New 'high-risk change' thing in beta is horrible!

aoeuaoeu · 10 Nov 2022, 12:04 AM

Now, in beta, Fastmail asks for password whenever the user edits the Sieve script. I can understand this policy when it applies to a 'redirect' line but why on Earth is my editing a 'fileinto' directive considered a """high-impact or high-risk change"""?? It'd be much less annoying for Fastmail to show a banner for a day..or for a week..or for however long..saying "Sieve script last updated yyyy-MM-dd HH:mm'.

> We now ask for your password in Settings only when you attempt to make a high-impact or high-risk change to your account and, if you have two-factor authentication set, we now require your 2FA token on all untrusted devices."

Avion · 10 Nov 2022, 03:00 AM

It's so easy, if you're not experienced, to screw up the sieve script, so anything that makes you think twice before diving in may be of value to both the user and to Fastmail support.

Personally, I would have no problem with re-authenticating.

If you have strong feelings about it, however, you're best raising the question direct with Fastmail support, as you're unlikely to find them visiting here on this forum.

aoeuaoeu · 10 Nov 2022, 03:19 AM

Yup. I did contact Fastmail. Thank you for the suggestion and thank you for weighing in.

It's not a 'help the user get the Sieve script right' measure. But rather it's a poorly implemented """security""" measure. The prompt says something like 'just checking it's you -- please enter your password'. Under my account name, over the past 15 years, there's been hundreds of edits to my Sieve script. Not even one has come from someone other than me. This is true for damn-near all Sieve users, I bet.

Someone who's savvy enough to use Sieve tends to know what she or he is doing -- and that includes looking for nefarious modifications. A 'Sieve script modified recently' banner would e a lot less annoying!

If Fastmail's gonna meddle with thie Sieve sequence then it ought to diff the scripts so that only the really truly """high-impact or high-risk changes"""" (e.g., `redirect` directives) are subject to the annoying password prompt.

It's a lazy implementation and, as my renewal date nears, it makse me pause.

Terry · 11 Nov 2022, 01:31 PM

What if you unknowingly get hacked, they change your script to forward on Banking emails etc and you would have no idea unless you look at your script daily.

Anything to keep my mail secure to me is a bonus...

aoeuaoeu · 11 Nov 2022, 09:48 PM

Your mail already is secure, man.

Fastmail says this change serves to target """high-impact or high-risk""" settings changes. Me adding in a 'fileinto' line constitutes neither high impact nor high risk.

It would be a lot less amateurish for Fastmail to show a 'Sieve script udated recently' banner -- rather than asking every user, on every edit, to enter password. It's flat-out *wrong* for Fastmail to lump all Sieve edits together -- e.g., 'redirect' line is high-impact and it's high-risk whereas 'fileinto' line is not. If they're gonna subject advanced users to these annoying security changes then they ought to evaluate the Sieve changes themselves -- not just whether or not Sieve was changed.

I prefer to not play 'What if this happens to me?' games about scenarios that won't ever happen to me.

BritTim · 11 Nov 2022, 10:20 PM

I have a suspicion that Fastmail has been influenced by what has been "high-impact or high-risk" in terms of their support costs. I can imagine a recurring theme where a lot of support time has been invested finding errors in people's sieve scripts (some of those cases have been reported here) and, after support has identified the issue, the account owner swearing that they never made the change that created the problem. I can see Fastmail wanting to have any change people made seared into their memory to avoid future aggravation

I think a better way of addressing this would be a sieve script change log that allows either account owners or support to quickly check whether changes were made that could explain problems when they are encountered..

aoeuaoeu · 11 Nov 2022, 10:29 PM

Nice post!

Seems clear like day that there's numerous options that are less annoying than 'enter your password whenever you want to add in a fileinto line even though you've been doing exactly that, without any problems whatsoever, for the past 15 years'.

When you say 'errors', BritTim, you're talking not about validation errors (which Fastmail catches at the time of submission) but rather about typos leading to unexpected effects such as a message being filed in to the wrong folder?

