"more secure" 3rd-party file sharing?
Ben Scott
dragonhawk at gmail.com
Wed Aug 23 08:08:00 EDT 2006
On 8/23/06, Bill McGonigle <bill at bfccomputing.com> wrote:
> Problem: people misaddress e-mails, don't look at what their client is
> auto-completing for them, and generally send files to people who
> shouldn't get them.
"There are seldom good technological solutions to behavioral
problems." -- Ed Crowley
I know that fixing wetware makes the Microsoft patch process look
easy, but ultimately, it is what is needed. No matter what you do,
you can't have a secure system with insecure people. This is
inescapable fact.
Fixing the wetware *is* possible, just costly. Life is hard.
> ... forcing all users to use PGP or S/MIME ...
[forcing users to use web page thingy]
> ... blocking outbound 25, 465, 587 at the firewall and
> stripping attachments at the MTA ...
You think you can get away with the later when you couldn't get away
with the former? The lusers are going to accept a solution which is
arguably even *more* cumbersome?
> first thought: some sort of bot one could send a file and description
> to ...
I'd suggest just starting with the web page. Login there, do an
HTTP upload. If the goal is to bypass email, don't start with email.
(Having the MTA attachment stripper respond with a pointer to the
website would be a good idea, though,)
> ... one layer of auditability ...
Your mail server cannot keep logs?
> ... links can be expired ...
True, but so what?
The only real advantage I can think of is that if a luser realizes
they've sent the file to the wrong person before the recipient grabs
the file, the luser would able to cancel the transfer. I suppose
that's something, but I wonder how often it would really get used.
You could accomplish the same thing by enforcing a mandatory
quarantine on outbound email attachments. Maybe have the quarantine
have some minimum time before it can be released by the original
sender. Maybe have it auto release after some amount of time. Maybe
allow others to release files (so two people have to fsck up before
the disclosure happens).
> ... SSL can be enforced ...
So can PGP or S/MIME. (Yes, I saw your report of their objection.
You presumably saw my objections to their objection. :) )
One benefit to using a web UI for file transfer that you didn't
mention is that it's generally a great deal more efficient (from a
computer perspective) than email. I've used similar solutions for
*that* reason in the past (when I didn't want 50 MB attachments
clogging up a busy mail server).
-- Ben
More information about the gnhlug-discuss
mailing list