Faxing
-
@tonyshowoff said in Faxing:
@Dashrender said in Faxing:
@scottalanmiller said in Faxing:
@Dashrender said in Faxing:
email goes over an unencrypted network that can be easily tapped by spies. Tapping a POTS line (not a SIP trunk) is much harder and requires local access to the end points, or hacking into the phone companies systems.
Not my email. Not anyone's that I know. Email is encrypted end to end in nearly all cases and end to centre is almost all of the remaining cases. If you want to intercept email, unless someone has gone dramatically out of their way to be insecure on purpose, you need access to the datacenter. Local access does nothing for you.
Local access is the easiest thing to get. POTS is the easiest technology to tap. It's so easy to tap that the tools are standard for it and "just work". If you have a POTS listening tool, you just walk up to the line down the street from where you want to listen and voila... you have the entire communications both audio and fax.
but you can't do that from china. That's my point. hell you can't do that from anywhere, but as you said, down the street of whomever you want to tap.
Nobody cares about China except paranoid Americans who think they're dangerous. Not only that, but Chinese people can visit the US, so, tapping a phone line still at higher risk for Chinese eavesdropping than encrypted email or even just data going over SSL.
Or even plain text email. Seriously.
-
As for email in transit, there is no server to server hopping for email.
Email goes from your server directly to the IP defined by the MX records for the receiving domain. This is not the old school days of store and forward.
Of course, it hits any number of routers along the way. But it never hits anything else.
You can easily require all traffic to and from your mail server to use TLS. You will certainly suddenly have complaints from people that their email to you is being bounced.
You could also just setup your outbound email to require TLS while allowing opportunistic TLS on the inbound. Then anyone can email to you and it will attempt to negotiate TLS on all inbound first and will fall back to unencrypted. This has no bearing on HIPAA because it is not data YOU are sending. On the other hand your sent email will all be TLS or it will not send. You will find very few people you need to send to that fail.
-
Please stop saying that I'm claiming that faxes are more secure. I'M Not!
I guess I'll just say, as long as Faxing is grandfathered in, the rest doesn't matter because the expense and complexities of using encrypted email (think PGP or password encrypted zip) won't replace it.
I'm absolutely willing to capitulate the grandfathering is the main, perhaps only, reason it's allowed.
-
@Dashrender said in Faxing:
Please stop saying that I'm claiming that faxes are more secure. I'M Not!
I guess I'll just say, as long as Faxing is grandfathered in, the rest doesn't matter because the expense and complexities of using encrypted email (think PGP or password encrypted zip) won't replace it.
I'm absolutely willing to capitulate the grandfathering is the main, perhaps only, reason it's allowed.
I said nothing of the sort. I said unencrypted email is more secure than faxing. Just clarifying my point of view.
-
You're post just happened to be above mine, I wasn't posting to you JB.. Thanks.
-
Please stop saying that I'm claiming that faxes are more secure. I'M Not!
Really, you didn't? Could've fooled me, you spent a hell of a lot of time not only heavily implying it was secure, but straight out saying it's more secure than email, using arguments from the standpoint of ignorance about how email even functions, thinking it's unencrypted in transit, but still seemingly sticking to these points even after being shown they are wrong.
Scott has been saying for years that regular email is more secure than faxing - that I'll never agree with.
This means you think it's more secure than email, implying you think it's secure, unless you're saying they're both so insecure it doesn't matter, in which case that's wrong.
email goes over an unencrypted network that can be easily tapped by spies. Tapping a POTS line (not a SIP trunk) is much harder and requires local access to the end points, or hacking into the phone companies systems. These alone in my opinion make it more secure - nothing Scott or anyone else has said why an email sent over the internet is more secure than this situation.
Saying fax is more secure than email, in fact blatantly saying it is "more secure."
the authentication on a fax is the phone number.
Implies there's any security at all.
but you can't do that from china. That's my point. hell you can't do that from anywhere, but as you said, down the street of whomever you want to tap.
Implying again it's more secure than email
If you want me to "stop saying that [you're] claiming that faxes are more secure," then stop saying it!
-
Just because SSL can be enabled doesn't mean that it is. Though I will grant that it's used by most major, and many minor vendors today.
-
@Dashrender said in Faxing:
Just because SSL can be enabled doesn't mean that it is. Though I will grant that it's used by most major, and many minor vendors today.
That's definitely true, I think though most major clients give you a lot of BS for not using SSL and won't even work over web access without it, major ones anyway. Again as I said before, these are software problems, they can be made easier. I blame programmers like me, because so many of us are so stupid or we assume users know more than they do.
-
@Dashrender said in Faxing:
Just because SSL can be enabled doesn't mean that it is. Though I will grant that it's used by most major, and many minor vendors today.
Actually, you can be certain of it, I already told you how. I know you run your own Exchange server in house still. So it is very simple to setup.
-
@JaredBusch said in Faxing:
@Dashrender said in Faxing:
Please stop saying that I'm claiming that faxes are more secure. I'M Not!
I guess I'll just say, as long as Faxing is grandfathered in, the rest doesn't matter because the expense and complexities of using encrypted email (think PGP or password encrypted zip) won't replace it.
I'm absolutely willing to capitulate the grandfathering is the main, perhaps only, reason it's allowed.
I said nothing of the sort. I said unencrypted email is more secure than faxing. Just clarifying my point of view.
Ah, but you know that your email is encrypted end to end and you can know if your email is offering encryption to the end user's system. After that it's not your concern in the least. Literally... zero concern on your side. Delivery is complete, handoff is made. Just disable non-SSL/TLS communications and your concerns are all set.
