Suggestion for a webmail application with good Hebrew Support
Dear list members, We are looking for a webmail application that has good support in Hebrew messages (encoding and ltr/rtl). So far, it seems to me that roundcube-webmail is the best candidate, but also considering: Open WebMail IMP SquirrelMail roundcube Any suggestions? Thanks, Dave -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}---ooO--U--Ooo-{= - d...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Hi Dave, Some features that would be nice to have are FCC for both incomming and outgoing messages, like al/pine has, and the ability to compose plain text messages without using HTML. Regards, - yba On Tue, 18 Aug 2009, Dave Stav wrote: Date: Tue, 18 Aug 2009 09:08:30 +0300 From: Dave Stav d...@tkos.co.il To: linux-il@cs.huji.ac.il Subject: Suggestion for a webmail application with good Hebrew Support Dear list members, We are looking for a webmail application that has good support in Hebrew messages (encoding and ltr/rtl). So far, it seems to me that roundcube-webmail is the best candidate, but also considering: Open WebMail IMP SquirrelMail roundcube Any suggestions? Thanks, Dave -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - y...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Google Applications. It's free and it's great Don't even think about hosting your own Webmail - On Tue, Aug 18, 2009 at 9:08 AM, Dave Stav d...@tkos.co.il wrote: Dear list members, We are looking for a webmail application that has good support in Hebrew messages (encoding and ltr/rtl). So far, it seems to me that roundcube-webmail is the best candidate, but also considering: Open WebMail IMP SquirrelMail roundcube Any suggestions? Thanks, Dave -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}---ooO--U--Ooo-{= - d...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Looking for Jerusalem DID
2009/8/18 Dotan Cohen dotanco...@gmail.com: Little note , The extra charge (from bezeq) in 02 is for some special numbers (the one that are in PalTel region and Jawal). So you think you call a 02 (Isrealy phone number in Jerusalem area ) but actually call Rammala. That makes sense, as Ramalla is close enough to logically be serviced by the same switches. But then, why the higher fee? At least back in my compulsory service days (20 years ago), all of the west bank was 02, and you could call Jerusalem as a local call zone even before Bezeq changed the entire country to a single call zone (many years ago). I don't know what this implies to current state. --Amos ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
On Tue, 18 Aug 2009, Danny Lieberman wrote: Date: Tue, 18 Aug 2009 11:09:21 +0300 From: Danny Lieberman dan...@software.co.il To: Dave Stav d...@tkos.co.il Cc: linux-il@cs.huji.ac.il Subject: Re: Suggestion for a webmail application with good Hebrew Support Google Applications. It's free and it's great Don't even think about hosting your own Webmail - We need to host our own in this case for security and privacy reasons. - yba On Tue, Aug 18, 2009 at 9:08 AM, Dave Stav d...@tkos.co.il wrote: Dear list members, We are looking for a webmail application that has good support in Hebrew messages (encoding and ltr/rtl). So far, it seems to me that roundcube-webmail is the best candidate, but also considering: Open WebMail IMP SquirrelMail roundcube Any suggestions? Thanks, Dave -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}---ooO--U--Ooo-{= - d...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - y...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Yonatan what you're saying is that you are capable of managing security better than google. that is highly arguable. Our own experience is that we ran qmail/squirrel qmail/clamAV/Spam Assassin for 5 years thru 2007. In 2007 - the amount of administration and image spam made the entire exercise non cost-effective and a huge mail dos attack on a customer's setup changed my mind permanently. I migrated 4 email domains to Google Apps and I have not looked back since. From a system security perspective - I don't have to worry about patching, ddos attacks and web defacing attacks. from a data security/privacy perspective - Google is better at managing personal data than you are, hands down. -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 2009/8/18 Jonathan Ben Avraham y...@tkos.co.il On Tue, 18 Aug 2009, Danny Lieberman wrote: Date: Tue, 18 Aug 2009 11:09:21 +0300 From: Danny Lieberman dan...@software.co.il To: Dave Stav d...@tkos.co.il Cc: linux-il@cs.huji.ac.il Subject: Re: Suggestion for a webmail application with good Hebrew Support Google Applications. It's free and it's great Don't even think about hosting your own Webmail - We need to host our own in this case for security and privacy reasons. - yba On Tue, Aug 18, 2009 at 9:08 AM, Dave Stav d...@tkos.co.il wrote: Dear list members, We are looking for a webmail application that has good support in Hebrew messages (encoding and ltr/rtl). So far, it seems to me that roundcube-webmail is the best candidate, but also considering: Open WebMail IMP SquirrelMail roundcube Any suggestions? Thanks, Dave -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}---ooO--U--Ooo-{= - d...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - y...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
