August 15th, 2017
Way back in the old days of Apple IIEs people could go to libraries or bookstores and borrow or buy books to code. Actually, they didn’t teach you anything. They were just a book for you to copy line by line codes to make a game or whatever else you need. It was well before the days of the internet and complex coding languages that we use today. Actually, there has been a curve now and some are becoming easier, but that is a blog for another day.
Back to the books. The books were in the programming language “BASIC.” BASIC goes something like this:
10 INPUT “What is the first number?”, A$
20 INPUT “What is the second number?”, B$
30 PRINT “The Total”, A$ + B$
40 GOTO 10
This will allow a user to enter two numbers and then the program will show the total.
But imagine 4,000 lines of this? Do you think you could learn to program by just copying this and then playing whatever you have copied? You would be amazed at the amount of people that actually did it this way.
In today’s day and age, you can go to the internet and ask Google whatever it is you want to do and it will give you some code made by someone else that you can copy and paste. The beauty of it is, there will usually be an explanation of how they came to this, and how it actually works attached.
So you can learn.
But in the old days, you just copied code and the logic of how to code (it was called programming in the old days), transferred from the keyboards to your brain.
The Most BASIC Programming
About 45% of all the emails sent over the internet are spam. And spam emails are costing businesses more than $20.5 billion annually, with this cost expected to rise to $257 billion within a few years. The FBI addresses these cases as Businesses E-Mail Compromises (BEC), asserting that they are an emerging global threat, with 22,143 cases of BEC being reported to them over the span of 3 years, amounting to $3 billion in fraudulent transfers.
FBI provides noteworthy real-life examples of Business E-Mail Compromise on their website, highlight how easy it is for an average employee to fail to detect these fraudulent emails among the sea of other important business emails. Spammers exploit this situation to craft emails that looks exactly like a legitimate email, sent from someone important with a strong sense of urgency, giving the busy employee no time to verify the authenticity of the email. For example, an accountant in a US company received a fraudulent wire transfer request for $737,000 to a Bank in China that included the CEO’s signature over the company seal. The email looked exactly like all the previous fund transfer requests, making it impossible for the accountant to recognise it as spam, leading to a huge financial loss to the organisation.
An important solution that businesses can employ to combat such BEC’s is digitally signing all intraoffice emails. Digital Signatures assures the recipient of the email of the identity of the sender and of the integrity of the message received. The security goals that it fulfils are authentication, integrity and non-repudiation. In simple words, the email is unmodified and sent by the person who claims to be the sender.
Digital signatures work based on the principle of asymmetric cryptography. Basically, two keys are generated per user: a public key and a private key. The sender signs the email using their private key and the receiver can verify the authenticity of the email by matching the public key of the sender with the public key that is published online. So the private key is known only to the user and is used for signing the email. Meanwhile, the public key is known to everyone and can be used to assure the receiver of the identity of the sender.
So now you know why we need digital signatures and how they technically work. In the next article, you’ll learn how to implement them in your everyday email communication for one of the most frequently used email clients: Outlook.