AW: E-Mail Encryption: Why Isn't Everyone Doing It?
Anthony E. Greene
agreene@pobox.com
Thu Oct 24 18:59:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 24-Oct-2002/16:13 +0200, De Bug <debug@centras.lt> wrote:
>> I work for a credit bureau. You better believe there's lot's
>>of stuff that we can't send by e-mail. You'd be surprised how
>>many customers expect us to send consumer data via mail
>>without giving thought to encryption. We don't, of course.
>>After all we're talking about creditprofiles and stuff like
>>that here.
>
>So what ? What is there to hide ? Do not your words conform that people
>dont really care to keep their information secret? This is the real
>answer to the subject question.
No. It only confirms that people do not understand the danger.
>Read-only access to information can't cause real harm.
That is a meaningless point. The danger is that the revealed data allows
r/w access on other systems.
>Bad things are cause by evil-driven people and not by the information
>accessability to the public.
Also meaningless. The existence of "evil-driven people" is a given.
>Where encryption is really important is in protecting the rights to
>manage things i.e. who and what can change/operate/manage/control. Email
>is not used for such things
The point is that managers and clients routinely tell subordinates and
vendors what to do via email. These kinds of orders need to be both
protected and authenticated.
Tony
- --
Anthony E. Greene <mailto:agreene@pobox.com>
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D
AOL/Yahoo Chat: TonyG05 HomePage: <http://www.pobox.com/~agreene/>
Linux: the choice of a GNU Generation. <http://www.linux.org/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene 0x6C94239D <agreene@pobox.com>
iD8DBQE9uCbnpCpg3WyUI50RAm7AAJ9G79tdBpEW0BW6x+K1CuXtzJ1mOgCfSB+T
xAlclCUdbgYkk9Fkm7VfX20=
=JI6K
-----END PGP SIGNATURE-----