Techies will understand.
And maybe it's coddling the non-techies that drives service companies to
provide dumbed-down remedies.
They're still obligated to comply with new and wonderful regulations.
They (the good ones) genuinely try and they (the lazy ones) at least
want to *look* like they're protecting us.
So I got another of these "you have received a secure message" messages,
the kind which come through one channel (objectively *not* secure)
telling me to go to another channel (secured, at some level, but
invariably hard to use).
If the first channel is insecure, how do they know that I'm even getting
the message to go read the message?
I want this crap to go away!
And it's not like it can't go away.
It's just that simple solutions seem to have baggage. "It's too easy, so
it can't possibly be really effective." Why don't we teach the kids
basic LOGIC in school??
The rant is here:
https://github.com/trothr/blog/blob/master/sir.santa/2024/20240223-you-have-received.md
And some will disagree.
That's okay, because you're allowed to be wrong.
But we can talk about it. (The alternatives are debatable.)
I expect the biggest disagreement to come from PKI aficionados. PKI is
great, but it doesn't work well for person-to-person. Long story.
-- R; <><
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
