Safe communication methods

sexy.princess's Avatar
So I am needing to somehow encrypt the data or content of my text messages or emails or both. I do ask for information when screening and I think I should put more consideration leaks or hacks or things of the sort to keep my gentlemen safe.

Any suggestions on how I can do this or something like this?
tandyscone's Avatar
Can you be more specific? Are you talking about encrypting it while it you are sending or receiving it (data in motion), just what you have stored on your devices (data at rest), or both?

In general, you can't protect data in motion without the cooperation of the other party. Data at rest is more under your control, with the exception that email is normally stored on the servers of the email provider, so you have no way of protecting it there.
ck1942's Avatar
PGP - prettygoodprivacy -- works well for email. Google PGP and you can see more.

Very doubtful I am of any easy method of encrypting "ordinary" mobile device data/email - the feds even told the Prez to stop using his Blackberry due to potential security issues.

That said, my gut says those of us in the hobby obviously need to be careful in what we include in our communications, but we should not get too paranoid about it.
sexy.princess's Avatar
@tandyscone I prefer both
@ck1942 I found signal for android users which sounds pretty goodgood. But I'm not a tech savy either. As for PGP I will definitely google it.

I generally want to make sure text and email content is safe because I do ask for personal information of potential clients when screening.
tandyscone's Avatar
I generally want to make sure text and email content is safe because I do ask for personal information of potential clients when screening. Originally Posted by sexy.princess
For email and texts in transmission, you need to use some method that encrypts the email before it leaves the sender's device and doesn't decrypt until it is on your device. There is no universal solution for this. You will have to pick one (or more) for email and one (or more) for texting. Your client will have to use the same product as you do. Apple has had an encryption service for texting, etc. on their devices for a while now, but it only works if both parties are using an iThingy. I believe there are some products out that have an agent for both Apple and Android, but you and the client would have to be using the same product. Likewise, for email, PGP is a good product but your client will have to have it and use it, or else it won't work.

Once you have received the encrypted information, it is decrypted on your device so you can read it. You will need some type of encryption for your device so that others will not be able to access it without your password. Of course that means that you have to have a strong password, and that you don't write it down somewhere. Your device encryption should also be able to securely wipe empty space on your device.

Sorry there is no simple answer. I applaud you for wanting to provide it, but if you want to do it right, it is going to take quite a bit of time and effort on your part to make it happen. You may also want to inquire with a few of your clients to see if they care whether you protect their personal info to this extent. I, personally, will never share personal info with a provider, mostly because I can't tell whether the provider really knows how to protect my personal info. It could well be that the clients who are willing to share personal info for screening don't really care how it is protected.
sexy.princess's Avatar
Mmm 😥. The main thing is that I require proof of employment and that is when many are reluctant because often it involves a picture of a work ID. Some do care because they don't trust communication much and I kind of feel the same way, but others just don't know of the possibilities.

I will look into the PGP and if I can do that, then I will do verification on emails from there. As of right now, they are in texts.

Thank you for your ! I do appreciate it!
sexy.princess's Avatar
Ugh, I have to pay for that. 😒. What are the thoughts on the Signal app for android?
  • CS123
  • 01-08-2016, 11:35 PM
Check out Wickr, it works on iphone, androind, windows, mac and linux. I have installed and set it up which wasn't too difficult. However you and your client must both have it. Shouldn't be a biggie if the client is concerned about his personal info. The sender also controls how long the message can be seen, from seconds to days. Check it out and see if it meets your needs.
sexy.princess's Avatar
Thank you CS123! 😊
sexy.princess's Avatar
It sounds very good, much like TOR but for texts. I guess my only concern is that I like to keep a text history so I can remember if I saw someone. Thus, no repeated verification. The other part of it is, a client can always go from good to bad. If I have a text history, I can remember the guy and also still have his verification part, in case a guy ever did something to me. I do believe information is the only thing that protects me from guys bad intentions.

Maybe a solution would be for me to save the Information somewhere else. I used to do that and I do have an encrypted flash drive where I keep things for the hobby.
Solitaire's Avatar
This is the primary reason that most of us collect this info thru the screening form on our websites. But some guys do not understand this and insist on sending it thru email. I will PM you with two of our safest email options.
sexy.princess's Avatar
Thank you Solitaire 😊
tandyscone's Avatar
This is the primary reason that most of us collect this info thru the screening form on our websites. But some guys do not understand this and insist on sending it thru email. I will PM you with two of our safest email options. Originally Posted by Solitaire
Why do you think collecting personal info on a website is more secure than through email?
This is the primary reason that most of us collect this info thru the screening form on our websites. But some guys do not understand this and insist on sending it thru email. I will PM you with two of our safest email options. Originally Posted by Solitaire
Solitaire, Let me ask you a question. Are you aware of https websites? HTTPS is a protocol which says it makes your website secure, and even those websites are not always secure, depends upon what encoding protocol they are using. If a website is not HTTPS, then anyone with understanding of snooping can break into your communication and read/store all the data being transmitted.

The website you are using to host your profile, is not secure. It doesn't even have a security certificate authenticating itself. So yeah, I get it when you say some guys do not understand this. Email are comparatively more secure as they are atleast https authenticated.

I have never used the apps mentioned above, so cannot vouch for them personally, but CS123 vouches for it, and I guess its better than using either of the communications mentioned above. If both the parties have iPhone, then you can use iMessage, its secure and encrypted as long as your phone is password protected.
Solitaire's Avatar
Solitaire, Let me ask you a question. Are you aware of https websites? HTTPS is a protocol which says it makes your website secure, and even those websites are not always secure, depends upon what encoding protocol they are using. If a website is not HTTPS, then anyone with understanding of snooping can break into your communication and read/store all the data being transmitted. Originally Posted by urfrndishereforyou
Yes, I do understand what you are saying.

The website you are using to host your profile, is not secure. It doesn't even have a security certificate authenticating itself. So yeah, I get it when you say some guys do not understand this. Email are comparatively more secure as they are atleast https authenticated. Originally Posted by urfrndishereforyou
We are assured by the site owners that our forms are secure... so my logic is that a secure form offshore is safer than a Yahoo or Gmail account with servers on US soil within arms length of a warrant. But you've brought something to my attention that missed my radar. Thank you immensely! If you have info on how I can assure their truthfulness about the form, please pass that along!

As for email, there are safer options than Yahoo or Gmail, which makes the form vs email debate moot, and I've shared that with her. I have also retired my own Yahoo and Gmail accounts.

Most initial requests, which are about 95% from Yahoo/Gmail users, really needs to be coming thru a secured form.

I have never used the apps mentioned above, so cannot vouch for them personally, but CS123 vouches for it, and I guess its better than using either of the communications mentioned above. If both the parties have iPhone, then you can use iMessage, its secure and encrypted as long as your phone is password protected. Originally Posted by urfrndishereforyou
I would never ever risk using my phone for anything that could be confiscated thereby compromising others in the community. Even if both parties have iPhones, are the encrypted messaged stored on servers here in the US? Are the keys? IMO any device that can be confiscated can be picked apart.

As for my knowledge base, I know just enough to be dangerous, but learning every day.