tag:blogger.com,1999:blog-17329179.comments2023-03-11T04:32:02.122-08:00Email-SecurityEd Gerckhttp://www.blogger.com/profile/11500735527163002826noreply@blogger.comBlogger46125tag:blogger.com,1999:blog-17329179.post-12888242118194999972011-08-07T16:29:04.084-07:002011-08-07T16:29:04.084-07:00(from bob, submitted online)
...as accurate as it...(from bob, submitted online)<br /><br />...as accurate as it is scary.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-4076723672017674242011-07-19T11:49:13.179-07:002011-07-19T11:49:13.179-07:00(from mike, submitted online)
The blog makes a lo...(from mike, submitted online)<br /><br />The blog makes a lot of good points. <br /><br />The small practice may well be holding off going to EMR for many of the reasons cited, as well as various factors such as inertia, procrastination, fear of change, and the often rational rationalization that technology is improving, so why not wait for better. Especially, sense the short term payoff is negative -- hardly an incentive to quick action.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-31313265817089271402011-06-16T14:54:07.721-07:002011-06-16T14:54:07.721-07:00(submitted online by JL)
Ed,
I haven't though...(submitted online by JL)<br /><br />Ed,<br />I haven't thought about it at all, so I don't have much useful input.<br /><br />However, I am certain that most of our users have no idea what Flash and Silverlight are. And many are smart enough not to agree to download something they don't know.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-6364466931043724692011-06-08T08:28:22.665-07:002011-06-08T08:28:22.665-07:00(submitted online by Dr. BP)
I have done the anal...(submitted online by Dr. BP)<br /><br />I have done the analysis and comparison that you have (a year ago or so) and see very little advantage whatsoever to Silverlight. Flash will become ubiquitous and Java is here forever as far as I an see. There is some question about html5 and world standards, more secure web issues,etc, but those are not so much about the embedding. <br /><br />Apple I think will cave on Flash and they have nothing to gain by supporting Silverlight. RE Java: I have more faith in Oracle and bigger players like HP than I do in Microsoft. <br /><br />Now if you had a Google crystal ball you might have your answer. However, for the moment, Google is really busy getting their cloud services less tangled and more straightforward. <br /><br />iCloud is an interesting wildcard but I think it will be no more secure than Google and the others and will prob have all sorts of proprietary Appleations, more for the unwashed masses and twits.<br /><br />I love my iPhone and I wish I could have Flash on it, but I would never waste a wish on having Silverlight on it. Any enterprise that needs to use Silverlight would have the resources to roll their own....not for the "rest of us".<br /><br />Does that answer your question? If not, let me know!<br /><br />BTW: Forms functions are critical in the sense you mean but hitting the biggest target audience is more critical, IMO.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-37609701964642072782010-12-16T17:49:30.505-08:002010-12-16T17:49:30.505-08:00(reply to KT)
It's also possible, and more fu...(reply to KT)<br /><br />It's also possible, and more fun, not to take sides.<br /><br />Because ZSentry is indeed a complement to both Microsoft <i>and</i> Google office platforms, customers can have less cost and higher availability, rather than having higher cost by having no other option, and putting all eggs in one basket. <br /><br />So, people do not have to choose one platform over the other. They can use both, can choose and change according to the best value for each need, and can have higher availability as they now have two independent IT systems to choose from.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-60553847860960344942010-12-16T17:42:44.816-08:002010-12-16T17:42:44.816-08:00(from reader KT)
About Google Apps in enterprise ...(from reader KT)<br /><br />About Google Apps in enterprise use, Microsoft has said that if it is indeed a complement to MSFT Office, the costs actually become greater for a company as they now have two IT systems. <br /><br />So, if I am using Office already, would it not be better to continue to use it and just add ZSentry?<br /><br />(suppose I don't want a Verisign PKI cert, so please just compare with ZSentry)Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-9789084791358920372010-06-29T19:11:40.422-07:002010-06-29T19:11:40.422-07:00(reply to anonymous)Single technology is not singl...(reply to anonymous)<br><br>Single technology is not single provider. But this is not even single technology. We say "Many real solutions are possible, but they should all be founded on the idea that trust can be based on other factors, in addition to control or even fear of control."<br><br>And we also want to get specific, with a definite proposal, and that's why we propose ZSentry, which complies with the privacy/control considerations and adds some unique benefits including the "no target" property.<br><br>About how ZSentry solves the identity problem, including for first-contact and first-reply, please see <a href="http://zsentry.com/identity.htm" rel="nofollow">ZSentry Identity Verification</a>Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-22228035754926632942010-06-29T10:27:52.206-07:002010-06-29T10:27:52.206-07:00[received online]
