Thailand intercepting emails

[jcisco]

Buying yourself a computer and then saying on that "highly watched" device that you are some kind of activist against the US Government.... is, not very crafty.

As a rule, anti government elements usually stay off the radar. But perhaps you are actually defying them to catch you...eh?

I guarantee that if I knew your real identity and with just the minimum of searching, I could discover a wealth of information about you online, probably in less than a minute.

Lol.. hilarious.

Why don't you just have a beer with me, and learn my whole boring history. I guarantee you will regret the unenlightening experience.

On the serious side. Many scammers have been doing "identity theft", since internet came around.

The best you can do to protect yourself is to use reputable banks and websites when doing transactions. Only the foolish will do this on non private networks...(airports and such). There are naive people who give away info too quickly.

Problem is, when you look for my IP...you actually get it. Some people use VPN, or encryption with PUTTY, thinking they are safe. Machine ID and MAC numbers have a tendency to recorded. Ownership is an issue. Second hand computers are bought and sold. I do not know who actually bought my internet service here...it was not me. This is not my personal computer....I am using tight vnc on a computer in thailand to remotely control my other computer at my mom's house in the states.

Got it?

Oh come on, you made your security situation worse and use it as an example of mitigation of another set of security problems to build an image of action and understanding.

. Seriously if you have ever been tasked to verify a physical devices such as a motherboard as being authentic and secure you'd realise your examples are really commonsense. But I applaud your interest in your own personal security and that you actively try to warn others. But seriously either you are trying to dumb down to far for the punters or you don't really understand the tech.....

I'm going to give you an A over the B, but you know not all of us are clueless

[jcisco]

This will be the NSA doing what they do. They are known to have a presence in Thailand.

i think i saw some of them yesterday. they were posing as Russian tourists.

You win first prize ! You may actually be correct. Most of the "Operatives" here are non-westerners. The westerners recruit them...you see.

By the way, best place to get info is in a bar. Seriously. Loosen up a target with some Chang and start an idle conversation. Wait for others to kick in their thoughts. Write it all down, run back home, encrypt, and transmit that intel back to the Five Eyes.

Sounds childish...but you are historically correct. Even all the movies are accurate with that. Cold war stuff, actually.

I always thought best place to get info was the car..... bar car.close enough

[KamalaRider]

so if you have nothing to hide no problem ..

It's not about having something to hide, it's all about someone stealing your digital identity, like email address, FB account info, MSN subscription info, your conversations with colleagues or customers.

Selling stolen information to competitors is a lucrative business.

[IMHO]

Simple solution: use webmail over HTTPS with an updated web browser that has SSL 3.0 disabled.

[Orac]

Easy cure for all this.... get off the computer and go outside for a while. go get a beer.

But what if, while i am out getting this beer, some anonymous person says something wrong on the internet and i am not there to correct them - will the world not end?

[micmichd]

Don't panic. The world will not end because you are out for a beer. If it does for some other reason, then make sure you've got your last beer just in time.

Cheers

[KamalaRider]

Anyone who believes that you could do anything online and remain incognito is a pityful dreamer.

The internet was initially created by people for people, then was hijacked and turned into a giant funnel, where sinister forces collect data about anyone and anything. When all data that's needed is in, they will separate the weed from the chaff in one single worldwide strike. They know the mindset of each one of us, the whole life open like a (face)book, the political orientation, sexual orientation, whether or not a person is prone to violence, submissive, aggressive, easy to handle or difficult, left, right, conservative, etc...

Until now, they use this info on single influential people that became inconvenient and get them out of their way with sex scandals etc., but the day will come where we all will curse they day the internet got started. We are translucent like glass while some (cui bono?) make us believe that this is not so. You will be free only if you can manage to live off the grid completely!

It also is childish to say, "Nothing to fear if you ain't doin' anything bad or illegal!" BS I say - who tells you that art, speaking up for yourself, a certain religion, reading books, writing poems, whatever won't be illegal or contraband tomorrow? Look deep into history and you will find the future!!!!

The ones who laugh now and ridicule my reply here (what certainly will happen) will stop laughing when the $#!t hits the fan, what could happen any day now in an uncertain world like this...

Am I alone with this theory?

Sorry for nitpicking but internet was made for the military purposes and was called ARPANET, and it wasn't for public use, but later released for the public to become internet, first for the academic world and later for everyone.

There are still ways to be and become anonymous and there are still routers (binding and routing points for traffic) who still are uncontrolled by governments or companies.

Edited November 14, 2014 by KamalaRider

[KamalaRider]

What about if one is moving around and using a small mobile internet aircard from say DTAC or AIS? Do they have an IP, are they just as prone to attack and snooping as when plugged in to the wall?

They are even more exposed than a ADSL users, at least the wifi router has a firewall, if turned on.

What's most scary today is that many use their computers without an active firewall, ADSL or not.

[AyG]

There are still ways to be and become anonymous and there are still routers (binding and routing points for traffic) who still are uncontrolled by governments or companies.

I rather doubt there's a router out there that doesn't have a backdoor for either the US or the Chinese authorities to take control. And even if there were, one still has to go through one's ISP's infrastructure, which isn't secure, to get to them.

And as for ways to become anonymous, I doubt they still exist. TOR has been seriously compromised. The authorities have the computing power to break any encryption (and that's assuming the algorithms don't already contain a back door). Look at how readily the US authorities took down Silk Road, and then, within a matter of a few weeks, its successor Silk Road 2. And these were sites run by people with a very serious interest in remaining anonymous.

[slipperylobster]

Disturbing also is the fact that there are people out there like slimy lobster and joncl who think that this all is child's

Actually, I am not a "lobster" and neither am I slimy. That is the name of the sailboat I used to own, and grabbed that name for my id, as it was easy to remember...and kind of snappy. (just like my sails popping in the wind)

Problem here, my over-reactive friend, is that you overstate the obvious. George Orwell predicted all this years ago (1984). You are chasing the 12 monkeys as well. Surveillance is not wanting to know how many times you pass gas after a night of pizza and beans with your buddies. You would have to be involved in something a little more sinister than slipping a greasy condom off and throwing it under the bed in that 4 dollar hotel room.

If it isn't somebody intercepting your internet traffic, it is going to be your cellphone....or perhaps some miniature microphone attached to the back of your urinal. I would be just as concerned about getting dental work done, as everyone would be just aching to put a transmitter inside your lower ring molar....to find out how many time you chew your cheerios in the morning.

Like I said.... it is not going to get better....it is going to get worse. Tell me what your plan is? I'm listening. Do you renegades have one? Are you assembling an army of nerds with freckles to combat the intelligence communities? Well then...good on you.

[KamalaRider]

If everyone using Internet would realise how much information and for what purposes it's being used, most would probably not use Internet anymore.

[slipperylobster]

Anyone every go to the yahoo chat room about `5 years ago, and turn on the voice? Never before have I heard such a raving bunch of raving loony tunes in my life. What was the name of that movie about Government surveillance??? The one where the rookie suggested monitoring the internet for the the secret code that would disable the death ray which was about to be remotely activated from a satellite out in space. The rookie mentions..."Hey, we can catch that guy on the internet", the older (I suppose CIA/NSA guy) slaps the kid on the back of the head....and says... "Yeah right. The internet... home of the biggest morons in history." Get serious.

[slipperylobster]

If everyone using Internet would realise how much information and for what purposes it's being used, most would probably not use Internet anymore.

I would... of course just for the purpose of reading all this great stuff on Thai Visa.

[KamalaRider]

There are still ways to be and become anonymous and there are still routers (binding and routing points for traffic) who still are uncontrolled by governments or companies.

I rather doubt there's a router out there that doesn't have a backdoor for either the US or the Chinese authorities to take control. And even if there were, one still has to go through one's ISP's infrastructure, which isn't secure, to get to them.

And as for ways to become anonymous, I doubt they still exist. TOR has been seriously compromised. The authorities have the computing power to break any encryption (and that's assuming the algorithms don't already contain a back door). Look at how readily the US authorities took down Silk Road, and then, within a matter of a few weeks, its successor Silk Road 2. And these were sites run by people with a very serious interest in remaining anonymous.

