Introducing Ciphire Mail

Introducing Ciphire Mail
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Introducing Ciphire Mail ToYKillAS 01-23-2005
Posted by ToYKillAS on January 23, 2005, 5:06 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Ciphire Mail is an email encryption tool. It works in conjunction with
your existing email client. Ciphire Mail operates seamlessly in the
background and does not interfere with normal emailing routines. It
encrypts and decrypts email messages, and can digitally sign each
message to provide authentication and guard against identity theft.
Ciphire Mail is the first out-of-the box solution to match power with
ease of use.

More: https://www.ciphirebeta.com
        
--
Even though I walk through the valley of the shadow of death,
I will fear no evil, for you are with me;
your rod and your staff, they comfort me.


Posted by Juergen Nieveler on January 23, 2005, 7:27 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> Ciphire Mail is an email encryption tool. It works in conjunction with
> your existing email client.

Or to be more precise: It's a transparent proxy and tries to interfere
with ALL mail clients you use.

> It encrypts and decrypts email messages, and can digitally sign each
> message to provide authentication and guard against identity theft.

The certificates are essentially worthless, though. The only check
during certifacte generation is wether you have access to the mailbox
that you request the certificate for - it's equivalent to a
Class1-S/MIME- certificate or a PGP-Key signed only by a RobotCA.

That's good enough for encrypting mails you send your mom - but not
enough for really security-relevant stuff.

> Ciphire Mail is the first out-of-the box solution to match power with
> ease of use.

What's wrong with S/MIME? It's pre-installed in most mail clients and
can be easily activated - equivalent certificates that match the
security of Ciphire are available for free.

The key problem for Ciphire will be

a) Geeks won't accept it (people who care about their machine don't
tolerate processes that try to hijack all your mail - maybe Ciphire
will someday roll out a conventional proxy version)

b) You have to trust their Keyserver - there are no alternatives like
there are for PGP

c) Joe Luser won't even understand why he needs it - if he did, he'd
have installed PGP or S/MIME years ago

d) Companies won't pay money for a system used neither by their own IT
staff (see a) or their customers (see c). They'll stick with S/MIME
because with S/MIME they keep control over their OWN CA (and just have
to fork out money to Verisign to certifiy their CA key

e) Once Ciphire fails to create a large enough customer base, they'll
turn off their keyserver, which means that in one stroke all existing
Ciphire- users will be cut off - there won't be any university-owned
keyservers to take over like they did for PGP


Juergen Nieveler
--
The best way to handle DOS is... wiping it off your HD!


Posted by Michael J. Pelletier on January 25, 2005, 2:27 am
If you were  Registered and logged in, you could reply and use other advanced thread options
ToYKillAS wrote:

> Ciphire Mail is an email encryption tool. It works in conjunction with
> your existing email client. Ciphire Mail operates seamlessly in the
> background and does not interfere with normal emailing routines. It
> encrypts and decrypts email messages, and can digitally sign each
> message to provide authentication and guard against identity theft.
> Ciphire Mail is the first out-of-the box solution to match power with
> ease of use.
>
> More: https://www.ciphirebeta.com
>

Ah...PGP anyone...and it is free...


Similar ThreadsPosted
Ciphire - Schneier Analysis February 14, 2005, 12:01 am
Mail Security May 23, 2004, 8:44 am
Mail Security Issue July 29, 2004, 10:28 pm
LOL: Strong Bad gets a virus e-mail! November 15, 2004, 12:00 pm
How would the government monitor your e-mail? July 7, 2005, 10:24 pm
Which free web e-mail is safest? December 22, 2005, 12:06 pm
https web mail services January 11, 2007, 6:12 am
How to understand this "phishing" mail? March 15, 2007, 8:45 pm
mail header Content-Disposition August 18, 2004, 10:28 am
Yahoo mail -- Virus? Phishing? December 16, 2004, 9:49 pm

The site map in XML format XML site map

Contact Us | Privacy Policy