On Tue, 18 Aug 2009, Danny Lieberman wrote: Date: Tue, 18 Aug 2009 11:41:38 +0300 From: Danny Lieberman dan...@software.co.il To: Jonathan Ben Avraham y...@tkos.co.il Cc: ILUG linux-il@cs.huji.ac.il Subject: Re: Suggestion for a webmail application with good Hebrew Support Yonatan what you're saying is that you are capable of managing security better than google. that is highly arguable. No, there's no argument here. With Google you have no way of knowing or insuring the security of your content. For this application we can't rely on third-party storage. (period) We have been managing a number of servers for clients for many years, in a cost-effective manner, with minimal spam. Most are based on PostFix with our own spam filter that is somewhat more effective than Spam Assassin. - yba Our own experience is that we ran qmail/squirrel qmail/clamAV/Spam Assassin for 5 years thru 2007. In 2007 - the amount of administration and image spam made the entire exercise non cost-effective and a huge mail dos attack on a customer's setup changed my mind permanently. I migrated 4 email domains to Google Apps and I have not looked back since. From a system security perspective - I don't have to worry about patching, ddos attacks and web defacing attacks. from a data security/privacy perspective - Google is better at managing personal data than you are, hands down. -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - y...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
good for you. I disagree with the Google security statement and since my cost is zero for spam free content and always up mail services for 4 business units I would say that zero is always more cost-effective than your own time. I can't argue the security point with you because there are always two facets of security - feeling secure and being secure (as Bruce Schneier pointed out a while back) You feel more secure DIY (and are probably factually less secure) I feel more secure with Google Apps (and are probably factually more secure) d On Tue, Aug 18, 2009 at 11:51 AM, Jonathan Ben Avraham y...@tkos.co.ilwrote: On Tue, 18 Aug 2009, Danny Lieberman wrote: Date: Tue, 18 Aug 2009 11:41:38 +0300 From: Danny Lieberman dan...@software.co.il To: Jonathan Ben Avraham y...@tkos.co.il Cc: ILUG linux-il@cs.huji.ac.il Subject: Re: Suggestion for a webmail application with good Hebrew Support Yonatan what you're saying is that you are capable of managing security better than google. that is highly arguable. No, there's no argument here. With Google you have no way of knowing or insuring the security of your content. For this application we can't rely on third-party storage. (period) We have been managing a number of servers for clients for many years, in a cost-effective manner, with minimal spam. Most are based on PostFix with our own spam filter that is somewhat more effective than Spam Assassin. - yba Our own experience is that we ran qmail/squirrel qmail/clamAV/Spam Assassin for 5 years thru 2007. In 2007 - the amount of administration and image spam made the entire exercise non cost-effective and a huge mail dos attack on a customer's setup changed my mind permanently. I migrated 4 email domains to Google Apps and I have not looked back since. From a system security perspective - I don't have to worry about patching, ddos attacks and web defacing attacks. from a data security/privacy perspective - Google is better at managing personal data than you are, hands down. -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}ooO--U--Ooo{= - y...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
lftp question
Hi people, I'm trying to download some stuff with a small script, and I'm using lftp Can someone give a simple example (using lftp and -c) to access web site with user/pass through script? example: http://domain.com/test/private/ with username: XX and pass: YY It seems this is one of the cases that the man page clearly doesn't help very much with the parameters (-c, -e etc..) Thanks, Hetz -- Skepticism is the lazy person's default position. my blog (hebrew): http://benhamo.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
