I tried to warn people in IT that this was all security theatre, but they, like me, were victims of decisions made by administrative staff rather than made by informed technical experts. There you have it.
Just recently I was told that the University would not allow me to ssh in to my office computer "because ssh had to be protected from the internet" (!), and instead I was supposed to use some binary blob to create a VPN into the UofT network -- and how having one point of entry into the whole system, trusted internally, "improves" security over a single ssh connection to a single computer, I could not tell you (and neither can they). But it's policy, so that ends discussion.
On 1/20/24 02:51, ac via talk wrote:
<https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.amazon.ca%2FBeelink-Computer-4-0GHz-Screen-Display%2Fdp%2FB09SYSPSSM%2Fref%3Dsr_1_12&data=05%7C02%7Cpeter.king%40utoronto.ca%7Cfd92cef0581c4b68b9bc08dc198daeca%7C78aac2262f034b4d9037b46d56c55210%7C0%7C0%7C638413343519234072%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=BrbVi8IcMc70gtFT40UjsI%2BPVZSLwHxw7y4zvjG0NA8%3D&reserved=0>
<snip>
Anyway, so to issues of user trust: To me, it seems that utoronto.ca uses/pays Microsoft and outgoing emails, opens and reads all email Even https links in already replied to chains (which are now seen as outgoing links from the users@ utoronto.ca - are clearly - visited, indexed, checked/scanned (probably Microsoft would say : the websites/domains/links etc are scanned for malware, I would say that Microsoft has previously, and in the past, simply 'blocked', 'broken' or done other things to various websites it does not 'like') It does so many other things as well, one small one being 'brand dilution' as readers and senders of emails and DM etc etc - where names are re-written to the Microsoft or Facebook or whatever abbreviated link brand name - this serves to underline the brand doing the re-writing - as the "safe" link in the above example - COULD easily been displayed as AMAZON (with the actual a href -> protection.outlook.com/ as in example: <a href='https:outlook.com'>https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Famazon.com%2F&data=05%7C02%7Cpeter.king%40utoronto.ca%7Cfd92cef0581c4b68b9bc08dc198daeca%7C78aac2262f034b4d9037b46d56c55210%7C0%7C0%7C638413343519234072%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hBoCafebsN1s%2BJepdksVjigW5yev7dnB%2FCwjWrMBNvo%3D&reserved=0</a> Which would then just display the original link, but with an outlook landing. BUT - Microsoft 'chooses' to display : protection.outlook.com?var=very.long.&data=ascii.long.long.long.long.long.long.long.long.long.long.long Apparently because users@ utoronto.ca (and microsoft users) send out malware links and this is a way that Microsoft chooses to try to protect recipients and their users from malware/abuse - instead of their users or recipients relying on other software, like browsers, local anti virus, local script blockers, etc (taking the control away)
-- Peter King [email protected] Department of Philosophy 170 St. George Street #521 The University of Toronto (416)-946-3170 ofc Toronto, ON M5R 2M8 CANADA http://individual.utoronto.ca/pking/ ========================================================================= GPG keyID 0x7587EC42 (2B14 A355 46BC 2A16 D0BC 36F5 1FE6 D32A 7587 EC42) gpg --keyserver pgp.mit.edu --recv-keys 7587EC42
OpenPGP_0x1FE6D32A7587EC42.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
--- Post to this mailing list [email protected] Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
