Mail-Dienste sehen alles

“Die elektronische Post kam mit kostenlosen Diensten in Mode. Für sie zahlen Kunden nicht in harter Währung, sondern akzeptieren Werbung und meist auch die Verwertung der aus ihren Daten gespeisten Kundenprofile.” Mittlerweile bekannt gewordene Abhörpraktiken der NSA rücken immer mehr auch Fragen nach der Sicherheit von E-Mails in den Vordergrund. Die Stiftung Warentest hat 14 Provider unter die Lupe genommen: Als Testsieger gehen Mailbox.org und Posteo hervor.
www.test.de

The most wanted man in the world

“The question for us is not what new story will come out next. The question is, what are we going to do about it?” James Bamford interviews Edward Snowden, who regards the use of strong encryption in your everyday communication as a viable means to end mass surveillance.
www.wired.com

Also watch United States of Secrets, a two-part series detailing how the US government came to monitor and collect the communications of millions around the world.

How to remain secure against NSA surveillance

“The NSA has turned the fabric of the internet into a vast surveillance platform, but they are not magical. They’re limited by the same economic realities as the rest of us, and our best defense is to make surveillance of us as expensive as possible.” Bruce Schneier works on the assumption that the NSA is able to decrypt most of the Internet.
www.theguardian.com

On the same subject, David Meyer felt moved to pen an open letter titled ‘Dear stupid, stupid NSA’.

Anonymous speaks: the inside story of the HBGary hack

“I’ve talked to some of those who participated in the HBGary hack to learn in detail how they penetrated HBGary’s defenses and gave the company such a stunning black eye—and what the HBGary example means for the rest of us mere mortals who use the Internet.” Peter Bright’s story may be a couple of years old, but it still makes for an interesting read and tells you what not to do.
arstechnica.com

Redirecting mail for the local root user

postfix is Ubuntu’s default mail transfer agent (MTA) and can be configured to deliver mail using a relay host that requires SMTP authentication. Get the necessary packages with the following command:

user@ubuntu:~$ sudo apt-get install postfix bsd-mailx

Begin to configure your postfix installation by choosing satellite system as the general type of configuration. Enter the local machine name as the mail name (eg mycomputer.edafe.org) and the SMTP server address of your email service provider as the SMTP relay host (eg smtp.relayhost.com). Edit the file /etc/postfix/main.cf and add the following:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous

Create the file /etc/postfix/sasl_passwd and make the following entries:

smtp.relayhost.com user:password

Substitute smtp.relayhost.com with the address of the SMTP relay host and user:password with your login details. Continue by executing the following three commands:

user@ubuntu:~$ sudo chown root.root /etc/postfix/sasl_passwd
user@ubuntu:~$ sudo chmod 600 /etc/postfix/sasl_passwd
user@ubuntu:~$ sudo postmap hash:/etc/postfix/sasl_passwd

Instruct postfix to reload its settings with the following command:

user@ubuntu:~$ sudo /etc/init.d/postfix reload

Making changes to the alias table

The aliases table provides a system-wide mechanism to redirect mail for local recipients. Edit the file /etc/aliases to contain the following entries:

postmaster: root
root: localuser
localuser: user@yourdomain.com

The localuser is the system administrator. Substitute user@yourdomain.com with the email address that you would like mail for the root user to be redirected to. Finally, update /etc/aliases.db using the following command:

user@ubuntu:~$ sudo newaliases

Mail for the local root user from now on will automatically be forwarded to user@yourdomain.com , using smtp.relayhost.com as the relay host.
www.postfix.org, help.ubuntu.com

Still sending naked email?

“In a world of repressive governments and a growing reliance on insecure networks, there’s no way anyone can be sure their most sensitive messages aren’t intercepted by the forces of darkness. But you can make it mathematically improbable that all but the most well-funded snoops could ever make heads or tales of your communications.” Use Dan Goodin’s step-by-step guide to email encryption and keep your communications private.
www.theregister.co.uk