Brazil makes it official: Gov email must be state-run and on-premises Brazil has followed through on its promise to make its government email open source and entirely- on-shore. The nation's Diário Oficial da União, or official gazette for the English-speakers among you, yesterday contained a “Decreto anuncia medidas para adoção dos serviços de correio eletrônico oferecidos pela administração …
This post has been deleted by its author
Or use Outlook (Windows), or KMail (Linux) and set them up with IMAP connectivity to external mail systems (GMail, Hotmail, Yahoo). Once they're used to the interface then show them how to drag/drop mail from external into their local mail, then turn off external IMAP connectivity. Job done.
When I come across people using Google for their mail I try to get them off it onto an in house Linux server. One day they will thank me but at the moment I get them saying that gmail is so much nicer than Thunderbird.
God I hate SME conslutants like you. You like the in house linux server because you get to commission it, build it and support it. You get the phone call and call out fee when it goes wrong. You get the fee in 3-5 years to come in, migrate the data and replace it. Getting an SME to in-house email guarantees you a revenue stream for as long as the company exists.
You don't get the business interruption when it does (inevitably) go wrong. In fact, it going wrong gets you call out fees, you love it.
On the other hand, cloud email systems (generally) are always available. You pay a tiny fee each month per user, you do not need a conslutant to be your "email god". I bet you fucking love the current "spygate" news, nothing is better for selling stuff than scaring the customer - "Oooh, use gmail and NSA is watching you! Buy my server and support contract and you too can be safe! Yes, you, Bob of Bob's Bargain Baits!"
PS - nothing to do with his choice of Linux. Suggesting Windows is just the same, except you get more frequent support calls.
At least the customer has someone to phone. That is in the country you're in. Might even be local. Not some faceless call centre person, reading from a script. Do you even get that much when you use the lowest tier business cloud email? Some people provide the personal touch.
I provide in-house email service for my account. He doesn't pay me anything but I get a discount on my accounts. I've gone sometimes as long as years without receiving fault calls. The most important thing is that he trusts me. Also, aren't you just trading on fear... fear of cost, fear of unreliability. You are no different.
This may be an option for a small subset of email users, but not for the majority.
My neighbour is a very sprightly woman of 83. She's neither particularly bright nor particularly stupid; let's say "average" intelligence. With some initial help she overcame her fears of using a computer and now keeps in touch with her children, grandchildren and great grandchild who are scattered over three continents by means of email, Skype and a number of picture sharing sites.
Do you want to tell her she needs to install a Linux box and run her own email?
Much as I value privacy etc. the simple convenience of gmail for business kind of overrides that, unless you're dealing with the kind of sensitive information the NSA might have some interest in.
I did previously run a mail server for my small business, but spam filtering became such a headache (even with all manner of DNSBLs and bayesian filters) that gmail just solved my biggest problem for free.
Much as I appreciate our mail is not secure from snooping now, to be perfectly honest, email is inherently insecure. Your customer might have his Linux box, but as soon as he sends or receives email outside his network, it's plain text running around the internet and the NSA will gobble it up, no problem.
Of course you can use GPG and encrypt mail if you really want to protect your privacy, but then I can do that too with my mail running through Gmail.
What Brazil is doing is only really going to help if they can keep domestic traffic within their own domestic networks, and keep those clear of NSA taps.
Your customer with his Linux box has no such possibility. If he's in the UK or US, all his mail is being read going in and out anyway. So in some respects you are putting him in a more vulnerable position if you're telling him that his mail is secure because the box is in house.
Along similar lines, I had some discussion recently with one of those web security audit services that insisted my client had to run his 'contact' form on his site under SSL because people entered personal details into the form. I pointed out that like most contact forms, the contents were then emailed in plain text, so the SSL was only going to create the superficial impression of a secure communications channel, and encourage people to put credit card details and god knows what else in there. Of course, they were not interested - because sadly superficial impression of security seems to be what most people care about these days.
Funnily enough, since whenever the UK Government has had such a system, described here, but it's anybody's guess whether it's compromised by the Cabinet Office fascination with third party cloudiness especially given the requirement to use the product maker's cloud
Yeah, too bad NEC, Hitachi, Matsushita, Mitsubishi and Fujitsu aren't in Japan, Brazil's BFF and largest point of origin for computer systems in Brazil.
