lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: ge at egotistical.reprehensible.net (Gadi Evron) Subject: An anatomy of a PGP Joe Job -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 How my PGP signature ripped off, and for what purpose - ----------------------------------------------------- On May first I emailed a couple of mailing lists, announcing a new spam research related mailing list. Due to knowing that many viruses and kiddies spoof my email address on a regular bases, I signed the post. So far I received about one email a day from people who Googled the PGP signature that was in a SPAM they got (right through their filters). That signature was my signature from the spam mailing list. Irony? Attempted Pay-back? Oh well. As the emails don't stop and as it happens with Joe Jobs, you must reply and be nice while you do it.. I decided I'd put this in a short write-up describing: 1. What happened (the story). 2. A few of my opinions on the subject. 3. A full analysis of the SPAM message. Quite interesting, although ~ there is nothing completely new there. PGP is used exactly for this purpose. Even if my signature was ripped, it should be pretty obvious it wasn't made by me. Still, this is a risk (which isn't completely new either What _is_ new is the very targeted nature of this PGP Joe Job. Here is the write up which was supposed to be this email. I figured that with all the spam elements quoted in it though - it might get caught in filters: "An anatomy of a PGP Joe Job" http://www.math.org.il/PGP-JoeJob.txt Gadi Evron. - -- Email: ge@...uxbox.org. Work: gadie@....gov.il. Backup: ge@...p.mx.dk. Phone: +972-50-428610 (Cell). PGP key for attachments: http://vapid.reprehensible.net/~ge/Gadi_Evron.asc ID: 0xD9216A06 FP: 5BB0 D3E2 D3C1 19B7 2104 C0D0 A7B3 1CF7 D921 6A06 GPG key for encrypted email: http://vapid.reprehensible.net/~ge/Gadi_Evron_Emails.asc ID: 0x06C7D450 FP: 3B88 845A DF1F 4062 E5BA 569A A87E 8DB7 06C7 D450 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32) iD8DBQFAuEBIqH6NtwbH1FARAo+IAJ0bDd5hadrY8HwhSFwR2Q6zwbsvTQCeLqsZ 5Ydp1dn1byoyB6sWCj0iU5A= =Jup5 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists