Can't say that I disagree with any of this. I protested when the
UofT decided to amalgamate all its services on Microsoft Server
(to no avail), and even more so when they made it all but
impossible not to use Outlook (after using mutt happily for years
and years) - on the grounds that Outlook somehow had "more modern"
security, which turned out to be doublespeak for "proprietary
closed-source protocols" for accessing the mailserver that they
now controlled. Rewriting links and pushing their brand is the
completely predicable result.
I tried to warn people in IT that this was all security theatre,
but they, like me, were victims of decisions made by
administrative staff rather than made by informed technical
experts. There you have it.
Just recently I was told that the University would not allow me to ssh in to my office computer "because ssh had to be protected from the internet" (!), and instead I was supposed to use some binary blob to create a VPN into the UofT network -- and how having one point of entry into the whole system, trusted internally, "improves" security over a single ssh connection to a single computer, I could not tell you (and neither can they). But it's policy, so that ends discussion.
On 1/20/24 02:51, ac via talk wrote:
<https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.amazon.ca%2FBeelink-Computer-4-0GHz-Screen-Display%2Fdp%2FB09SYSPSSM%2Fref%3Dsr_1_12&data=05%7C02%7Cpeter.king%40utoronto.ca%7Cfd92cef0581c4b68b9bc08dc198daeca%7C78aac2262f034b4d9037b46d56c55210%7C0%7C0%7C638413343519234072%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=BrbVi8IcMc70gtFT40UjsI%2BPVZSLwHxw7y4zvjG0NA8%3D&reserved=0><snip>
Anyway, so to issues of user trust: To me, it seems that utoronto.ca uses/pays Microsoft and outgoing emails, opens and reads all email Even https links in already replied to chains (which are now seen as outgoing links from the users@ utoronto.ca - are clearly - visited, indexed, checked/scanned (probably Microsoft would say : the websites/domains/links etc are scanned for malware, I would say that Microsoft has previously, and in the past, simply 'blocked', 'broken' or done other things to various websites it does not 'like') It does so many other things as well, one small one being 'brand dilution' as readers and senders of emails and DM etc etc - where names are re-written to the Microsoft or Facebook or whatever abbreviated link brand name - this serves to underline the brand doing the re-writing - as the "safe" link in the above example - COULD easily been displayed as AMAZON (with the actual a href -> protection.outlook.com/ as in example: <a href='https:outlook.com'>https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Famazon.com%2F&data=05%7C02%7Cpeter.king%40utoronto.ca%7Cfd92cef0581c4b68b9bc08dc198daeca%7C78aac2262f034b4d9037b46d56c55210%7C0%7C0%7C638413343519234072%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hBoCafebsN1s%2BJepdksVjigW5yev7dnB%2FCwjWrMBNvo%3D&reserved=0</a> Which would then just display the original link, but with an outlook landing. BUT - Microsoft 'chooses' to display : protection.outlook.com?var=very.long.&data=ascii.long.long.long.long.long.long.long.long.long.long.long Apparently because users@ utoronto.ca (and microsoft users) send out malware links and this is a way that Microsoft chooses to try to protect recipients and their users from malware/abuse - instead of their users or recipients relying on other software, like browsers, local anti virus, local script blockers, etc (taking the control away)
--
Peter King peter.king@utoronto.ca
Department of Philosophy
170 St. George Street #521
The University of Toronto (416)-946-3170 ofc
Toronto, ON M5R 2M8
CANADA
http://individual.utoronto.ca/pking/
=========================================================================
GPG keyID 0x7587EC42 (2B14 A355 46BC 2A16 D0BC 36F5 1FE6 D32A 7587 EC42)
gpg --keyserver pgp.mit.edu --recv-keys 7587EC42