Data security Archive

Could you end up determining which country your data is held in?

Article

Microsoft will host data in Germany to hide it from US spies | The Verge

My Comments

Edward Snowden has raised a very significant issue concerning the confidentiality and sovereignty of your data when he leaked what went on with the NSA. This has affected how individuals and organisations do business with American-chartered IT organisations like all of Silicon Valley.

But what has happened was that Microsoft took up a new model for setting up data storage which is in the form of a “data trustee”. This model is similar to how a trust fund operates where a third party who is known as a trustee, is tasked to control funds and assets that come in to that fund for the benefit of the recipients.

In this case, Microsoft is setting up data centers in Germany and delegating Deutsche Telekom, a telco entirely chartered in Germany, to control these data-storage facilities as a “data trustee” for them. But the data stored on these facilities will be Microsoft’s and their customers’ data.

Why Germany? Warum Deutschland? This is because Germany, a country which has been passed through some horrible periods of history where big government abused citizens’ privacy in the form of the Third Reich and East Germany, have enacted some of the world’s tightest privacy laws.

What I see of this is that a person who signs up to a Webmail service, online storage service, Webhost or similar online service could be given the option to have the data held on servers in a nominated country, most likely rated according to the country’s standard of privacy and data sovereignty. Similarly, companies chartered in countries with rigorous data privacy and confidentiality standards could end up doing valuable business in renting data center space or providing online services to local and foreign individuals and companies wanting stronger privacy.

On the other hand, these countries could end up with the same reputation that Switzerland had with its banks. This was where Switzerland’s financial-secrecy laws were abused by people and companies who were laundering or concealing ill-gotten gains in Swiss banks to avoid official scrutiny. In relationship to data, this could allow for data associated with criminal activity such as child-abuse imagery or pirated software to be concealed in countries with high data-privacy standards.

But the authorities in those countries can act as a legal filter to make sure that any official data requests are for legitimate crime-fighting and personal-safety reasons rather than to suppress internationally-recognised core freedoms and liberties.

Send to Kindle

A clear reality surfaces with the Internet Of Things

Article

Linksys EA8500 broadband router press picture courtesy of Linksys USA

A tight healthy operating software update cycle can keeep routers and other devices from being part of botnets

Hacked Shopping Mall CCTV Cameras Are Launching DDoS Attacks | Tripwire – The State Of Security

My Comments

What is being highlighted now is that devices that are normally dedicated-purpose devices are becoming more sophisticated in a way that they are effectively computers in their own right. This was highlighted with some network video-surveillance cameras used as part of a shopping mall’s security armour.

What had happened was that these cameras were found to be compromised and loaded with malware so that they also are part of a botnet like what comonly happened in the 2000s where multiple computers loaded with malware were used as part of zombie attacks on one or more targets. In a similar way to a poorly-maintained computer, they were found to run with default passwords of the “admin – admin” kind and were subject to brute-force dictionary attacks.

AVM FRITZ!Box 3490 - Press photo courtesy AVM

AVM FRITZ!Box – self-updating firmware = secure network infrastructure

The article’s author highlighted that there need to be work done concerning dedicated-purpose devices, whether they are the network-infrastructure devices like routers or devices that are part of the “Internet Of Everything”.

Here, the devices need to run constantly-updated software, which is something that is considered necessary if the device is expected to have a long service life. The best example would be some of the routers offered to the European market like the Freebox Révolution or the AVM Fritz!Box where they receive constantly-updated firmware that at least can be downloaded at the click of an option button or, preferably, automatically updated like what happens with Windows and OS X and what is done with recent iterations of the AVM Fritz!Box firmware.

As well, a device’s setup routine should require the user to create secure credentials for the management interface. In some cases, if a device is part of a system, the system-wide management console could exchange system-specific access credentials with the member devices.

What has commonly been said is that the Internet of Things needs to face a severe security incident as a “wake-up call” for such devices to be “designed for security”. This is similar to incidents involving desktop computing, the Internet and mobile computing have served a similar purpose like the way Windows implemented privilege escalation on an as-needed basis since Windows Vista.

Send to Kindle

HP integrates secure firmware practices in to their enterprise laser printers

Article

HP adds protection against firmware attacks to enterprise printers | PC World

My Comments

An issue that has become a reality with dedicated-purpose devices like printers, network infrastructure hardware and the Internet Of Everything is making sure these devices run software that isn’t a threat to their users’ safety and security and the integrity of their users’ data.

Most device manufacturers tackle this through a regular software-update program but this requires users to download and deploy the newer firmware which is the software that runs these devices. It is also the same path where, in some cases, these devices acquire extra functionality. AVM, a German network-hardware manufacturer, took this further by providing automatic updating of their routers’ firmware so users don’t have to worry about making sure their router is up to date and secure.

But Hewlett-Packard have approached this issue from another angle by implementing watchdog procedures that make sure rogue software isn’t installed and running on their devices. Here, the printers implement a detection routine for unauthorised BIOS and firmware modifications in a similar manner to what is implemented with business-grade computers. This effort is based on their experience with developing regular computers including equipment pitched at business and government applications.

Here, when the printer validates the integrity of its BIOS during the start-up phase and loads a clean known-to-be-good copy of the BIOS if the software in the machine is compromised. Then, when the machine loads its firmware, it uses code-signing to verify the integrity of that firmware in a similar manner to what is done with most desktop and mobile operating systems. The firmware also implements an activity checker that identifies if memory operations are “against the grain” similar to well-bred endpoint-protection software. The watchdog software will cause the machine to restart from the known-to-be-good firmware if this happens.

Initially this functionality will be rolled out to this year’s LaserJet Enterprise printers and MFCs with any of the OfficeJet Enterprise X or LaserJet Enterprise machines made since 2011 being able to benefit from some of this functionality courtesy of a software update. There is a wish for this kind of functionality to trickle down to the consumer and small-business desktop printers that HP makes.

What I like of this is that HP has put forward the idea of continual software integrity checking in to embedded and dedicated devices. This isn’t a cure-all for security issues but has to be considered along with a continual software-update cycle. Personally these two mechanisms could be considered important for most dedicated-purpose device applications where compromised software can threaten personal safety, security or privacy; with the best example being Internet routers, modems and gateways.

Send to Kindle

Regular operating systems and their vulnerability to security threats

Article

Which Is More Vulnerable To Viruses And Hackers: Windows 10 or Mac OS X? | Gizmodo

My Comments

Lenovo ThinkPad X1 Carbon Ultrabook

The Lenovo ThinkPad X1 Carbon – an example of a laptop based on a regular computing platform

During the 2000s, the personal computing scene focused on so-called “regular” personal computers i.e. desktop and laptop computers that ran a desktop-grade operating system. The main platforms were the Windows platform heralded by Microsoft and with hardware made by plenty of other manufacturers and the Macintosh platform that was made by Apple. Of course, there were a few personal computers that ran one of many open-source Linux distributions which were effectively UNIX.

There was the issue of security risks magnified due to an increased amount of personal and business computing time spent online through the Internet. In most cases, especially with the Windows platform, these risks were mitigated using a desktop or endpoint security program installed on the client computer. Although I have constantly seen the Apple Macintosh platform at risk of security exploits, that platform wasn’t at risk because there were fewer computer users using that platform.

Enter Windows Vista. This operating system had improved security features like operating as a regular user unless necessary but these were tacked on to the Windows XP codebase. This led to poor performance and computer users saw the value of switching to the Apple Macintosh platform for regular computing needs with some even using Apple’s iWork office tools as a way simply to dump Microsoft.

This led to the Apple Macintosh platform becoming more vulnerable due to its increased popularity and the use of “write once run anywhere” code like Java. Apple had to pull their finger out to improve the Macintosh platform’s security and, like Microsoft, engage in regular software updates and patches.

Improvements

Major upgrades for pennies’ worth or free

Windows 10 Start Menu

Windows 10 – a free upgrade from Windows 7 or Windows 8.1

Microsoft and Apple had even started to offer newer iterations of their operating systems to home users and small businesses at prices that would represent chump change or, later on, offer these iterations for free.

Apple started the ball rolling with Mac OS X for pennies’ worth starting with OS X Lion and for free starting with Mavericks. Subsequently Microsoft used Windows 8 to facilitate a software upgrade for pennies’ worth and used Windows 10 to instigate a free software upgrade program.

The major upgrades typically had security improvements like creation of app stores and newer secure codebases.

Blind updates for security patches

A way software developers keep their software going strong is to deliver updates and patches that rectify software bugs and allow the software to improve in performance. The delivery of these updates is being used to harden the software against known security exploits, often as soon as these holes are discovered.

Windows Update - one stop shop for software patches along with automatic delivery

Windows Update – one stop shop for software patches along with automatic delivery

This process typically involved users finding patches or newer code on the developer’s Website but Microsoft and Apple have put an end to this. Initially they set up a “one-stop-shop” program for downloading these updates including any peripheral-driver updates but have improved on this by providing for “blind updating”. This is where the operating system automatically downloads and installs these patches as soon as they become available.without you needing to do anything except, perhaps, reboot the computer when prompted.

Microsoft and Apple are even working on having these patches become effective once they are installed without you needing to reboot your computer. This is being achieved in the newer operating-system variants and with some newer patches.

The option for secure boot

Apple implemented in the Macintosh standard firmware a way to only let MacOS X boot on their Macintosh computers and this provided a sense of security because it can only allow these computers to run Apple-authorised code.

Microsoft and Intel are now implementing this through UEFI and Secure Boot which allows for authorisation of operating systems and pre-boot software that runs on a computing device. This has been considered controversial because it would wrest control of the computer from uses who may want to deploy Linux, especially a custom Linux distribution or wish to run with a dual-boot setup.

App stores and walled gardens

Windows 10's own app store

Windows 10’s own app store

Another weapon that Microsoft and Apple are deploying comes from the world of mobile computing where mobile operating systems implement an “app store” which is a one-stop software “shopping mall”.

Like a suburban shopping mall with its physical goods, these app stores have tight controls on who can sell their software there. Here, the software has to be provided by an identifiable developer and approved and audited by the operating system developer who runs that app store.

There is also a requirement for the software to be sandboxed and have access to certain parts of the operating system rather than having full run of your computer.

Another factor that is also considered important is that if an application “does the right thing” by its users and the operating-system vendor, it is typically highly recommended or featured such as being given an “editor’s choice” or put in the “spotlight”. This gives the program increased exposure which attracts more installations and more purchases. As well, there are user-review mechanisms where people can uprate or downrate the software.

But both the Macintosh and Windows platforms require the ability to work with established software deployments that are typically installed via removable media or a download from the developer’s site. This is due to their legacy where people installed software from floppy disks or CDs or downloaded software from bulletin boards and download sites.

Windows 10 is providing a way to harden things further when it comes to this software in the form of Device Guard. This is a form of sandboxing which allows only certain programs to run on a computer but is made available to the Enterprise Edition only. It is because the process for setting up this whitelist would be considered very difficult for householders, small businesses and community organisations.

Steam - one of the most common games managers

Steam – one of the most common games managers

For games, major games studios are implementing their own app stores and games delivery systems in order to allow for cross-platform game and supporting-content delivery. Here, they want regular-computing gaming to have that same level of confidence associated with console or mobile gaming. This is although Apple and Microsoft deliver games through their app stores. The best example of this is Valve’s Steam online games shop but there are others like EA’s Origin.

Conclusion

What is happening is that for both the Windows and Macintosh computing platforms, they are being made more secure and malware-resistant and it is becoming a race between Apple and Microsoft to keep the regular computing environment as safe as a mobile computing environment.

Send to Kindle

What is this about “cyberflashing” and how to prevent it?

Samsung Galaxy Note 2 smartphone

Taking control of local data-transfer functionality like AirDrop can help you avoid unwanted surprises

Article

Cyberflasher Airdrops rude images to victim’s iPhone | Naked Security (Sophos)

My Comments

A problem that has started to surface for Apple iOS users is the ability for someone to send gross images to strangers courtesy of the AirDrop feature that newer iterations of this platform have. Situations where this typically happened were when the offender and victim were on public transport or in public areas.

This feature makes it easy to share photos between iOS and MacOS X devices in a local area using Bluetooth and Wi-FI technologies and provides a thumbnail image of incoming photos rather than a dialog box asking if you want to receive the image.

This was feasible with Android and other open-frame mobile operating systems courtesy of Bluetooth Object Push Profile but these platforms. especially Android, hardened themselves against this by making your phone undiscoverable by default and providing a narrow time limit for having your phone discoverable by Bluetooth devices. As well, these platforms required your permission to start receiving the file and you didn’t see one bit of that file until you gave the go-ahead.

Android and Windows improved on this using a passcode that you and your correspondent exchange before a file is transferred and the NFC functionality that is part of recent Android versions requires you to physically touch the backs of the phones as part of instigating the data transfer.

The same situation may also crop up with Wi-Fi Aware as it implements Bluetooth local discovery for ad-hoc Wi-Fi networks created by mobile devices and will require users to be able to take control of what notifications and files they receive on their devices if this technology is for transferring files.

Protecting yourself

A good practice to observe is to turn off the AirDrop feature unless you make regular use of it. Or, at least, set AirDrop’s discoverability settings to “Off” or “Contacts Only” rather than “Everyone” so that every man and his dog can’t discover your phone. You would turn this function on if you are expecting a photo from someone not yet in your Contacts List.

In some situations, you may have to disable Wi-Fi and Bluetooth unless you are actually using these features such as linking to a hotspot or using a Bluetooth headset.

You may find that changing your device’s identity to your initials or something innocuous rather than your first name may work wonders in these situations.

I would also prefer that any local data transfer or similar activity between users takes place in a manner where each participant can see each other. This may be at the same table in a café, restaurant or library, the same seating cluster in a lounge area, the same row of seats in a public-transport vehicle or a similar area of close proximity. As well, such activity should be preceded by relevant conversation.

What must be preserved

If a setup allows for local data transfer between computer devices using a wireless medium, there must be a way of allowing the users to confirm their intent to transfer the data between each other. This means that the sender and receiver know whom the data is coming from and to and must occur before a single bit of the actual data changes hands.

This may be through the sender exchanging a simple passcode to the receiver or requiring the devices to physically be near each other at the start of the data transmission. The latter solution may be in the form of NFC where the users touch the backs of their devices together, or a QR code shown on the sending device’s screen that the receiving device has to scan before transmission takes place.

If a user wants to simplify this process, they could create a “trusted recipients” list which can be their Contacts list or a separately-created list. Personally, I would use all of the “friends” in a social network as this list because that tends to encompass too many people and an account can too easily be compromised.

The same thing must also apply to social networks, online gaming and similar services where one user may want to enrol another user in to their personal lists. This is more important if any of these services facilitate the transfer of files between users or support any form of instant messaging.

Send to Kindle

Pay-TV security technology is relevant for the Internet Of Things

D-Link DCH-3150 myDLink  motion sensor

An Internet-Of-Things sensor that would require regular software updates to be secure

Article

Content security vendors need to prevent babycam hacking nightmares | VideoNet

My Comments

A problem that will get worse in this day and age is weak security affecting home automation and security. This is based around easy-to-misconfigure hardware pitched at home users on a “set it and forget it” basis. It has led to consumer IP-based cameras being hacked and their content being thrown to undesirable Websites.

This is driven by a common mindset associated with devices sold to consumers where the goal is to buy it. install it and use it without requiring the consumer to worry about it more.

The Pay-TV ecosystem invests in and uses a high-security path to protect the expensive content such as the Hollywood blockbusters or the big-league sports that it provides to its subscribers. This is always evolved and updated to counteract new threats to this ecosystem and to handle new applications. They also used the “end-to-end” approach including supplying hardware to consumers and updating the software in this hardware automatically and without the consumer having to do anything extra.

Similarly, regular-computer setups have been made secure with Microsoft and Apple delivering security updates to Windows and MacOS X on a regular basis as threats come about. This is because of these systems having a heritage of being used in the business environment for a long time.

The article raised the concept of companies who provide home monitoring and allied services offering a turnkey installation and configuration service to their customers as a premium service or simply alerting customers to misconfigured hardware and hacking attempts if customers prefer to install their own hardware. They could use the Pay-TV technology to secure the content path between the cameras and the Web dashboards or mobile apps that the customers use.

“Blind updating”

AVM FRITZ!Box 3490 - Press photo courtesy AVM

AVM FRITZ!Box – self-updating firmware = secure network infrastructure

What I would like to see more is the ability to patch network-infrastructure hardware in a similar manner to what is done with pay-TV, regular-computer operating systems and some cloud-hosted services. This is where security updates and patches are delivered and installed automatically to these devices. In some cases, it may be preferable to provide an interactive update process for major software versions that add or change a device’s functionality.

A good step in the right direction was AVM with their Fritz!Box routers where they introduced the concept of automatic software updating to this class of device when they released new firmware for the Fritz!Box 7490.

These processes will have to require manufacturers to instigate software authentication and verification workflows and have their devices verify software updates before deploying them. This is to prevent the deployment of malware to these devices.

Send to Kindle

Fiat Chrysler are now facing the security issues associated with the connected car

Articles

Jeep Grand Cherokee outside family house - press picture courtesy of Fiat Chrysler North America

Jeep Grand Cherokee – make sure that the uConnect system runs the latest firmware

Jeep drivers: Install this security patch right now – or prepare to DIE | The Register

From the horse’s mouth

Fiat Chrysler

Blog Post

UConnect Website (Go here to update your vehicle)

Vehicle list

Model Model-years affected
Chrysler
200 2015
Dodge
Durango 2014
Viper 2013-2014
Jeep
Cherokee 2014
Grand Cherokee 2014
RAM
1500 2013-2014
2500 2013-2014
3500 2013-2014
4500 / 5500 2013-2014

The vehicles affected would be equipped with a uConnect-capable 8.4” touchscreen radio system.

My Comments

The connected car is now being highlighted as a device that has security issues. This was exemplified previously by BMW when they rolled out a patch for their connected infotainment system in the newest vehicles because of a security risk.

Now it is Fiat Chrysler’s turn where their UConnect connected infotainment system which has a stronger link with the car’s powertrain was needing a software update because of this same issue. It was brought about by a discovery that a pair of hackers found in relation to a 2014 Jeep Cherokee owned by one of these hackers concerning undesirable remote control of this “family 4WD”. The software can be downloaded by vehicle owners who have an affected 2013-2015 vehicle and can be done by downloading the update file from the UConnect Website to a USB memory stick then transferring that file to your vehicle. If you are not confident with this process, you can have the mechanics at the dealership where you bought the vehicle from perform this upgrade, while your vehicle is being serviced by them.

At the same time, the US Congress is legislating for security standards concerning connected vehicles including software protection for the vehicles’ powertrain, steering or braking in the form of the “Security and Privacy In Your Car Act” (SPY Car Act). This is in a similar vein to various design rules and standards that nations require vehicles to comply with for safety like seatbelt or lighting requirements. Even the US Senator Markey called out that drivers shouldn’t have to choose between being connected or being protected.

Again, this is a class of devices which is easily driven by the marketing impetus to have them on the market. But there needs to be a culture to encourage a secure environment for connected vehicles as there is for desktop computing.

One way would be a continual update process for the firmware associated with the connected vehicle, including aftermarket setups that have any effect on the vehicle’s steering, brakes or powertrain. This would preferably be in the form of a blind-update process like what happens with most operating systems when you set them to automatically update and patch.

Personally, this could be facilitated by having the connected vehicle work with the home network whenever it is garaged at home. This would then allow it to download the updates overnight while it is not in use. As well, the motorist should have the chance to choose what updates are provided like with enterprise variants of operating systems.

Send to Kindle

FIDO Alliance to encompass U2F authentication to Bluetooth and NFC setups

Articles

Samsung Galaxy Tab Active 8" business tablet press picture courtesy of Samsung

Bluetooth and NFC will allow keyfobs, cards and mobile devices to work as authentication devices for each other

FIDO Alliance adds authentication support for NFC and BLE | NFC World

From the horse’s mouth

FIDO Alliance

Press Release

My Comments

Soon it will be feasible for Bluetooth and NFC “touch-and-go” authentication to play a part in open-frame multiple-factor authentication thanks to FIDO Alliance. This is primarily to court those of us who are using mobile devices and want the same level of security as valued with regular computers.

The main goal of the FIDO Alliance was to get the USB transport interface working properly but then to have it work across other transports like Bluetooth and NFC? This is due to most mobile devices including an increasing number of laptops and “2-in-1” computers, coming with Bluetooth including Low-Energy (Bluetooth Smart Ready) and NFC functionality along with Android and Windows exploiting NFC functionality fully at the operating system level.

Example applications made feasible with Bluetooth and NFC in the second-factor authentication sphere include:

  • use of a “touch-and-go” card or a Bluetooth keyfob as your second factor for authenticating to a service from your regular computer or your mobile device – the device doesn’t need a standard USB socket
  • a smartphone that uses a software “second-factor” authentication program like Authy could transmit the second-factor code to your regular computer or tablet by Bluetooth or NFC “touch-and-go”.

As well, the fact that smartphones have a hardware (SIM-based) or software secure element means that they can become as much a strong partner in your data-security arsenal. The concept is also being extended to the idea of devices like smart locks and cars having the Bluetooth and / or NFC abilities along with an onboard secure element of some form.

Similarly the U2F and UAF specifications could earn their keep as a transport for other dedicated-purpose devices like smart locks which typically are implementing Bluetooth Low Energy and/or NFC technology as part of their presence in the Internet Of Everything. This can open up paths of innovation for integrating such devices in a personal-security web of trust.

Send to Kindle

New online-abuse Website launched in the UK

Articles

UK government tackles online abuse with anti-trolling website | We Live Security blog (ESET)

Cyberbullies: Anti-trolling website launched to help victims | The Independent

Government launches anti-trolling website to help victims of online abuse | The Guardian

Previous Coverage

What can you do about people who use the Social Web to menace

Dealing with Internet trolls

From the horse’s mouth

Stop Online Abuse (UK-based)

My Comments

The UK government have launched a Website focusing on online abuse and how to deal with it, including legal remedies and resources.

It is focused more towards women and the LGBT (gay/lesbian/bi/trans) community who are facing these issues because, from various surveys, these user groups are often copping it the most. This covers online abouse related to domestic violence, sexism and sexual harassment, along with homophobia and related anti-LGBT abuse. But there are other situations where people do suffer in silence such as general racism, issues-focused or business-level disputes.

I see the “Stop Online Abuse” website applying to all situations where the Internet is involved and a lot of the commentary is very generic. But I do see some limitations with the legal remedies because there may be difficulties with applying them when situations happen across jurisdictions as is the norm with the Internet.

For example, the crime of “sending messages using any public electronic communications network such as Twitter or Facebook, which are grossly offensive or of an indecent, obscene or menacing character” that is part of the UK’s Communications Act 2003 may have a legal equivalent in your jurisdiction. This may be in the form of one or more national communications statute that proscribes the use of a communications service or “common carriage service” to harass others. Similarly, there are court injunctions that were cited for the UK like the Family Law Act 1996 Non-Molestation Order or the Protection From Harassment Act 1997 restraining order that have equivalents under your jurisdiction’s criminal, civil or family law but with different names.

It is worth contacting your local citizen’s advice bureau or similar government or voluntary organisation for more resources. Infact, locating an organisation that specialises in your particular circumstances like a domestic-violence support organisation may provide you with better information suited to your exact needs.

Similarly, it is a wise move for these organisations to “bone up” on the issue of online abuse so they can provide the right advice to suit their clients’ situations and needs. National, regional and local governments along with the judiciary can also see this site as a chance to provide a Web-hosted “one-stop shop” for their constituents to know more about these issues. This is in addition to creating legislative remedies for online-abuse problems. As well, as each case is litigated in a family, criminal or civil context, the knowledge created from the legal action can be used to tackle this situation better in the courtroom.

Send to Kindle

Google brings forward a feature that ends email remorse

Article

Compose Email or New Email form

Sometimes you may wish you haven’t sent that email

Now you can avoid email sender’s remorse with Gmail’s ‘Undo Send’ feature | Naked Security (Sophos blog)

My Comments

You end up sending that misspelled email to your boss or click “Reply All” instead of “Reply” when you send that reply. Or a late Friday night alone with some music playing on the stereo and a half-empty bottle of whiskey beside you means that you type out that inappropriate email to that former love interest. These can lead to situations where the email you sent can have embarrassing or disastrous consequences.

Google has now integrated a “delayed sending” feature in to the GMail service so that you can opt to cancel sending that email. Here, once you enable this feature, you can specify a certain amount of time to wait before actually sending that email. This enables a “Cancel Send” button which takes the email out of the Outbox so it isn’t on its embarrassing way and would cope with situations like misspelt or misaddressed messages or “half-the-facts” situations. This is another feature that Google dabbled with in their labs to beat the “I wish I didn’t send that” blues and they rolled this in to production GMail deployments.

The previous feature they worked on was a CAPTCHA setup that would come in to play when it is the late evening. Here, you would have to solve a maths equation before you could send out that email, as a way of assessing whether you had a bit too much to drink and were about to send that drunken email. But they could extend this functionality to cope with the drunk email by having a user-selectable option to hold all emails that you send during a certain time window like 10pm-6am on Friday and Saturday nights for a longer time or until the next day.

This can easily be implemented in email client software as well as Webmail setups so you don’t have to use GMail to have these features. But Google is the main email service provider who is targeting the issue of sender’s remorse by providing the delay options.

Send to Kindle