| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: chows at ozemail.com.au (Gregh) Subject: Is the FBI using email Web bugs? ----- Original Message ----- From: "Azerail" <Azerail@...ersecretninjaskills.com> To: <full-disclosure@...ts.netsys.com> Sent: Thursday, January 08, 2004 9:08 PM Subject: Re: [Full-Disclosure] Is the FBI using email Web bugs? > On Thu, 08 Jan 2004, Ben Nelson wrote: > > > Poof wrote: > > >Actually- the problem with that is that fine... it won't allow any ports > > >except for the needed 25/110/143... Then what's to stop an image from using > > >http://www.spamsite.com:25/110/phonehome.jpg?emailaddress(or whatever) > > > > > >... Nothing! > > > > > >Nice try though... Best protection is through your email client. O2K3 does > > >it native ^^ > > > > > > > I realize that, my point was that blocking more is better than blocking > > less. Whenever you can block everything and allow only the needed > > traffic, you'll be better off. Removing as many possible 'phone home > > vectors' as possible certainly can't hurt and is good security policy in > > general. > > > > --Ben > > > > Why don't you guys just cut to the root of the problem and not use > mail clients that access files on other people's servers when you read > your mail. HTML e-mail sucks. > You don't HONESTLY think that is what makes you safe in email do you? Greg.
Powered by blists - more mailing lists