| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jun 2013 18:48:54 -0400 From: Darius Jahandarie <djahandarie@...il.com> To: Patrick Dunstan <patrick.dunstan@...il.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity On Mon, Jun 17, 2013 at 9:32 AM, Patrick Dunstan <patrick.dunstan@...il.com> wrote: > Case in point: Google don't even offer support for S/MIME in GMail and it's > probably the most widely used online email service available today. Although it's clear why Google does not want to "make encryption easy" (it directly affects their main revenue source, ads), it's never been clear to me why they have not taken any efforts to make _signing_ easy. To my knowledge, Google is not involved in silently rewriting emails or otherwise faking emails, so I see no reason they'd be opposed to it. (P.S., I really like this vuln. and proceeding thread -- user interface is overlooked far, far too much in the security domain.) -- Darius Jahandarie _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists