So the other day a client was having difficulty opening a package from a lender. Don't we all have a package horror story. This one is short and has nothing to do with elynx, Swiftview, DigitalDocs, Rdoc, or any of the applications that need installed to print. The email had the typical link, I clicked fully expecting to see a login prompt and low and behold up came the document.
I stopped as I considered the negation of the entire security process by not having a login prompt on the link. In essence the package might as well have been a direct unencrypted attachment on the non TLS transmitted email. It's crazy, this is a national lender. Is it intentional, is there something that I don't see? Do those that make the decisions understand the failure in this security model. It has none, zero, nada security.
To give them credit, their web system does delete the attachment a little while after it's been downloaded, something like 12 hours it seems. I successfully downloaded the package to 3 different networks using the same unprotected link, which was sent over clear text. My client offers a TLS connection, they don't force TLS, so as far as Best Practices go, it wasn't sent TLS (secure).
This lender is 100% open to a man in the middle attack, which I personally don't think is much of a threat, as it's not how things are normally stolen, and harder. But those brighter than I are concerned about these attacks, thus so am I. Technically all that a miscreant would have to do is watch port 25 traffic at the lenders gateway, they could then grab every package, and be difficult to detect.
They have to know this isn't a secure method of sending private information. So close, but yet so far away. I found it an odd security implementation, how about you?