It's not official: Free email has uneasy holes
Web-based email is free and easy -- but are they safe enough for government communications? The jury is out, but there could be shortcomings in the free email services that increase vulnerability to hackers or spammers, especially when used for official communications. Vivek Sinha reports. The web of deceitindia Updated: Aug 19, 2011 10:35 IST
Web-based email is free and easy -- but are they safe enough for government communications? The jury is out, but there could be shortcomings in the free email services that increase vulnerability to hackers or spammers, especially when used for official communications.
Research In Motion, the company behind the popular BlackBerry services used for corporate email, has built itself a fortune around encryption services and proprietary servers (network computers).
Officially, Indian government employees are supposed to use similar encrypted email services provided by the the National Informatics Centre (NIC), but often prefer to use free private emails such as Gmail, Yahoo and Hotmail for their ease of use. You don't have to go to a network administrator or seek special permissions to start Web mail accounts.
Free email providers say their services are safe but experts say vulnerabilities may lie in the way users access them.
For example an easy password, such as one's own name or spouse's name could increase risks. Another is the clicking of links to websites that come over spam (unwanted) messages.
"A lot of passwords by users are actually not clever," Ronald Turner, director of TrustSphere, a Singapore-based data services firm.
"Clicking on direct links provided in spam messages are a direct invitation for malware (malicious software) into one's computer," Jagannath Patnaik, channel sales head South Asia for computer security firm Kaspersky Lab told HT. "Around 70% people who receive such mails actually click on these links."
A senior IT ministry official told HT that the firewall of NIC does not allow '.rar' and '.ext' files to land in a user's inbox. "NIC ensures that a password typed on their account page is stored and sent to NIC servers in encrypted form, making it difficult for a hacker to gain access," he said.
NIC has several safeguards for passwords.