E-mailing clients and webmail
One of our key activities is reading the mail and, as we know, e-mail generally travels in sniff-me-up plaintext and is a key target for malware and social engineering. Added to that, there are privacy concerns with how webmail providers store and use our messages.
Let's consider the need-to-know for both remote and local e-mail retrieval, the common ground between them, and then, for good measure, single out the sham that is spam.
Remote webmail clients (and other web applications)
Webmail clients allow us to access e-mail from anywhere using a browser. That's handy, but know the risks. There are concerns in this area that resonate, to a greater or lesser extent, with so many types of sites and applications (such as for shopping, clouds, cPanel, and WordPress), so we can begin to appraise those as well from these key questions:
Can your login be seized by a man-in-the-middle (packet sniffing) attack?
Can the actual session be intercepted by, say, a cookie-stealing...
