On Fri, Jul 12, 2013 at 5:23 PM, Bruce Pinsky <b...@whack.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Matt Baldwin wrote: > > While that would secure the connections from snooping if you're mailboxes > > are on Office 365 and those mailbox stores do not exits on an encrypted > LUN > > then a service can easily read the Exchange database; anyone with server > > access can read mail across all mailboxes. In fact, Microsoft supports > this > > type of setup with impersonation, e.g. a global user that can query any > > mailbox it has permissions to within Exchange. This is how some EWS > > integrated applications work. It wouldn't be that far fetched for the NSA > > to incorporate the same type of query to monitor the mailboxes -- even > > subscribing to change notifications so it only queries and collects when > a > > new mail item has arrived. Additionally, Office 365 can simply create a > > journal rule and have all inbound / outbound mail journal to a location > > that makes it easier for snoops to look through the messages, e.g. an > > external SMTP endpoint, all without the end customers' knowledge. > > > > If anyone has any questions on Exchange they, too, can contact me off > list. > > > > Just my 2-cents. > > Any what's to say that email addresses at Office 365 aren't just mailing > lists where you get a copy and so does $FEDAGENCY. That's how my kids' > email addresses work at home :-) > > > - -- > ========= > bep > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.17 (MingW32) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf > VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH > =LDSL > -----END PGP SIGNATURE----- > You spy on your kids? I thought not being able to put a lock on my door was bad... N.
