View Single Post
Old 02-05-2011, 02:04 AM   #150 (permalink)
The Sand
Talking BlackBerry Encyclopedia
 
The Sand's Avatar
 
Join Date: Oct 2008
Location: Los Angeles, CA
Model: 9810
OS: 7.0.1355
PIN: N/A
Carrier: AT&T
Posts: 357
Post Thanks: 4
Thanked 3 Times in 3 Posts
Default Re: BIS - No Better Security than Web Based Mail

Quote:
Originally Posted by OVERKILL View Post
Does it REALLY matter if your connection from your handheld, over your providers network, to RIM is encrypted or not, if the connection from your Hotmail account to wherever your outgoing mail is destined for is not?
.
Yes, it does matter. The part of the email transaction that is most vulnerable to sniffers is from device to server... making SSL very important. After server to its destination, YES it can go from to server to server with SSL intact as long as the server supports SSL/TLS. As technology makes progress in this area we will only see more and more support. Try reading the headers of a sent message using SSL/TLS... do your own research on this. Step one to take advantage of all this is to enable SSL.

Of course, keep in mind it's an encrypted "tunnel"... it does not encrypt the body of the message itself. For that you need PGP/SMIME or WinZip with encryption. But it does enough that it is now standard practice on smartphones.

And I use SMIME with "free email services" in this thread. I encrypt Yahoo and Hotmail everyday from Outlook to the people I have set this up with - and you can get certificates for free... so POP3 and IMAP have the capability as well as exchange.

RIM stated to me that the connection from their server to my provider (Yahoo/Gmail/Hotmail) was not encrypted. They also stated they push the email to the device with nothing. Which is why I did two things... switched to BES and put Yahoo/Hotmail through another smartphone with SSL. Now all my accounts are going from device to/from server protected.

Sandy
Offline   Reply With Quote