so you are saying trust Zme? Si...[received online]<br /><br />so you are saying trust Zme? Single technology solutions make me uncomfortable.<br /><br />I read through your site and can see how ZSentry uses middleware to create a persistent connection between parties and encrypt data transfer, but I don't see how the identity problem (reliably tying an individual to a connection endpoint)is solved.<br /><br />(anonymous)Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-91138951141824651752010-06-28T08:47:36.137-07:002010-06-28T08:47:36.137-07:00[reply to Kynn]
>ZSentry is only part of a
&g...[reply to Kynn]<br /><br />>ZSentry is only part of a <br />>solution - it just does mail.<br /><br />It already does mail, webmail, IM, SMS, and secure storage (see site). And, remember those mail-fax gateways? Mail is just an STMP protocol -- at the end of it you can have anything you want: fax, even HTTPS in an Ajax window. I bet you could make it do FTP or anything you want. Maybe even IRC.<br /><br />It can also include elements in upper tiers, such as billing and ecommerce -- using mail, webmail, IM, SMS, fax, HTTPS, FTP,...<br /><br />so, where's the limit?<br /><br />> There are other solutions <br />> available that do more than <br />> mail, both free and paid.<br /><br />But there is no other solution available with the "no target" property, and others that make a real difference to reduce risk online and improve usability.<br /> <br />> Just like security theater <br />> though, how much does this <br />> accomplish? One solution I know <br />> the sender must receive <br />> permission from the recipient to<br />> send mail that will be received.<br /><br />PKI does that -- unless you have the public-key cert for the recipient and can verify the CA sig, no deal. It's not that useful and is often cited as one of the shortcomings of PKI ("where's your new cert?" and "I cannot validate your CA").<br /><br />The post office seems to me to offer a more natural paradigm to follow. It allows that but does it post-sending. So the recipient can decide at a later time, and does not impact the sender. This is the method used by zsentry.<br /><br />Best regards,<br />Ed GerckEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-47136164587291481442010-06-28T08:40:33.539-07:002010-06-28T08:40:33.539-07:00[received by email]
Hi Ed,
ZSentry is only part o...[received by email]<br />Hi Ed,<br /><br />ZSentry is only part of a solution - it just does mail. There are other solutions available that do more than mail, both free and paid.<br /><br />Just like security theater though, how much does this accomplish? One<br />solution I know the sender must receive permission from the recipient to send mail that will be received.<br /><br />KynnEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-36678724004187026832010-06-28T06:57:00.995-07:002010-06-28T06:57:00.995-07:00[in reply to A.]
Yes, and this is all automated.
...[in reply to A.]<br /><br />Yes, and this is all automated.<br /><br />And it can extend beyond ZSentry, where it can become more useful. For example, a person who has N>>1 address book entries created (in ZSentry, not disclosed) by successfully communicating over time with N diverse people (eg, as evidenced by IP and browser diversity) could be evaluated differently from someone else with just few and recent contacts.<br /><br />We also note that trust is a "slow" process. It must be earned. You see a counter-example in scams, where criminals like to add an element of urgency to win over the expected time factor that the victim may intuitively require. <br /><br />That's why in "successfully communicating over time with N diverse people" one of the non-conformance requirements is evident: if it all happens too quickly. These requirements are not willy-nilly but follow from the extensive work on trust reported in the reference cited, and others such as http://nma.com/papers/it-trust-part1.pdf<br /><br />Best regards,<br />Ed GerckEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-44158846277464215312010-06-28T06:55:01.718-07:002010-06-28T06:55:01.718-07:00[received by email]
