Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: NEVER open attachments

From: Blue Boar <BlueBoar () thievco com>
Date: Fri, 19 Mar 2004 12:49:33 -0800
Valdis.Kletnieks () vt edu wrote:

If anything, you should *encourage* the use of PGP or S/MIME to sign mail,


Absolutely.


because even if my machine gets whacked by a virus and starts spewing correctly
signed mail, you will *know* it's my machine doing it and not some
address-scraping virus on a machine in Zanzibar or someplace.
Well, if a worm nails your machine to the point where it has your private keys, there's nothing stopping it from carrying a copy on its way to Zanzibar, for purposes of spoofing as you. 

We'd at least know you were compromised at one point, though. :)

                                                BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: