FBIM Transactions

In today's business, use of electronic mail is practically inevitable. Most of the relevant information of an organization in one way or another is transmitted by e-mail, either as an attachment or as a part of the message content. Therefore businesses care about protection of information sent by e-mail. In doing so, the organization of protection doesn't depend much on the size of a company or an organization, the problems are very similar. Here must be noted that large organizations have at their disposal more resources, but also that such organizations are more interesting and more vulnerable to attacks. However, the development of information technology has provided even the "excess" capacities of eavesdropping systems, so lately email monitoring is practically brought down to individual users. In the first part of the paper security of electronic mail and electronic communication is analyzed in the light of the scandal caused by Edward Snowden's publishing of classified information about the monitoring of electronic communications in The Guardian journal and on his Web site as well as in his statements. In the second, more voluminous part the article, the organization of e-mail transmission, as well as the critical points in the chain of transmission of messages where the message can be attacked, lost, or "only" late are analyzed. Also, here are presented some options for e-mail encryption protection in variants: "end-to-end", server - server, and client - server. Certain consideration is given to risks of storing mails at second or third hand. At the end of the article, there are discussed some legal aspects, the available legislation and protection of electronic messages using electronic signatures and public and private keys for encryption. In the conclusion, it is stated that based on the previous analyses it can be concluded that there is virtually no technology that ensures absolute protection of messages and that it is not enough to protect an important message during its trip through cyber space and that the message should be protected from its creation to its reading and archiving. Also, it is not to be expected that the situation with mail security will be improved with new legislation. Hunger for data explodes.

electronic mail, email, Internet, safety, protection, security, server, client, electronic signature, digital signature, encryption, public key, secret key, Prism, Tempora, surveillance, SME

Ackerman, S. (2013, 08 06). Former NSA chief warns of cyber-terror attacks if Snowden apprehended. Preuzeto sa theguardian: http://www.theguardian.com/technology/2013/aug/06/nsa-director-cyber-terrorism-snowden

Admin, J. (2011, 07 2). Man In The Middle Attack Using Ettercap. Preuzeto sa Hackaholic: http://www.101hacker.com/2011/03/man-in-middle-attack-using-ettercap.html

Anon. (2009). Pravilnik o izdavanju vremenskog žiga. Preuzeto sa Digitalna agenda: http://www.digitalnaagenda.gov.rs/FileSystem/SiteDocuments/zakoni/Pravilnik%20o%20izdavanju%20vremenskog%20ziga%202009.pdf

Anon. (2013, 08 01). Email. Preuzeto sa Surveillance Self-Defense: https://ssd.eff.org/tech/email

Čekerevac, Z. (2009). Internet tehnologije i Internet poslovanje (Vol. 4). (P. d. Bulat, Ed.) Kruševac, Srbija, Srbija: ICIM+.

Čekerevac, Z. (2012). Elektronsko poslovanje. Beograd, Srbija, Srbija: Visoka poslovna škola strukovnih studija.

Charles, A. (2013, 08 19). Google trying to evade UK privacy laws, campaigners claim. Preuzeto sa The Guardian: http://www.theguardian.com/technology/2013/aug/19/google-privacy-laws-uk-lawsuit

Constantin, L. (2011, 11 21). OpenPGP JavaScript Implementation Allows Webmail Encryption. Preuzeto sa PCWorld: http://www.pcworld.com/article/244406/openpgp_javascript_implementation_allows_webmail_encryption.html

Geier, E. (2012, 04 25). How to encrypt your email. Preuzeto sa PCWorld: http://www.pcworld.com/article/254338/how_to_encrypt_your_email.html

Greenwald, G., & MacAskill, E. (2013, 06 07). NSA Prism program taps in to user data of Apple, Google and others. The Guardian. Preuzeto 08 04, 2013 sa http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data

Jungholt, T. (2013, 08 03). FDP-Minister will "Datenuntreue" bestrafen. Die Welt. Retrieved 09 20, 2013, from http://www.welt.de/politik/deutschland/article118648774/FDP-Minister-will-Datenuntreue-bestrafen.html

Kessler, M. (2013, 07 23). Deutsche User: Zwei Drittel halten ihre Daten im Netz für unsicher. Preuzeto 08 05, 2013 sa teltarif.de: http://www.teltarif.de/bitkom-internet-nutzer-daten-unsicher-befragung-prism/news/51871.html

Moore, A. (2013, 08 07). Former NSA boss compares PRISM critics to Al Qaeda. Preuzeto sa deathandtaxes: http://www.deathandtaxesmag.com/203430/former-nsa-boss-compares-prism-critics-to-al-qaeda/

Muncaster, P. (2013, 07 29). Western spooks banned Lenovo PCs after finding back doors. Preuzeto sa The Register: http://www.theregister.co.uk/2013/07/29/lenovo_accused_backdoors_intel_ban/

Nikić, S. (2010, 03 05). Najčešće metode napada cyber kriminalaca i kako se odbraniti. Preuzeto sa IT Veštak: http://www.itvestak.org.rs/ziteh_10/zbornik_radova/Nikic%20Srdjan%20-%20Metode%20napada.pdf

Osterman Research. (2013, 07). Why Should You Encrypt Email and What Happens if You Don’t? Preuzeto sa Osterman Research White Paper: http://www.ostermanresearch.com/whitepapers/orwp_0194.pdf

Rouse, M. (2007, 06). Man in the middle attack (fire brigade attack). Preuzeto sa SearchSecurity: http://searchsecurity.techtarget.com/definition/man-in-the-middle-attack

Rusbridger, A. (2013, 08 20). I would rather destroy the copied files than hand them back to the NSA and GCHQ - video. (J. Borger, Novinar) theguardian.com. London. Preuzeto sa http://www.theguardian.com/world/video/2013/aug/20/alan-rusbridger-miranda-snowden-nsa-gchq-video

Schindler, E. (2007, 02 15). Getting clueful: Five things you should know about fighting spam. Retrieved from CIO: http://www.cio.com/article/28830/Getting_Clueful_Five_Things_You_Should_Know_About_Fighting_Spam

Schindler, E. (2008, 01 07). E-Mail Technology Definition and Solutions. Preuzeto sa CIO: http://www.cio.com/article/169700/E_Mail_Technology_Definition_and_Solutions?page=2&taxonomyId=3071

Snowden, E. (2013, 06 23). Edward Snowden News. Preuzeto sa Edward Snowden News: http://edward-snowden.net/category/edward-snowden/

Symantec. (2013, 03 13). Symantec Encryption Solutions for Email, Powered by PGP Technology. Preuzeto 08 01, 2013 sa Symantec: http://www.symantec.com/content/en/us/enterprise/fact_sheets/b-encryption-solutions-for-email.pdf

TeleGeography. (2013). Global Internet Map 2012. Preuzeto 08 05, 2013 sa TeleGeography Authoritative Telecom Data: http://www.telegeography.com/telecom-resources/map-gallery/global-internet-map-2012/

USA Patriot Act. (2001, 10 24). Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001. Preuzeto 08 03, 2013 sa epic.org: http://epic.org/privacy/terrorism/hr3162.html

Vicomsoft. (2012, 11 29). Email and email servers - Part two. Preuzeto sa Vicomsoft: http://www.vicomsoft.com/learning-center/email-and-email-servers-part-2/

Wheatley, M. (2013, 06 24). Project Tempora: How the British GCHQ Helps the NSA Spy on US Citizens. Preuzeto sa siliconANGLE: http://siliconangle.com/blog/2013/06/24/project-tempora-how-the-british-gchq-helps-the-nsa-spy-on-us-citizens/

Wikipedia. (2013, 08 05). Email. Preuzeto sa Wikipedia The Free Encyklopedia: https://en.wikipedia.org/wiki/Email#Operation_overview

Zakon. (2009). Zakon o elektronskom dokumentu. „Službeni glasnik RS”(51). Preuzeto sa Republika Srbija - Ministarstvo spoljne i unutrašnje trgovine i telekomunikacija: http://mtt.gov.rs/download/1/Zakon_o_elektronskom_dokumentu.pdf?lang=lat

Zakon BD. (2010, 06 02). Zakon o elektroničkoj ispravi Brčko Distrikta Bosne i Hercegovine. Preuzeto sa Skupština Brčko Distrikt BiH: http://www.skupstinabd.ba/zakoni/164/Zakon%20o%20elektronickoj%20ispravi%20BOS%2039-10.pdf

Zakon HR. (2005, 12 29). Zakon o elektroničkoj ispravi. Preuzeto sa Zakon HR: http://www.zakon.hr/z/272/Zakon-o-elektroni%C4%8Dkoj-ispravi