Comments on: Self decrypting emails considered harmful http://moreati.org.uk/blog/2009/02/09/self-decrypting-emails-considered-harmful/ A blog about life, technology & databases Thu, 17 Jun 2010 01:50:45 +0000 hourly 1 http://wordpress.org/?v=3.0 By: geoff daum http://moreati.org.uk/blog/2009/02/09/self-decrypting-emails-considered-harmful/comment-page-1/#comment-146 geoff daum Thu, 26 Feb 2009 15:01:10 +0000 http://www.moreati.org.uk/blog/?p=34#comment-146 Yep - I would agree with that.. Thanks for the line. Yep – I would agree with that.. Thanks for the line.

]]> By: admin http://moreati.org.uk/blog/2009/02/09/self-decrypting-emails-considered-harmful/comment-page-1/#comment-137 admin Sat, 14 Feb 2009 12:54:09 +0000 http://www.moreati.org.uk/blog/?p=34#comment-137 The choice of software is important. Personally I wouldn't use Winencrypt as it appears to be closed source. Telling the difference between trustworthy encryption software, and snake oil is very hard. I can't do it, so I only trust encryption software that paranoid experts have chosen. However, outside of geek circles, simplicity and usability are more important. So Winencrypt might be better than nothing. The critical points though, are: - The encryption software must already be installed, so SDAs fail by design. - The users must be competent and confident using it. The choice of software is important. Personally I wouldn’t use Winencrypt as it appears to be closed source. Telling the difference between trustworthy encryption software, and snake oil is very hard. I can’t do it, so I only trust encryption software that paranoid experts have chosen.

However, outside of geek circles, simplicity and usability are more important. So Winencrypt might be better than nothing. The critical points though, are:
– The encryption software must already be installed, so SDAs fail by design.
– The users must be competent and confident using it.

]]> By: Kraeverson http://moreati.org.uk/blog/2009/02/09/self-decrypting-emails-considered-harmful/comment-page-1/#comment-132 Kraeverson Mon, 09 Feb 2009 20:15:01 +0000 http://www.moreati.org.uk/blog/?p=34#comment-132 What one needs to do is send authentication information over another channel. Some <a href="http://www.winencrypt.com" rel="nofollow">encryption software</a> will let you do that. So you can send a non-executable attachment, and transfer the key by other means. What one needs to do is send authentication information over another channel. Some encryption software will let you do that. So you can send a non-executable attachment, and transfer the key by other means.

]]>