[CS-FSLUG] Why Don't ISPs Offer Secure POP Connections?, Vol 102, Issue 12

Don Parris parrisdc at gmail.com
Tue Aug 21 12:55:33 CDT 2012

On Tue, Aug 21, 2012 at 11:06 AM, Georges Rodier
<georges.rodier at gmail.com>wrote:

> Le mardi 21 août 2012 à 07:36 -0500, christiansource-request at ofb.biz a
> écrit :
> > Subject: Re: [CS-FSLUG] Why Don't ISPs Offer Secure POP Connections?
> > Message-ID:
> >         <CAJ-7yo=K5bwYBgdw=Rm-WQdrcNfbPfX=OmB36hXzK=
> SkTqOePg at mail.gmail.com>
> > Content-Type: text/plain; charset="iso-8859-1"
> >
> > David, Gmail is secure in the sense that you have an encrypted
> > connection when you use it.  The point of my blog post is that many
> > people connect to their ISP's POP server by sending their password
> > *unencrypted* across the Internet - plain text for anyone to see.
> > Privacy is a separate issue, even if a bit intertwined.
> >
> > :-)
> Over the Internet? Doesn't the word "Internet" suggest travel across two
> or more Internet ISP's and/or other domains?
> When I connect to MY ISP POP server(s) am I not staying within their
> domain? My ISP is a cable company and I use one of their modems to
> connect to one of their POP servers using their hardware and wire.
> Don't get me wrong, I too would prefer a more secure connection which,
> to some degree I believe, I have when I use my ISP's webmail service to
> connect to my local eMail accounts.
> Not all users have the knowledge and skill to set up and manage their
> own eMail servers. What do you recommend they/we do?
> GR
> Georges, perhaps you should read my actual blog post, where I actually
explained how to mitigate the risks of sending your password unencrypted to
the mail server.

I will say it this way.  If you can see your own password, anyone else can
see your password too.  The connection between your home or office and the
ISP's mail server is NOT protected.  That would be a fatal assumption.
Once that packet containing your password leaves your firewall, it can be
"intercepted".  You may never know that this interception occurred.

D.C. Parris, FMP, Linux+, ESL Certificate
Minister, Security/FM Coordinator, Free Software Advocate
GPG Key ID: F5E179BE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ofb.biz/pipermail/christiansource_ofb.biz/attachments/20120821/3f55bd04/attachment.htm>

More information about the Christiansource mailing list