The recent outrage against the U.S. Government’s spying program known as PRISM has brought even greater focus onto the total lack of privacy on the internet. Whenever you send a message across the net, you can never be assured that it will not be intercepted somewhere. In business there are times when you want to keep sensitive information secret, and this is the best way to do it:

The concept is simplicity itself. You create an HTML page that you put on your website, the other party reads it, and then you take it down. However, there are various precautions you must take in order to ensure that the message stays completely private, therefore the most secure process is to follow these steps in order:

    1. Have your own server. Don’t try to do this on shared or dedicated hosting services as they may be backing up their data at any given time and that would leave a record of your message.
    2. Change all your FTP or server access passwords with highly complex randomized alphanumeric long strings every time you put up a private message.
    3. Create a directory which also has a complex alphanumeric name of no less than 12 characters such as f9E3jd7L1s9K.
    4. Set up a robots.txt exclusion to bar that directory:User-agent: *
      Disallow: /f9E3jd7L1s9K/Make sure to change it each time to match.
    5. Create a simple web page also named in a random fashion such as s10gV2p9H3xY, you can do it in Notepad by simply saving it as a .txt file then renaming the extension to .html:

      That long metaname line tells the bots to stay out. Yes, it duplicates the robots.txt exclusion order… but it’s better to be safe than sorry. You can also take an additional step and password protect that page but that’s even more complex and shouldn’t be necessary.

    6. Never use names or titles as it’s best to allude to them in oblique ways. So if you were going to smear some dirt about Mr. Buchanan of Associated Silicon refer to him as Mr. 15th Prez of Allied Element 14. This way even sniffers set up to find particular wording will never dig it up.
    7. Place the s10gV2p9H3xY.html onto your server inside the f9E3jd7L1s9K directory.
    8. You can either email the URL (www.yoursite.com/f9E3jd7L1s9K/s10gV2p9H3xY.html) and password if you used one to your recipient or better yet, call them on the phone and tell them the URL character by character by voice, never by text.
    9. Ask them to call you back immediately when they’ve read it.
    10. Go into your server and delete it right away.

    This may be somewhat cumbersome if you’re trying to send daily messages, but there’s an easy way to set up the alphabet soup so that you don’t even need to give the long code by phone every day. Set up the name of the directory and the page through stock symbols and closing quotes in cents. Take NASDAQ for example and start at the top of the alphabetical list for the directory and at the bottom for the pages. So the name of the directory would be:

    www.yoursite.com/FLWS597FCTY601

    And the name of the page would be:

    ZNGA284ZIGO1614.html

    Keep working up and down the list and you’ll have always fresh and essentially uncrackable names.

    This messaging system is not going to be 100% capture proof so if you’re a leading terrorist on the FBI Most Wanted List it will probably not do you any good as the Feds are likely monitoring every byte you issue. However, if you’re just trying to keep some sensitive company information out of competitors’ hands, you will be able to sleep well in the assurance that there is effectively no likelihood that the message could ever have been intercepted.

    You could also use a site like privnote.com which warrants that the notes you place on the site will self-destruct after reading, but you’re trusting the site admins to not record the message. Using this 10-step system will keep your messaging as secure as any business would ever require.