security policy question

Root root at
Mon Mar 4 23:29:52 GMT 2013

Hi All,

I am not sending this from my usual account as gmail seems to have hit 
various blacklists. Even though the 2 factor auth and MITM detection seems 
to be a good thing in a web-mail service. So instead i am probably going to 
be giving spamd on this OBSD box a good work out.

I am looking for a bit of advice.
I work for part of the NHS and was recently given a new version of our 
security policy to sign.
It contains the usual i will be a good citizen, take care of the datas, 
not hand out my password or transfer data onto unencrypted memory 
sticks/laptops and leave them in taxis etc.

I am generally in favor of these and usually have no problems appending my 
signature but the difference between the old and new policy is the 
"I further understand that I am responsible for any transactions carried 
out under my personal password and code"

I have no confidence that it wouldn't be trivial for someone to get hold 
of my user-name and password by methods which don't involve me being 

Any advice would be very helpful before i make a nuisance of myself.


More information about the ukcrypto mailing list