Lockbin Notes
Lockbin Update released today
We’ve released version 2.1 of the Lockbin.com web app. We’ve fixed bugs reported by users and discovered by testers, and added a few features. The message interface was streamlined, and you can now change your email address.
We are also releasing an update to the Lockbin add-on for MS Outlook. We’ve improved how Lockbin add-on works in Outlook 2013, particularly with “inline messages.”
Auto-Activation of the Lockbin Outlook Add-on
Lockbin will now turn itself on by default when you reply to an email message that is in Outlook’s “Lockbin Inbox.” We did this as a precautionary measure, to help reduce the risk that users might forgot to activate the Lockbin add-n when replying to a sensitive message. In Outlook 2013, with inline messages and with the way that Outlook will hide toolbars, we felt that the chance was too high that users might forget to activate Lockbin. We also believed that if users were replying to a message that had already been sent through Lockbin that there would be a very high likelihood that the reply message should be encrypted.
These improvements are now live. The latest version of the Outlook add-on can be downloaded from Lockbin.com
Update on the Lockbin Android app.
It’s taken us longer than we thought to complete this project, but the app is in testing. Deploying Lockbin.com 2.1 puts in place the infrastructure we need to support some unique features of the add-on. The latest beta now supports Android 2.3 through 4. If you are fairly technical and would like to test it, Tweet us at @lockbincom
How To Check The Status of Lockbin Notification Email Messages
Sometimes customers will contact Lockbin support because their notification email messages have not been received by the recipient. There could be various reasons for this.
Sometimes, despite our best effort, the notices may end up in the recipient’s junk mail box. This is typically easy to resolve when the recipient checks their junk folder, and then adds Lockbin.com to their safe sender’s list.
However, by far the most common reason a notification message is not delivered is because the email address is misspelled (about 80% of the time we follow up, this is the reason). There may be other reasons, which is why we’ve given Premium users a window into the delivery process. By clicking “Message Status” from the Premium user toolbar, and then locating the message in question, you can find more details that may be helpful.
If the status reads, “Notification Error,” clicking the red message will provide more details.
In this case delivery was prevented because of a bad email address. The reply message from the email server is parsed and made available to you so that you can be informed if there is a problem and take appropriate action.
Sometimes notification messages are grey listed. This is a spam fighting technique used on some email servers. Grey listing requires our email server to work harder to deliver the message. Since most spam servers will not attempt to re-deliver a message, Lockbin is usually successful in these situations. We will try up to 3 days to deliver the notification. Typically this is enough to convince the mail server that we’re legit and future emails usually are delivered without incident.
A few email servers will send us a message requiring entry of a captcha message, or a manual white listing registration process. We look for and respond to these messages manually. Because it is a manual process, It may take us up to 12 hours to find and dispatch these requests.
The vast majority of Lockbin’s notification emails (98%) are delivered promptly and without incident. The last 2% present a challenge for us and Lockbin users, but that’s also is reflective of the nature of the broader challengers facing email delivery today. But we can overcome 80% of the problem just by being a little more careful as we type the recipient’s email address..
An Outlook Email Encryption Solution for CPA’s: Protecting Client’s Sensitive Information
A CPA is using Microsoft Outlook to correspond with a major client. An important tax document is needed to complete the client’s company’s tax return. The client apologizes for forgetting the file, and casually offers to email this information to the CPA immediately.
While many people might just let such an incident pass unnoticed, this CPA recognizes that sending sensitive documents through email is a bad idea. Unencrypted email messages are an unsecured way of communicating. While the expectation of the parties involved is that the message will privately transit the internet, the fact is that every unencrypted email message is at risk for interception. In situations where an email may include personally indentifiable information or patient health information, laws like HIPAA and HI-TECH can impose stiff penalties for breaches.
In the situation just described, Lockbin is a service that offers the CPA a reasonable and proactive process for receiving the client’s information securely. The CPA tells the customer not to email the information to him by email. Instead, the CPA will initiate a special request for the information that will allow it to be sent securely. He tells the client to watch his email inbox for the Lockbin Information Request email that will arrive momentarily.
To initiate the information request email, the CPA locates the Lockbin toolbar on Outlook’s main menu. He clicks “Send Request.” Lockbin opens a window to collect the client’s email address. The CPA can enter a special message to the client that will be visible within the email message.
Lockbin generates a special page on Lockbin.com that the client will visit over a secure TLS connection. From this secure page, the client can type a message and attach files for the CPA.
After the client sends the message, Lockbin will encrypt the contents with a public key that is associated with the CPA’s account. Within minutes, the files will be transmitted securely to the CPA’s Outlook inbox. The documents have been delivered securely, and the process was effortless. The client did not need to download and install any special software, nor did the client need to devise a password.
Information Request is one of the basic functions built into the Lockbin messaging platform. While the technology behind the request is complex and NIST FIPS verified, the front end of the process is simple for both the CPA and his client.
