Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity
From: Darius Jahandarie <djahandarie () gmail com>
Date: Mon, 17 Jun 2013 18:48:54 -0400

On Mon, Jun 17, 2013 at 9:32 AM, Patrick Dunstan
<patrick.dunstan () gmail com> wrote:
Case in point: Google don't even offer support for S/MIME in GMail and it's
probably the most widely used online email service available today.

Although it's clear why Google does not want to "make encryption easy"
(it directly affects their main revenue source, ads), it's never been
clear to me why they have not taken any efforts to make _signing_
easy. To my knowledge, Google is not involved in silently rewriting
emails or otherwise faking emails, so I see no reason they'd be
opposed to it.

(P.S., I really like this vuln. and proceeding thread -- user
interface is overlooked far, far too much in the security domain.)

Darius Jahandarie

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]