Thanks, I think I am getting ...[received by email]<br /><br />Thanks, I think I am getting a bit closer. I see elements of Web of Trust in your proposal, and also some ideas from social networking, because it seems like a person uses relationships established online with other people to bolster his or her assertion of identity. Is that right? <br /><br /><br />A.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-69212211748492636752010-06-27T20:27:28.811-07:002010-06-27T20:27:28.811-07:00Thanks all for the interest. This is a reply to al...Thanks all for the interest. This is a reply to all previous comments.<br /><br />Yes, it is critical that the main visible point to users should be about <i>how to make non-conformance public</i> rather than <i>certifying conformance</i>.<br /><br />Not only there is then much less liability for the service, but the user is kept in the verification loop --as the user should-- rather than blindly rely on some sort of oracle. Also, in security terms, not only less attacks are possible but attacks are so not direct in creating an error condition.<br /><br />Of course, I am simplifying but you can go and try yourself for free. It can work directly from Gmail or Outook, or Apple Mail, or from a web browser doing SSL SMTP through HTTPS by way of ZSentry. There is no plugin or installation.<br /><br />And, once you have your identity through ZSentry, you can use it at another place through the ZSentry-SAML interface and you do not have to worry about your identity being stolen online. ZSentry uses its "no target" technology to protect your login credentials and keys, whereas the SAML-ized identity authorization does not carry them either.<br /><br />An important issue to solve, of course, is the problem of initial contact.<br /><br />The main point is that, try as you may, the initial contact does not happen in vacuum. One of the points, most likely the initiator (sender), must have a previous contact with a service (eg, the gmail account where the ZSentry or ZSentry-PGP mail is purportedly sent from). That service may or may not have the full extent of trust needed to be a trusted introducer for the needs of the recipient, but it is a point of trust that can be evaluated and used to contribute to a final measure of trust.<br /><br />Furthermore, the trusted introducer function provided by ZSentry does not need to be carried over forever. Much like a booster rocket, once the transaction starts, other sources of trust are introduced (eg, who do you know that I trust and can verify you by? What is your signed PGP key?) to the point that the ZSentry introducer function can be jettisoned without prejudice.<br /><br />The http://bit.ly/TRUST reference in the article has more.<br /><br />Best regards,<br />Ed GerckEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-91058550745738210992010-06-27T18:07:06.521-07:002010-06-27T18:07:06.521-07:00[as received by email]
I said something on the ab...[as received by email]<br /><br />I said something on the aba list: that natural fears (of control etc) had not been admitted, qualified or addressed. Thus trust is not possible (since one has not provided a framework for the act of qualification).<br /><br />PeterEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-81996325145575609822010-06-27T16:51:57.093-07:002010-06-27T16:51:57.093-07:00[as received by email]
Hi Ed,
It's been a wh...[as received by email]<br /><br />Hi Ed,<br /><br />It's been a while. How is everything going?<br /><br />Nice artice, as always. Your take on making non-conformance public is<br />interesting and thinking out of the box. It reminds me of a story I heard years ago. A group of elementary students was given a weekend homework assignment to prepare to recite the alphabet backwards on Monday. Al weekend the kids memorized - z,y, x, etc. Except one girl that just<br />played. Monday arrives and the kids in turn tried to recite thhe alphabet backwards. The little girl that played went last and she was very successful. She got up in front of the class and turned around so she was backawards and recited - a, b, c, etc.<br /><br />One of the biggest issues I see is places like IRC - where the hard-core (and otherwise) hackers hang out. Most people don't go there - IRC is too murky.<br /><br />Another issue - I assume (maybe incorrectly) non-compliance would be on a list of some type similar to a black hole list for spam. How many would actually look? If a user name - or other identifer was listed thatt person could just adopt another. The list can be endless. Some may find some<br />useful info, but I think most would not even look.<br /><br />I also think this is a much better idea than the present one discussed on IP.<br /><br />I was cracking up at your lime: Saying "trust me" should not make you trust me. It reminds me of a teenage boy trying to get somewhere with a girl - trust me was their line :) <br /><br />And: information on servers (even hosted at the Pentagon or FBI) - they get hacked too. The only really safe servers/workstations are those not connected to anythng else. But don't get me started on that or other security issues.<br /><br />A few years ago I read 'The Coocoo's Egg'. I think it was published in the 70s and a true story. The same stupid issues exist today. Doesn't anyone<br />learn?<br /><br />LynnEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-78674977147824545502010-06-26T21:33:39.395-07:002010-06-26T21:33:39.395-07:00Ed,
Thanks.
