What do you use PGP/SMIME for?
nick at leippe.com
Wed May 7 10:04:19 MDT 2008
> Sometimes you can get less technical people to install an email cert
> when you tell them that sending a password by email (or any sensitive
> information) can be less secure than posting it on the internet since
> email bounces around to more servers.
Merely *can be* less secure? No, it *is not* secure, period. Same for
simply "posting it on the internet", in most of the ways that could be
interpreted by the layman.
I like to say that there are no degrees of insecurity.
I think sometimes we're afraid of emphasizing the importance of security to
the less technical because of their tendency to go idiot-lights-mode on us,
or to get mad because they don't understand, don't care, or don't want to.
I still think it's important, and if it's important, is worth doing and worth
mentioning. Kind of like trying to get a child to brush their teeth. It may
not be easy at first, or fun, but is important and worth it in the long run.
More information about the PLUG