[Cryptography] another security vulnerability / travesty
Jerry Leichter
leichter at lrw.com
Sat Oct 1 17:48:55 EDT 2016
>
>> Fax is a lot harder to get at than email.
>
> Yes harder ... but wow, that's a really low bar.
> Are you claiming it is "hard enough"?
> Hard enough for what purpose?
Hard enough that attackers will choose other routes.
For the vast majority of people communicating health information with their doctors - the example with which we were dealing - fax communication is much more secure than the computer sitting in the practice's back room. Or even the paper records sitting in the office.
But really the whole question is a mess. Your medical information goes from you to the doctor by some route. It's stored by the doctor - somewhere. The doctor sends it to the insurance company - somehow. He sends you prescriptions (often almost as telling as your full medical history) to your pharmacy - somehow. Spending time looking at one of the many places your medical stuff goes, while ignoring the rest, is rather pointless. Personally, I would rather not send sensitive stuff through email, because it's so easily tapped and we *know* it's being tapped. FAX may be a small step up, but at least it keeps things somewhat more limited: The FAX message isn't stored indefinitely in what could be an easily network-accessible server. But that's about as far as it makes sense to me to go.
-- Jerry
More information about the cryptography
mailing list