On Tuesday 18 August 2009, Danny Lieberman wrote: Google Applications. It's free and it's great Don't even think about hosting your own Webmail - Don't forget that Google is a public company and will do whatever is in the best interest of its stock holders, regardless of your interest as their user. Relying on a commercial company giving you free service with your business/personal critical data is your decision. Just make sure you understand what you are giving up (freedom) by using this service. Yes, I am hosting my own webmail service. No, I do not know how secure is a Google web app, as I don't know how secure is any other closed source application. Anything you assume about their security is based on your assumption only. --y On Tue, Aug 18, 2009 at 9:08 AM, Dave Stav d...@tkos.co.il wrote: Dear list members, We are looking for a webmail application that has good support in Hebrew messages (encoding and ltr/rtl). So far, it seems to me that roundcube-webmail is the best candidate, but also considering: Open WebMail IMP SquirrelMail roundcube Any suggestions? Thanks, Dave -- EE 77 7F 30 4A 64 2E C5 83 5F E7 49 A6 82 29 BA~. .~ Tk Open Systems =}---ooO--U--Ooo--- --{= - d...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Yuval Hager [T] +972-77-341-4255 == Notice new number [...@] yu...@avramzon.net signature.asc Description: This is a digitally signed message part. ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Danny Lieberman wrote: You feel more secure DIY (and are probably factually less secure) I feel more secure with Google Apps (and are probably factually more secure) I like the way you give your opinion, and then back it up by your opinion of how things are. People don't leave space for the possibility of being wrong. More to the point, security is a multi-facet problem. You worry about your server being broken into and third parties listening in on your email, and therefor decide that Google will likely do it better. It's a legitimate choice, but it is very far from being the only consideration, or even the only conclusion. Myself, I worry more about third parties having access to my data, and that includes Google themselves. Your claimed price of zero disregards certain costs. For example, you do not count the cost in loss of privacy and the cost of having your emails available for parties to summon from Google using the court system without your knowledge. Obviously, these may not be concerns for you, and as such, may not be something you count as cost. That is fine, so long as you do not have the hubris to claim that this applies to everyone. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
On Aug 18, 2009, at 2:47 PM, Shachar Shemesh wrote: Your claimed price of zero disregards certain costs. For example, you do not count the cost in loss of privacy and the cost of having your emails available for parties to summon from Google using the court system without your knowledge. Obviously, these may not be concerns for you, and as such, may not be something you count as cost. That is fine, so long as you do not have the hubris to claim that this applies to everyone. Good point. I just want to point out that since Google is in the State of California, not the State of Israel, if your company is not incorporated in the US, or registered with the State of California as a foreign (out of state) corportation it's a court system in which you have no legal standing. IAMNAL, but a similar condition exists for the Federal court system too. Geoff. -- geoffrey mendelson N3OWJ/4X1GM Jerusalem Israel geoffreymendel...@gmail.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
spamcop complain
Hi, It seems someone sent a spam cop about linux-il because of that accidental facebook invitation. Few notes about that: - If you want to complain about someone make sure you get the address right, and not complain about the mailing list, if you think that the mailing list is a spammer you are welcome to unsubscribe. - If you think a mail which is not appropriate was sent to the list by a list member, please contact me first, it's much easier to warn the person and block him if necessary. - This very much seemed like an honest mistake, no need to get over excited about every little thing. Thanks, Ely ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Danny Lieberman wrote: Shachar, Geoff b) the threat probability of one of our operations getting a US court injunction is so low that I don't even bother with security countermeasures. OTOH - the threat of dos/web defacing/site downtime/poor response time is high enough that we considered and eventually deployed outsourced services for messaging and hosting. We use slicehost, rackspace.com http://rackspace.com and Google Apps. Dev servers are inhouse. Your threat level rises significantly when you use free services. If you are going to be using Google's services for your business, my recommendation is that you find a route in which you pay them for it. The logic is that by paying them, you are creating accountability of them to you. Many of the privacy concerns diminish significantly as a result. I'll add that, specifically with Google, the amount of concentrated cross-referencable personal info is what bothers me the most. Apropos - My personal estimate is that the probability of a privacy breach is higher in the Israeli Ministry of Defense than in GooglePlex. Not when my own servers are involved. At least not without my knowledge. d) We deploy security countermeasures to protect assets: 0) We don't use Google docs, Never. So you are, essentially, saying that you agree with me to a degree, but don't go quite as far. 3) we physically destroy hard disks (it's fun...) That I'm curios about. What do you specifically do to destroy the hard disk? The way I see it, either you believe that recover seven generations is not possible (like some do), in which case just do dd if=/dev/urandom of=/dev/sdb followed by dd if=/dev/zero of=/dev/sdb (or just settle for the later), or you believe that it is possible, in which case the only solution I know of is melting the drive's plates. Personally, I don't have any way to do the later, so I just do the former and hope that my attackers don't have the $100K+ it allegedly requires to recover the data. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Desktop Linux that Just Works
Hi all, Here's the new Linux Productivity Magazine article, themed Desktop Linux that Just Works. This is the culmination of my effort to find a really good desktop Linux setup that doesn't require the user to pass a political litmus test. http://www.troubleshooters.com/lpm/200908/200908.htm Thanks SteveT Steve Litt Recession Relief Package http://www.recession-relief.US Twitter: http://www.twitter.com/stevelitt ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Shachar You see - that as soon as we start talking about money, the risk assessment discussion gets more serious. 1. Google Apps Premium is $50/user/year ( higher volume/more demanding service levels). Google Apps Standard is free - we use it for our community involvement sites like www.jpbigband.org The Google security and privacy policy is same in both cases. 2. Ask Gaby Askenazi about privacy in the MOD You're a pro. Most of our clients don't have the foggiest idea what's happening inside their network. 3. Use a 10kg hammer. We have clients that insist on physical destruction of the data disk after a network surveillance. d On Tue, Aug 18, 2009 at 4:21 PM, Shachar Shemesh shac...@shemesh.bizwrote: Danny Lieberman wrote: Shachar, Geoff b) the threat probability of one of our operations getting a US court injunction is so low that I don't even bother with security countermeasures. OTOH - the threat of dos/web defacing/site downtime/poor response time is high enough that we considered and eventually deployed outsourced services for messaging and hosting. We use slicehost, rackspace.com and Google Apps. Dev servers are inhouse. Your threat level rises significantly when you use free services. If you are going to be using Google's services for your business, my recommendation is that you find a route in which you pay them for it. The logic is that by paying them, you are creating accountability of them to you. Many of the privacy concerns diminish significantly as a result. I'll add that, specifically with Google, the amount of concentrated cross-referencable personal info is what bothers me the most. Apropos - My personal estimate is that the probability of a privacy breach is higher in the Israeli Ministry of Defense than in GooglePlex. Not when my own servers are involved. At least not without my knowledge. d) We deploy security countermeasures to protect assets: 0) We don't use Google docs, Never. So you are, essentially, saying that you agree with me to a degree, but don't go quite as far. 3) we physically destroy hard disks (it's fun...) That I'm curios about. What do you specifically do to destroy the hard disk? The way I see it, either you believe that recover seven generations is not possible (like some do), in which case just do dd if=/dev/urandom of=/dev/sdb followed by dd if=/dev/zero of=/dev/sdb (or just settle for the later), or you believe that it is possible, in which case the only solution I know of is melting the drive's plates. Personally, I don't have any way to do the later, so I just do the former and hope that my attackers don't have the $100K+ it allegedly requires to recover the data. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd.http://www.lingnu.com -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Danny Lieberman wrote: 3. Use a 10kg hammer. We have clients that insist on physical destruction of the data disk after a network surveillance. Do you, at least, FIRST run the dd? I'm sure you realize that recovering data from a disk that got only the 10KG hammer is much easier (and cheaper) than recovering data from one that got only the dd treatment. As an added bonus, you just marked that disk as interesting by physically destroying it :-) Personally, I think the best solution for anyone who cannot afford to physically melt the disk platters is to dd the entire disk, and THEN GO ON USING IT for another project. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
