lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040320015750.GH12267@hockwold.net>
From: warlock at eskimo.com (Jim Richardson)
Subject: Re: NEVER open attachments

On Fri, Mar 19, 2004 at 12:49:33PM -0800, Blue Boar wrote:
>Valdis.Kletnieks@...edu wrote:
>>If anything, you should *encourage* the use of PGP or S/MIME to sign mail,
>
>Absolutely.
>
>>because even if my machine gets whacked by a virus and starts spewing 
>>correctly
>>signed mail, you will *know* it's my machine doing it and not some
>>address-scraping virus on a machine in Zanzibar or someplace.
>
>Well, if a worm nails your machine to the point where it has your 
>private keys, there's nothing stopping it from carrying a copy on its 
>way to Zanzibar, for purposes of spoofing as you.
>
>We'd at least know you were compromised at one point, though. :)



Key won't do them much good if they don't have my passphrase :)

-- 
Jim Richardson     http://www.eskimo.com/~warlock
Windows XP... now runs all your favorite viruses.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040319/1b73176d/attachment.bin

Powered by blists - more mailing lists