Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Mozilla Thunderbird SMTP down-negotiation weakness
From: Steve Friedl <steve () unixwiz net>
Date: Fri, 14 Oct 2005 21:48:52 -0700

On Sat, Oct 15, 2005 at 06:10:35AM +0300, Markus Jansson wrote:
Lets not forget that STILL all Mozilla products fail to 
show RSA/asymmetric keysize in any sensible format.

There are exactly seven people on the planet who will actually make
different surfing decisions based on the symmetric key size shown in a
browser, and you're one of them - I don't know where the other six are.

When the majority of people can't figure out whether they are visiting
their bank or not, will say "Sure, accept that SSL cert" even when ID'd as
"Joe's Phishing Gang", and believe that the McAfee A/V which came with
their Dell PC 3 years ago is still current, your being hysterically
concerned about keysize (as you have on BroadbandReports for years)
sure seems like nothing in perspective.


Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve () unixwiz net
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]