It's all a difficult problem set...Ed,<br /><br />Thanks.<br /><br />It's all a difficult problem set to be sure, particularly since there are so many intangibles involved -- not to mention so much politics. But I think we're in agreement that the approach being promulgated by the white house this round is not a reasonable way forward.<br /><br />LEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-27817211989441623762010-03-22T05:25:12.068-07:002010-03-22T05:25:12.068-07:00Thank you for your very usefull information about ...Thank you for your very usefull information about email security.<br /><br />I downloaded the <br />http://email-security.net/papers/pki-pgp-ibe-zmail.pdf<br />paper, but the pdf seems to be corrupt? a lot of strange characters in the text? <br />Can you provide a new version?<br />Thanks!<br /><br />Regards<br />Peterpiethttps://www.blogger.com/profile/07553579049817168621noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-7101979886549664292009-12-29T09:50:23.882-08:002009-12-29T09:50:23.882-08:00[online by Gordon Divitt]
I believe the key to ce...[online by Gordon Divitt]<br /><br />I believe the key to certificate based systems (PKI) is that they purport to absolutely prove that the person is who they claim to be - too high a hurdle for most problemsEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-76374261964549375412009-12-29T09:49:45.252-08:002009-12-29T09:49:45.252-08:00[online by Eric Goodman]
I could be over simplifi...[online by Eric Goodman]<br /><br />I could be over simplifing this concept, as I am no means well versed on Certificate based security. Has a simpler solution was introduced, 3D-Secure Authentication? From the above comments, The 3D-Secure process "seems" much simpler to integrate and it DOES introduce the shift in "burden of proof" from the merchant to the card issuing bank and the card holder.<br /><br />Many people will weigh in on pros and cons of 3D-Secure, however, the major change was not the introduction of this concept, but Visa and MasterCard changed their card processing rules to shift all fraud liablity from the merchant to the issuer if 3D-Secure was simply attempted by the merchant. This means, the industry does not need card holder adoption to drive merchant benefit. All merchants will benefit from simply running 3D-Secure with or without card holder adoption.<br /><br />However, card holder adoption is still ultimately needed for the longevity of the system or regulation through mandates from Visa/MasterCard will need to be introuduced to drive adoption.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-38816756821010092722009-12-29T07:59:36.364-08:002009-12-29T07:59:36.364-08:00[online by Matthias Hehn]
a lot of merchants I wo...[online by Matthias Hehn]<br /><br />a lot of merchants I worked with tried implementing certificate based security, only to fail on the complexity of the matter. It usually takes a bigger company with a specific IT person that knows a lot about the matter and follows up if changes in the keystore( Certificate expires ... ) arise.<br />Also a performance issue as mentioned earlierEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-69779590992360657472009-12-29T07:58:50.645-08:002009-12-29T07:58:50.645-08:00[online by Lynn Wheeler]
when one of the certific...[online by Lynn Wheeler]<br /><br />when one of the certificate oriented payment specifications was 1st released ... we did a public-key profile for the end-to-end process and got somebody that was worked with public key library (they had done speedups on the standard library by factor of four times) do some benchmarks. when we reported the results ... we were told the numbers were too slow (instead of being told the numbers were four times too fast because of using a speeded up library). Six months later when some pilot projects were tested ... our earlier profile benchmark numbers were within a couple percent of measured (the speedups had been integrated into widely used public key library).<br /><br />... in addition to appended certificates representing a 100-times payload bloat for standard payment transaction ... the certificate-related public key ops were also resulting in 100-times processing bloat.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-2335207378263431802009-12-22T11:20:19.928-08:002009-12-22T11:20:19.928-08:00[Online by Anthony Rivera]
I agree with Gordon; h...[Online by Anthony Rivera]<br /><br />I agree with Gordon; he hit the nail on the head with the remark that the cure was worse than the disease. It wasn't just consumers that were put off either; plenty of orgs gave up for the same reason.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-86604846171274746112009-12-20T12:20:22.200-08:002009-12-20T12:20:22.200-08:00[online by Piers Wilson]
part of the issue is the...[online by Piers Wilson]<br /><br />part of the issue is the need to store a private key; as this is often a file help at the client end you get the two problems of (a) securing the key file on an often insecure client system (b) allowing a user to connect from several different places (e.g. internet cafes) and having access to their key in such a way that it doesn't get copied and stored at every place they connect from.<br />Of course if I can get the key file you are then reliant on the user choosing a good password that I can't brute force off line.<br />there are solutions to this of course, such as smart cards (my personal favourite) but you need client devices (readers) and software and an issuing process that has some form of physical contact (even if its posting out the token/card).Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-42070475970774708282009-12-20T12:19:53.278-08:002009-12-20T12:19:53.278-08:00[online by Lynn Wheeler]
another part of the cert...[online by Lynn Wheeler]<br /><br />another part of the certificate-based payments from the mid-90s (besides the enormous payload bloat) was the proposal that 1) each consumer would pay $100 for their own certificate and 2) payment transactions with appended digital certificates would reverse the burden of proof in disputes (as enticements to get merchants to play). The issue then was why would every person in the world spend $100 per annum to have the dispute burden of proof shifted to them.Ed Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.comtag:blogger.com,1999:blog-17329179.post-64699280117349346532009-12-20T12:19:22.154-08:002009-12-20T12:19:22.154-08:00[online by Gordon Divitt]
I don't have the ti...[online by Gordon Divitt]<br /><br />I don't have the time or energy to read all the link but I have implemented PKI a couple of times in my career and find that the resistance is always around a) the complexity of establishing a CA and b) the need to 'absolutely' prove who you are to register for one<br /><br />In other words folks saw the cure as worse than the diseaseEd Gerckhttps://www.blogger.com/profile/11500735527163002826noreply@blogger.com