undefined | Better HN

0 pointssamwillis4y ago0 comments

So, I understand the motivation, it's the misguided implementation that's the problem. The only thing from your suggested requirements that actually works is the ability to "retract" an email before its been read.

It can still be forwarded (after extracting from a badly implemented site). The "ensure the right person got it" password is stupid as its literally sending it to the same email address.

The thing I find so bizarre about this is that lawyers/accountant etc. have been seeing out letters in the post forever and never had the desire to implement this level of security. Post can be intercepted, read by third parties and modified at will, just like unencrypted email. The only thing that's changed is that because there is supposedly the ability to do it someone has lobbied for there to be a mandate for it.

Just because it "can be done" doesn't mean is should or that it achieves what the motivation was.

If there is something that important that it can't be in the wrong hands then either do it in person or sent a courier with the signed for letter that requires id on delivery.

These systems are nothing other than security theatre that's sold to the unknowledgeable as something they need, when the reality is it's a complete waste of everyones time. (except for the person selling it!)

0 comments

kasey_junk4y ago

It would be extremely expensive to mechanize the dragnet stealing/modification of the post. I agree the current solutions for electronic communication are stupid but there is concern about the many vectors and attacker could get all the data.

The fax only ones are the dumbest though because on both sides everyone is just using electronic documents.

j / k navigate · click thread line to collapse