Without dwelling to deep in to tech talk, there are still ways to become anonymous and there still are encryption algorithms not cracked and even if they become, that part is always progressing ahead of any national agency, but the difficulties lies in keeping up with that progress.

As soon as you have a reliable VPN connection then you are protected, still today or should I say, most probably.

You can keep your doubts for yourself, as it's quite easy for a router expert to find out if a router really have a built in backdoor.

They might be in use in the US at every company or ISP, but that's not true for the whole world.

Check out PGP as an encryption method, Zimmermann was put in jail for creating and releasing it to the public by the FBI, but he actually didn't break any law by doing so.

There are many more ways to stay safe on the Internet than personal encryption but it's the safest way.

And when it comes to computer power to break an encryption, it doesn't matter how good encryption people use, without a certificate or enough complicated private key used, it still requires massive amount of computer power to crack a 2048bit key.

[slipperylobster]

What about if one is moving around and using a small mobile internet aircard from say DTAC or AIS? Do they have an IP, are they just as prone to attack and snooping as when plugged in to the wall?

They are even more exposed than a ADSL users, at least the wifi router has a firewall, if turned on.

What's most scary today is that many use their computers without an active firewall, ADSL or not.

Not only that...but all the drones flying around are keyed in to that frequency. You could get targeted by mistake, if you have a stolen aircard.

[KamalaRider]

If everyone using Internet would realise how much information and for what purposes it's being used, most would probably not use Internet anymore.

I would... of course just for the purpose of reading all this great stuff on Thai Visa.

If we all only used internet for reading on TV, I agree with you, but sit for a while and think about how many ways in the everyday life you are using Internet, or other suppliers of services to you, uses internet.

[slipperylobster]

There are still ways to be and become anonymous and there are still routers (binding and routing points for traffic) who still are uncontrolled by governments or companies.

I rather doubt there's a router out there that doesn't have a backdoor for either the US or the Chinese authorities to take control. And even if there were, one still has to go through one's ISP's infrastructure, which isn't secure, to get to them.

And as for ways to become anonymous, I doubt they still exist. TOR has been seriously compromised. The authorities have the computing power to break any encryption (and that's assuming the algorithms don't already contain a back door). Look at how readily the US authorities took down Silk Road, and then, within a matter of a few weeks, its successor Silk Road 2. And these were sites run by people with a very serious interest in remaining anonymous.

Without dwelling to deep in to tech talk, there are still ways to become anonymous and there still are encryption algorithms not cracked and even if they become, that part is always progressing ahead of any national agency, but the difficulties lies in keeping up with that progress.

As soon as you have a reliable VPN connection then you are protected, still today or should I say, most probably.

You can keep your doubts for yourself, as it's quite easy for a router expert to find out if a router really have a built in backdoor.

They might be in use in the US at every company or ISP, but that's not true for the whole world.

Check out PGP as an encryption method, Zimmermann was put in jail for creating and releasing it to the public by the FBI, but he actually didn't break any law by doing so.

There are many more ways to stay safe on the Internet than personal encryption but it's the safest way.

And when it comes to computer power to break an encryption, it doesn't matter how good encryption people use, without a certificate or enough complicated private key used, it still requires massive amount of computer power to crack a 2048bit key.

Encrypt what...? and for why? Banks already do this for you. Most common people would enjoy privacy, but encryption just brings out even more scrutiny.

Nobody is really privy to what techniques have been not compromised. That would be highly classified.

Edited November 14, 2014 by slipperylobster

[slipperylobster]

If everyone using Internet would realise how much information and for what purposes it's being used, most would probably not use Internet anymore.

I would... of course just for the purpose of reading all this great stuff on Thai Visa.

If we all only used internet for reading on TV, I agree with you, but sit for a while and think about how many ways in the everyday life you are using Internet, or other suppliers of services to you, uses internet.

Not me. I order nothing online. I chat, send mail, and read tv. The rest is just reading news and watching videos. My bank already provides security for online use. Worked fine for me for twenty five years..without a glitch.

My mail is pretty boring...spying agencies will attest to that. Mostly letters to my elderly mom show pics of me in front of thai temples, or eating alot of weird food. No rocket formula data in it.

