Today’s tip is for those who’s wondering if their bosses or some sneaky fellas can eavesdrop on their IM chats and emails online.
A while ago, a friend of mine asked the exact question, because apparently he kept losing his leads to his colleague, leading him to think that somehow his emails were leaked.
The answer is: Yes, they can.
But how do they do it? Basically, within a certain network (applicable to large networks as well, i.e. WAN, Internet) that’s connected to a larger network (Internet), there will be a gateway that acts as a bridge between them.
The point is, there is a part of the network where ALL data passes through, and this is where a packet sniffer can be installed at, if the bosses wishes to. This can apply from a small network in a small company to a large network, even ISPs. Also, packet sniffers are easily available, some are even integrated into network administration and analyzer tools, with software(s) like Ethereal (rebranded as wireshark) as a good example. You may argue that there’s just too much data to capture and monitor, and yes, you’re right, but these softwares allow the administrator (or anyone with access) to set filters; they can capture data packets containing any words or phrases that they wish. From there on, if they wish, they can set it to capture packets from any particular IP.
(click for larger image)
In addition, IMs are usually not encrypted, passing through the network in clear text. Clear text here means, whatever that you type and send in IM, is sent as it is, with no encryption whatsoever. The well known ones, Yahoo, MSN, Gtalk, all passes the data in clear text. As for emails, they’re also passed in clear text if you don’t have any third party encryption tools in place. For online banking and credit card transactions, they are mostly done through https, so the information are encrypted from your browser and the intended party. What this means is, if there is anyone looking at your online banking and credit card transaction data packets, they see gibberish.
However, even with https, it’s not exactly fully secure, a hacker with enough time and processing power in his hands can decrypt it. In the encryption world, there usually is no such thing as fully-secure-encryption technology, any encryption can be decrypted, it’s just a matter of how long it takes to decrypt it. If it’s considerably tough to decrypt, taking a certain number of processing power not available to civilians, and a certain number of years, then it’s considered “secure” and can be made available for public usage.
So, knowing all this now, if you don’t wish your bosses to sneak up on your with transcripts of your chats, do NOT discuss anything over the IM or emails about anything that you don’t wish to be reminded you said. If something could get you in trouble, legally or otherwise, do NOT discuss it over IM or email if you don’t want it to be used against you in the future.
In the next installment of this topic, I will share with you some applications I’ve used before to safeguard my privacy.. so stay tuned!
Good luck!
Asian with a new yorker attitude. Born in Malaysia and grew up in New York City. I was a shy baby, mischievous teenager, curious adult, passionate entrepreneur, smart mouth wife and now a loving mom ^_^ Had the greatest time from East to West and all around the world. Love to travel and i believe the world is just too big, don't under estimate anything. Have an open mind and you never know what it can bring or take you. When you are old, you can reminisce and said to yourself, you have done it all. Live your life to the fullest and with no regrets! This blog is about what "inspires me" and what i'm passionate about. My fusion and not so conventional ways of child care and my passion for makeup. Sharing my experience and thoughts. I'm still overwhelm that i'm a mom now and i'm an aspiring make up artist. i like to call it "baby & beauty blog
aiyoh.. so dangerous one ah???
Use skype to chat as it is encrypted