Activity"

Beneath the right-hand part of your Gmail inbox you'll see the words "Last account activity" and a link for "Details." Select "Details."

Check Your Recent Login Activity

In the screen that appears you'll see a list for all the "Activity on this account." It'll list your login sessions by "Activity Type" (browser, mobile, POP3, etc.), IP address, and the date and time your account was accessed.

Verify Correct IP Address Access

Does anything look suspicious? Did you access your Gmail account with a mobile device at 4 o'clock in the morning, for example? How about the IP addresses? If you see more than one you'll want to make sure their from the places you've accessed your account, or at the very least from the right city and country. Not sure what the IP address is for your location? It's listed at the bottom, "The computer is using IP address 'xxxxx' (Country (State/Province))." Does it match with what's listed above it? Google offers a free IP address lookup option; simply type "what is my IP address" in the browser. Check to make sure the numbers match up (keep in mind proxies, VPNs, etc. will distort the results).

Check for Concurrent Activity

The activity information screen will also tell you if your account is open in an another location. If it is select "Sign out all other sessions" and change your password immediately just in case.

Change Your Password

The days of using basic words or phrases are over. Gmail crackers using simple Dictionary attacks have made it easier than ever before to hack your account. A quick tip for creating secure and memorable passwords is to combine two or more words.

cat + dog = cdaotg.

Sprinkle some numbers and capital letters in there to be even safer.

CAT + dog + 491 = Cd4Ao9Tg1

Good luck trying to hack a password that's "Cd4Ao9Tg1."

Check Authorized Sites, Apps, and Services

I know of friends that have had their Gmail accounts compromised repeatedly, and all have failed to check what sites, apps, and services have been granted access to their accounts. Go HERE and check to see what is listed. Select "Revoke Access" for anything you've never heard of, or simply no longer want to allow access your to your Gmail account. The few the better is my motto. Stay tuned. jared@zeropaid.com | @jaredmoya

Google+ Launches Pages Feature Of Its Own

Jared Moya — Mon, 07 Nov 2011 19:09:25 +0000

Move makes social networking site more competitive with Facebook's longstanding Pages feature, though difference is that the pages you create will only be accessible by your the "circles" you select.

Google+ is certainly giving Facebook a run for its money. From games to enhanced privacy features it's been pulling out all the stops to become the number one social networking destination. One thing that it has lacked is Pages, the Facebook feature that allows users to connect with another to promote a brand, idea, or person, place, or thing. It's something that has been lacking on Google+ until now. Today Google+ announced the launch of a Pages feature of its own that it calls a "new way for you to build relationships with the things you love." Similar to Facebook the pages can be created according to several categories: Local business or place; product or brand; company institution or organization; arts, entertainment or sports; and other. But, the similarities end there. Unlike Facebook you can create a page with privacy restrictions limited according to a desired "circle" of sharing. In this way you can create a page for your favorite local football team that perhaps only you and your extended circles can see and discuss. If that weren't interesting enough you can also take advantage of Google+'s "hangout" feature" so you can start face-to-face conversations regarding the page. To use the local football team example once again, what could be more cool then having a place to dissect a recent game? You could use the page to have face-to-face talks about the game with contacts anywhere in the world! Now unfortunately the "Create a page" feature isn't yet available to everyone, but you can take a sneak peek at what Google's done with the Gmail page it created. "When you add the Gmail page to your Google+ Circles, you'll see updates from our team, including launches, tips and tricks, and more," writes the Google team in a blog post. "You'll be able to discuss those updates with other Gmail users in the comments on the posts. Mention +Gmail when you share your own tips -- if we see a really stellar tip, we might reshare it. We’re also planning to hold regular Hangouts, so you can shoot the breeze with Google community managers, engineers, product managers and designers." Think of the possibilities! Stay tuned. jared@zeropaid.com

Google Announces Offline Option for Gmail, Calendar, and Docs

Jared Moya — Wed, 31 Aug 2011 13:51:21 +0000

Adds offline support features for the three vital productivity tools so that you can perform tasks on the go even if you lack an Internet connection.

Google has announced the launch of new offline support for gMail, Google Calendar, and Docs, allowing users to update, create, and access infromation when an Internet connection is otherwise unavailable.