I've always assumed that most Fastmail users don't use Sieve. All the more true in recent -- after the revamp of the rules interface. Do you folks agree?

aoeuaoeu · 11 Nov 2022, 10:37 PM

Let me put emphasis on this detail: The password prompt says something like 'we just want to make sure it's you -- please enter your password'. The 'make sure it's you' thing looks pretty weird.

BritTim · 12 Nov 2022, 12:43 AM

Quote:

Originally Posted by aoeuaoeu

When you say 'errors', BritTim, you're talking not about validation errors (which Fastmail catches at the time of submission) but rather about typos leading to unexpected effects such as a message being filed in to the wrong folder?

The biggest issue is when people complain they are not receiving emails because a sieve rule requests that those emails are discarded.

janusz · 12 Nov 2022, 01:57 AM

Quote:

Originally Posted by BritTim

people complain they are not receiving emails because a sieve rule requests that those emails are discarded.

So will requesting a password solve this problem?

aoeuaoeu · 12 Nov 2022, 02:19 AM

If adding a 'fileinto' line counts as being a """high-impact or high-risk change""" then so too does changing the UI font lol.

BritTim · 12 Nov 2022, 05:50 AM

Quote:

Originally Posted by janusz

So will requesting a password solve this problem?

No, and I am not advocating for this change. However, Fastmail might be taking the view that stressing the potential high risk nature of changes to the sieve script might make people more careful, and make it more likely that they will remember if they screw up.

aoeuaoeu · 12 Nov 2022, 05:56 AM

'Sieve script updated recently' banner would be better.

Though also, with plenty respect to BritTim, I don't buy the 'Fastmail wants to help people not mess up' theory. The password prompt says something like "Just checking to make sure it really is you" -- this sounds security oriented not user-error oriented.

Though, for what it's worth, I do totally buy the theory that Fastmail might be trying to add friction to the Sieve process.

Terry · 15 Nov 2022, 04:24 AM

Aliases are no longer being locked which I find strange

Terry · 15 Nov 2022, 07:38 AM

Quote:

Originally Posted by aoeuaoeu

Your mail already is secure, man.

Fastmail says this change serves to target """high-impact or high-risk""" settings changes. Me adding in a 'fileinto' line constitutes neither high impact nor high risk.

file into or divert the mail.

I prefer to not play 'What if this happens to me?' games about scenarios that won't ever happen to me.[/quote]

Well it's not all about you is it.

10 Nov 2022, 12:04 AM	#1
aoeuaoeu Member Join Date: Jan 2009 Posts: 54	New 'high-risk change' thing in beta is horrible! Now, in beta, Fastmail asks for password whenever the user edits the Sieve script. I can understand this policy when it applies to a 'redirect' line but why on Earth is my editing a 'fileinto' directive considered a """high-impact or high-risk change"""?? It'd be much less annoying for Fastmail to show a banner for a day..or for a week..or for however long..saying "Sieve script last updated yyyy-MM-dd HH:mm'. > We now ask for your password in Settings only when you attempt to make a high-impact or high-risk change to your account and, if you have two-factor authentication set, we now require your 2FA token on all untrusted devices."

10 Nov 2022, 03:19 AM	#3
aoeuaoeu Member Join Date: Jan 2009 Posts: 54	Yup. I did contact Fastmail. Thank you for the suggestion and thank you for weighing in. It's not a 'help the user get the Sieve script right' measure. But rather it's a poorly implemented """security""" measure. The prompt says something like 'just checking it's you -- please enter your password'. Under my account name, over the past 15 years, there's been hundreds of edits to my Sieve script. Not even one has come from someone other than me. This is true for damn-near all Sieve users, I bet. Someone who's savvy enough to use Sieve tends to know what she or he is doing -- and that includes looking for nefarious modifications. A 'Sieve script modified recently' banner would e a lot less annoying! If Fastmail's gonna meddle with thie Sieve sequence then it ought to diff the scripts so that only the really truly """high-impact or high-risk changes"""" (e.g., `redirect` directives) are subject to the annoying password prompt. It's a lazy implementation and, as my renewal date nears, it makse me pause. Last edited by aoeuaoeu : 10 Nov 2022 at 03:19 AM. Reason: typo

11 Nov 2022, 09:48 PM	#5
aoeuaoeu Member Join Date: Jan 2009 Posts: 54	Your mail already is secure, man. Fastmail says this change serves to target """high-impact or high-risk""" settings changes. Me adding in a 'fileinto' line constitutes neither high impact nor high risk. It would be a lot less amateurish for Fastmail to show a 'Sieve script udated recently' banner -- rather than asking every user, on every edit, to enter password. It's flat-out wrong for Fastmail to lump all Sieve edits together -- e.g., 'redirect' line is high-impact and it's high-risk whereas 'fileinto' line is not. If they're gonna subject advanced users to these annoying security changes then they ought to evaluate the Sieve changes themselves -- not just whether or not Sieve was changed. I prefer to not play 'What if this happens to me?' games about scenarios that won't ever happen to me. Last edited by aoeuaoeu : 11 Nov 2022 at 10:31 PM.

10 Nov 2022, 03:00 AM	#2
Avion Member Join Date: Sep 2022 Posts: 67	It's so easy, if you're not experienced, to screw up the sieve script, so anything that makes you think twice before diving in may be of value to both the user and to Fastmail support. Personally, I would have no problem with re-authenticating. If you have strong feelings about it, however, you're best raising the question direct with Fastmail support, as you're unlikely to find them visiting here on this forum.

11 Nov 2022, 01:31 PM	#4
Terry The "e" in e-mail Join Date: Jul 2002 Location: VK4 Posts: 3,013	What if you unknowingly get hacked, they change your script to forward on Banking emails etc and you would have no idea unless you look at your script daily. Anything to keep my mail secure to me is a bonus...

11 Nov 2022, 10:20 PM	#6
BritTim The "e" in e-mail Join Date: May 2003 Location: mostly in Thailand Posts: 3,090	I have a suspicion that Fastmail has been influenced by what has been "high-impact or high-risk" in terms of their support costs. I can imagine a recurring theme where a lot of support time has been invested finding errors in people's sieve scripts (some of those cases have been reported here) and, after support has identified the issue, the account owner swearing that they never made the change that created the problem. I can see Fastmail wanting to have any change people made seared into their memory to avoid future aggravation I think a better way of addressing this would be a sieve script change log that allows either account owners or support to quickly check whether changes were made that could explain problems when they are encountered..

11 Nov 2022, 10:29 PM	#7
aoeuaoeu Member Join Date: Jan 2009 Posts: 54	Nice post! Seems clear like day that there's numerous options that are less annoying than 'enter your password whenever you want to add in a fileinto line even though you've been doing exactly that, without any problems whatsoever, for the past 15 years'. When you say 'errors', BritTim, you're talking not about validation errors (which Fastmail catches at the time of submission) but rather about typos leading to unexpected effects such as a message being filed in to the wrong folder? I've always assumed that most Fastmail users don't use Sieve. All the more true in recent -- after the revamp of the rules interface. Do you folks agree?

11 Nov 2022, 10:37 PM	#8
aoeuaoeu Member Join Date: Jan 2009 Posts: 54	Let me put emphasis on this detail: The password prompt says something like 'we just want to make sure it's you -- please enter your password'. The 'make sure it's you' thing looks pretty weird.

12 Nov 2022, 02:19 AM	#11
aoeuaoeu Member Join Date: Jan 2009 Posts: 54	If adding a 'fileinto' line counts as being a """high-impact or high-risk change""" then so too does changing the UI font lol.

12 Nov 2022, 05:56 AM	#13
aoeuaoeu Member Join Date: Jan 2009 Posts: 54	'Sieve script updated recently' banner would be better. Though also, with plenty respect to BritTim, I don't buy the 'Fastmail wants to help people not mess up' theory. The password prompt says something like "Just checking to make sure it really is you" -- this sounds security oriented not user-error oriented. Though, for what it's worth, I do totally buy the theory that Fastmail might be trying to add friction to the Sieve process.

15 Nov 2022, 04:24 AM	#14
Terry The "e" in e-mail Join Date: Jul 2002 Location: VK4 Posts: 3,013	Aliases are no longer being locked which I find strange