Security Basics mailing list archives
Re: newbie question
From: krymson () gmail com
Date: 5 Sep 2006 21:42:23 -0000
Props to Matt Davis. I'll build on his answer with some exposition. :) While it might seem like SSL is the obvious answer, let's look at this further, especially with consideration if this is China as hypothesized by another responder. China is in control of the ISPs as well as many (all?) of the "border" routers. This means that even SSL is not necessarily secure as all it would take to snoop on this would be a MITM attack for anything heading to gmail. So what happens when you are not in control of the lines and equipment between yourself and your the external party? This ends up being similar to the problem posed a few weeks ago about stopping admins from sniffing an employee's traffic. You need encryption whose key is not transmitted in MITM-vulnerable or reverse-engineerable form, much like PGP. It would be best that any email you get be transmitted to you via PGP. It will sit in your Gmail inbox PGP-encrypted. You can then download it as you wish, and decrypt it on your local system. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: newbie question, (continued)
- Re: newbie question MandommGmail (Sep 05)
- Re: newbie question I.C. Weiner (Sep 06)
- RE: newbie question Robert D. Holtz - Lists (Sep 06)
- Re: newbie question security (Sep 07)
- Re: newbie question Rob Creely (Sep 07)
- Re: newbie question Ayaz Ahmed Khan (Sep 07)
- Re: newbie question jm (Sep 08)
- Re: newbie question I.C. Weiner (Sep 06)
- Re: newbie question MandommGmail (Sep 05)
- Re: newbie question Colin Copley (Sep 05)
- RE: newbie question Robert D. Holtz - Lists (Sep 06)
- Re: newbie question Muiex (Sep 07)
- Re: newbie question krymson (Sep 06)
- Re: newbie question Matt Davis (Sep 07)
- RE: newbie question Bora Dal (Sep 06)
- Message not available
- Re: newbie question Paul Rochford (Sep 07)
- Re: newbie question Matt Davis (Sep 08)
- Message not available
- Re: newbie question nospam (Sep 07)
- RE: newbie question Tom Crimmins (Sep 07)
- Re: newbie question javier rojas (Sep 08)