"The great thing about web apps is that you can access all of your information on the go, and we’ve introduced ways to use Google Apps on a variety of devices like mobile phones and tablets," the company said in a blog post. "But it’s inevitable that you’ll occasionally find yourself in situations when you don’t have an Internet connection, like planes, trains and carpools."

So how they do you get started suing the new features?

For Offline GMail you'll need to download and install the new Gmail Offline app from the Chrome Web Store. The HTML5-powered app was created to support offline access, allowing mail to be read, responded to, searched and archived without an Internet connection.

It sports a streamlined user interface based on Gmail’s popular web app for tablets, and provides a quick response time with a pure, email focused experience.

After you install the Gmail Offline app, you can continue using Gmail offline by clicking the Gmail Offline icon on Chrome’s “new tab” page.

For Offline Calendar and and Offline Docs just click the gear icon at the top right corner of the web app and select the option for offline access.

To get started with Offline Docs you'll be prompted to enable offline mode, then you'll be asked to install the Google Docs extension for Chrome.

"Today’s world doesn’t slow down when you’re offline and it’s a great feeling to be productive from anywhere, on any device, at any time," adds Google. "We’re pushing the boundaries of modern browsers to make this possible, and while we hope that many users will already find today’s offline functionality useful, this is only the beginning."

As an avid Google fan it's welcome news.

Stay tuned.

jared@zeropaid.com

Breaking: Multiple Activists and Members of the Pirate Party Arrested

Drew Wilson — Fri, 07 Jan 2011 23:55:29 +0000

ZeroPaid has just learned that multiple web activists and members of the Pirate Party have been arrested in the midst of free speech protests in Tunisia recently. The arrests come as the war over free speech heating up in the country.

In the midst of the Tunisian government crackdown on online dissent, multiple members of the Pirate Party, along with free speech activists within the country, have been arrested. Al Jazeera recently profiled the online wars detailing some activists being hit with phishing sites, hacking and government censorship. According to the report, back in April last year, over 100 blogs have been censored by the government. On Monday, some activists were locked out of their Gmail and Facebook accounts. Activists blamed the Tunisian Internet Agency for the hijacking. "I think it is high time for Facebook and Google to take serious steps to protect Tunisian activists and journalists," Sofiene Chourabi, a journalist for Al-Tariq al-Jadid magazine and blogger told Al Jazeera. "My personal account on the Facebook, including around 4200 friends, was exposed to failed hacking attempt last Friday, but I quickly recovered it after an unidentified person had taken control of it," he said. Stefano Hesse, Facebook's head of communications, said that they were not censoring any content. "One thing needs to be clear: we, as Facebook, are not censoring any content, and we had not been approached by the local government in order to do anything regarding anyone," Hesse said. While a few may be recovering their content, others appear to not be so lucky:

Another activist who was caught in the phishing campaign is a Tunis-based man, who goes by the name of Azyz Amamy in the online world. Amamy told Al Jazeera in a phone interview that his Facebook and email accounts had been hijacked on Monday. Amamy was able to recover both accounts within two hours, after Facebook and Gmail responded to his request. The difference is that he had retained control of a separate email account with which he had registered both accounts. Two hours was enough time for the authorities to get the login information for his four blogs from his email accounts, deleting all the content.

Now, we're learning today, that things have escalated. Shortly after these interviews were conducted, a number of Pirate Party members and online activists were arrested. Pirate Party International issued a press release on the issue:

On the 6th of January 2011, blogger and activist Hamadi Kaloutcha, and rapper "El General" (real name: Hamada Ben Aoun) were arrested by the police for questioning. Later that day, Azyz Ammami, Slim Amamou and Slah Eddine Kchouk, graduate students and members of the Pirate Party of Tunisia were also arrested. To date, no formal arrest warrant has been filed against them and there has not been any news regarding their current situation.

Pirate Parties from around the world condemned these arrests, saying that the actions of the Tunisian government were deplorable.

Pirate Parties around the World condemn these acts against freedom of expression, human rights and democracy, and call upon governments take firm action against Tunisia for these recent events. Party members are advised to refrain from visiting Tunisia until the human rights situation has improved.

What will no doubt be interesting is how world governments will react to these latest events. Will these governments take action against Tunisia for these arrests or will they stand by silently? It's hard to say at this point. Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

RIAA: Google’s China Hack Ought to Make it Help Fight Piracy

Jared Moya — Fri, 26 Feb 2010 16:44:42 +0000

RIAA CEO Mitch Bainwol makes the extraordinary leap in thought by comparing hacker attempts to steal source code and spy on the gMail accounts of human rights activists to the RIAA's battle with illegal P2P.

The RIAA is always good for a few laughs, oftentimes going to extreme lengths to try and convince the public and businesses alike that P2P is the scourge of the Earth. A casual example occurred just the other day when it and the MPAA jumped at the chance to reiterate the FTC's warnings to 100 unnamed organizations that personal information, including sensitive data about customers and/or employees, is available in on P2P networks, emphasizing the fact that the "abuse of P2P technology" is putting people at risk. However, the latest and greatest op-ed released by the RIAA has to take the cake. In it Bainwol tries to intertwine the recent attempted hack into the gMail accounts of human rights activists and theft of the company's source code, which it dubs as intellectual property in the same vein as music, with its efforts to fight intellectual property "theft" on P2P networks. "In texting parlance, Google has finally had an OMG! moment when it comes to intellectual property," he writes. "Unfortunately, it took this theft of their IP to flip on the switch. Frankly, Google has never been very warm to the idea of copyright protections. Google routinely has sided with the “free access” (more aptly the “free of charge”) crowd against those who actually create the intellectual property." Never mind the fact, as Techdirt's Michael Masnick points out, that the stolen source code was never meant for sale or public consumption unlike the tracks and albums the music industry is having an increasingly tough time convincing people to buy in a crowded entertainment marketplace. He even takes a swipe at its Google Books project whose sole purpose is to make knowledge more accessible to all, upset that some authors may not be able to profit as much from their works as they have in the past. "Remember the Big G’s idea to digitize every book in the world and put it in their digital library? That went over so well that Association of American Publishers and the Authors Guild of America sued to stop Google from creating the virtual library. Google argued that they were just trying to make the world a better place by making important works of literature available to people all over the globe," he adds. "A rather egalitarian idea (unless you’re the authors and publishers who depend on people actually buying books in order for you to make a living)." I doubt that many authors would have seen a diminished income from its plan, and in fact Google has already reached a $125 million dollar settlement deal with authors and publishers in exchange for the right to make millions of books available to the public. But, the choice of argument makes one wonder if the RIAA is then against "egalitarian" ideas like increased access to, and this is in his own words, "important works of literature?" I can think of nothing more damaging for the RIAA to say, and truly makes it look more narrow minded than ever. Worse still, Bainwol thinks that the record labels' failed business model is even in the same league as Google's. If that's the case then why is the latter's profits soaring while the RIAA's is declining? "Like our friends at Google, we fully support the adoption of broadband and the new and exciting opportunities it provides for consumers to enjoy movies, television programs and music. We in the IP industries couldn’t live without these amazing technologies. In fact, digital accounts for a greater percentage of music industry revenues than movies, books and newspapers combined. We are partners with technology companies in the fullest sense of the word," he writes. Oh really? The same group that's pushing for ISP-level content filtering and "three-strikes" legislation is on the side of technology and consumers? It only likes either so long as they mean more profits. Bainwol also makes the same tired argument that physical and digital theft, commercial and non-commercial, are the same, and that it's doing all it can to give consumers what they want. "Yet there is no question that despite our extensive and innovative offerings of legal content, the levels of online and physical theft around the world extract a profound toll," he writes. "That activity has a direct and harmful impact on American jobs and our economy. And as Google has found out, this illegal activity is exacerbated by the unwillingness of some—including some businesses and even some governments—to take reasonable steps to address these problems." First of all, the RIAA has no "extensive and innovate offerings of legal content" that I can think of, and it regularly interferes with individual efforts to make that leap by demanding huge upfront cash payments and large percentage of profits. Second, there is a very real difference between physical and digital theft. The former is done for profit and the latter is not. An illegally downloaded song or album also doesn't always mean a lost sale, and in fact, oftentimes means an increase in legal music purchases. Third, China's protection of its "hacker soldiers" is wholly unrelated to our own govt's unwillingness to enact the sort of "three-strikes" and filtering legislation it has long sought. It oddly wants us to stifle the flow of thoughts and speech by using the example of communist regime's attempts to do just that as its reason why we should. Talk about idiotic. But, I guess we've come to expect nothing less from a hair-brained organization like the RIAA. It's been 10yrs and it still hasn't managed to realize the music industry world is round after all. Stay tuned. jared@zeropaid.com

LimeWire 5.2 Lets You Share with Facebook Friends

Jared Moya — Thu, 23 Jul 2009 16:17:25 +0000

Import contacts from Facebook along with gMail and other domains for private file-sharing of music, videos, pics, and more.

LimeWire v5.2 has officially launched and it adds new features and functions that make it worth a second look from file-sharers who may have left the once popular P2P program for faster and safer applications like BitTorrent.

It now allows you to import contacts from Facebook, gMail, and other domains and thereby create lists of people with whom you want to share content like music, videos, pics, programs, etc..

LimeWire v5.2 makes file-sharing with friends much easier, especially with those who are less than tech savvy when it comes to P2P. It requires they run LimeWire too of course, but it doesn’t require elaborate setups like port forwarding, etc.. Simply start it up, login, drag and drop files to share, select who you want to share with, and you’re done.

More than anything, it makes for a safe and secure way to share content with family and friends.

The Facebook feature also means you can communicate via the social networking site about a particular song or album you heard and really liked for example, and then make available to those who want to check it out for themselves.

Stay tuned.

jared@zeropaid.com

DOWNLOAD LIMEWIRE v5.2

Gmail Users are Younger, Richer, Good in Bed

Jared Moya — Fri, 11 May 2007 14:54:47 +0000

Unsurprisingly, perhaps, the latest stats show that Gmail users skew younger and richer than those on Yahoo Mail and Hotmail.

Gmail opened up to all comers in February, with Gmail’s market share of US visits climbing 17% from February 2007 to April 2007. However, Yahoo Mail and Hotmail are still much bigger by comparison, says Hitwise: Yahoo had 13x the market share, and Hotmail had 6x the marketshare of Gmail.

The good news, if you’re a Gmail user, is that you may be part of the elite: while Yahoo and Hotmail users are decidedly average, Gmail users tend to be young, have a high income, and be early adopters of technology. 54% of users are between 18 and 34, while 18% have an average annual household income between $100,000 and $149,999 (compared to 15% for Hotmail and 13% for Yahoo Mail). Another stat, probably related to the young age of GMail users: they’re more likely to be Facebook users than those on the other services.

New mobile GMail app looks, feels like PC interface

Jared Moya — Thu, 02 Nov 2006 16:06:03 +0000

GMail for mobile devices just got an upgrade with a new version of the official GMail Mobile Java application. This iteration is supposedly faster and acts more like the browser interface you’re used to from your PC, compared to older versions.

Available for over 300 models of Java-enabled phones, smartphones, and PDAs from gmail.com/app, the new applet will start shipping preinstalled on phones from Sprint/NexTel, T-Mobile, Cingular, and BellSouth in the near future.

First impressions around the Orbiting HQ boil down to “cool, this is good if I remember to check it, but I wish it told me when I had new mail.” The application does look and feel a lot like the PC browser GMail, but fails to use new mail notification features—at least on BlackBerrys.

It’s also a lot faster than going through the phone’s browser to gmail.com, mostly thanks to a prefetching feature that preloads the first ten messages in your inbox for instant access when you click on them. If you’re worried about bandwidth issues, that prefetch mode can be turned off. Functionality has been streamlined too: archiving a message used to take 11 clicks in the old Java client, but now takes just two.

READ REST OF STORY

Google MP3 Player found in GMail

Jared Moya — Wed, 23 Aug 2006 19:34:24 +0000

A new GMail feature lets you play MP3 files right inside the GMail interface without having to download the MP3 or open an external media player.

When you receive an audio file as an email attachment, click the play button and Google will play the audio file for you in a popup window. Very neat implementation (see screenshot)

Now digging into the GMail Mp3 player code, I discovered that it’s actually the Google video player that’s playing the audio file. Infact, you can play any MP3 files from the embedded Google Video player without even having to login to GMail. Here’s the secret URL (works perfect in Firefox)

http://mail.google.com/mail/html/audio.swf?audioUrl=MP3_URL

Replace the MP3_URL with the actual location of the MP3 file on the web and play it inside Google Video. Odeo, take note. Google is entering your territory.