Do as we say, not as we do...



  • My company has a guy that's pulled a fraud (not necessary against us, but other companies), so we're having to provide the police with a bunch of personal information.



    One of our Directors pulled all the necessary together, and as they'd asked for it to be emailed, he asked me if I create a password protected ZIP with all the PDFs, recorded call MP3s, etc.



    After he sent it, their mail server responded automatically saying they can't handle encrypted ZIPs. To their fraud department. Who'd sue our a$$ if we didn't protect our data. No wonder the UK government loses unencrypted data on CDs in the post....



  • @MeesterTurner said:

    My company has a guy that's pulled a fraud (not necessary against us, but other companies), so we're having to provide the police with a bunch of personal information.

    One of our Directors pulled all the necessary together, and as they'd asked for it to be emailed, he asked me if I create a password protected ZIP with all the PDFs, recorded call MP3s, etc.

    After he sent it, their mail server responded automatically saying they can't handle encrypted ZIPs. To their fraud department. Who'd sue our a$$ if we didn't protect our data. No wonder the UK government loses unencrypted data on CDs in the post....
    Send them the data encrypted on a key...  Or change the extension of the zip file to txt.



  • Surely they have an sFTP for file transfers of this kind?



  • Package the encrypted zip file in an unencrypted one.


  • Discourse touched me in a no-no place

    @dhromed said:

    @MeesterTurner said:
    ...UK government...
    Surely they have an sFTP for file transfers of this kind?
    You reckon?



  • @Renan said:

    Package the encrypted zip file in an unencrypted one.
    And potentially expose another WTF.



  • @PJH said:

    You reckon?
     

    I don't. Just wanted to score one for sanity.



  • @Renan said:

    Package the encrypted zip file in an unencrypted one.

    On a related note, I tried to send a file to a co-worker today by using the "Send File" feature of Microsoft Office Communicator. I discovered that the feature is disabled on our workstations through group policy settings. I asked a corporate IT buddy why and he said "So people don't send company confidential data outside the company". Of course email attachments, file sharing websites, DropBox clients, and web servers on workstations are all allowed and SCP and FTP are allowed through the firewall. I asked why and he said "We'd never get anything done of we turned all those off". So, all they are doing is making it more complicated to actually work.



  • Did you say that the POLICE could not receive encrypted zip files? That's weird.

    I ran into this problem with one target. I posted the encrypted zip file on the Internet and e-mailed them the URL and the password.



  • Could it possibly be a "security" problem? The email server refusing to accept encrypted zip files because it can't extract them to scan their content for viruseses, or some such nonsense?

    I'm thinking something like this: Bounced Email with Zip attachment:

    No, gmail doesn't allow encrypted zip files (because it wants to be able to check for executables).
    I'm not trying to bash Gmail, btw. It may sound like I am, but I'm not trying to bash Gmail. This was just what I found that seemed to be minimally related.



  • @Renan said:

    Package the encrypted zip file in an unencrypted one.

    Yo dawg... we heard you like zip files, so we put a zip file in your zip file so you can compress while you compress.

     



  • @DaveK said:

    @Renan said:

    Package the encrypted zip file in an unencrypted one.

    Yo dawg... we heard you like zip files, so we put a zip file in your zip file so you can compress while you compress.
    You beat me to it.  Unfortunately I've seen even worse.  For example, the only useful feature of the .RAR format is the ability to split a large file into smaller pieces.  I've seen a large file compressed into a .RAR and split into several smaller pieces, each of those pieces put into it's own .ZIP file and then all the .ZIP files put into one big .RAR that is split into several smaller pieces.  Seriously.

     



  • @El_Heffe said:

    @DaveK said:

    @Renan said:

    Package the encrypted zip file in an unencrypted one.

    Yo dawg... we heard you like zip files, so we put a zip file in your zip file so you can compress while you compress.
    You beat me to it.  Unfortunately I've seen even worse.  For example, the only useful feature of the .RAR format is the ability to split a large file into smaller pieces.  I've seen a large file compressed into a .RAR and split into several smaller pieces, each of those pieces put into it's own .ZIP file and then all the .ZIP files put into one big .RAR that is split into several smaller pieces.  Seriously.

    Yo dawg... we heard KABOOOOOOM(sound as my head asplode)


  • Considered Harmful

    @DaveK said:

    Unfortunately I've seen even worse.  For example, the only useful feature of the .RAR format is the ability to split a large file into smaller pieces.  I've seen a large file compressed into a .RAR and split into several smaller pieces, each of those pieces put into it's own .ZIP file and then all the .ZIP files put into one big .RAR that is split into several smaller pieces.  Seriously.

    I used to have a program (I think Unpack Pro?) that was designed to recursively unzip/unrar/unace/unwhatever nested groups of archives, which was fairly common in the dial-up days of the Internet.



  • @joe.edwards said:

    @DaveK said:
    Unfortunately I've seen even worse.  For example, the only useful feature of the .RAR format is the ability to split a large file into smaller pieces.  I've seen a large file compressed into a .RAR and split into several smaller pieces, each of those pieces put into it's own .ZIP file and then all the .ZIP files put into one big .RAR that is split into several smaller pieces.  Seriously.

    I used to have a program (I think Unpack Pro?) that was designed to recursively unzip/unrar/unace/unwhatever nested groups of archives, which was fairly common in the dial-up days of the Internet.

    Misattributed your quote there.  Was El_Heffe who said that.


  • BINNED

    @El_Heffe said:

    I've seen a large file compressed into a .RAR and split into several smaller pieces, each of those pieces put into it's own .ZIP file and then all the .ZIP files put into one big .RAR that is split into several smaller pieces.  Seriously.
     

    Sounds awfully like some warez stuff from one "group" or whatever redistributed/packaged by another. I don't have a clue why they do such shit, but I'm actually not too surprised.

     


  • Considered Harmful

    @President of the United States of America, Barack Obama said:

    Misattributed your quote there.  Was El_Heffe who said that.

    I have no idea what you're talking about.









    Srsly though, if you click the Quote button it picks one name at random it seems.



  • @joe.edwards said:

    I used to have a program (I think Unpack Pro?) that was designed to recursively unzip/unrar/unace/unwhatever nested groups of archives, which was fairly common in the dial-up days of the Internet.
    <inevitable reference to r.zip>


Log in to reply