Why you don't use large vendors computerencryption

Posted by: haertig

Why you don't use large vendors computerencryption - 07/12/13 03:53 PM

Quote:
SAN FRANCISCO — Microsoft Corp. worked closely with U.S. intelligence services to help them intercept users' communications, including letting the National Security Agency circumvent e-mail encryption, the Guardian reported Thursday.


http://www.denverpost.com/nationworld/ci...uardian-reports

You can't "allow encryption to be circumvented". What that really means is that Microsoft either intentionally put back doors in their encryption scheme, or intentionally created default keys for decryption that they then kept for themselves (then shared them with the government), etc. This is Microsoft intentionally leaving themselves a way into your supposedly private data, no matter how they try to spin it. This is not someone discovering a flaw in an encryption algorithm and then exploiting it. This is intentional.

I'm sure Microsoft is not the only big-player doing this. And it illustrates why you should never trust any "black box" encryption and take the vendors word for it that it is secure. You need to use open source encryption software. "Open source" allows anybody to read the source code and compile the code themselves to verify it truly is secure. While most here would not have the expertise to review encryption code, you can bet that other more advanced computer users are doing exactly that. So use what they use, and have reviewed. Which is open source encryption.

Basically, if you have to pay for what you're using for encryption, then it should be considered suspect and you should do your due diligence in researching it before using it. And if the encryption "came for free with the product", as this Microsoft offering no doubt did - red flag!
Posted by: Bingley

Re: Why you don't use large vendors computerencryption - 07/12/13 04:03 PM

An alternative to encryption software:

http://www.guardian.co.uk/world/2013/jul/11/russia-reverts-paper-nsa-leaks

From now on I'll type out all my ETS posts on my antique typewriter and keep them in a drawer, under lock and key!
Posted by: haertig

Re: Why you don't use large vendors computerencryption - 07/12/13 04:08 PM

Another article, with more details:

Quote:
How Microsoft handed the NSA access to encrypted messages

• Secret files show scale of Silicon Valley co-operation on Prism
• Outlook.com encryption unlocked even before official launch
• Skype worked to enable Prism collection of video calls
• Company says it is legally compelled to comply


http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data
Posted by: RNewcomb

Re: Why you don't use large vendors computerencryption - 07/12/13 04:23 PM

This is why I like open-source encryption products. The source code is posted, it is peer reviewed, and you can compile it yourself from source if you have any doubts.

I have a pretty good trust in TrueCrypt and PGP, but even with Truecrypt, you will want to make sure the files you want to protect are NOT on automatically mounted on boot as there are forensic kits out there that can scan the computers memory on boot through a firewire exploit to glean the keys from memory.

In fact, one of the safest methods in my opinion is to TrueCrypt a drive, then create a second virtual drive inside of that one, hide the encrypted file way down in the operating system somewhere and give it a .DLL or similar system extension. By doing this, you are effectively obscuring the obscured.

If you have a drive that is encrypted, then they know you are hiding something. If they want in bad enough, they will get in. However, if you have somehthing you want to hide, and you hide IT inside of something that is hidden, you at least can give yourself plausable deniability.

One more comment on all of this, apparently the Android OS Pattern Lock security is very secure as well, per this story -

http://news.yahoo.com/blogs/technology-b...-192617057.html

And finally.... it really all comes down to what I call the "The Principal Rule of all Thievery is covetry. something. You cannot steal what you do now know exists."
Posted by: Jeanette_Isabelle

Re: Why you don't use large vendors computerencryption - 07/12/13 04:29 PM

I use Mac and I followed Apple's security guidebook to make it more secure. Is there a reason for me to be concerned?

Jeanette Isabelle
Posted by: Arney

Re: Why you don't use large vendors computerencryption - 07/12/13 04:56 PM

Originally Posted By: haertig
I'm sure Microsoft is not the only big-player doing this.

Unfortunately, as much as they want to do damage control, these companies are legally gagged from really talking about it. Redacted

Although suspected for a long time, these recent revelations confirm that you should assume that all emails, chats, telephone calls, SMS text messages, Facebook posts, Tweets, even Skype videochats, are being logged and stored. Doesn't really matter if you're using services from Microsoft, Google, Yahoo, Facebook, Verizon, AT&T, Vonage, etc. The NSA claims that they have procedures in place to avoid collecting the information of Americans because NSA is prohibited by law from domestic operations and "spying" on Americans, but c'mon, who are they kidding? It's only been about decade since this kind of information collection was considered totally unacceptable by these same agencies.

