Top 10 Places Your Email Can Be Intercepted
i. The Internet
The Internet has radically changed the way we communicate with each other. Email is obviously an extremely valuable and ubiquitous form of communication, but with this technology comes certain pitfalls that should be understood. The path that an email message takes to reach its recipient is a complex and varying one, and while in transit that message may come under the potential scrutiny of numerous different people and organizations.
We will attempt to outline the varying paths that an email message may travel, and who some of those different people and organizations might be under whose scrutiny the message may pass. The intention of the document is not to provide a how-to guide; the only specific technique that will be discussed, packet sniffing, is one that anybody with any technical networking knowledge whatsoever is already familiar with – which brings us to an important point. At a round number, there are probably at least a million people in the world with the requisite technical knowledge necessary to intercept Internet-based email. Yes, I said a million. (There are actually probably a lot more than that - maybe several million by now, and more everyday as the populace becomes more networking-literate.) Fortunately, the number of those people who actually have the physical access necessary to intercept email is much smaller, but it is still a very large number.
ii. Internet Service Provider (ISP)
The Internet is composed of numerous different interconnected networks and systems that collectively provide a backbone for the transmission of network traffic. It is a highly dynamic physical environment: a system or network device that is here today may be gone or reconfigured tomorrow, and the underlying protocols of the Internet will automatically detect and accommodate for this change. This dynamic nature is one of the things that make the Internet so powerful. However, given the dynamic nature of the Internet, it is impossible to absolutely predict exactly what path network traffic will follow. One email message that you send could take an entirely different path to reach the recipient than another that you send to the same person. In fact, it is even worse than that: for the sake of efficiency, email messages and other network traffic are typically broken down into smaller little chunks, or packets, before they are sent across the
network, and automatically re-assembled on the other side. Each of these individual packets may in fact follow a different path to get to the recipient! (In actual practice, a given path tends to get reused until the operational parameters of that or other related paths have significantly changed.)
The net result of all this is that your message, or at least little chunks of your message, travels through an indeterminate set of systems and network devices, each of which offers a point of interception. These systems may be owned or operated by corporations and non-profit organizations, by colleges, by governments and government agencies, or by telecom and other connectivity providers. Given such a widely divergent group, it is easy to see how either an unethical organization or a renegade employee may easily gain access to the messages and traffic crossing their systems. All of these factors combine to make the Internet itself the primary source of message interception points.