|
Bugtraq
mailing list archives
Re[2]: New whitepaper "The Phishing Guide"
From: Karsten Heidrich <karsten () heidrich-da de>
Date: Sun, 26 Sep 2004 16:35:13 +0200
All,
it is true that many problems in the Phishing area would be eliminated
by using e.g. S/MIME or other trusted signature mechanisms.
That is only provided customers and the casual internet user know how
to work with it. I strongly doubt that much will change for at least
the next 5 to 7 years. The knowledge of the users has to change; and
that - unfortunately - is a slow and winding path.
Just imagine your grandmother trying to verify S/MIME or PGP. Have
fun.
Thursday, September 23, 2004, 4:57:03 PM, you wrote:
AM> Gunter Ollmann (NGS) wrote:
AM> [snip]
While the Phishers
develop evermore sophisticated attack vectors, businesses flounder to
protect their customers' personal data and look to external experts for
improving email security. Customers too have become wary of "official"
email, and organisations struggle to install confidence in their
communications.
AM> Sometimes it's unbelivable how long it takes organizations to discover
AM> that email can be signed. Especially nowdays when all major mail
AM> readers have support for at least S/MIME (and the really good ones have
AM> support for at least PGP ;-) ).
--
Regards
Karsten
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
 By Date 
By Thread
Current thread:
- Re: New whitepaper "The Phishing Guide", (continued)
- Re[2]: New whitepaper "The Phishing Guide" Karsten Heidrich (Sep 28)
RE: New whitepaper "The Phishing Guide" Dehner, Benjamin T. (Sep 25)
|
Intro