We're all familiar with the housing bubble and the tech bubble, etc., but we totally miss the intelligence gathering bubble that has grown since 9/11. Government agencies have swelled and hundreds of private companies have sprung up in the name of gathering "intelligence". Granted, much of it is directed towards overseas threats, but so much of it is putting friends and family under the microscope, too.

I'm particularly disappointed that the government has forced Microsoft to build some sort of "back door" into Skype. When it originally came out, it's automatic use of strong encryption and the decentralized peer-to-peer nature of its routing made it an attractive alternative for communication.

Even good old postal mail is not immune. Largely due to the anthrax attacks, the information on the outside of every piece of mail is scanned and recorded now by the USPS and the information stored forever.

I think we'll have to go back to Cold War tactics to communicate with friends and family now. I'll have to start scouting out "dead drop" locations to pass secret messages. Now where did I pack away that trench coat and Fedora hat...
Posted by: Arney

Re: Why you don't use large vendors computerencryption - 07/12/13 05:02 PM

Originally Posted By: Bingley
From now on I'll type out all my ETS posts on my antique typewriter and keep them in a drawer, under lock and key!

Speaking of typewriters, although the purchase decision was made a year ago, it just recently was reported in the news that the Russian Federal Guard Service (protects high ranking officials, sort of like the US Secret Service, I think) has purchased a couple dozen specialized typewriters from Germany. Each has its own slightly different typeface, so leaked documents can be traced back to the originating typewriter.
Posted by: Am_Fear_Liath_Mor

Re: Why you don't use large vendors computerencryption - 07/12/13 05:08 PM

Quote:
In the wake of the US surveillance scandal revealed by the US whistleblower Edward Snowden, Russia is planning to adopt a foolproof means of avoiding global electronic snooping: by reverting to paper.

The Federal Guard Service (FSO), a powerful body tasked with protecting Russia's highest-ranking officials, has recently put in an order for 20 Triumph Adler typewriters, the Izvestiya newspaper reported.

Each typewriter creates a unique "handwriting", allowing its source to be traced, the report said.


Looks like the NSA are to going have to get their hands dirty once more. frown

They may have to begin rummaging through latrines in Eastern Europe to collect typewritten documents due to a shortage of lavatory paper back in the 1980s once more. laugh

Sending secure encrypted email using burst radio transmissions might be handy in an emergency

http://www.youtube.com/watch?v=5nBqKGKSLe0

I already have PGP installed on Thunderbird.

https://support.mozillamessaging.com/en-US/kb/digitally-signing-and-encrypting-messages

The problem is that recipients have trouble reading the email messages if they haven't installed the Thunderbird PGP plugin.


Posted by: haertig

Re: Why you don't use large vendors computerencryption - 07/12/13 05:13 PM

Originally Posted By: Jeanette_Isabelle
I use Mac and I followed Apple's security guidebook to make it more secure. Is there a reason for me to be concerned?

Securing your computer from attacks and break-ins is one thing. And you need to do that, as you have already done. However, if someone DOES manage to get your data despite those security precautions, that is where encryption comes in. At that point they have your data, but they can't read it because it's encrypted.

Do most people have data that needs to be encrypted? That depends. I would personally recommend encrypting things like tax returns, financial data (e.g., your user data files from a program like "Quicken"), etc. If you have a list of username/passwords that you keep in a file on your computer then IMHO that should be encrypted too. I also feel the need for encryption is much higher for a laptop than a desktop computer. Laptops are stolen all the time. Desktops, not so much, unless they happen to be stolen alongside a bunch of other stuff in a house break-in.

If you store files on one of the online backup "cloud" services, I think that needs to be encrypted too. But not using the storage-providers encryption. This thread illustrates just how little you can trust the providers of that service. Do they have backdoors into their encryption schemes? Well, Microsoft certainly does. 'nuff said. That was my point in starting this thread. To make people aware. Encrypt your data separatedly yourself, using open source encryption, before it gets uploaded.

Personally, I like and trust Truecrypt and PGP. Somebody else already mentioned these two. They are open source, free, and well vetted.
Posted by: Am_Fear_Liath_Mor

Re: Why you don't use large vendors computerencryption - 07/12/13 05:21 PM

Quote:
Each has its own slightly different typeface, so leaked documents can be traced back to the originating typewriter.


Are we allowed to mention No, we're not
Posted by: Arney

Re: Why you don't use large vendors computerencryption - 07/12/13 05:40 PM

Originally Posted By: Am_Fear_Liath_Mor
I already have PGP installed on Thunderbird.

One recent revelation is that a PGP-encrypted email red flags an email message, even if the NSA can't/doesn't bother trying to decrypt it. So, even if they do actually follow some procedure to ignore/delete certain info that it collects, a PGP encrypted message and its accompanying metadata will be retained "forever."
Posted by: RNewcomb

Re: Why you don't use large vendors computerencryption - 07/12/13 05:53 PM

Originally Posted By: Arney
Originally Posted By: Am_Fear_Liath_Mor
I already have PGP installed on Thunderbird.

One recent revelation is that a PGP-encrypted email red flags an email message, even if the NSA can't/doesn't bother trying to decrypt it. So, even if they do actually follow some procedure to ignore/delete certain info that it collects, a PGP encrypted message and its accompanying metadata will be retained "forever."


And this points to the real problem with Encryption in general. Once someone has the encrypted document, it's just a matter of time before the technology becomes available to decipher it. The damage is likely still done if the document is deciphered today, a year from now, or even 10 years from now. Encryption, honestly, just makes it harder for someone to get the information. It doesn't make it impossible. One of the reasons I like Kerberos encryption, there's a (theoretical) life-span on it. And although it's useful for on-the-fly data transmissions, it's not useful for long term document storage.
Posted by: haertig

Re: Why you don't use large vendors computerencryption - 07/12/13 07:10 PM

Originally Posted By: RNewcomb
Once someone has the encrypted document, it's just a matter of time before the technology becomes available to decipher it ... Encryption, honestly, just makes it harder for someone to get the information. It doesn't make it impossible.

This is true. My reason for bringing this up is not to discuss some end-all perfect encryption that can never be broken. I'm sure the NSA can break your PGP or Truecrypt encrypted file if they put there resources to it.

The problem I am illustrating is that people without the determination and resources to truly break an encrypted file don't need to - they have backdoors that make it trivial to access your data. So if Microsoft can get in, a Microsoft employee can get in, the government can get in, a government employee can get in, and any of these could have their backdoor compromised by a hacker who then shows everyone how to get in.

In a nutshell, Don't trust people who intentionally put backdoors into their encryption.
Posted by: James_Van_Artsdalen

Re: Why you don't use large vendors computerencryption - 07/12/13 07:29 PM

Originally Posted By: Jeanette_Isabelle
I use Mac and I followed Apple's security guidebook to make it more secure. Is there a reason for me to be concerned?

From a preparedness standpoint, no.

Guys, this thread of way off into political territory.

A better topic might be how to securely carry confidential data in a mass evacuation, i.e., if you evacuate from a fire to a shelter with a thousand of your closest "friends" how do you carry bank account #'s and passcodes for accessing money without a thief getting to that money too?
Posted by: haertig

Re: Why you don't use large vendors computerencryption - 07/12/13 07:47 PM

Originally Posted By: James_Van_Artsdalen
Guys, this thread of way off into political territory.

Huh??? This thread is discussing exactly what I started it to discuss. Nobody has taken it "way off". It is not political. It is talking about intentional compromises to your private data. These compromises were brought to light in an article that mentioned NSA involvement, but that doesn't mean the overall topic of securing your privacy is political. And the thread was intentionally started in the "Around The Campfire" subforum where things besides strictly preparedness are allowed to be discussed without being called "off topic".

There have been many threads in the past on this same topic where people have asked about securing their personal data. It is of interest to many of us. And it does relate to preparedness, in that people desire to have their personal info available during emergencies, but still protected from general disclosure. Encryption is one way to accomplish that preparedness goal.
Posted by: LesSnyder

Re: Why you don't use large vendors computerencryption - 07/13/13 12:18 AM

AFLM... re: typewriters... if you find an Underwood with the type face re soldered so as to print vertical and not horizontal, grab it... it's useful to decrypt transposition ciphers....transposition ciphers are encrypted horizontally and extracted vertically according to a key sequence.... and it might even have an NSA inventory tag on it....
Posted by: chaosmagnet

Re: Why you don't use large vendors computerencryption - 07/13/13 01:29 AM

I've received messages from posters asking me to explain and/or revisit the decision to lock this thread.

Upon reflection I think locking the thread was an over-reaction. It is now unlocked.

Discussion of privacy issues and maintaining privacy is appropriate. Political commentary is not.


chaosmagnet
Posted by: chaosmagnet

Re: Why you don't use large vendors computerencryption - 07/16/13 10:00 PM

Let me follow up by apologizing to anyone who was discouraged or upset when I locked the thread.

The posters who contacted me did me a service by doing so and being polite about it, and I do appreciate that.



chaosmagnet
Posted by: ILBob

Re: Why you don't use large vendors computerencryption - 07/16/13 10:53 PM

I was not all that surprised by either the thread locking or the fact that my suspicions about some of these companies has come true.

They are all very badly need to stay in the good graces of the federal government and have very little reason to want to stick their necks out.

personally, since companies like IBM who have massive government software contracts took over the lion's share of the programming for the open source stuff, I am not convinced it is secure either.

Just because there is some means of vetting software does not mean anyone has actually done so. and it is so complex these days that it does not seem outside the realm of possibility that a well funded effort could sneak something in there.

I am also suspicious of all the motherboards made in China. What makes anyone think they are secure? What about all the firmware that runs just about every piece of electronic and computer related gear? its all made in China. is it even possible to vet that stuff?

Posted by: Lono

Re: Why you don't use large vendors computerencryption - 07/17/13 01:38 AM

Can I say just one thing - all these Companies Big and Small are subject to US law, especially FISA for interception of data and communications. Its not a matter of a company being Big or Corruptible, its about companies being subject to the FISA law. When the Man comes with a court directive, you have attorneys review it, and if you must comply with it you will, under relevant (in this case FISA) law. That's FISA. It isn't an open invitation for corruption, pipelining all data to the NSA or another party, or disclosing wholesale customer data - where exactly is the profit in that??

Political commentary redacted

In an earlier incarnation I responded to court directives about kiddie porn suspects who hosted and transited data over our internet provider. Smaller job than the terrorist task demanded by FISA. It involved receiving the court directive, validating it as in effect, retrieving their data, and handing it over to law enforcement. A pretty trivial task. This simple process has messed me up for the past 15 years. You can't take back the horror and mind mess that kiddie porn purveyors let pass over their internet accounts. The stuff they traffic in gets captured by internet providers, which is how they get caught. It will mess you up.
Posted by: Bingley

Re: Why you don't use large vendors computerencryption - 07/17/13 02:00 AM

I'm really sorry, Lono, that you had to be exposed to that. I hope you've managed to find a way to restore your spirit and affirm your faith in mankind.
Posted by: Quietly_Learning

Re: Why you don't use large vendors computerencryption - 07/17/13 02:13 AM

Originally Posted By: James_Van_Artsdalen
...how to securely carry confidential data in a mass evacuation, i.e., if you evacuate from a fire to a shelter with a thousand of your closest "friends" how do you carry bank account #'s and passcodes for accessing money without a thief getting to that money too?


Honestly this is what I want to know. I'm not worried about big brother. The government already has all my medical records, my tax & bank statements, dmv and ccw info...
Google has all the rest...

I would like to be able to carry copies of my insurances, bank info, DL, prescription & medical info, etc encrypted on my phone which is always with me unless I lose it or get robbed.

There have been too many incidents of hurricanes, fires, tornados and the odd runaway train. If I need to get out of Dodge and I can't go home having these things handy would save a lot of time and trouble.

Is there a way to do this so my data is secure to 90% of the thieves in case my phone gets lost or taken from me?

Thank you all.
Posted by: jzmtl

Re: Why you don't use large vendors computerencryption - 07/17/13 03:09 AM

Android has an option to encrypt the internal (and external?) SD card if you set up a letter based password for the phone, might make daily use a pain though.
Posted by: chaosmagnet

Re: Why you don't use large vendors computerencryption - 07/17/13 03:34 AM

I'd use TrueCrypt to encrypt files on a USB stick. If you use your phone, I recommend Secret! from LinkeSOFT. Strong encryption, syncs with your computer, great customer support, highly recommended. I have no affiliation with them other than as a long-term customer.
Posted by: haertig

Re: Why you don't use large vendors computerencryption - 07/17/13 04:19 AM

Personally, I need a solution that works on Linux, Windows, and Android. iPhone/iPad would be nice too, but I don't have those (although my wife does, so compatability there is a plus).

Truecrypt has Linux and Windows covered. It has not been ported to Android yet. A few other products are attempting to offer Truecrypt support on Android, but from my research they have limitations that are not appealing to the general public (like you phone has to be rooted, no GUI - commandline only, etc.)

I have found one product that works fantastically on Linux/Windows/Android/iPhone, and that is "KeePass". But it is an app designed to manage passwords, not general purpose documents. Still, if password management is what you need, this app can't be beat. It is known as "KeePass" on Windows, "KeePassX" on Linux and MacOS, "KeePassDroid" on Android, and "iKeePass" on iPhone/iPad. http://keepass.info/download.html
Posted by: LCranston

Re: Why you don't use large vendors computerencryption - 07/17/13 01:54 PM

A quick and easy method for someone that is not technical would be using 7-zip.

7 zip has client for Windows- there appears to be one for android and Mac- not sure about ipads, sorry.

If you password protect a zip file, it uses AES. Just use very strong password.......


If you are more technical, I would vote for Truecrypt also.

Best implementation would be a hidden volume- your container will be ""layered"" (my term, not theirs)
If you use the wrong password, you get to layer 1, which should contain private looking stuff.
If you use the right password you get to layer 2, which has the truly important data.
Posted by: Denis

Re: Why you don't use large vendors computerencryption - 07/17/13 02:48 PM

Originally Posted By: LCranston
A quick and easy method for someone that is not technical would be using 7-zip.

Another advantage to this approach is that it can be opened on any computer, not only one where you have administrator permissions (something required when using TrueCrypt).
Posted by: Tjin

Re: Why you don't use large vendors computerencryption - 07/17/13 02:56 PM

Originally Posted By: LCranston
A quick and easy method for someone that is not technical would be using 7-zip.

7 zip has client for Windows- there appears to be one for android and Mac- not sure about ipads, sorry.

If you password protect a zip file, it uses AES. Just use very strong password.......


If you are more technical, I would vote for Truecrypt also.

Best implementation would be a hidden volume- your container will be ""layered"" (my term, not theirs)
If you use the wrong password, you get to layer 1, which should contain private looking stuff.
If you use the right password you get to layer 2, which has the truly important data.


I didn't get Truecrypt when I followed the written manual, but after looking at the Tutorial on youtube, it was actually pretty easy to understand. I now use it for most of my backups/important documents.
Posted by: Arney

Re: Why you don't use large vendors computerencryption - 07/17/13 05:28 PM

Originally Posted By: Lono
It isn't an open invitation for corruption, pipelining all data to the NSA or another party, or disclosing wholesale customer data - where exactly is the profit in that??

I don't think any of us are saying that these companies want to be participating in programs like PRISM, but it's the fact that they do-- and the extent of what they do--that bothers many people.

Then again, companies already make billions of dollars a year legally selling all kinds of information about you which don't include the actual contents of your emails, files, text messages, etc. and they gleefully do participate in that. Marketers can already create chillingly accurate profiles on people from stuff that is legally available. And those profiles can be bought online by anyone, becoming an "open invitation for corruption," stalking, and so on by ex-boyfriends, co-workers, etc. As far as I know, these services are not allowed in Europe, by the way, due to their privacy laws.

Actually, come to think of it, a company like Google, and just recently Yahoo, already "know" the contents of all of your emails since they actively scan through all of them for marketing purposes and to serve up targeted online ads. Normally, this is all done by computers, but who's to say that a person couldn't tap into that database to pick out nuggets of info to be used for nefarious purposes? Things that look like account logins and passwords in an email? Embarassing photos sent as attachements?

It's very difficult for your average law abiding American to maintain even a modicum of privacy from all the legally collected surveillance without jumping through inconvenient hoops nowadays. And even if you take precautions, unless the people that you interact with also take precautions, your privacy can still be compromised to a surprising extent.
Posted by: Quietly_Learning

Re: Why you don't use large vendors computerencryption - 07/17/13 10:14 PM

Thank you all for your help.
Posted by: Pete

Re: Why you don't use large vendors computerencryption - 07/18/13 01:35 PM

"Actually, come to think of it, a company like Google, and just recently Yahoo, already "know" the contents of all of your emails since they actively scan through all of them for marketing purposes and to serve up targeted online ads."

