05 ICM

Internet Communication Media

The mass media are diversified media technologies that are intended to reach a large audience by mass communication. The technology through which this communication takes place varies. Broadcast media such as radio, recorded music, film and television transmit their information electronically. Print media use a physical object such as a newspaper, book, pamphlet or comics, to distribute their information. Outdoor media are a form of mass media that comprises billboards, signs, or placards placed inside and outside of commercial buildings, sports stadiums, shops, and buses. The Internet media Communication which is largest mass media by Internet technologies for various communications in both Internet and mobile networks. 

An Internet media type is a standard identifier used on the Internet to indicate the type of data that a file contains. Common uses include the following:

  • E-Mail clients use them to identify attachment files
  • Web Browsers  use them to determine how to display or output files that are not in HTML format
  • Search Engines use them to classify data files on the web

E-Mail Security :

e-Mail is a short form of electronic mail. It is one of the widely used services on the Internet. e-Mail is used for transmission of messages in a text format over the Internet. The message can be sent by using the receiver e-Mail address and vice versa. e-Mail can be sent to any number of users at a time it takes only few minutes  to  reach  the  destination.  E-Mail consists of two components; the message header contains control information, an originator's e-Mail address and one or more recipient addresses and message body, which is the e-mail content.

Some e-Mail systems are confined to a single computer system or to a small network,  and  they  are  connected  to  the  other  e-Mail  systems  through  the gateway, which enables the users to connect to anywhere in the world. Though different electronic mail   systems have different formats, there are   some emerging standards like MAPI, X.400 that enables the users to send messages in between different electronic mail systems.

MAPI is a Mail Application Programming Interface, system built in Windows, which allow different mail applications working together for distributing mails. Until MAPI is enabled on both the application’s the users can share mails with each other.

X.400 is the universal protocol that provides a standard format for all e-Mail messages. X.500 is an extension to X.400 standard, which provides standard addressing formats for sending e-Mails so that all e-Mail systems are linked to one another.

How an e-Mail works?

There are 3 main types of email servers:

POP3: Post Office Protocol version 3 (POP3) is a standard mail protocol used to receive emails from a remote server to a local email client. POP3 allows you to download email messages on your local computer and read them even when you are offline. Note, that when you use POP3 to connect to your email account, messages are downloaded locally and removed from the servers. This means that if you access your account from multiple locations, that may not be the best option for you. On the other hand, if you use POP3, your messages are stored on your local computer, which reduces the space your email account uses on your web server.

By default, the POP3 protocol works on two ports:

  • Port 110 - this is the default POP3 non-encrypted port
  • Port 995 - this is the port you need to use if you want to connect using POP3 securely

IMAP: The Internet Message Access Protocol (IMAP) is a mail protocol used for accessing email on a remote web server from a local client. IMAP and POP3 are the two most commonly used Internet mail protocols for retrieving emails. Both protocols are supported by all modern email clients and web servers.

While the POP3 protocol assumes that your email is being accessed only from one application, IMAP allows simultaneous access by multiple clients. This is why IMAP is more suitable for you if you're going to access your email from different locations or if your messages are managed by multiple users.

By default, the IMAP protocol works on two ports:

  • Port 143 - this is the default IMAP non-encrypted port
  • Port 993 - this is the port you need to use if you want to connect using IMAP secure.

SMTP: Simple Mail Transfer Protocol (SMTP) is the standard protocol for sending emails across the Internet.

By default, the SMTP protocol works on three ports:

  • Port 25 - this is the default SMTP non-encrypted port
  • Port 2525 - this port is opened on all Site Ground servers in case port 25 is filtered (by your ISP for example) and you want to send non-encrypted emails with SMTP
  • Port 465 - this is the port used, if you want to send messages using SMTP securely

The working of e-Mail is as shown in the figure below. Each mail server consists of two different servers running on a single machine. One is POP3 (Post Office Protocol) or IMAP (Internet Mail Access Protocol) server which holds the incoming mails and the other SMTP (Simple Message Transfer Protocol) server which holds the outgoing mails. SMTP works on the port number 25 and POP works on the port number 110 and IMAP works on the port number 143.

SMTP

In the figure shown :

Client 1 has an account in the mail server 1 and Client 2 has an account in mail server 2.

When Client 1 sends a mail to Client 2, first the mail goes to the SMTP server of mail server 1. Here the SMTP server divides the receiver address into two parts username and domain name.

For   example,   if   SMTP   server   receives   This email address is being protected from spambots. You need JavaScript enabled to view it.   as   the receiver’s address. It will separate into user1, which is a mail account in destination mail server and example.com which is the domain name of destination mail server. Now  with  the  help  of  the  domain  name  it  will  request  particular  IP address of the recipient’s mail server, and then it will send the message to mail server 2 by connecting to its SMTP server.

The SMTP server of Mail Server 2 stores the message in Client2 mailbox with the help of POP3 in mail server 2. When the client 2 opens his mailbox, he can view the mail sent by client 1.

Possible threats through e-Mail and guidelines for handling e- Mails safely

  • e-Mails are just like  postcards from which the information can be viewed by anyone. When a mail is transferred from one mail server to another mail server there are various stops at which there is a possibility of unauthorized users trying to view the information or modify it.
  • Since a backup is maintained for an e-Mail server all the messages will be stored in the form of clear text though it has been deleted from your mailbox. Hence there is a chance of viewing the information by the people who are maintaining backups. So it is not advisable to send personal information through e-Mails.
  • Say you have won a lottery of million dollars, Getting or receiving such kind of mails is a great thing, and really it’s the happiest thing. However these mails may not be true. By responding to such a kind of mails many people lost huge amount of money. So ignore such kind of e-Mails, do not participate in it and consider it as a scam.
  • Sometimes e-Mails offering free gifts and asking personal information are received from unknown addresses. This is one way to trap your personal information.
  • One way of stealing the password is standing behind an individual and looking over their password while they are typing it or searching for the papers where they have written the password.
  • Another way of stealing  the  password is  by  guessing. Hackers try all possible combinations with the help of personal information of an individual.
  • When there are large numbers of combinations of passwords the hackers use fast processors and some software tools to crack the password. This method of cracking password is known as “Brute force attack”.
  • Hackers  also  try  all  the  possible  words  in  a  dictionary  to  crack  the password with the help of some software tools. This is called a “dictionary attack”.
  • Generally  spammers  or  hackers  try  to  steal  e-Mail  address  and  send malicious software or code through attachments, fake e-Mails, and spam and also try to collect your personal information.

Attachments :

Sometimes attachments come with e-mails and may contain executable code like macros, .EXE files and ZIPPED files. Sometimes attachments come with double extensions like “attachment.exe.doc”.By opening or executing such attachments malicious code may download into your system and can infect your system.

Tip: Always scan the attachments before you open them.

Fake e-Mails :

Some times e-Mails are received with fake e-mail address like This email address is being protected from spambots. You need JavaScript enabled to view it. by an attachment named, “Facebook_Password_4cf91.zip and includes the file Facebook_Password_4cf91exe" that, the e-mail claims, contains the user's new Facebook password. When a user downloads the file, it could cause a mess on their computer and which can be infected with malicious software.

Tip:  Always  check  and  confirm  from  where  the  e-mail  has  been  received, generally service people will never ask or provide your password to change.

Spam e-Mails :

Spam messages may trouble you by filling your inbox or your e-mail database. Spam    involves identical messages sent to various recipients by e-Mail. Sometimes spam e-mails come with advertisements and may contain a virus. By opening such e-Mails, your system can be infected and your e-Mail ID is listed in spammers list.

Tip: It is always recommended to ignore or delete spam e-mails.

e-Mails offering free gifts :

Sometimes e-Mails are targeted at you by; unknown users by offering gifts, lottery, prizes, which might be free of cost, and this may ask your personal information for accepting the free gift or may ask money  to  claim  lottery  and  prizes  it  is  one  way  to  trap  your  personal information.
Tip: Always ignore free gifts offered from unknown users.

Hoaxes:

Hoax is an attempt to make the person believe something which is false as true. It is also defined as an attempt to deliberately spread fear, doubt among the users.

How to prevent?

Using filtering software’s

Use  e-Mail  filtering  software  to  avoid  Spam  so  that  only  messages  from authorized users are received. Most e-Mail providers offer filtering services.

Ignore e-mails from strangers

Avoid opening attachments coming from strangers, since they may contain a virus along with the received message.Be careful while downloading attachments from e-Mails into your hard disk. Scan the attachment with updated antivirus software before saving it.

Guidelines for using e-Mail safely

  • Since the e-Mail messages are transferred in clear text, it is advisable to use some encryption software like PGP (pretty good privacy) to encrypt e-Mail messages before sending, so that it can be decrypted only by the specified recipient only.
  • Use E-Mail filtering software to avoid Spam so that only messages from authorized users are received. Most e-Mail providers offer filtering services.
  • Do not open attachments coming from strangers, since they may contain a virus along with the received message.
  • Be careful while downloading attachments from e-Mails into your hard disk. Scan the attachment with updated antivirus software before saving it.
  • Do not send messages with attachments that contain executable code like Word documents with macros, .EXE files and ZIPPED files. We can use Rich Text Format instead of the standard .DOC format. RTF will keep your formatting, but will not include any macros.This may prevent you from sending virus to others if you are already infected by it.
  • Avoid sending personal information through e-Mails.
  • Avoid  filling  forms  that  come  via  e-Mail  asking  for  your  personal information. And do not click on links that come via e-Mail.
  • Do not click on the e-Mails that you receive from un trusted users as clicking itself may execute some malicious code and spread into your system.

                                    Tips:     Avoid filling forms through e-mails links which ask for personal information

Do not follow the web links that come through e-mails

Be suspicious of any e-mail with urgent requests for personal financial information

Instant Messaging:

Nowadays Instant messaging (IM) is growing due to evolving technologies and Internet speeds in India and in changed in the form of real time text based to real  time of audio, video communication between two or more people connected over the network. Instant message became most popular with this you can interact with people in a real time and you can keep the list of family and friends on your contact list and can communicate until the person is online .There are many instant service providers like AOL, Yahoo messenger, Google Talk and many more.

Tips: Limit interactions to users in a chat room

Risks involved in IM:

Hackers constantly access instant messages and try to deliver malicious codes through the instant message and the code may contain a virus, Trojan, and spyware and if you click on the file the code will enter your system and within seconds it infects the system.

Spim :

Spim is a short form of spam over instant messaging, it uses IM platforms to send spam messages over IM.  Like e-mail spam messages, a spim message also contains advertisements. It generally contains web links, by clicking on those links malicious code enters into your PC. Generally, it happens in real time and we need to stop the work and deal with spim as the IM window pop-ups, in the e-mail we have time to delete and we can delete all spam at a time, or we can scan before opening any attachments. This cannot be done in IM.

Tip: Avoid opening attachments and links in IM

Skype Video Communication:

New technologies empower everybody and help them reach audiences all over the world. Their words, pictures and sounds can be transmitted around the globe in a matter of seconds. Many users use Skype, WhatsApp, Facebook, Google Mail, Blogger, WordPress and Dropbox to communicate, store data, collaborate and promote their work through Internet media communication.

But there are risks associated with using these tools and we all need to be prepared for the worst-case scenario. Let’s have a look at the popular services for us, their risks and possible, more secure alternatives.

Risks through Skype: Skype was always assumed to be safe because of its end-to-end encryption. In the same time, through revelations have revealed that the NSA has been listening to Skype since 2011 and it’s unclear to what extent other agencies are able to intercept the service. Also according to Eric King, head of research at Privacy International, Skype “can no longer be trusted to protect user privacy”

Possible solutions: Use Skype as if it were a public forum. Everything you say or write may be used against you.

Alternatives: Jitsi (encrypted text, voice and video messaging), Linphone (encrypted voice and video chat), Mumble (encrypted voice chat).

WhatsApp:

WhatsApp is one of the most popular messaging apps in the word. It lets you send messages without having to pay for sms services although the person you are sending to also has to be using the app. It’s an easy way to stay in touch with the newsroom and colleagues while in the field, especially as you can exchange images, video and audio.

Risks with whatsapp: Currently, WhatsApp claims messages are encrypted but because the company won’t say what method they use, it’s difficult to know how secure the service is. There are reports that WhatsApp messages sent over wifi and other public channels can be decrypted. There are apps out there which try to make WhatsApp more secure.

Possible solutions: Resort to more secure apps

Alternatives: Pidgin (off-the-record messaging), TorChat (anonymous P2P chat), ChatSecure (formerly Gibberbot) and Xabber for Android.

Facebook:

The most of Internet users use this global social network to share their work, crowd source information, stay in touch with colleagues and newsmakers, follow companies and news on their beats, subscribe to important people and participate in groups.
Facebook is a huge data collector. The list of your friends may influence the decision of local authorities to grant you a visa to work in a certain region, and the open groups you are a member of let strangers know about your interests even if your profile is closed to external visitors. Also, Facebook is constantly experimenting with new tracking methods.

Possible solutions: Be very careful publishing information on Facebook. Once it’s online, you lose control of it. Go to the privacy settings in the upper right corner of your Facebook page and make sure you have all the precautionary measures taken. Always try to log out of your Facebook page while surfing other websites in your computer.

Twitter:

Twitter is good for following breaking news and breaking news yourself. You can also use it to collaborate with others, find communities, and follow trends and topics.
Everything you do on Twitter is visible. If you have geotagging enabled, it can be easy to locate you. The service is also a haven for malware attacks.

Possible solutions: Be careful what you post and whom you follow. Don’t create open lists unless you are absolutely sure you won’t get into trouble by doing this. Disable geotagging.For more about Internet media communications refer browsers and search engines sections

References:

 

Address

Centre for Development of Advanced Computing, (C-DAC)
Plot No. 6 & 7, Hardware Park, Sy No. 1/1, Srisailam Highway, Pahadi Shareef Via Keshavagiri (Post) Hyderabad - 500005

Phone

Phone: 040-23737124/25
Mobile: 040-23737124/25

TollFree

1800 425 6235

Email Address

isea[at]cdac[dot]in