I just came across this story, from a few months ago. I'm surprised it didn't get more play, because it's much more serious than the run-of-the-mill software vulnerability story.
PC's are not secure, and never have been. For most of us, that hasn't been a big concern. We try to keep viruses and bots off our systems, either by avoiding Windows or by more iffy and difficult methods. But that's mostly due to a desire to keep our systems running and be good network citizens. But the risk of a personal attack on your system has always been a long shot, because, despite the fact there are many people who could read your email, there's little reason any of them would want to. The sets of people who know how, and people who would care to, are small enough that their intersection is probably zero.
That calculation has now changed. If there is someone who has a grudge against you, or some other motive to want to read your email or impersonate you, and that person knows how to buy stuff on the internet, you are now at serious risk.
I've talked before about how to make your email secure, but it's difficult to do reliably, and the advice in the article is probably best. If you want to keep stuff secret, don't put it on a computer, unless you're an expert.
Labels: crime and freedom, technical