Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: NEVER open attachments
From: Blue Boar <BlueBoar () thievco com>
Date: Fri, 19 Mar 2004 12:49:33 -0800

Valdis.Kletnieks () vt edu wrote:
If anything, you should *encourage* the use of PGP or S/MIME to sign mail,

Absolutely.

because even if my machine gets whacked by a virus and starts spewing correctly
signed mail, you will *know* it's my machine doing it and not some
address-scraping virus on a machine in Zanzibar or someplace.

Well, if a worm nails your machine to the point where it has your private keys, there's nothing stopping it from carrying a copy on its way to Zanzibar, for purposes of spoofing as you.

We'd at least know you were compromised at one point, though. :)

                                                BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault