http://securityratty.com/tag/voltage Fri, 14 Mar 2008 14:24:30 +0000 iRatty Engine http://blogs.law.harvard.edu/tech/rss http://securityratty.com/article/27ce65d02d071d38a284a07217520016 http://securityratty.com/article/27ce65d02d071d38a284a07217520016

]]> Wed, 23 Apr 2008 20:00:00 +0000 public keys voltage security encryption plan cumbersome databases avoids identities users Voltage offers public-key encryption without certificates http://securityratty.com/article/1bf1e459b2bb9c9a7c51892180684622 http://securityratty.com/article/1bf1e459b2bb9c9a7c51892180684622 Voltage offers one of the many alternatives present in the industry for secure encrypted email communication. It is supposed to have incorporated strong anti-phishing technology within it. Could very well be, but there is a huge problem with the whole concept. You see, the way it is supposed to work is:

1. I type an email - and then choose to encrypt via voltage and send

2. Receiver gets an email with my email-address in the "From:" field, but with content stating something like "You have received an encrypted email. To view your email, click on the attachment.." - and a neat little html attachment presents itself for you to click.

3. Receiver - knows all about Voltage and its anti phishing technology - and hence assumes it is safe to click on a link / open the attachment.





Sheeeesh. No option to type a url and go to Voltage's website. No notification that I could be sent to sushi-land.. nothing..

.. More phish anyone ?]]> Tue, 01 Apr 2008 13:39:00 +0000 email voltage email-address email communication voltage offers html attachment attachment click secure Secure Email from Voltage http://securityratty.com/article/44f5343637c00340048a0a84dc78e157 http://securityratty.com/article/44f5343637c00340048a0a84dc78e157 Fri, 14 Mar 2008 14:24:30 +0000 software tool kit voltage security legacy applications encryption Voltage unveils format-preserving encryption tools