backup-website

What to back up?

Your web site consists of DATABASE + FILES


Backing Up Your WordPress Site

There are two parts to backing up your WordPress site: Database and Files. You need to back up the entire site, and you need to backup your WordPress database.

Your WordPress site consists of the following:

1. WordPress Core Installation
2. WordPress Plugins
3. WordPress Themes
4. Images and Files
5. Javascripts, PHP scripts, and other code files
6. Additional Files and Static Web Pages

All of these are used in various combinations to generate your website. The database contains your posts and a lot of data generated on your site, but it does not include the above elements that all come together to create the look and information on your site. These need to be saved.

Most hosts back up the entire server, including your site, but it takes time to request a copy of your site from their backups, and a speedy recovery is critical. You need to learn how to backup your own site files and restore them.
If the back up size becomes too large do not back up antispam and stats.
WordPress Backups from WordPress Codex

Read more On "backup-website"!

mobile-phone-browsers-free-download

BOLT

This is what the BOLT people have to say about their browser:
BOLT is a free downloadable browser that offers an uncompromised browsing experience on even lower-end mobile phones.

Rather than offering a simplified, mini version of the Internet, BOLT provides users with a fast, efficient, feature-rich way to enjoy full PC-style web pages and rich media applications on all levels of mobile devices.

Built on Bitstream's ThunderHawk browsing technology, BOLT is the result of 5+ years experience developing mobile browsers that optimize usability, speed and performance on resource-constrained systems with limited memory, processing power and screen space.


Now, if you are ready, experience lightning fast Internet browsing with streaming video on your mobile phone.

Boltbrowser


* Dual Signed Version
* VeriSign Signed Version
* Thawte Signed Version
* Unsigned Version
Not to forget the
Blackberry specific version

I am new to BOLT. I believe BOLT is also new. We wish them Luck.

What if you need support?
Support is available here.clickhttp://www.boltbrowser.com/support.html
Quick help is available at the http://www.boltbrowser.com/forums/
This is supposed to be the BOLT's physical address:
Bitstream
245 First St - 17FL
Cambridge, MA 02142
US
2
OPERA MINI 3.1

For those whose mobile device does not support OPERAMINI 4.2 try this version.
This is claimed to fast, tiny, powerful web browser
Best is to go to OPERAMINI.COM website and download either 4.2 or 3.1
If you choose to download it from GETJAR (my personal favorite) here is the link.
Download via Wap: Open m.GetJar.com with your mobile -> Quick Download -> enter
Quick Download Code 30827

ABOUT GETJAR

Founded by Ilja Laurs in 2004, GetJar (www.getjar.com/wap.getjar.com) is the world’s most popular mobile application distribution and developer community, with over 200,000 developer and beta-tester accounts.
Downloads in one Week (2009 Jun 15 - 2009 Jun 21): 7,902,528

Source:
1
http://boltbrowser.com/download.html

2
http://www.getjar.com/products/13444/OperaMini

On Fast Track with Dr. Ashok Koparday

Read more On "mobile-phone-browsers-free-download"!

how-to-license-your-work

Anything that you post on the internet is your property and you are the copyright owner. How do you state your copyright ownership?

The Licenses

image

1. Attribution

This license lets others distribute, remix, tweak, and build upon your work, even commercially, as long as they credit you for the original creation. This is the most accommodating of licenses offered, in terms of what others can do with your works licensed under Attribution.

View License Deed | View Legal Code
image

2. Attribution Share Alike

This license lets others remix, tweak, and build upon your work even for commercial reasons, as long as they credit you and license their new creations under the identical terms. This license is often compared to open source software licenses. All new works based on yours will carry the same license, so any derivatives will also allow commercial use.

View License Deed | View Legal Code
image

3. Attribution No Derivatives

This license allows for redistribution, commercial and non-commercial, as long as it is passed along unchanged and in whole, with credit to you.

View License Deed | View Legal Code
image

4. Attribution Non-Commercial

This license lets others remix, tweak, and build upon your work non-commercially, and although their new works must also acknowledge you and be non-commercial, they don’t have to license their derivative works on the same terms.

View License Deed | View Legal Code
image

5. Attribution Non-Commercial Share Alike

This license lets others remix, tweak, and build upon your work non-commercially, as long as they credit you and license their new creations under the identical terms. Others can download and redistribute your work just like the by-nc-nd license, but they can also translate, make remixes, and produce new stories based on your work. All new work based on yours will carry the same license, so any derivatives will also be non-commercial in nature.

View License Deed | View Legal Code
image

6. Attribution Non-Commercial No Derivatives

 

This license is the most restrictive of our six main licenses, allowing redistribution. This license is often called the “free advertising” license because it allows others to download your works and share them with others as long as they mention you and link back to you, but they can’t change them in any way or use them commercially.

FAST OVERVIEW

[1] ATTRIBUTION

You let others copy, distribute, display, and perform your copyrighted work — and derivative works based upon it — but only if they give credit the way you request.

 
[2] SHARE ALIKE

You allow others to distribute derivative works only under a license identical to the license that governs your work.

 
[3] NON COMMERCIAL

You let others copy, distribute, display, and perform your work — and derivative works based upon it — but for noncommercial purposes only.

[4] NO DERIVATIVES

You let others copy, distribute, display, and perform only verbatim copies of your work, not derivative works based upon it.

Source:
http://creativecommons.org/about/licenses

On Fast Track
with

Dr. Ashok Koparday

Read more On "how-to-license-your-work"!

what-feedburner-does-for-your-website

5 SMART USES OF FEEDBURNER (feeds)

Use feedburner to publicize your blog of website


1

Publicize

Here are a few fun, alternative ways to publicize your feed, other than the ways listed above.

1* Headline Animator:

Create and customize an animated banner that cycles through your feed's five most recent items. It's an easy way to promote your content anywhere you can place a snippet of HTML.

2* BuzzBoost:

Do you maintain more than one blog, site, or podcast? BuzzBoost helps you cross-promote your content by repurposing your feed as go-anywhere HTML.

2

Optimize

Enhance and extend your feed with FeedBurner's array of services.

* FeedFlare™: Build “interactivity” into the content you create, making it simple for subscribers to tag, email or share their content with others.

3

Analyze

FeedBurner Stats is our analytics offering for blogs, Web sites podcasts and feeds of all kinds. The service is free with every FeedBurner feed and provides publishers with a comprehensive view of their audience.

4

Monetize

Earn revenue by displaying relevant text and image ads using AdSense for feeds. Learn more.

5

“Troubleshootize”

It's true, some good feeds go bad. Learn how to diagnose and solve the most common problems FeedBurner encounters when working with your original feed. The best part? We also notify you about any issues we discover using our FeedMedic and PodMedic reporting services.


FEEDBURNER has been acquired by google.
You can use your goole id to login.
Source:
http://feedburner.google.com
On Fast Track with Dr. Ashok Koparday And here is the rest of it.

Read more On "what-feedburner-does-for-your-website"!

how-to-password-protect-best-security-10

What other than 'password' do you have as a lock - key function in the World Wild Web? How KeePass is useful for you and me?


Key Protection against Dictionary Attacks
FACT
You
can't really prevent dictionary and guessing attacks: nothing prevents
an attacker to just try all possible keys and look if the database
decrypts. But what we can do (and KeePass does) is to make it harder:
by adding a constant time factor to the key initialization, with KeePass we can make them as hard as we want.

To generate the final 256-bit key that
is used for the block cipher, KeePass first hashes the user's password
using SHA-256, encrypts the result N times using the Advanced
Encryption Standard (AES) algorithm (called key transformation rounds
from on now), and then hashes it again using SHA-256. For AES, a random
256-bit key is used, which is stored in the database file. As the AES
transformations aren't pre-computable (key is random), an attacker has
to perform all the encryptions, too, otherwise he cannot try and see if
the current key is correct.

An attacker now needs much more time
to try a key. If he can only try a few hundred keys per second, a
dictionary attack is not practical any more.

By default, KeePass
sets N to 6000 encryption rounds (full encryptions are meant; N has
nothing to do with the internal encryption rounds of AES). This has
been done in order to provide compatibility with the PocketPC version
(PocketPC processors are slower, therefore the key computation takes
longer).


What KeePass does?
KeePass supports protection against guessing and dictionary attacks.

Protect your Password.
If you are using KeePass on PC only, it is highly
recommended to increase the number of key transformation rounds. You
can change the number in the database options dialog. Right of the
field for the rounds, you'll find a button. When clicking this button,
KeePass computes the rounds number that leads to a 1-second delay.
Waiting 1 second at database opening isn't a problem, but for an
attacker of course it is. But, the number can be freely set to a number
of your choice. The button only should give you a rough idea how many
rounds can be computed in 1 second on your computer.

This
protection feature is only useful when using master passwords; key
files are random anyway, there's no need to transform the key file
contents (guessing the key file contents is equally hard to a
brute-force attack on the final key).

KeePass uses
multi-threading to compute these rounds (the master key is split up to
two parts of 128 bits, which is the AES block size). On dual/multi core
processors, the computation can be twice as fast as on a single core
processor. Note the 1-second button in the database settings dialog
always shows the single core rounds number (the dual/multi core
optimization only affects the "real" transformation code, not the
benchmark).

Detailed information about the security of KeePass.


* Database Encryption
* Hashing and Key Derivation
* Random Number Generation
* Protection against Dictionary Attacks
* Process Memory Protection
* Locking the Workspace
* Plugins
* Self-Tests
* References

Key Database Encryption


KeePass database files are encrypted. KeePass encrypts the whole database, i.e. not only your passwords. Your user names, notes, even the entry times and UUIDs, etc. are encrypted, too.


The databases are encrypted using one of the following block ciphers:
Cipher Block Size Key Size
Advanced Encryption Standard (AES / Rijndael) 128 bits 256 bits
Twofish 128 bits 256 bits


These algorithms are well-known, analyzed thoroughly and generally considered to be very secure by the cryptographic community.
KeePass 2.x Only
KeePass 2.x doesn't support Twofish, but additional encryption algorithms are available through plugins.

The block ciphers are used in the CBC (cipher-block chaining) block cipher mode. In CBC mode, plaintext patterns are concealed.


For both algorithms, a 128-bit initialization vector (IV) is generated randomly each time you save the database. This allows multiple databases to be saved using the same key without observable patterns being revealed.

Key Hashing and Key Derivation
In order to generate the 256-bit key for the block ciphers, the Secure Hash Algorithm SHA-256 is used. This algorithm compresses the user key provided by the user (consisting of password and/or key file) to a fixed-size key of 256 bits. This transformation is one-way, i.e. it is computationally infeasible to invert the hash or find a second message that compresses to the same hash.


Please note that the recently discovered attack against SHA-1  doesn't affect the security of SHA-256. SHA-256 is still considered as being secure.


Key Derivation:
If only a password is used (i.e. no key file), the password plus a 128-bit random salt are hashed using SHA-256 to form the final key (but note there is some preprocessing: Protection against Dictionary Attacks). This random salt prevents attacks that are based on pre-computed hashes.

When using both password and key file, the final key is derived as follows: SHA-256(SHA-256(password), key file contents), i.e. the hash of the master password is concatenated with the key file bytes and the resulting byte string is hashed with SHA-256 again. If the key file doesn't contain exactly 32 bytes (256 bits), they are hashed with SHA-256, too, to form a 256-bit key. The formula above then changes to: SHA-256(SHA-256(password), SHA-256(key file contents)).

Binary Random Number Generation

We need to generate several random bytes (for the IV, the master key salt, etc.). For this, several pseudo-random sources are used: current tick count, performance counter, system date/time, mouse cursor position, memory status (free virtual memory, etc.), active window, clipboard owner, various process and thread IDs, various window focus handles (active window, desktop, ...), window message stack, process heap status, process startup information and several system information structures. Additionally, KeePass uses random bytes provided by the system's default CSP RNG.

This pseudo-random data is collected in a random pool. To generate 16 random bytes, the pool is hashed (SHA-256) with a counter to form the final 16 random bytes. The counter is increased after 16 generated bytes. This way, we can efficiently produce as many secure random bytes as we need.

KeePass supports protection against guessing and dictionary attacks.
Source:
Security - KeePass

On Fast Track
with
Dr. Ashok Koparday

Read more On "how-to-password-protect-best-security-10"!

best-secure-password-generator-9

Passwords Protection

While KeePass[1] is running, your passwords are stored encrypted [2] in process memory. For this, the ARC4 encryption algorithm is used, using a random, 12 bytes long key.


This means that even if you would dump the whole KeePass process memory to disk, you couldn't find the passwords (at least not in plain text). Note that this only applies to the password [3]field, not to the user names, etc. because of performance reasons.


When you are copying a password to the clipboard for example, KeePass first decrypts the password field, copies it to the clipboard and immediately re-encrypts it using the random key.


Additionally, KeePass erases all security-critical memory when it's not needed any more, i.e. it overwrites these memory areas before releasing them (this applies to all security-critical memory, not only the passwords field).


Key Locking the Workspace


Locking the workspace closes the database file, and remembers the last view settings (i.e. which group and entries you selected, list position, etc.).


This provides maximum security: unlocking the workspace is as hard as opening the database file the normal way. Also, it prevents data-loss (your computer can crash while KeePass is locked, without doing any damage to the database).

Plugins Security


Separate pages exist about the security of plugins: Plugin Security (KeePass 1.x), Plugin Security (KeePass 2.x).

Black Box[4] Self-Tests


Each time you start KeePass, the program will perform a quick self-test to see whether the block ciphers[5] and the hash are compiled correctly and pass their test-vectors. If one of the algorithms doesn't pass its test vectors, KeePass will show a security exception message box at startup.

References References and Further Reading
Security - KeePass

(1) National Institute of Standards and Technology: Report on the Development of the Advanced Encryption Standard (AES) (PDF).


(2) Bruce Schneier's blog: SHA-1 broken.


[3] Bruce Schneier's blog: Cryptanalysis of SHA-1, with comments about the impact of that discovery and what to do now.

On Fast Track
with
Dr. Ashok Koparday
[1]
[2]encrypted
password
[4]
[5]block ciphers

Read more On "best-secure-password-generator-9"!

how-to-be-safe-from-password-stealing-software-latest-tip

Recent Security Tip
Important:How to escape from password finding software called keylogger?

There are softwares that pick up your password? How to trick keylogger?
Virtual Keyboard – FAQs for Retail and Corporate Users

State Bank of India aims to provide you a safe and secure environment to perform online banking. In this direction, we have introduced the option of Virtual Keyboard.

1. What is Virtual Keyboard?

The Virtual Keyboard is an onscreen keyboard which provides a mouse based alternative, for keying in your username and password, instead of using the actual physical keyboard.
2. What are the advantages of logging into the Internet Banking site using a Virtual Keyboard?

The virtual keyboard is an additional precautionary measure and protects you against malicious key logger programs which might have infected your computer.

A key logger program can capture the keystrokes you enter in the physical keyboard to login. Such a program may be accessing your PC without your knowledge or permission.

A virtual keyboard prevents your username or password from being stolen, especially while using public computers, such as those available in Internet cafes. Also, the sequence in which the keys appear will change everytime the page is refreshed.
3. How can I use the Virtual Keyboard?

Use the mouse to enter the alphabets and numbers in your username and password by clicking on the keys of the Virtual Keyboard.

Caps Lock On : Use this button to change case when entering the lower and upper case letters in your username and password. You can "switch on" or "switch off" this button. Since Internet Banking usernames and passwords are case-sensitive, please ensure that you are aware of this "difference" when entering your password.

Clear : Use this button to clear a field if you have entered characters incorrectly .
4. Is it mandatory to use the Virtual Keyboard?

No. You can use the normal keyboard or the combination of both normal and virtual keyboard also.
5. Is it not secure to use the regular keyboard?

State Bank of India aims to provide you a safe and secure environment to perform online banking. The virtual keyboard is one such feature. Please ensure that no other person is glancing, peeping at your computer screen while you are keying in your username and password through the virtual keyboard.

Note:

If you are a retail user: As a security measure, access will be disabled for the day, after three unsuccessful login attempts.

However if you are a corporate user, the account lockout feature is not applicable.
Welcome to OnlineSBI

Read more On "how-to-be-safe-from-password-stealing-software-latest-tip"!

how-to-use-privacy-guard-8

Email programs - Use Encrypt Decrypt
For Safe, Secure On line Experience

Out of the box security solution.
Gnu Privacy Guard (GnuPG)
Mini Howto (English)

Brenno J.S.A.A.F. de Winter (English)
brenno@dewinter.com
Michael Fischer v. Mollard (German)
fischer@math.uni-goettingen.de
Arjen Baart
arjen@andromeda.nl
Version 0.1.4 August 10, 2004

This documents explains how to use the GNU Privacy Guard (GnuPG), an Open Source OpenPGP compatible encryption system

To keep this program totally free the use of the RSA algorithm and other patented algorithm has been avoided. The document was originally written by Michael Fischer v. Mollar in German. The text has been translated and adjusted on some points and cannot be considered as a full one-on-one copy.

1. Concepts

* 1.1 Public Key Encryption
* 1.2 Digital Signatures
* 1.3 Web of trust
* 1.4 Boundaries to security

2. Installation

* 2.1 Sources for GnuPG.
* 2.2 Configuration
* 2.3 Compile
* 2.4 Installation

3. Using keys

* 3.1 Creating a key
* 3.2 Exporting keys
* 3.3 Importing keys
* 3.4 Revoke a key
* 3.5 Key administration
* 3.6 Key signing

4. Encrypt and decrypt

* 4.1 Encrypt
* 4.2 Decrypt

5. Signing and checking signatures

6. Front ends

* 6.1 Graphical interfaces
* 6.2 Email programs

7. Sources of information

* 7.1 GnuPG
* 7.2 PGP
* 7.3 Keyservers
* 7.4 Books

8. About this document

* 8.1 Versions
Gnu Privacy Guard (GnuPG) Mini Howto (English)
On Fast Track
with
Dr. Ashok Koparday

Read more On "how-to-use-privacy-guard-8"!

how-to-choose-password-7

Have good passwords

Remember: Passwords are the only lock and key tools on the internet.

Protect your password:[1]
Use more than 7 characters in your password.

User more than 7 characters in your password
Choose from these characters

` ~ ! @ # $ % ^ &amp ; * ( ) = + - _ ; :
/ ? ' " | [ ] { } <>

"/" is sometimes not accepted in password

• Memorize your password, do not write it down
• Do not share your password. Create a new account instead
• Avoid using one password for all your logins
• Don't provide your password to someone for assistance unless you verify:

They need the password
They are who they say they are

• Avoid logging in from public computers
• Change your password frequently
• Log out then close the browser by clicking on the cross x on top right corner

Tips for choosing a password:

• Avoid dictionary words
• Avoid familiar items (names, phone number, etc)
• Use a combination of letters, numbers, and special characters
• Use more characters (7+)

The above topic may seem as trivial or repetition, however understand that password is the only lock and key system.
source:
cPanel X

On Fast Track
with
Dr. Ashok Koparday

Read more On "how-to-choose-password-7"!

how-to-make-email-trustworthy-encryption-6

How to be certain that email has come from a particular person?


keywords: muttmail reader,
public key cryptography[1]

In your Gmail inbox, click on, 'Show Details'. This is what you see.

from DR. ASHOK KOPARDAY Medical Director Samadhan Sexual Sciences
to anita_usa@gmail.com
date Sun, Jan 11, 2009 at 10:36 PM
subject [help on mobile] convert-indian-language-to-any-other-indian-language-using-b...
mailed-by blogger.bounces.google.com

VIII. Understanding The Need For Message Signatures The first reason for message signatures is authenticity. It is a largely unknown fact that the From: header of email can be trivially forged. A quick glance can lead you to believe that the mail was sent by someone who might not have had anything to do with the message. A signature will help you determine if the mail was really sent by who you think it was sent by. The second reason for signatures is integrity. Someone who has access to any piece of mail that is waiting for you (perhaps at your ISP) can change the message. This could affect something as simple as where you should meet someone to something as serious as which bank account you should transfer money to. A signature can tell you if the message was modified between the sender and your mail client.

This document
will explain the need for signing and how to sign messages, how to
verify signatures on mail sent to you, how to encrypt messages, and how
to decrypt messages. 
Theft of your private key by anyone means theft of your identity.  In anincreasingly digital world, your private key will soon carry as muchweight as a photo ID, and in some situations already carries more.  

========================================================================

      Everything You Need To Know To Start Using GnuPG with Mutt

========================================================================

             By Justin R. Miller 

              Revision 0.1, Released 23 September 2001

========================================================================

     I. Purpose
    II. Overview
   III. Assumptions
    IV. Configuring GnuPG
     V. Protecting Your Private Key
    VI. Publicizing Your Public Key
   VII. Understanding Validity and Your Web of Trust
  VIII. Understanding The Need For Message Signatures
    IX. Understanding How Signatures Are Made
     X. Understanding How Encryption Is Done
    XI. A Practical Example of Manual Key Management
   XII. A Practical Example of Manual Signing and Verification
  XIII. A Practical Example of Manual Encryption and Decryption
   XIV. Configuring Mutt For Use With GnuPG
    XV. Trying It All Out
   XVI. Links For More Information
  XVII. Contributors
 XVIII. Feedback

On Fast Track
with
Dr. Ashok Koparday

Read more On "how-to-make-email-trustworthy-encryption-6"!

email-risks-5

email fatigue, email bankruptcy, Flaming

Most business workers today spend from one to two hours of their
working day on email: reading, ordering, sorting, ‘re-contextualizing’
fragmented information, and writing e-mail.
The use of e-mail is increasing due to increasing levels of
globalization—labour division and outsourcing amongst other things.
E-mail can lead to some well-known problems:
email worms problem is most common today on the more popular Microsoft Windows operating system

• Loss of Context: Information in context (as in a newspaper)
  is much easier and faster to understand than unedited and sometimes
  unrelated fragments of information. Communicating in context can only
  be achieved when both parties have a full understanding of the context
  and issue in question.
  
• Antisocial Behaviorisms: Email can be a "get out of jail"
  for those who are nervous or poor articulators in face to face
  situations. This can lead to society becoming less personal with a
  greater number of people being unable to hold conversations face to
  face.
  
• Flaming
  Flaming occurs when one person sends an angry and/or antagonistic
  message. Flaming is assumed to be more common today because of the ease
  and impersonality of e-mail communications: confrontations in person or
  via telephone require direct interaction, where social norms encourage
  civility, whereas typing a message to another person is an indirect
  interaction, so civility may be forgotten. Flaming is generally looked
  down upon by internet communities as it is considered rude and
  non-productive.
  
  
• Information overload: E-mail is a push technology—the sender controls who receives the information. Convenient availability of mailing lists and use of "copy all" can lead to people receiving unwanted or irrelevant information of no use to them.
  
  
• E-mail bankruptcy
  Also known as "email fatigue", e-mail bankruptcy is when a user
  ignores a large number of e-mail messages after falling behind in
  reading and answering them. The reason for falling behind is often due
  to information overload and a general sense there is so much
  information that it is not possible to read it all. As a solution,
  people occasionally send a boilerplate message explaining that the
  email inbox is being cleared out. Stanford University law professor Lawrence Lessig is credited with coining this term, but he may only have popularized it.^[22]
  
  
• Inconsistency: E-mails can duplicate information. This can
  be a problem when a large team is working on documents and information
  while not in constant contact with the other members of their team.
• Spamming and computer viruses

he usefulness of e-mail is being threatened by four phenomena: e-mail bombardment, spamming, phishing, and e-mail worms.


E-mail worms use e-mail as a way of replicating themselves into vulnerable computers. Although the first e-mail worm affected UNIX computers,
the problem is most common today on the more popular Microsoft Windows operating system

• Information not secret nor anonymous
  

1. e-mail messages have to go through intermediate computers before
   reaching their destination, meaning it is relatively easy for others to
   intercept and read messages;
2. many Internet Service Providers (ISP) store copies of your e-mail
   messages on their mail servers before they are delivered. The backups
   of these can remain up to several months on their server, even if you
   delete them in your mailbox;
3. the Received: headers and other information in the e-mail can often identify the sender, preventing anonymous communication.

Despite these disadvantages, email has become the most widely used medium of communication within the business world.
Further reading

• E-mail encryption
• HTML e-mail
• Internet fax
• L-mail
• Push e-mail
  

• Anti-spam techniques (e-mail)
• Computer virus
• E-card
• E-mail art
• E-mail spam
• E-mail spoofing
• Email storm
• Information overload
• Internet humor
• Internet slang
• Netiquette
• Reply All
• Usenet quoting

On Fast Track
with
Dr. Ashok Koparday

Read more On "email-risks-5"!

email-not-secret-therefore-4

E-mail privacy, without some security precautions, can be compromised because:

• e-mail messages are generally not encrypted;
• e-mail messages have to go through intermediate computers before
  reaching their destination, meaning it is relatively easy for others to
  intercept and read messages;
• many Internet Service Providers (ISP) store copies of your e-mail
  messages on their mail servers before they are delivered. The backups
  of these can remain up to several months on their server, even if you
  delete them in your mailbox;
• the Received: headers and other information in the e-mail can often identify the sender, preventing anonymous communication.

There are cryptography applications that can serve as a remedy to one or more of the above. For example, Virtual Private Networks or the Tor anonymity network can be used to encrypt traffic from the user machine to a safer network while GPG, PGP, or S/MIME can be used for end-to-end message encryption, and SMTP STARTTLS or SMTP over Transport Layer Security/Secure Sockets Layer can be used to encrypt communications for a single mail hop between the SMTP client and the SMTP server.

Additionally, many mail user agents do not protect logins and passwords, making them easy to intercept by an attacker. Encrypted authentication schemes such as SASL prevent this.

Finally, attached files share many of the same hazards as those found in peer-to-peer filesharing. Attached files may contain trojans or viruses.
On Fast Track
with
Dr. Ashok Koparday

Read more On "email-not-secret-therefore-4"!

email-risks-3

INFORMATION OVERLOAD

Information overload

A December 2007 New York Times blog post described E-mail as "a $650 Billion Drag on the Economy",
and the New York Times reported in April 2008 that "E-MAIL has become
the bane of some people’s professional lives" due to information
overload, yet "none of [the current wave of high-profile Internet
startups focused on email] really eliminates the problem of e-mail
overload because none helps us prepare replies".

Technology investors reflect similar concerns.

Spamming and computer viruses

The usefulness of e-mail is being threatened by four phenomena: e-mail bombardment, spamming, phishing, and e-mail worms.

Spamming is unsolicited commercial e-mail. Because of the very low
cost of sending e-mail, spammers can send hundreds of millions of
e-mail messages each day over an inexpensive Internet connection.
Hundreds of active spammers sending this volume of mail results in information overload for many computer users who receive voluminous unsolicited email each day.^[27][28]

E-mail worms use e-mail as a way of replicating themselves into vulnerable computers. Although the first e-mail worm affected UNIX computers, the problem is most common today on the more popular Microsoft Windows operating system.

The combination of spam and worm programs results in users receiving
a constant drizzle of junk e-mail, which reduces the usefulness of
e-mail as a practical tool.

A number of anti-spam techniques mitigate the impact of spam. In the United States, U.S. Congress has also passed a law, the Can Spam Act of 2003,
attempting to regulate such e-mail. Australia also has very strict spam
laws restricting the sending of spam from an Australian ISP, but its impact has been minimal since most spam comes from regimes that seem reluctant to regulate the sending of spam.
On Fast Track
with
Dr. Ashok Koparday

Read more On "email-risks-3"!

email-how-it-works-2

When Anita composes a message, HAPPY NEW YEAR,

using her mail user agent (MUA), she types in, or selects from an address book, the e-mail address of her correspondent. She hits the "send" button.

1. Her MUA formats the message in Internet e-mail format and uses the Simple Mail Transfer Protocol (SMTP) to send the message to the local mail transfer agent (MTA), in this case smtp.a.org, run by Anita's Internet Service Provider (ISP).
2. The MTA looks at the destination address provided in the SMTP protocol (not from the message header), in this case adheesh@a.org. An Internet e-mail address is a string of the form localpart@exampledomain.com, which is known as a Fully Qualified Domain Address (FQDA). The part before the @ sign is the local part of the address, often the username of the recipient, and the part after the @ sign is a domain name. The MTA looks up this domain name in the Domain Name System to find the mail exchange servers accepting messages for that domain.
3. The DNS server for the b.org domain, ns.b.org, responds with an MX record listing the mail exchange servers for that domain, in this case mx.b.org, a server run by Adheesh's ISP.
4. smtp.a.org sends the message to mx.b.org using SMTP, which delivers it to the mailbox of the user Adheesh.
5. Adheesh presses the "get mail" button in his MUA, which picks up the message using the Post Office Protocol (POP3).

This sequence of events applies to the majority of e-mail users.
However, there are many alternative possibilities and complications to
the e-mail system:

• Anita or Adheesh may use a client connected to a corporate e-mail system, such as IBM Lotus Notes or Microsoft Exchange.
  These systems often have their own internal e-mail format and their
  clients typically communicate with the e-mail server using a
  vendor-specific, proprietary protocol. The server sends or receives
  e-mail via the Internet through the product's Internet mail gateway
  which also does any necessary reformatting. If Anita and Adheesh work for
  the same company, the entire transaction may happen completely within a
  single corporate e-mail system.
• Anita may not have a MUA on her computer but instead may connect to a webmail service.
• Anita's computer may run its own MTA, so avoiding the transfer at step 1.
• Adheesh may pick up his e-mail in many ways, for example using the Internet Message Access Protocol, by logging into mx.b.org and reading it directly, or by using a webmail service.
• Domains usually have several mail exchange servers so that they can
  continue to accept mail when the main mail exchange server is not
  available.
• E-mail messages are not secure if e-mail encryption is not used correctly.

It used to be the case that many MTAs would accept messages for any
recipient on the Internet and do their best to deliver them. Such MTAs
are called open mail relays.
This was important in the early days of the Internet when network
connections were unreliable. If an MTA couldn't reach the destination,
it could at least deliver it to a relay that was closer to the
destination. The relay would have a better chance of delivering the
message at a later time. However, this mechanism proved to be
exploitable by people sending unsolicited bulk e-mail
and as a consequence very few modern MTAs are open mail relays, and
many MTAs will not accept messages from open mail relays because such
messages are very likely to be spam.

Note that the people, e-mail addresses and domain names in this explanation are fictional: see Anita and Adheesh.
On Fast Track
with
Dr. Ashok Koparday

Read more On "email-how-it-works-2"!

email-origin-1

Electronic mail, often abbreviated to e-mail, email, or originally eMail, is a store-and-forward method of writing, sending, receiving and saving messages over electronic communication systems.

My way of saying "WISH YOU ALL HAPPY 2009!"
What is email?

The term
"e-mail" (as a noun or verb) applies to the Internet e-mail system based on the Simple Mail Transfer Protocol, to network systems based on other protocols and to various mainframe, minicomputer, or internet by a particular systems vendor, or on the same protocols used on public networks. E-mail is often used to deliver bulk unsolicited messages, or "spam", but filter programs exist which can automatically block, quarantine or delete some or most of these, depending on the situation.

E-mail predates the inception of the Internet, and was in fact a crucial tool in creating the Internet. MIT first demonstrated the Compatible Time-Sharing System (CTSS) in 1961. It allowed multiple users to log into the IBM 7094^[16]
from remote dial-up terminals, and to store files online on disk. This
new ability encouraged users to share information in new ways. E-mail
started in 1965 as a way for multiple users of a time-sharing mainframe computer to communicate. Although the exact history is murky, among the first systems to have such a facility were SDC's Q32 and MIT's CTSS.

E-mail was quickly extended to become network e-mail, allowing users to pass messages between different computers by at least 1966 (it is possible the SAGE system had something similar some time before).

The ARPANET computer network
made a large contribution to the development of e-mail. There is one
report that indicates experimental inter-system e-mail transfers began
shortly after its creation in 1969. Ray Tomlinson initiated the use of the @ sign to separate the names of the user and their machine in 1971. The ARPANET significantly increased the popularity of e-mail, and it became the killer app of the ARPANET.

         Source

E-mail - Wikipedia, the free encyclopedia

On Fast Track
with
Dr. Ashok Koparday

Read more On "email-origin-1"!

high-security-browser-firefox

How to get protection from scammers, spammers and trigger-happy viruses; that too free? Incredible, but true, by using FIREFOX as your web browser instead of Internet Explorer. So, Internet lovers and Security conscious netizens use Firefox to stay away from the bad guys.
My way of saying WISH YOU HAPPY NEW YEAR!

Firefox is the safest browser.

I am sure it will continue to be so.
There's a Method to the Madness

Reasons:

• Anyone around the world (and Firefox has thousands of experts watching it) is able to look into the source code of Firefox and find any potential weak spots
  in its armor. This is possible because Firefox is open and accessible, unlike its competitor giant Microsoft ©.
  
• When experts get to know about a problem, they (Firefox belongs to everyone) roll up their
  sleeves and get to work fixing it right away. It’s in for everyone's best
  interest to take care of risk issue, even if it means
  admitting, "Hey! We’re a little less than perfect".
• Simply put, Firefox gives security top priority.

Firefox keeps your personal info personal and your online interests safe from threats.


There is more to tell about Firefox. Why don't you yourself check it?

Firefox, love it or leave it. Be strong or stay soft.

Firefox Features
* Security
* Customization
* 100% Organic Software
* Tips & Tricks
* Release Notes
* Other Systems and Languages

This article is not publicity stunt. It is not to earn, but to share what I learn.

Why be safe?
It is useful for people like me, who are beginners, stepping into this
awesome wild world of internet that has entered the mobile phone. World Wild Web is now spilling into our pockets, purse, pants or close to our heart.
(I mean that is where we carry our mobile phones.)

Internet has immense capacity to be abused or misused.
Kids will be using the internet or mobile.

Like it or not, internet is here to
stay, to link us.
Do not let it steal. Be sharp. Be safe.

On Fast Track
with
Dr. Ashok Koparday



Source
Mozilla Products | Security

For more details on how Firefox keeps you safe online, visit our security blog.
http://blog.mozilla.com/security

Read more On "high-security-browser-firefox"!