this post was submitted on 24 Dec 2023
21 points (80.0% liked)
cybersecurity
3301 readers
59 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yeah, my frustration with how we've centralized email on those enterprises is that criminals and spammers can just get accounts, pay marketing fees, malware ads, etc.
Even PKI is frustrating in that it's both a racket where only a couple can do it for good reasons, they can almost charge whatever they want, and still there's places where you can get certs minted with almost no validation.
I initially hated token login, but after you realize you never need passwords, to remember accounts, and it works for signing documents.
I'm not says you shouldn't still have a private selection, but I wish we had a certified solution that could reduce deception. Or at least I would direct all non certified senders to spam.