Re: [brlug-general] email encryption - Was Re: [Discuss] Dell Mini 10
On Wed, Jul 8, 2009 at 9:24 AM, Jarred White wrote: > Ugh. I hate all of the crap that our SMTP server appends to emails. > > > > You’re right. It doesn’t exist. It’s buzzword crap that companies who don’t > know any better put on their emails to make their clients (who don’t know > any better) feel better. > > > > In fact, since the emails with the login information are in plain text and > could be intercepted, if someone stole a registration email, they could > simply login to the server and retrieve the file as well. I’m not sure how > this makes documents safer to send by email, except by adding additional > steps for an attacker to get the credentials. > yeah.. I was wondering how the initial account setup was handled, ala statement here: The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. > > > *From:* general-boun...@brlug.net [mailto:general-boun...@brlug.net] *On > Behalf Of *Shannon Roddy > *Sent:* Wednesday, July 08, 2009 8:48 AM > *To:* general@brlug.net > *Subject:* [brlug-general] email encryption - Was Re: [Discuss] Dell Mini > 10 > > > > Ok. This has been bugging me for a while now. > > On Wed, Jul 8, 2009 at 8:35 AM, Jarred White wrote: > > > > New Email Encryption Software to Further Protect Confidential Data > > > > [snip] > > Emails with attachments will include a link to a secure web server. Click > on the link to download the attachment. > > The first time you receive a secure email from the firm you will be required > to setup a password. This will > > be your password to access future attachments. > > [snip] > > Someone please explain to me how this is email encryption? Stripping > attachments and placing them on a web server does not make it "email > encryption". Nor does placing a file on a SSL web server make the file > encrypted. > > My $.02, probably worth less. > > > - > Pursuant to IRS Circular 230 and IRS regulations we inform you that any > federal tax advice > contained in this communication is not intended or written to be used, and > cannot be used, > for the purpose of avoiding penalties imposed under the Internal Revenue Code. > > -- > Postlethwaite & Netterville Implements New Email Encryption Software to > Further Protect Confidential Data > > Confidentiality is a hallmark of the accounting profession and it is of the > utmost importance to our client > relationships. At P&N, we are committed to keeping your data confidential > which is why we are implementing > new email encryption software. This software inspects all outbound emails > from our firm. Emails that > contain attachments will require you to enter a password to download the > file. This ensures that your > confidential data cannot be read by anyone other than the intended recipient. > > Emails with attachments will include a link to a secure web server. Click on > the link to download the attachment. > The first time you receive a secure email from the firm you will be required > to setup a password. This will > be your password to access future attachments. For our clients and others, > there will be a small step to > download the encrypted files; however, we believe the added confidentiality > benefits far outweigh the few > seconds that are required to access the attachment. > > If you have questions regarding this new process or if you forget your > password, please contact Jessica Aymond, > P&N Network Administrator, at 225.922.4600. > = > > > > ___ > General mailing list > General@brlug.net > http://mail.brlug.net/mailman/listinfo/general_brlug.net > > ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net
Re: [brlug-general] email encryption - Was Re: [Discuss] Dell Mini 10
Ugh. I hate all of the crap that our SMTP server appends to emails. You're right. It doesn't exist. It's buzzword crap that companies who don't know any better put on their emails to make their clients (who don't know any better) feel better. In fact, since the emails with the login information are in plain text and could be intercepted, if someone stole a registration email, they could simply login to the server and retrieve the file as well. I'm not sure how this makes documents safer to send by email, except by adding additional steps for an attacker to get the credentials. From: general-boun...@brlug.net [mailto:general-boun...@brlug.net] On Behalf Of Shannon Roddy Sent: Wednesday, July 08, 2009 8:48 AM To: general@brlug.net Subject: [brlug-general] email encryption - Was Re: [Discuss] Dell Mini 10 Ok. This has been bugging me for a while now. On Wed, Jul 8, 2009 at 8:35 AM, Jarred White wrote: New Email Encryption Software to Further Protect Confidential Data [snip] Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. [snip] Someone please explain to me how this is email encryption? Stripping attachments and placing them on a web server does not make it "email encryption". Nor does placing a file on a SSL web server make the file encrypted. My $.02, probably worth less. - Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties imposed under the Internal Revenue Code. -- Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client relationships. At P&,, we are committed to keeping your data confidential which is why we are implementing new email encryption software. This software inspects all outbound emails from our firm. Emails that contain attachments will require you to enter a password to download the file. This ensures that your confidential data cannot be read by anyone other than the intended recipient. Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. For our clients and others, there will be a small step to download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few seconds that are required to access the attachment. If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, P& Network Administrator, at 225.922.4600. = ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net
[brlug-general] email encryption - Was Re: [Discuss] Dell Mini 10
Ok. This has been bugging me for a while now. On Wed, Jul 8, 2009 at 8:35 AM, Jarred White wrote: > > New Email Encryption Software to Further Protect Confidential Data > > > [snip] Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. > The first time you receive a secure email from the firm you will be required > to setup a password. This will > be your password to access future attachments. > > [snip] Someone please explain to me how this is email encryption? Stripping attachments and placing them on a web server does not make it "email encryption". Nor does placing a file on a SSL web server make the file encrypted. My $.02, probably worth less. ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net