Category Archives: Security

Posted on
by

A long time ago, in a galaxy not too far away, I took part in a JISC funded research project. The purpose of the project was to investigate and develop solutions for some of the issues associated with securing email.

It was a fun project to be involved with (not least because I got to pretend to be a student again for a little while), and I believe the solution we built – the Secure Email Proxy – was a good one with a lot of potential.

The project finished in 2003, and the website (hosted on an old Sun Pizza box in my lab) has long since vanished, along with the code for the project. I think this is a shame, so I’ve stuck my old development code up on Github. The proxy was under active development since I left the project, but I’ve not go access to the code. If you do, then please feel free to fork and update it.

Anyway, the proxy works by sitting on your local machine between your mail client and your mail server. It manages keys on your behalf, and encrypts/signs/verifies/decrypts messages and attachments on the fly as email passes through it. This means that you don’t need to have any native plugin to work, and it’ll work with virtually any mail client.

Enjoy!

» Visit the project on Github…

Posted on
by

Jurisdiction The other day, in response to Ben’s suggestion, I declared my data jurisdiction, so that those wishing to contact me knew exactly what risks their data could be exposed to.

It occurred to me that simply naming the jurisdiction wasn’t really much good unless I could also point to something that would explain the risks in plain English, so, the other afternoon, I took some time out and put together Data-Jurisdiction.org.

Data-Jurisdiction.org is a community project that anyone can contribute to (either by submitting a patch for, or raising an issue on, the GitHub project) so get hacking! It is my hope that as more people declare their data jurisdiction the site will become a handy source of information.

As a reminder of my jurisdiction; I am based in the UK, with servers in the US and Germany.

Posted on
by

So, earlier today I wrote that we as technologists should take the pledge to help educate and protect our friends and neighbours, but as I said the real solution isn’t a technological one.

My friend Ben Werdmuller makes this point far more eloquently than I could; it’s time to get involved, politically. You can’t afford not to.

As Ben suggests, I have updated my about page with details about my data jurisdiction, so people can make an informed decision about how and whether to get in contact.

I encourage you to do the same…