Web-based e-mail may be exposing you to privacy and security problems you didn’t expect
Web mail is a class of web applications that allow users to read and write e-mail using a web browser, or in a more general sense, an e-mail account accessed through such an application. The Giant web mail services providers such as Gmail, Yahoo Mail and Hotmail are providing free mail services and are supposed to be very convenient, and accessible. Millions of people use them without giving it a second thought.
But second thoughts may be in order, according to security experts, privacy advocates and some Web mail users. Few consider the fact that Web mail is inherently different than POP3 e-mail. It differs in who administers it and how, in the ways it may be vulnerable to hacking, and in the type of help you can expect when you have a problem.
You may not think these differences matter. And they don’t — unless they end up biting you in the backside. For example, the most popular Web mail services are prime targets of malicious hackers. Some Web mail users run into mysterious technical problems that are never explained or solved. And most Web mail users never really know where their data is being stored or for how long — or how well it is being safeguarded.
How private is Webmail, really?
Although Webmail is often billed as a free service, the old adage “you can’t get something for nothing” definitely applies here. While you’re not giving the Webmail provider any of your cash, you are making a trade: Your personal information in exchange for the service.
It can be shocking to realize how much about yourself you reveal on the Web, particularly when vendors combine information from your Webmail account with other Web 2.0 sites, such as online social networking platforms. “You start to leave a trail of information about yourself on the Internet,” says Stephen Northcutt, president of the SANS Technology Institute. “Do you really want to get ads on burial plots because you drink, smoke and engage in unprotected sex?”
Showing others your e-mail
It’s fairly easy (if you know how) to gain access to and read others’ Webmail without permission, either legally or not, notes Jeremiah Grossman, founder and chief technology officer at WhiteHat Security Inc., which tests Web sites for vulnerabilities. “Webmail should never be considered private, ever,” he says. “It can be read in many, many different ways,” including rogue customer service reps at the e-mail provider, law enforcement with a subpoena or a national security letter, or a curious hacker sniffing packets on the Internet.