Very true. The commercial world is constantly invading our space for advertising purposes. It's a pretty tricky piece of intel gathering - but because they just "tune it" to produce adds ... we ignore it :-)

I would think that if people here start encrypting their messages with software like PGP - it will just attract more attention from "whoever watches all this stuff". PGP was never guaranteed to be perfect - it's just Pretty Good. There's probably ways to crack it.

If you want to keep a secret - tell it verbally to one person that you trust. Anything in a "network" is fair game.

Pete2
Posted by: James_Van_Artsdalen

Re: Why you don't use large vendors computerencryption - 07/18/13 07:55 PM

Originally Posted By: haertig
Personally, I need a solution that works on Linux, Windows, and Android. iPhone/iPad would be nice too, but I don't have those (although my wife does, so compatability there is a plus).

Use hardware-based locking.

I use a Corsair Padlock 2

This will protect from a lost or stolen device. If you get sent to Dictatorstan it's not going to stop the national-level security agency but at least it's tamper-evident and it will stop any of the lesser attacks you actually face (curious teenagers, etc). Good for anyone who has to carry "it's worth your job" data as well as secret bank account access codes.

The access code is entered onto the device directly so there is no keylogger vulnerability.
Posted by: JPickett

Re: Why you don't use large vendors computerencryption - 07/19/13 04:41 PM

In view of the revelations re: government access to web-based communication and the USPS photographing the exterior of every piece of mail sent through the postal system, I feel the only means of secure communication looks to be snail mail with no return address on the envelope. If you need to verify delivery, include a stamped postcard for the recipient to mail back to you; again with no return address. If I need to send a large document, I may start relying on an inexpensive thumb drive in a padded envelope. Thoughts?
Posted by: chaosmagnet

Re: Why you don't use large vendors computerencryption - 07/19/13 10:31 PM

Originally Posted By: LCranston
If you password protect a zip file, it uses AES. Just use very strong password.......


Keep in mind that while AES is good, strong encryption, a weak password makes any encryption easy to crack. Also, there are a number of zip cracking software suites out there, some are very effective. They use imperfections in the encryption implementations (almost never the encryption algorithm itself) to gain significant advantage over simple brute force cracking.

Brute force cracking can be done very effectively if you throw enough horsepower at it. Using Amazon EC2, most passwords can be cracked for less than $100. Often far less than $100.
Posted by: Arney

Re: Why you don't use large vendors computerencryption - 07/20/13 04:43 PM

Originally Posted By: James_Van_Artsdalen
Use hardware-based locking. I use a Corsair Padlock 2

I was taking a look at this product that you linked to. The description sounds great--hardware-based encrypted thumb drive for a not unreasonable price.

Although most reviews are good, I am concerned about some of the negatives reported, and I only looked through a few pages of reviews. Random loss of data is one that crops up multiple times. Also the fact that there is basically a "master" PIN code out there that will unlock any Padlock 2--but only once. How many Padlock 2 buyers would know that?

There seem to be reviews from the first version of the Padlock mixed in, too, but even the Padlock 2 does seem to have issues still, like the master PIN.

Actually, since you're actually using the Padlock 2, I suggest you research this master PIN issue, if it really is a universal flaw with this product. Then use it on your thumb drive so that it can't be used to unlock it again in the future since it supposedly only works once.
Posted by: Arney

Re: Why you don't use large vendors computerencryption - 07/20/13 05:08 PM

Originally Posted By: JPickett
I feel the only means of secure communication looks to be snail mail with no return address on the envelope.

I don't mean to sound nitpicking, but you're using the word "secure" but I think your method is really more about "privacy". They aren't the same thing although a method can be both secure and private. Are you looking more for privacy?

A PGP encrypted email can be highly secure and difficult to read the contents, but who it's from and where it's going may be plainly visible, so that aspect of the message is not private. So, NSA's PRISM program would dutifully record that kind of info.

The method you described seems quite private, but not necessarily highly secure unless you're using written codes or encrypting digital info that you're sending this way. It used to be that a search warrant was required to intercept and open first class mail, but I think that bar is significantly lower nowadays, especially in cases where national security is used as a justification.

Not to freak you out further, but here's a very recent article describing the Postal Service's version of PRISM.