Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: NEVER open attachments
From: Jim Richardson <warlock () eskimo com>
Date: Fri, 19 Mar 2004 17:57:50 -0800

On Fri, Mar 19, 2004 at 12:49:33PM -0800, Blue Boar wrote:
Valdis.Kletnieks () vt edu wrote:
If anything, you should *encourage* the use of PGP or S/MIME to sign mail,

Absolutely.

because even if my machine gets whacked by a virus and starts spewing correctly
signed mail, you will *know* it's my machine doing it and not some
address-scraping virus on a machine in Zanzibar or someplace.

Well, if a worm nails your machine to the point where it has your private keys, there's nothing stopping it from carrying a copy on its way to Zanzibar, for purposes of spoofing as you.

We'd at least know you were compromised at one point, though. :)



Key won't do them much good if they don't have my passphrase :)

--
Jim Richardson     http://www.eskimo.com/~warlock
Windows XP... now runs all your favorite viruses.

Attachment: signature.asc
Description: Digital signature


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]