Page 1 of 2 12 LastLast
Results 1 to 15 of 28
  1. #1
    3 Star Lounger Not Brightest Bulb's Avatar
    Join Date
    Dec 2009
    Location
    Central IL
    Posts
    330
    Thanks
    46
    Thanked 4 Times in 4 Posts

    Frontier curious

    Got this email today and am curious,started with Frontier 4 or 5 months ago and I use Thunderbird with same antivirus and firewalls I have always used. Is there a problem, I hate scare emails/warnings etc.

    Frontier is committed to protecting your personal data online. As part of that commitment, we strongly recommend that you upgrade your email security settings to protect your privacy and confidentiality. There’s no cost, and it is a quick change in your email application settings that will encrypt your emails for an increased layer of security. If you choose not to make this change, your email could be intercepted and read by a third party.



    This only impacts users of email applications such as Microsoft Outlook, Mac Mail, Thunderbird or Windows Live Mail. If you use our Webmail service (on your internet browser) you do not need to make any changes.



    Instructions on how to make this change can be found by clicking on the link below and choosing your applicable email application. You can find additional ‘frequently asked questions’ at the bottom of the email.

    http://www.frontierhelp.com/faqcategories.cfm?mcatid=57



    We encourage you to make this change right away – it takes no more than 2 minutes and will significantly improve the security and privacy of your personal data and communications.

  2. #2
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,915
    Thanks
    91
    Thanked 356 Times in 320 Posts
    It's a very common request by most ISPs for better email security; just do it.

    Bruce

  3. #3
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    20,656
    Thanks
    2
    Thanked 635 Times in 568 Posts
    Many email providers are changing to secure communications only. If you are concerned about the validity of the email go to the Frontier web site manually (i.e. type in the web site name don't click the link).

    Joe

  4. #4
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,187
    Thanks
    210
    Thanked 213 Times in 205 Posts
    You could also call Frontier's tech support line and ask them.

    Emails of this nature which come from your ISP are legitimate; the bogus ones are the ones which come from people you don't know.

  5. #5
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    5,005
    Thanks
    71
    Thanked 574 Times in 520 Posts
    Emails of this nature which come from your ISP are legitimate; the bogus ones are the ones which come from people you don't know
    Many of the malware emails spoof the ISP's address in the from box. Many times you can tell an link is fake by hovering the mouse over the link and look at the bottom of the page where the real URL is displayed. It's always safest to type the URL manually as Joe suggested and never click on links within an Email.

    Jerry

  6. The Following User Says Thank You to jwitalka For This Useful Post:

    speedball (2014-03-27)

  7. #6
    3 Star Lounger Not Brightest Bulb's Avatar
    Join Date
    Dec 2009
    Location
    Central IL
    Posts
    330
    Thanks
    46
    Thanked 4 Times in 4 Posts
    Thank you all, I believe a call to Frontier will help me with new security changes. I don't mind being tad paranoid when it comes to changes.

  8. #7
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,187
    Thanks
    210
    Thanked 213 Times in 205 Posts
    Quote Originally Posted by jwitalka View Post
    Many of the malware emails spoof the ISP's address in the from box. Many times you can tell an link is fake by hovering the mouse over the link and look at the bottom of the page where the real URL is displayed. It's always safest to type the URL manually as Joe suggested and never click on links within an Email.

    Jerry
    Good point.

    Also, when YOU initiate the contact (such as manually typing the URL, or looking up their phone number and then calling them), you can know that you are getting to the right place.

  9. #8
    Lounger
    Join Date
    Dec 2009
    Location
    Liphook, Hampshire,UK
    Posts
    28
    Thanks
    4
    Thanked 2 Times in 2 Posts
    "Frontier is committed to protecting your personal data online. As part of that commitment, we strongly recommend that you upgrade your email security settings to protect your privacy and confidentiality. "
    SSL only protects your data while in transit from you to Frontier by encrypting the data stream. It does not encrypt or protect your email while passing through the many servers it may pass through before reaching its destination. It doesn't protect it from prying eyes sitting on the recipient's mail server. SSL protects the data while travelling between you and Frontier. If you want the content of an email protected encrypt an attached document and give the key to the recipient separately.
    Last edited by greytech; 2014-03-27 at 07:10.
    Expert help is less costly than inexpert help

  10. #9
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,329
    Thanks
    140
    Thanked 117 Times in 100 Posts
    The message is similar to when Yahoo Mail FINALLY got with the program and started using a secure (padlock in the URL) SSL connection. Actually, this connection is far more secure than ordinary SSL, and it uses different security protocols, but the take-away message is that Frontier is forcing users to use secure connections, not forcing pre-encryption of emails.

    Pre-encryption means that the messages themselves are encrypted and can only be viewed if the recipient has a Public Key. Encrypted email refers to a secure channel through which messages which themselves are not pre-encrypted, can be transmitted with minimal risk of being intercepted and read between their origin and their destination.

    Here's what my email provider, Fastmail, says about email encryption and security.

    Having read further, I am not sure I have used the term SSL correctly here. Read my later post in response to BruceR, and follow the link the How Stuff Works for a much better treatment of web site security.
    Last edited by bobprimak; 2014-03-30 at 06:04.
    -- Bob Primak --

  11. #10
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,915
    Thanks
    91
    Thanked 356 Times in 320 Posts
    Quote Originally Posted by bobprimak View Post
    Actually, this connection is far more secure than ordinary SSL, and it uses different security protocols,
    What is this extraordinary SSL connection you're describing which is far more secure and what different security protocols does it use?

    Bruce

  12. #11
    Lounger
    Join Date
    Dec 2009
    Location
    North Eastern Arizona, USA
    Posts
    30
    Thanks
    4
    Thanked 1 Time in 1 Post
    I have seen the same announcement from Frontier. I think that it is a sheep in wolfs clothing!

    There's been a couple of times over the years when I've noticed that adverts would pop up after I discussed some item. I tested this by sending an email with just 5 words in it and I began getting ads on ALL 5! I complained to Frontier and for a while the ads stopped. But certainly Frontier was scanning email and web surfing.

    I later began seeing ads again, probably years later. I switched to Thunderbird and I saw a decrease in ads.

    Then I got from Frontier a new Terms of Service and it was very open about what they scan. I haven't gone back to web based email to see what's happening there. And the latest notice from Frontier heightens the alarm.

    I'm paying for Frontier as an ISP and they shouldn't be bugging the hand that feeds them!

  13. #12
    Lounger
    Join Date
    Dec 2009
    Location
    North Eastern Arizona, USA
    Posts
    30
    Thanks
    4
    Thanked 1 Time in 1 Post

    Angry How do we stop them!!

    Does anyone know how to get an email service that Frontier can NOT scan? It would perhaps be a service where incoming mail would go to an intermediate and the whole email including pictures, addresses etc would be encrypted and then sent to my ISP and when in Thunderbird I opened the email it would be un-encrypted??!!

    The reverse would happen on outgoing in that Thunderbird would encrypt the whole thing, send the mail to an intermediate, un-encrypt and send to the recipient(s).

    And that would be great if everything coming in or out would cause Frontier (and other intruders) to see only an encrypted text. http://windowssecrets.com/forums/images/icons/icon8.png

  14. #13
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,187
    Thanks
    210
    Thanked 213 Times in 205 Posts
    Quote Originally Posted by partner View Post
    Does anyone know how to get an email service that Frontier can NOT scan? It would perhaps be a service where incoming mail would go to an intermediate and the whole email including pictures, addresses etc would be encrypted and then sent to my ISP and when in Thunderbird I opened the email it would be un-encrypted??!!

    The reverse would happen on outgoing in that Thunderbird would encrypt the whole thing, send the mail to an intermediate, un-encrypt and send to the recipient(s).

    And that would be great if everything coming in or out would cause Frontier (and other intruders) to see only an encrypted text. http://windowssecrets.com/forums/images/icons/icon8.png
    If Frontier is your ISP, and if you use the email service that they provide, then I'm not sure how you can avoid them scanning it.

    If you go with a non-Frontier email service, then I am quite sure that you will have stopped Frontier from scanning your email.

    If you are concerned about someone scanning your email, then get your own domain and go with a reputable, paid email service, that is, one which makes its money from your subscription fees. If you go with a free email service, then they will in all likelihood scan your email and make money by selling the information. Also from advertisements which you see.

    None of this stuff is free; you either pay with your money or your information. (or both)

  15. #14
    5 Star Lounger Browni's Avatar
    Join Date
    Dec 2009
    Location
    Rochdale, UK
    Posts
    906
    Thanks
    17
    Thanked 59 Times in 59 Posts
    Quote Originally Posted by BruceR View Post
    What is this extraordinary SSL connection you're describing which is far more secure and what different security protocols does it use?

    Bruce
    I would be very interested to hear about this as well.

    My email provider (not my ISP I may add) uses SSL/TLS for security as default.

    A little bit of digging suggests to me that it is STARTTLS Bob is referring to which converts a plain text connection to one using SSL/TLS.

    For me that security is already in place without using STARTTLS as I am sure it is for many others.


    Going back to the OP with his question, yes, you should apply those changes.
    Last edited by Browni; 2014-03-27 at 21:12.

  16. #15
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,329
    Thanks
    140
    Thanked 117 Times in 100 Posts
    Quote Originally Posted by BruceR View Post
    What is this extraordinary SSL connection you're describing which is far more secure and what different security protocols does it use?

    Bruce
    What I said about SSL being not the only security in a HTTPS session may not have been entirely accurate.

    HTTPS and SSL are only two of the security measures used in secure web site connections. Web sites can use additional means to protect secure logins and other interactions. TLS is an updated version of SSL, and this is the better security I was originally referring to. But as the GNU-TLS Bug illustrates, even TLS is not perfect.

    Web site security usually has several components, each one of which can be made more or less secure. In the Linux case, the affected component (GNU-TLS) was patched, making the overall security setup more secure.

    With the Linux GNU-TLS Bug, the issue with TLS not being secure is mitigated by the fact that GNU-TLS does not stand alone in most secure web connections. One important measure taken was to issue a security update for GNU-TLS.

    OpenSSL is used much more commonly than GNU-TLS, so most secure web connections were not affected by this bug. The hype surrounding this bug does illustrate how many tech writers don't understand the different web security protocols any beter than I eveidently do. Hence some of my own confusion. More on the Linux bug here.

    I probably did not fully understand what these [protocols are all about when I posted above, and I confess I still am a bit unclear on thie subject.

    This article gives a lot more information on the entire subject of web security than I can include in a post, so anyone seeking the whole story probably will do a lot better reading this than reading my attempts to reduce the subject to short forum posts.

    This article gives a further disctinction of SSL and TLS, and the various security aspects of each.
    Last edited by bobprimak; 2014-03-30 at 06:55.
    -- Bob Primak --

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •