All,
it is true that many problems in the Phishing area would be eliminated
by using e.g. S/MIME or other trusted signature mechanisms.
That is only provided customers and the casual internet user know how
to work with it. I strongly doubt that much will change for at least
the next 5 to 7 years. The knowledge of the users has to change; and
that - unfortunately - is a slow and winding path.
Just imagine your grandmother trying to verify S/MIME or PGP. Have
fun.
Thursday, September 23, 2004, 4:57:03 PM, you wrote:
AM> Gunter Ollmann (NGS) wrote:
AM> [snip]
>> While the Phishers
>> develop evermore sophisticated attack vectors, businesses flounder to
>> protect their customers' personal data and look to external experts for
>> improving email security. Customers too have become wary of "official"
>> email, and organisations struggle to install confidence in their
>> communications.
AM> Sometimes it's unbelivable how long it takes organizations to discover
AM> that email can be signed. Especially nowdays when all major mail
AM> readers have support for at least S/MIME (and the really good ones have
AM> support for at least PGP ;-) ).
--
Regards
Karsten
Received on Sep 28 2004
Intro
