 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Richard Pieri wrote: > I'd be wary of any third party provider. ...HIPAA regulations. ... > The recent NSA disclosures are simply icing on the cake for me. True. Self-hosted is better than outsourced, if you prioritize privacy. But S/MIME encryption is better than either. And even then, the metadata - senders and recipients - are still largely sent as plaintext across the wire, and easily intercepted by the NSA. We don't yet have the protocols to do end-to-end secure email that encrypts the metadata TOR-style. At least nothing widely enough deployed to be useful. It's hard enough finding a bank or insurance company that knows how to handle the almost 20 year old S/MIME standard. (A recent correspondence with BlueCross required using PGP (GPG), a phone call to convey the password (no PKI), and a half-dozen emails to help troubleshoot their inability to open the file in an encryption format they suggested using.) -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
