undefined | Better HN

0 pointsincompatible7y ago0 comments

You aren't really sending email any more, just a link to a website.

0 comments

lotu7y ago

This is unfortunately how lots of people and companies think "secure" email needs to work. Any message from my bank or doctor works this way even it is something as simple as an appointment reminder. It is massive waste of user's time and programing effort, but I'm afraid that is where the world is moving.

racingmars7y ago

Unfortunately doctors have to do this because the common legal interpretation of HIPAA and HITECH Act is that they have to.

Dates of service for a patient are protected health information. Most covered entities and business associates won't risk sending any PHI using methods that are not covered under the safe harbor provisions of the HITECH act. So... endless proliferation of "secure email" systems instead of using email. (And I don't see S/MIME taking off anytime soon as an alternative, even though that would be sufficient to qualify for safe harbor.)

exolymph7y ago

Harder to spoof or phish (depending on the implementation). I know that a message shown on my bank's main website, with the correct URL, is legit.

tgragnato7y ago

Does this mean that I only need a new reject rule in my spam filter?

josteink7y ago

Also requiring the recipient to log into Google to allow google to track them.

npongratz7y ago

And conditioning users to click on links they see in emails. Ugh.

crysin7y ago

I've already experienced this with employers and when buying a home using "HP SecureMail" and some Microsoft e-mail encryption. All they would have in the e-mail body is a link and I would need to validate my identity in some way to access the "protected" content through the website instead of it just being in my e-mail.

acdha7y ago

I agree that this is something to be concerned about but according to the instructions it doesn't require a Google login so you could do the entire session in a private browsing window if you wanted as long as you can get the verification code by SMS or the email address.

9080877y ago

"Private"/"incognito" tabs and windows do little to nothing to protect you from the kind of tracking companies like Google engage in.

j / k navigate · click thread line to collapse