web-based mail: attached docs show text

Discussion in 'Computer Security' started by 12345, Sep 1, 2007.

  1. 12345

    12345 Guest

    i noticed readable text from attached doc in proxomitron log window. i had attached
    via the method in web-based email. this service can https between me and their
    servers, but I wasn't using the https option.

    even if i send to them via https, they then send the mail via regular smtp to the
    recipients mail server. and then I assume usually the mail goes to the recipients
    computer by regular smtp. so there are two sends that are likely easily readable.

    I hadn't realized text in a word processor doc 'attached via webmail' could be read.

    here's the potential problem (I think):
    if i were to email docs to insurance, or credit businesses, I'd be sending sensitive
    info. If they have a https page setup, then hopefully the "attachment" method
    (scripts, and??) are also secure. but if customer phones company's representative
    for special reasons, they may end up doing "custom interactions" via email.



    AFAIK (perhaps more due to luck of convenience?) I haven't exposed myself to ID
    theft.

    the "worst" privacy risk of attachments I've mailed has been resumes. they contain
    my name, address, phone number. also some work history info, of course.

    i've sent more sensitive documents during "custom interactions" to insurance
    companies and similar. But, I've sent to these recipients rather rarely, and via *fax*.

    only once did I email an attachment compressed with password. (because
    computer's fax wasn't working). I phoned immediately afterwards. the rep
    responses suggested that they normally didn't need a password to open
    customers' email attachments. (I didn't think to ask about this. i just wanted to give
    the rep the password by voice.)


    So... I think the resume problem is a sticky problem because it suffers from social
    convention: job seekers usually play a "beggars" role, while employers have little
    interest in protecting applicants' privacy.

    _________

    If sending anything sensitive to relatives, i always compress with password. (most
    of these are image scans, so aren't easily readable as text anyway)
     
    12345, Sep 1, 2007
    #1
    1. Advertisements

  2. 12345

    Sebastian G. Guest


    What the? You're using web-mail.
    Beside that, you're a dirty address faker.
     
    Sebastian G., Sep 1, 2007
    #2
    1. Advertisements

  3. 12345

    8os.8 Guest

    esl, but thanks
     
    8os.8, Sep 2, 2007
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.