| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Sep 2004 14:08:33 +0200 From: Borja Marcos <borjam@...enet.es> To: David Covin <dcovin@....mgh.harvard.edu> Cc: bugtraq@...urityfocus.com Subject: Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > 2. Your logic sounds convincing, but interposing a proxy that > systematically changes incoming messages raises red flags in my mind. Digital signatures would not work, obviously. However, which is the reason to keep a malformed message? It's like the stupid thing antivirus software does, "cleaning" infected messages which have obviously *not* sent by the computer's owner. In the case of the Sircam virus, AV software failed catastrophically, not discarding thousands of messages with confidential documents sent without the knowledge of their owners, not to talk about the extremely useful notifications sent by those amazingly clever pieces of cr... errr, software. If someone builds faulty software which generates bad MIME headers, such messages should be treated as hostile messages and dropped. Period. What happened when Microsoft tried to make Windows "intelligent" so that an executable "wrongly" labelled with an audio MIME type it would be correctly "opened" (I mean, executed)? By trying to make poor programmers' life easier, we make our own lives harder. So, the only secure way to deal with a corrupt message is to drop it. Period. Borja. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (Darwin) iD8DBQFBStPEULpVo4XWgJ8RAiAYAKCU/iZrJdYW/j4OafV8VRwVZGKT8gCdHmhv AFNM8MrITjWR1d7HaXajcJo= =iVnR -----END PGP SIGNATURE-----
Powered by blists - more mailing lists