yes - dd + hammer. true story - we did a security audit for a h-tech client who conveniently put all their decommissioned disks in a barrel in the yard of the factory. :-) On Tue, Aug 18, 2009 at 4:50 PM, Shachar Shemesh shac...@shemesh.bizwrote: Danny Lieberman wrote: 3. Use a 10kg hammer. We have clients that insist on physical destruction of the data disk after a network surveillance. Do you, at least, FIRST run the dd? I'm sure you realize that recovering data from a disk that got only the 10KG hammer is much easier (and cheaper) than recovering data from one that got only the dd treatment. As an added bonus, you just marked that disk as interesting by physically destroying it :-) Personally, I think the best solution for anyone who cannot afford to physically melt the disk platters is to dd the entire disk, and THEN GO ON USING IT for another project. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd.http://www.lingnu.com -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
RE: Suggestion for a webmail application with good Hebrew Support
Note that if you're going to dd, at least use if=/dev/urandom. Running dd several (10) times is best (or using shred(1), which does the same). Rony _ From: linux-il-boun...@cs.huji.ac.il [mailto:linux-il-boun...@cs.huji.ac.il] On Behalf Of Shachar Shemesh Sent: Tuesday, August 18, 2009 4:51 PM To: Danny Lieberman Cc: ILUG; geoffrey mendelson Subject: Re: Suggestion for a webmail application with good Hebrew Support Danny Lieberman wrote: 3. Use a 10kg hammer. We have clients that insist on physical destruction of the data disk after a network surveillance. Do you, at least, FIRST run the dd? I'm sure you realize that recovering data from a disk that got only the 10KG hammer is much easier (and cheaper) than recovering data from one that got only the dd treatment. As an added bonus, you just marked that disk as interesting by physically destroying it :-) Personally, I think the best solution for anyone who cannot afford to physically melt the disk platters is to dd the entire disk, and THEN GO ON USING IT for another project. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
ronys wrote: Note that if you're going to dd, at least use if=/dev/urandom. Running dd several (10) times is best (or using shred(1), which does the same). Rony I am familiar with the urban legend. From what I read about the technique by which you reconstruct older generation data, I'm not sure it would make that much of a difference. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
rony good point.shred with strings of zeroes is probably even better than erasing. d 2009/8/18 ronys ro...@gmx.net Note that if you're going to dd, at least use if=/dev/urandom. Running dd several (10) times is best (or using shred(1), which does the same). Rony -- *From:* linux-il-boun...@cs.huji.ac.il [mailto: linux-il-boun...@cs.huji.ac.il] *On Behalf Of *Shachar Shemesh *Sent:* Tuesday, August 18, 2009 4:51 PM *To:* Danny Lieberman *Cc:* ILUG; geoffrey mendelson *Subject:* Re: Suggestion for a webmail application with good Hebrew Support Danny Lieberman wrote: 3. Use a 10kg hammer. We have clients that insist on physical destruction of the data disk after a network surveillance. Do you, at least, FIRST run the dd? I'm sure you realize that recovering data from a disk that got only the 10KG hammer is much easier (and cheaper) than recovering data from one that got only the dd treatment. As an added bonus, you just marked that disk as interesting by physically destroying it :-) Personally, I think the best solution for anyone who cannot afford to physically melt the disk platters is to dd the entire disk, and THEN GO ON USING IT for another project. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd.http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
2009/8/18 Danny Lieberman dan...@software.co.il: d) We deploy security countermeasures to protect assets: 0) We don't use Google docs, Never. 1) None of our really sensitive assets are on Google Apps and that includes Calendar and Mail So what's left from your use of Google? BTW - do you (the plural you to the entire list) consider mail hosting by other companies besides Google as more secure? The BHP's at my workplace (the sales/CEO office in the US) insisted on Exhange server, so we opted for a hosted exchange instead of the white-box-you-shouldn't-breath-near-its-power-cord in-house exchange server I inherited on the other side of the Pacific from California. --Amos ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
RE: Suggestion for a webmail application with good Hebrew Support
