From: "Lewis G Rosenthal" Received: from [192.168.100.201] (account lgrosenthal HELO [192.168.100.24]) by 2rosenthals.com (CommuniGate Pro SMTP 5.1.16) with ESMTPSA id 1888893 for os2-wireless_users@2rosenthals.com; Thu, 05 Nov 2009 22:34:55 -0500 Message-ID: <4AF3995E.20308@2rosenthals.com> Date: Thu, 05 Nov 2009 22:34:54 -0500 Organization: Rosenthal & Rosenthal, LLC User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.8.1.23) Gecko/20090827 SeaMonkey/1.1.18 (PmW) MIME-Version: 1.0 To: OS/2 Wireless Users Mailing List Subject: Re: [OS2Wireless] Re: eCS Firewall References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi, all, and sorry to be so late to the party... On 10/30/09 06:09 am, Frank Vos thus wrote : > Hello, > On Tue, 27 Oct 2009 20:51:44 -0700 (PDT), Jon wrote: > > >> On Tue, 27 Oct 2009 17:58:13 -0700 Bob wrote: >> >>> >>> When I am connected to a public wireless access point I do not stay connected >>> for hours, just enough time to get my email and occassionally to look at a URL. >>> I am very selective on links I follow and my email client is set to only >>> display plain text, this eliminates many problems. So having a connection >>> through a public wireless access point (which uses NAT) and using safe surfing >>> practices avoids problems. >>> >>> Just my experience and opinion. >>> >> Bob: >> >> That is interesting, I had not thought that deeply about it before. I use PMMail so email is not a >> problem, although I sometimes will use my ISP's provided web mail, again I don't see a problem >> there either. >> > It depends what version of PMmail you are using. The old version of > PMmail doesn't support SMTPS, so this means that the username and > password are sent in the clear, so the bad guys can sniff them. It's > possible to use Stunnel, but I was not able to get that working with my > ISP. The Voice version 3.04 of PMmail and Thunderbird are safe to use > over an public AP, because they do support SMTPS. > > Of course, you need an ISP (or at least a mail provider) who supports encrypted SMTP and IMAP and/or POP3 and/or encrypted authentication. The service I provide *does* (for all three protocols), and over non-standard ports (many ISP's block standard ports, forcing you to use *their* servers). If using a public venue (particularly over the air...bringing this back to the list), and not having the ability to use encrypted POP3 or IMAP or SMTP, webmail over SSL (https) is a fairly safe bet. -- Lewis ------------------------------------------------------------- Lewis G Rosenthal, CNA, CLP, CLE Rosenthal & Rosenthal, LLC www.2rosenthals.com Need a managed Wi-Fi hotspot? www.hautspot.com Secure, stable, operating system www.ecomstation.com -------------------------------------------------------------