Edited November 14, 2014 by slipperylobster

[KamalaRider]

There are still ways to be and become anonymous and there are still routers (binding and routing points for traffic) who still are uncontrolled by governments or companies.

I rather doubt there's a router out there that doesn't have a backdoor for either the US or the Chinese authorities to take control. And even if there were, one still has to go through one's ISP's infrastructure, which isn't secure, to get to them.

And as for ways to become anonymous, I doubt they still exist. TOR has been seriously compromised. The authorities have the computing power to break any encryption (and that's assuming the algorithms don't already contain a back door). Look at how readily the US authorities took down Silk Road, and then, within a matter of a few weeks, its successor Silk Road 2. And these were sites run by people with a very serious interest in remaining anonymous.

Without dwelling to deep in to tech talk, there are still ways to become anonymous and there still are encryption algorithms not cracked and even if they become, that part is always progressing ahead of any national agency, but the difficulties lies in keeping up with that progress.

As soon as you have a reliable VPN connection then you are protected, still today or should I say, most probably.

You can keep your doubts for yourself, as it's quite easy for a router expert to find out if a router really have a built in backdoor.

They might be in use in the US at every company or ISP, but that's not true for the whole world.

Check out PGP as an encryption method, Zimmermann was put in jail for creating and releasing it to the public by the FBI, but he actually didn't break any law by doing so.

There are many more ways to stay safe on the Internet than personal encryption but it's the safest way.

And when it comes to computer power to break an encryption, it doesn't matter how good encryption people use, without a certificate or enough complicated private key used, it still requires massive amount of computer power to crack a 2048bit key.

Encrypt what...? and for why? Banks already do this for you. Most common people would enjoy privacy, but encryption just brings out even more scrutiny.

Nobody is really privy to what techniques have been not compromised. That would be highly classified.

Without encryption, I wouldn't be on the internet in the first place, emails, skype, banks, my subscriptions with software vendors, deliveries of my software, web services I subscribe to, there's so many situations I have to be careful what and how I do so I'm quite aware how to protect myself and others.

[slipperylobster]

Encrypt what...? and for why? Banks already do this for you. Most common people would enjoy privacy, but encryption just brings out even more scrutiny.

Nobody is really privy to what techniques have been not compromised. That would be highly classified.

Without encryption, I wouldn't be on the internet in the first place, emails, skype, banks, my subscriptions with software vendors, deliveries of my software, web services I subscribe to, there's so many situations I have to be careful what and how I do so I'm quite aware how to protect myself and others.

you do not encrypt your banking...and you never will. Your bank does that.

[KhnomKhnom]

Thailand is well known as a crossroads for criminals, soon to be criminals, active intelligence agents, and lots of retired intelligence agents and war vets. It also has a good stock of local and national mafia types. Provides easy entry and exit at good international airport. Is a great base to watch China, India, S. China Sea, and surrounding islands. Wonderful shore leave, and R&R. Thailand loves USA.

Also has cooperative internet and other biz of all kinds and lacks those pesky enforced privacy laws. A person can disappear here for life, but taking a life costs less here.

Hey, why would anyone expect ANY privacy of any kind anywhere in today's world ???? That is an obsolete concept.

P.S. to readers of this msg..... I did not write it, do not agree with it, and because senile am not responsible for anything someone may think I may do or write. I am easy to discredit, too.

Would the sane put in all those emoticons?

[KamalaRider]

Encrypt what...? and for why? Banks already do this for you. Most common people would enjoy privacy, but encryption just brings out even more scrutiny.

Nobody is really privy to what techniques have been not compromised. That would be highly classified.

Without encryption, I wouldn't be on the internet in the first place, emails, skype, banks, my subscriptions with software vendors, deliveries of my software, web services I subscribe to, there's so many situations I have to be careful what and how I do so I'm quite aware how to protect myself and others.

you do not encrypt your banking...and you never will. Your bank does that.

Please, don't even go there, I use VPN before I open my browser, and I could also use my server in an unnamed location to redirect me further. It's not always about content.

And I didn't say I supplied all encryption, I said "without encryption", read again.

