|
|
Subscribe / Log in / New account

Email insecurity (was One of the great benefits of Open Source)

Email insecurity (was One of the great benefits of Open Source)

Posted Nov 6, 2025 8:46 UTC (Thu) by Wol (subscriber, #4433)
In reply to: Email insecurity (was One of the great benefits of Open Source) by taladar
Parent article: Debian to require Rust as of May 2026

> That way I wouldn't have to e.g. login to my bank website to see their actual message or download their monthly list of transactions as a PDF just because email is insecure.

And yet they were quite happy to send stuff by snail-mail, which is arguably even less secure!

Once you've verified the end points, email is as - or likely more - secure than snail mail. Sure stuff can get lost. Sure a determined cracker can steal email in transit. But the only place it's likely to get stolen from is the customer's own system, and forcing the customer to log in and retrieve a message or PDF provides absolutely no security there!

And as implemented, where you have to login to read messages, can be a disaster too. My "Building Society" (it was one - thanks to the mess of UK Banking reforms I don't have a clue what it is now) seems to be a bit clueless on that front. I got sent an important - time sensitive - message via their internal messaging systems, only for me never to see it because I got no notification whatsoever it was waiting for me. The zeroth rule of successful investing (which the investment firms are desperate for us to break because it earns them loads of lovely commission) is treat investments like mushrooms - leave them alone in the dark until they mature. Which I did, so I never logged in, and never saw the message ... WHOOPS!

Cheers,
Wol

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds