Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Introducing Ciphire Mail
January 23, 2005, 10:06 pm
rate this thread
your existing email client. Ciphire Mail operates seamlessly in the
background and does not interfere with normal emailing routines. It
encrypts and decrypts email messages, and can digitally sign each
message to provide authentication and guard against identity theft.
Ciphire Mail is the first out-of-the box solution to match power with
ease of use.
Even though I walk through the valley of the shadow of death,
I will fear no evil, for you are with me;
your rod and your staff, they comfort me.
- Juergen Nieveler
January 24, 2005, 12:27 am
Re: Introducing Ciphire Mail
Or to be more precise: It's a transparent proxy and tries to interfere
with ALL mail clients you use.
The certificates are essentially worthless, though. The only check
during certifacte generation is wether you have access to the mailbox
that you request the certificate for - it's equivalent to a
Class1-S/MIME- certificate or a PGP-Key signed only by a RobotCA.
That's good enough for encrypting mails you send your mom - but not
enough for really security-relevant stuff.
What's wrong with S/MIME? It's pre-installed in most mail clients and
can be easily activated - equivalent certificates that match the
security of Ciphire are available for free.
The key problem for Ciphire will be
a) Geeks won't accept it (people who care about their machine don't
tolerate processes that try to hijack all your mail - maybe Ciphire
will someday roll out a conventional proxy version)
b) You have to trust their Keyserver - there are no alternatives like
there are for PGP
c) Joe Luser won't even understand why he needs it - if he did, he'd
have installed PGP or S/MIME years ago
d) Companies won't pay money for a system used neither by their own IT
staff (see a) or their customers (see c). They'll stick with S/MIME
because with S/MIME they keep control over their OWN CA (and just have
to fork out money to Verisign to certifiy their CA key
e) Once Ciphire fails to create a large enough customer base, they'll
turn off their keyserver, which means that in one stroke all existing
Ciphire- users will be cut off - there won't be any university-owned
keyservers to take over like they did for PGP
The best way to handle DOS is... wiping it off your HD!
- » Mysterious app. tries to connect, no info found yet, any ideas?
- — Next thread in » General Computer Security