Print
Discuss
Send to friend
RSS feedsIf you've received an email from me over the past couple of weeks promising you untold riches, I'm sorry to inform you that it wasn't me at all. I've been the latest victim of some low-life scammer based in Nigeria (why is it always Nigeria?), using my name and that of a magazine I used to edit (PC Magazine) to try to entice victims in the US and Canada to help him get a vast sum of money out of Canada.
The fake emails give a valid UK address plus phone and fax numbers (no, I haven't rung them), and so I forwarded the emails straight on to the Metropolitan Police's e-fraud unit - you can find the email address at the first web link below.
I'm sure most of you have received similar emails, often containing viruses or phishing scams, after trojans have raided address books on PCs. I even get such emails apparently from myself, which usually gives my anti-spam software a nasty migraine.
It would be great if the senders of emails could be verified so that you were certain of their identity - all I want to do is make sure that the email from my boss promising to treble my salary really has come from him and isn't another clever phishing trick or virus-laden spoof email.
And of course that's what public key infrastructure (PKI) encryption systems are all about: you have a private encryption key and one that you make public. Once the recipient has your public key, they can decrypt email you've encrypted with your private key. But I certainly don't know anyone who uses these systems for regular email - they're not the most user-friendly things to implement.
Recently, however, I've been trying out a new product that might help, even for cryptographic illiterates such as myself.
Ciphire is the brainchild of chief executive Errikos Pitsos and his team of crypto-heads in Germany and Zurich, and it attempts to break through the usability barrier of PKI by wrapping a powerful service up in a simple client program. The aim of the system is to avoid the need for the manual distribution and verification of encryption keys. It's still officially in beta, and so is currently free for everyone - see the second web address below.
When the commercial version launches it will still be free for private, educational and nonprofit use. Ciphire says it eventually plans to offer standalone gateway and proxy servers.
I know pretty well nothing about encryption, yet the client application is easy to set up and sits in the system tray doing its job without a great deal of fuss. It's also managed to stay friends with my antivirus and anti-spam programs, which is quite an achievement considering they're usually at each other's throats.
Most SMTP, POP3 and Imap4-based email clients are supported, and there are even Linux and Mac OS X versions available. IT managers will also be pleased to know that Exchange and Lotus Notes support is under development.
del.icio.us
Digg this
reddit!