Hi Shachar, 'urban legend' may be a bit strong. The reference I had in mind was http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html which is a bit dated (circa 1996, plus a couple of undated epilogues), but still an interesting read. Of course, if you're going to keep sensitive data on magentic media, it's *much* easier to use an encrypted partition (e.g., dm-crypt http://www.saout.de/misc/dm-crypt/ http://www.saout.de/misc/dm-crypt/ or TrueCrypt http://www.truecrypt.org/) and securely destroy the keys. Rony _ From: linux-il-boun...@cs.huji.ac.il [mailto:linux-il-boun...@cs.huji.ac.il] On Behalf Of Shachar Shemesh Sent: Tuesday, August 18, 2009 5:17 PM To: ro...@acm.org Cc: 'ILUG' Subject: Re: Suggestion for a webmail application with good Hebrew Support ronys wrote: Note that if you're going to dd, at least use if=/dev/urandom. Running dd several (10) times is best (or using shred(1), which does the same). Rony I am familiar with the urban legend. From what I read about the technique by which you reconstruct older generation data, I'm not sure it would make that much of a difference. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Amos Shapira wrote: 2009/8/18 Danny Lieberman dan...@software.co.il: d) We deploy security countermeasures to protect assets: 0) We don't use Google docs, Never. 1) None of our really sensitive assets are on Google Apps and that includes Calendar and Mail So what's left from your use of Google? BTW - do you (the plural you to the entire list) consider mail hosting by other companies besides Google as more secure? In most aspects, yes. First, another provider will likely be a smaller target (security by anonymity). Second, another provider are not cross linking your emails with other things they know about you. Granted, that's mostly because they don't have that other info, but whatever the reason - it works. As for traditional security - Google's extra size is a mixed blessing. I wouldn't work with someone small using a tailor made solution, but someone using a standard solution is likely, in the long run, to provide comparable security level to those Google provide (theoretical more chance of being vulnerable is offset by less chance of being exploited). Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Shachar On the Internet - size is not an indication of threat surface. Ability to provision and maintain is more important. You have to engineer your solution to your needs. For us - the combination of Google Apps, slicehost (for smaller projects) / rackspace (for big projects) rocks. Google Apps Mail and Calendar are amazing applications especially if you have colleagues in 5 or 6 time zones and people with iphones and blackberries like we do I can't believe that there are people on Linux-IL who seriously consider Squirrel Mail a competitor. d On Tue, Aug 18, 2009 at 5:44 PM, Shachar Shemesh shac...@shemesh.bizwrote: Amos Shapira wrote: 2009/8/18 Danny Lieberman dan...@software.co.il dan...@software.co.il: d) We deploy security countermeasures to protect assets: 0) We don't use Google docs, Never. 1) None of our really sensitive assets are on Google Apps and that includes Calendar and Mail So what's left from your use of Google? BTW - do you (the plural you to the entire list) consider mail hosting by other companies besides Google as more secure? In most aspects, yes. First, another provider will likely be a smaller target (security by anonymity). Second, another provider are not cross linking your emails with other things they know about you. Granted, that's mostly because they don't have that other info, but whatever the reason - it works. As for traditional security - Google's extra size is a mixed blessing. I wouldn't work with someone small using a tailor made solution, but someone using a standard solution is likely, in the long run, to provide comparable security level to those Google provide (theoretical more chance of being vulnerable is offset by less chance of being exploited). Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd.http://www.lingnu.com -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
ronys wrote: Hi Shachar, 'urban legend' may be a bit strong. The reference I had in mind was http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html http://www.cs.auckland.ac.nz/%7Epgut001/pubs/secure_del.html which is a bit dated (circa 1996, plus a couple of undated epilogues), but still an interesting read. Of course, if you're going to keep sensitive data on magentic media, it's *much* easier to use an encrypted partition (e.g., dm-crypt http://www.saout.de/misc/dm-crypt/ or TrueCrypt http://www.truecrypt.org/) and securely destroy the keys. Rony Thanks. That seems like an excellent resource (with reasoning, unlike what I'm used to :-). I haven't delved into it, yet, but its description of how the drive actually writes data to the disk differs dramatically from what I remember described the last time I saw a description of the recovery process (it claims the 1 and 0 are merely encoded as magnetic polarity, while I remember them being modulated on a sine wave). Which it actually is, I'm not sure, but the reasoning your article states for using random data (create as low a frequency as possible given the disk's RLE) is negated if the data is actually modulated. Unfortunately, I have lost track of my previous source, but pending further analysis, I'm willing to retract my definitive claim that needing to use random data is an urban myth. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
2009/8/18 Danny Lieberman dan...@software.co.il Shachar On the Internet - size is not an indication of threat surface. Ability to provision and maintain is more important. You have to engineer your solution to your needs. For us - the combination of Google Apps, slicehost (for smaller projects) / rackspace (for big projects) rocks. Google Apps Mail and Calendar are amazing applications especially if you have colleagues in 5 or 6 time zones and people with iphones and blackberries like we do I can't believe that there are people on Linux-IL who seriously consider Squirrel Mail a competitor. There you go again with the Don't even think about hosting your own Webmail Danny - There are companies out there which consider internal mail as classified - Hosting the emails on third-party servers, even encrypted versions of the emails, is simply a security threat. It's called keeping your data close to home, and it's quite important, especially when your content might be problematic in other jurisdictions. And anyway - no one outside of my company network/VPN should have IMAP/POP3 access to the mail server. With Google Apps you carefully craft your office firewall rules, then move mailbox access to *outside* of the network??!! -mike d On Tue, Aug 18, 2009 at 5:44 PM, Shachar Shemesh shac...@shemesh.bizwrote: Amos Shapira wrote: 2009/8/18 Danny Lieberman dan...@software.co.il dan...@software.co.il: d) We deploy security countermeasures to protect assets: 0) We don't use Google docs, Never. 1) None of our really sensitive assets are on Google Apps and that includes Calendar and Mail So what's left from your use of Google? BTW - do you (the plural you to the entire list) consider mail hosting by other companies besides Google as more secure? In most aspects, yes. First, another provider will likely be a smaller target (security by anonymity). Second, another provider are not cross linking your emails with other things they know about you. Granted, that's mostly because they don't have that other info, but whatever the reason - it works. As for traditional security - Google's extra size is a mixed blessing. I wouldn't work with someone small using a tailor made solution, but someone using a standard solution is likely, in the long run, to provide comparable security level to those Google provide (theoretical more chance of being vulnerable is offset by less chance of being exploited). Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd.http://www.lingnu.com -- Danny Lieberman - Protect your data: http://www.software.co.il Twitter: http://twitter.com/onlyjazz Skype: dannyl50 Warsaw:+48-79-609-5964 Israel: +972 8 9701485 Mobile: +972 - 54 447 1114 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
Mike Allow me to give you a cold dose of reality A. Internal email is never 'confidential'. 1. As long as you have Web access, mobile devices and USB sticks - you may assume that everything an employee has access to in the company can and will be sent to people outside the company. This is not a fantasy - this is what happens at every account we work with. 2. People with VPN access to mail inside your company can and will take mail and other data into their own domain (home, business partner office, outsourcing partner, contractor). You have no control over the data flow just because you have a VPN - as a matter of fact - because you have a VPN - you are lulled into false sense of security. 3. You can try DRM / IRM and / or shutdown attachments in your enterprise email. Your employees will take the data home on a USB stick and email it from home or ftp it or IM it or tunnel it or proxy it. We had a case data was leaked by users with IM tunneled over telnet tunneled over HTTP. 4. Internal mail systems have a back door from home/business partners/contractors into the the office on the OWA/Squirrelmail/PoP/IMAP over VPN - It's a common way to inject malicious content into the network, usually unwittingly B. There are no free lunches 1. It is discouraging to consider the number of companies that are doing a poor job managing their messaging infrastructure - i.e. frequent downtime, capacity issues, inbound/outbound content abuse and data theft. 2. The cost of ownership for internal mail is high. The companies that manage their own mail infrastructure invest a lot of money and head count to get it right. The alternative most companies take is to outsource - and expose their data to a person who works at your company in the morning and at a competitor in the afternoon. 3. Inbound content security takes a fair chunk of IT/IT security management attention and change. More than is reasonable it a company with over 1000 employees. To set the record straight - my comment about preferring Google Apps mail/calendar related to a fairly innocent question by Yonatan regarding the allternatives to Squirell Mail etc for Hebrew support. From a usability perspective, - OWA and Gmail have it way over the OSS products. From a TCO perspective - For a SME - Google Apps Mail/Calendar is probably a better fit for a business than outsourcing to Matrix or doing it yourself. From a security perspective - there is no single silver bullet, but I'd like you to consider the following security countermeasures for protecting information: 1. Implemement a chokepoint and control inbound/outbound data flow at the chokepoint 2. Have a professionally managed service from a trusted vendor (if you trust dreamhost more than Google - go for it) 3. Have a single 24x7 point of service contact I don't sell Google Apps but I suggest reading their story at http://www.google.com/apps/intl/en/business/details.html I am glad there has been such a lively discussion. Danny http://www.dannylieberman.info On Tue, Aug 18, 2009 at 10:39 PM, Michael Tewner tew...@gmail.com wrote: 2009/8/18 Danny Lieberman dan...@software.co.il Shachar On the Internet - size is not an indication of threat surface. Ability to provision and maintain is more important. You have to engineer your solution to your needs. For us - the combination of Google Apps, slicehost (for smaller projects) / rackspace (for big projects) rocks. Google Apps Mail and Calendar are amazing applications especially if you have colleagues in 5 or 6 time zones and people with iphones and blackberries like we do I can't believe that there are people on Linux-IL who seriously consider Squirrel Mail a competitor. There you go again with the Don't even think about hosting your own Webmail Danny - There are companies out there which consider internal mail as classified - Hosting the emails on third-party servers, even encrypted versions of the emails, is simply a security threat. It's called keeping your data close to home, and it's quite important, especially when your content might be problematic in other jurisdictions. And anyway - no one outside of my company network/VPN should have IMAP/POP3 access to the mail server. With Google Apps you carefully craft your office firewall rules, then move mailbox access to *outside* of the network??!! -mike d On Tue, Aug 18, 2009 at 5:44 PM, Shachar Shemesh shac...@shemesh.bizwrote: Amos Shapira wrote: 2009/8/18 Danny Lieberman dan...@software.co.il dan...@software.co.il: d) We deploy security countermeasures to protect assets: 0) We don't use Google docs, Never. 1) None of our really sensitive assets are on Google Apps and that includes Calendar and Mail So what's left from your use of Google? BTW - do you (the plural you to the entire list) consider mail hosting by other companies besides Google as more secure? In most aspects, yes. First, another provider will likely be
Re: Suggestion for a webmail application with good Hebrew Support
Danny Lieberman wrote: Mike To set the record straight - my comment about preferring Google Apps mail/calendar related to a fairly innocent question by Yonatan regarding the allternatives to Squirell Mail etc for Hebrew support. Then lets, do, return to the original question. Does gmail know how to send email where paragraphs are marked as RTL? In fact, can it send any HTML mail at all? Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
2009/8/19 Shachar Shemesh shac...@shemesh.biz Danny Lieberman wrote: Mike To set the record straight - my comment about preferring Google Apps mail/calendar related to a fairly innocent question by Yonatan regarding the allternatives to Squirell Mail etc for Hebrew support. Then lets, do, return to the original question. Does gmail know how to send email where paragraphs are marked as RTL? In fact, can it send any HTML mail at all? Apparently it can't separate hebrew/english paragraph direction. This message is written in GMail using the rich text format, which as far as I'm aware is just HTML. --Amos ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Suggestion for a webmail application with good Hebrew Support
2009/8/19 Danny Lieberman dan...@software.co.il I don't sell Google Apps but I suggest reading their story at http://www.google.com/apps/intl/en/business/details.html To ask my question again - if you say that you use Google Apps but not Google Docs or GMail or Calendar - so what's left in Google Apps besides it? --Amos ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il