The idea that all high level tech comes from China or a few US firms is a particularly Western thing and it is incredibly wrong.
".... Government data must be carried by a government organisation or an organisation in which the government is a shareholder, other than for mobile communications;...." Translation - more job for the boys, just watch the gross inefficiency of the resulting civil-servant-driven mess, complete with corruption, nepotism and suicidal political mantras!
"......The government will create and operate its own email services;...." Will the government write their own OS and apps from scratch? Otherwise they could just be creating a clean system and populating it with backdoored apps. So, that will be ready in how many decades....? And who is going to audit the local developers to ensure they don't get bribed to put a backdoor in anywhere during development?
"......Facilities enabling audit of confidentiality, authenticity and integrity of the email system must be built in from the start;...." So crack/backdoor the auditing and management and the NSA (or FSB, etc., etc.) have free access to everything - by the way, how much are you going to pay the auditors/sysadmins to make sure they don't get tempted by CIA bribes AFTER you have built your "clean" system? How do you know any of the "trusted" coders aren't already on foreign payrolls?
".....Data must be stored in government facilities in Brazil;....." Gravy train! So which friends of Roussef's will get the contract? Maybe she's hoping it will save Eike Batista's crumbling empire now that the cracks in the Brazilian petro-economy are gaping wide open!
".....Normal procurement practices are suspended in order to get this done without having to seek competitive bids....." Making it easier for the friends of Roussef to profit (and for the CIA/FSB/UncleTomCobbley to bribe their way in). Hey, what happens if the CIA sets up a front company in Brazil and bribes their way into a contract? Total and unfettered access!
The boys at Langley will be laughing up their sleeves at this one!
The US shot their wad in South America a long time ago. After their last few decades of US interference they assume by default that if you're a US company you're working with the CIA and you've got to prove you're not. They have more checks on business funds and transactions than the US does. Although it's a lot cheaper to work through the bureaucracy there it's much more through than it is here.
Try shipping in containers of finished machine goods. They're filled with glee when the boat arrives and they think they might get to uncover new US shenanigans. They're far nicer about it there than here in the US as well, just goes to show you don't have to be a dick to do a good job (Miami customs take note...)
Besides, it'll be the Japanese that handle all the tech and they aren't going to let their South American money machine be compromised by the US. While the West has been busy playing World Police Japan and South America, specifically Brazil south, have been having a grand time out educating and industrializing everybody else. I think it's hilarious. We're busy looking in baby diapers for bombs spending billions to censor the news and the Internet and they're busy building economies and staying out of all this stupid bullshit.
"......Besides, it'll be the Japanese that handle all the tech and they aren't going to let their South American money machine be compromised by the US....." Did you maybe mean China, the largest trade partner with Brazil? You may also want toread up on Eike Batista before you continue spouting on about the invicibility of that money machine.
".....While the West has been busy playing World Police Japan and South America, specifically Brazil south, have been having a grand time out educating and industrializing everybody else....." You really do need to spend more time reading up on current affairs. The biggest problem facing the Latin American countries is that they have not improved the lot of their poorest citizens. Indeed, the gap between rich and poor is staggeringly large and widening. Add to that the failed promises of so many Socialist governments and you have a whole continent of powder kegs.
"...... I think it's hilarious. We're busy looking in baby diapers for bombs spending billions to censor the news and the Internet and they're busy building economies and staying out of all this stupid bullshit." I suggest you go look at the many "revolutionary" geurilla groups common to the region, the massive amount of drug-gang related violence, and then maybe you might grasp that there is not one country in Latin America spending a lower fraction of their budgets on internal security than the UK or US, and yet still having a worse security situation. Far from avoiding the "stupid bullshit" they are drowning in their own.
Only because we let it be. Only if you insist on Teletype-era protocols such as SMTP and POP. Is IMAP any better?
Set the wayback machine to the 1980s, when a different set of people designed a set of standards for an email network that was relatively trustworthy, but which at the time was a bit heavy on compute requirements. These days any old smartphone would cope OK.
Take your pick. A bandaid on an inherently insecure elastoplast, or back to standards that actually used to have a chance of being trustworthy, but which were abandoned because (a) your 486/33 couldn't quite cope (b) the support infrastructure wasn't zero-cost and therefore wasn't immediately appealing to cheapskate ISPs.
X.400 and X.500, if you're interested. Or some logical succesor thereto.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
