[Linux-aus] comment for an article on Government website accessibility

Rhett Kipps rhett at kipps.com.au
Fri May 29 11:20:03 EST 2009


Quite interesting that it claims email is insecure then:
a) hosts a webform without using SSL, ensuring that is not encrypted either,
and susceptible to a MITM attack;
b) suggests postal mail to the address provided in the clear over the web is
somehow more secure, although also susceptible to a MITM attack.

Seems to be a load of rubbish.  If they were genuinely concerned about
security, the webform would utilise SSL, and the page detailing the "secure"
postal address should also be served over SSL to ensure the web server's
identity.

Cheers,

Rhett


On Wed, May 27, 2009 at 8:03 PM, Samps <samps at unplugd.com> wrote:

> On Wed, 27 May 2009 04:17:14 pm Bret Busby wrote:
> >
> > The prime monster cannot be contacted by email.
> >
>
>
> Maybe not. But at least he is offering an explanation as to why he doesn't
> want you to email him, AND a webform that you can use instead:
>
> http://www.pm.gov.au/contact/index.cfm
>
> He's also on Twitter (KevinRuddPM from memory) and does reply to any
> concerns
> that you might have (if they have some degree of legitimacy).
>
> cheers
> Samps
>
> _______________________________________________
> linux-aus mailing list
> linux-aus at lists.linux.org.au
> http://lists.linux.org.au/listinfo/linux-aus
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux.org.au/pipermail/linux-aus/attachments/20090529/deeb52de/attachment.htm 


More information about the linux-aus mailing list