Edited November 14, 2014 by KamalaRider

[Chicog]

By the way, how do people draw the conclusion that "Thailand is intercepting emails"?

This is a man in the middle attack most likely perpetrated by hackers.

[slipperylobster]

Easy cure for all this.... get off the computer and go outside for a while. go get a beer.

But what if, while i am out getting this beer, some anonymous person says something wrong on the internet and i am not there to correct them - will the world not end?

If it does end...then no need to worry about the correction, as then, you would be late. So my advice is to just not worry to much about hurrying back.

[davevi]

The OP is 100% correct. At first I thought this was not possible at the Country-wide level, but it is.

Here is more proof:

Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks.

In recent months, researchers have reportedISPs in the US and Thailand intercepting their customers' data to strip a security flag—called STARTTLS—from email traffic. The STARTTLS flagis an essential security and privacy protection used by an email server to request encryption when talking to another server or client.1

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls,including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.

This type of STARTTLS stripping attack has mostly gone unnoticed because it tends to be applied to residential networks, where it is uncommon to run an email server2. STARTTLS was also relatively uncommon until late 2013, when EFF started rating companies on whether they used it. Since then, many of the biggest email providers implemented STARTTLS to protect their customers. We continue to strongly encourage all providers to implement STARTTLS for both outbound and inbound email. Google's Safer email transparency report and starttls.infoare good resources for checking whether a particular provider does.

Several Standards for Email Encryption

The SMTP protocol, the underpinning of email, was not originally designed with security in mind. But people quickly started using it for everything from shopping lists and love letters to medical advice and investigative reporting, and soon realized their mail needed to be protected from prying eyes. In 1991, Phil Zimmerman implemented PGP, an end-to-end email encryption protocol that is still in use today. Adoption of PGP has been slow because of its highly technical interface and difficult key management. S/MIME, with similar properties as PGP, was developed in 1995. And in 2002, STARTTLS for email was defined by RFC 3207.

While PGP and S/MIME are end-to-end encryption, STARTTLS is server-to-server. That means that the body of an email protected with, e.g. PGP, can only be read by its intended recipient, while email protected with STARTTLS can be read by the owners of the sending server and the recipient server, plus anyone else who hacks or subpoenas access to those servers. However, STARTTLS has three big advantages: First, it protects important metadata (subject lines and To:/From/CC: fields) that PGP and S/MIME do not. Second, mail server operators can implement STARTTLS without requiring users to change their behavior at all. And third, a well-configured email server with STARTTLS can provide Forward Secrecy for emails. The two technologies are entirely compatible and reinforce each other. The most secure and private approach is to use PGP or S/MIME with a mail service that uses STARTTLS for server-to-server communication.

There are several weak points in the STARTTLS protocol, however. The first weakness is that the flag indicating that a server supports STARTTLS is not itself encrypted, and is therefore subject to tampering, which can prevent that server from establishing an encrypted connection. That type of tampering is exactly what we see today. EFF is working on a set of improvements to STARTTLS, called STARTTLS Everywhere, that will make server-to-server encryption more robust by requiring encryption for servers that are already known to support it.

It is important that ISPs immediately stop this unauthorized removal of their customers' security measures. ISPs act as trusted gateways to the global Internet and it is a violation of that trust to intercept or modify client traffic, regardless of what protocol their customers are using. It is a double violation when such modification disables security measures their customers use to protect themselves.

This article first appeared on Electronic Frontier Foundation and is republished under Creative Commons license. Image by Steve Petrucelli under Creative Commons license.

[AyG]

By the way, how do people draw the conclusion that "Thailand is intercepting emails"?

This is a man in the middle attack most likely perpetrated by hackers.

(1) It involves the infrastructure of multiple Thai ISPs.

(2) It uses the same technique as is used by various USA ISPs for surveillance purposes.

This is most unlikely to be a hacker intervention.

[slipperylobster]

The OP is 100% correct. At first I thought this was not possible at the Country-wide level, but it is.

Here is more proof:

Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks.

In recent months, researchers have reportedISPs in the US and Thailand intercepting their customers' data to strip a security flag—called STARTTLS—from email traffic. The STARTTLS flagis an essential security and privacy protection used by an email server to request encryption when talking to another server or client.1

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls,including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.

This type of STARTTLS stripping attack has mostly gone unnoticed because it tends to be applied to residential networks, where it is uncommon to run an email server2. STARTTLS was also relatively uncommon until late 2013, when EFF started rating companies on whether they used it. Since then, many of the biggest email providers implemented STARTTLS to protect their customers. We continue to strongly encourage all providers to implement STARTTLS for both outbound and inbound email. Google's Safer email transparency report and starttls.infoare good resources for checking whether a particular provider does.

Several Standards for Email Encryption

The SMTP protocol, the underpinning of email, was not originally designed with security in mind. But people quickly started using it for everything from shopping lists and love letters to medical advice and investigative reporting, and soon realized their mail needed to be protected from prying eyes. In 1991, Phil Zimmerman implemented PGP, an end-to-end email encryption protocol that is still in use today. Adoption of PGP has been slow because of its highly technical interface and difficult key management. S/MIME, with similar properties as PGP, was developed in 1995. And in 2002, STARTTLS for email was defined by RFC 3207.

While PGP and S/MIME are end-to-end encryption, STARTTLS is server-to-server. That means that the body of an email protected with, e.g. PGP, can only be read by its intended recipient, while email protected with STARTTLS can be read by the owners of the sending server and the recipient server, plus anyone else who hacks or subpoenas access to those servers. However, STARTTLS has three big advantages: First, it protects important metadata (subject lines and To:/From/CC: fields) that PGP and S/MIME do not. Second, mail server operators can implement STARTTLS without requiring users to change their behavior at all. And third, a well-configured email server with STARTTLS can provide Forward Secrecy for emails. The two technologies are entirely compatible and reinforce each other. The most secure and private approach is to use PGP or S/MIME with a mail service that uses STARTTLS for server-to-server communication.

There are several weak points in the STARTTLS protocol, however. The first weakness is that the flag indicating that a server supports STARTTLS is not itself encrypted, and is therefore subject to tampering, which can prevent that server from establishing an encrypted connection. That type of tampering is exactly what we see today. EFF is working on a set of improvements to STARTTLS, called STARTTLS Everywhere, that will make server-to-server encryption more robust by requiring encryption for servers that are already known to support it.

It is important that ISPs immediately stop this unauthorized removal of their customers' security measures. ISPs act as trusted gateways to the global Internet and it is a violation of that trust to intercept or modify client traffic, regardless of what protocol their customers are using. It is a double violation when such modification disables security measures their customers use to protect themselves.

This article first appeared on Electronic Frontier Foundation and is republished under Creative Commons license. Image by Steve Petrucelli under Creative Commons license.

Nice cut and paste.... could you just put the link next time? a bit longish.

[davevi]

By the way, how do people draw the conclusion that "Thailand is intercepting emails"?

This is a man in the middle attack most likely perpetrated by hackers.

(1) It involves the infrastructure of multiple Thai ISPs.

(2) It uses the same technique as is used by various USA ISPs for surveillance purposes.

This is most unlikely to be a hacker intervention.

I ran the Berkley test mentioned in the previous post (page one) and found other potentially disturbing things. The sites for Microsoft and for the US Bank WaMu are redirecting to other URLs. This could be in-country data caching, which is quite normal, or it could be something more. I worry that the proxy infrastructure, which appears to be centralized in Bangkok, could be open to security flaws and something or someone else injected code to move traffic to places it should not be.

I am not presenting undisputable facts with this post, I am suggesting that if you are concerned that you run the Berkley test (available from your browser or as an Android application) and see the results for themselves and get an interpretation that you are comfortable with.

[jpeg]

Am I alone with this theory?

Yes

No, seriously, you make some very valid points but I wouldn't have access to 99% of my interests (when did you last see a book on Quantum Theory here? Not to mention real Art sans Buddhas and Buffaloes etc, I could go on.) So Pros of being connected far outweigh the cons

[WitawatWatawit]

After struggling through all this crapodology, I'm still none the wiser. Is there or is there not an effective, foolproof way to stop Big Brother and the four-eyed geek next door from reading my emails? In simple, colour by number terms, please .