economic cost of lost emails.

Troy Benjegerdes hozer at hozed.org
Sun Aug 17 09:35:21 PDT 2014 

On Sun, Jun 15, 2014 at 09:34:01AM -0700, Stephen D. Williams wrote:
> I assume she was using Outlook and probably Exchange.  Does anyone
> using Outlook really expect to be able to reliably have access to
> their old email very long?  I think "those people" are idiots...
> I'd guess that Outlook / Exchange versioning issues, curruption,
> periodic rebuilds / restarts, and general Windows / Microsoft
> related confusion led periodic lossage that is just the cost of
> using such technology.
> 
> I have a continuous archive of email spanning more than 20 years,
> and something like 25-30GB, online and always accessible to me. And
> with numerous backups, all easy to make and restore.  And all using
> mbox format, around since essentially the beginning of email, which
> is resilient to corruption, truncation, etc.
> 
> In multiple cases, at multiple companies, people have needed access
> to old email and documents which I had but were long ago lost to
> everyone else (who mostly used Outlook).  In one case, it allowed a
> new contract worth probably more than a million or two.
> 
> Email is my most reliable source of stored and organized knowledge.
> I've been hard at work, in my fragmented spare time, working on a
> true knowledgebase app / interchange format / distributed security
> system.  (The key problem really is a much better user interface
> paradigm.)  You can bet there will be a couple ways to represent and
> archive it that is as resilient as mbox.
> 
> Stephen
> 

This is from another thread, from awhile ago, but it popped up in my
mutt window today.

At my last 'full-time employee' gig, I was at a company that effectively 
lobotomized themselves with an idiotic "data retention policy". One test
engineer had 20 years of email going nearly back to when the company was 
started, and 'policy' was that it must be deleted.

The problem with that policy is that now you incentivize your employees
(and contractors) to run their own mail infrastructure and duplicate
everthing off-site because that is what any good attorney representing
the employee or the contractor would advise you to do.

Now the company attorney can, with a straight face, say "we deleted that
email, per our document retention policy". But anyone that can read 
between the lines can (or should) know that the good engineers will 
have off-company backups, and that email should be easily acquireable 
with an appropriate targeted spear-phishing expedition if you want to 
be covert, or a 'better job offer' if you want to be overt.

So what's the economic cost of lobotomizing your company by using exchange
and delete-this data retention policies?

really I think it's just a game venture capitalists play where they tell
investors that this company A really has unique new fancy IP when it all
just came from company B because you hired all their engineers and their
email archives.

-- 
----------------------------------------------------------------------------
Troy Benjegerdes                 'da hozer'                  hozer at hozed.org
7 elements      earth::water::air::fire::mind::spirit::soul        grid.coop

      Never pick a fight with someone who buys ink by the barrel,
         nor try buy a hacker who makes money by the megahash

More information about the cypherpunks mailing list