Information requests is one of the premium features of Lockbin. It’s also available directly from the Lockbin.com web application, and works very similar online as it does in the Microsoft Outlook environment.
For more information about Lockbin and how it can help your business receive, send and request information securely over the internet, visit Lockbin.com
Lockbin upgrades servers
Our new servers went online tonight! We hope the improvement is as noticeable to you as it is to us! Congrats to Velja and Giorgi who worked hard to make the transition to our new facility seamless and perfect.
Lockbin is now physically located at a centrally located, environmentally friendly secure facility in Lenexa, KS operated by 1&1, with 24/7 monitoring, backup generators, restricted physical access, and great connectivity.
Is there a size limit to files that can be uploaded with the free version of lockbin?
The file size limit for the free version of Lockbin is 15 MB. One attachment is allowed.
For Premium users, up to 20 files are allowed, for a total file size of 100 MB.
can my ip address be traced back to me
Yes, your IP address can always be traced back to you. Your ISP probably keeps records for six months or more. Lockbin also logs IP addresses of users. We typically keep them for up to 90 days, but we may delete them sooner. We use these records to help us understand web traffic to our site, and to also will use this information to help defend against various attack vectors to our website. We do not try to identify you personally by your IP address. If we were forced to turn over our server logs to a legal authority, they may be able to trace your IP address to you personally (even though we can’t).
Lockbin isn’t primarily focused on providing anonymity to its users. We are focused first on end-to-end security for your message in a manner that is HIPAA compliant and allows our customers to claim a safe harbor in the event of a breach.
Lockbin is not an anonymous mailing service, even though we do allow anonymous users to try Lockbin.
Well known ways to surf the internet anonymously include using a web proxy, or the TOR network. TAILS Linux is a bootable CD that encourages secure web browsing by integrating tightly with security privacy software (including TOR). A copy of TAILS that will boot up a PC can be purchased from Osdic.com for a few dollars.
The privacy benefit of using Lockbin is that you are in control of your keys. We cannot access your content, and there is no backdoor through which we can retrieve your keys. We do not monitor your content. If you use secure passwords and keep them private, then your information is well secure.
Announcing MessageLock Integration to Lockbin
Since 2006, Outlook email users have been encrypting their email messages and files with MessageLock, an add-in developed by our parent company, Encryptomatic LLC. We’re happy to announce that Lockbin has been fully integrated to MessageLock with the release of version 2.0. Welcome Lockbin users! We’re glad you’re here! You can now choose to use the Lockbin service as one of the encryption encryption algorithm options with MessageLock.
When MessageLock routes a message through Lockbin.com, your computer makes a secure TLS/SSL connection directly to our server. The message is not sent through your regular email account. Lockbin holds your message until the recipient claims it with the password.
If you are sending to someone else who is using MessageLock with Lockbin, or someone using the dedicated Lockbin add-in for Outlook, your email messages are downloaded directly to Outlook. This makes it really easy to setup a secure email connection with someone while retaining Outlook as the familiar context for your messages.
The Lockbin integration with MessageLock supports both free and premium Lockbin accounts. Anonymous usage is not supported at this time.
MessageLock works with Outlook 2013, 2010, 2007 and 2003. Both 64-bit and 32-bit versions of MessageLock are supported. This image shows Lockbin integrated to MS Outlook 2010 toolbar.
Follow this link to learn more about MessageLock and to download a free trial.
The “Nothing to hide” argument
We at Lockbin have been and remain ardent supporters of the right to personal privacy. We have long supported the Electronic Frontier Foundation’s efforts to protect privacy rights on the internet.
One of the most effective arguments against privacy goes something like, “I don’t have anything to hide, so I don’t care about privacy.” Or, “Privacy is only for criminals.” Daniel Solove does an excellent job debunking these anti-privacy arguments in his essay, which is worth the read. He outlines a useful taxonomy for understanding privacy issues while having the debate.
One of the most peculiar aspects to the privacy debate is the requirement from the U.S. government (through HIPAA and HI-TECH laws) that healthcare providers protect patient health information (PHI). There are severe penalties for failing to do so.
Yet, when it comes to a discussion about personal privacy (i/e protecting our own information) the debate will often be flipped to, “What do you have to hide.” After all, if we have nothing at all to hide, then perhaps our personal health records should simply be in the public domain.
People who have nothing to hide are exactly the people who should proactively hold their privacy close. Even mundane details Nothing to hide does not mean nothing to lose. Even mundane email communications can inadvertently give away important details about your job, your relationships and associations, your current or intended whereabouts, your beliefs and propensities. While you may not have anything to hide from the government, in the hands of criminals this information could potentially harm you.
Lockbin is pleased to provide a platform that puts you in control of your privacy and conforms to HIPAA regulations. What you do with your privacy is your own business. Neither surrender it lightly nor let anyone make you feel guilty for demanding it.
Page 1 of 8
