"more secure" 3rd-party file sharing?
Bill McGonigle
bill at bfccomputing.com
Wed Aug 23 00:37:00 EDT 2006
Problem: people misaddress e-mails, don't look at what their client is
auto-completing for them, and generally send files to people who
shouldn't get them.
Solutions?
discredited: making users care, making users cautious, replacing users'
computers with dull pencils, forcing all users to use PGP or S/MIME.
first thought: some sort of bot one could send a file and description
to that would respond with a URL to the sending user to add an
allowed-users list and then send the intended recipients a link to a
webpage where they can download the file. This at least gets one layer
of auditability, links can be expired, and SSL can be enforced. Also
requires blocking outbound 25, 465, 587 at the firewall and stripping
attachments at the MTA.
Has anybody seen an implementation of such a thing? Or have better
ideas?
-Bill
-----
Bill McGonigle, Owner Work: 603.448.4440
BFC Computing, LLC Home: 603.448.1668
bill at bfccomputing.com Cell: 603.252.2606
http://www.bfccomputing.com/ Page: 603.442.1833
Blog: http://blog.bfccomputing.com/
VCard: http://bfccomputing.com/vcard/bill.vcf
More information about the gnhlug-discuss
mailing list