lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6863a7550608041313mf3c0768w5c654522b0cf24da@mail.gmail.com>
Date: Fri, 4 Aug 2006 15:13:16 -0500
From: "John Dietz" <www.whitewolf@...il.com>
To: "L. Victor" <fullblaststorm@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Re: Gmail emails issue

Yes, I realize SSL is not that secure either, but I was just using it as an
example in comparison to plain ole pure-text email.  The point I was making
is not to assume your emails are in any way private/secure.  You must use
something else if you want any kind of "secure" communications medium.
There are plenty of solutions out there with varying levels of security, but
I had no intent on going through these and comparing them all.

On 8/4/06, L. Victor <fullblaststorm@...il.com> wrote:
>
>
>   2006/8/5, Denis Jedig < seclists@...eticon.de>:
> >
> > > On Fri, 4 Aug 2006 11:45:01 -0500 John Dietz wrote:
> > > > if it were.  If the information you are sending/receiving is of a
> > > > particularly sensitive nature, I would suggest you find some other
> > > medium,
> > > > such as SSL with encryption.
> >
> >
> Even connections with SSL can be dumped, analysed by providers and
> successfully decrypted in some cases such as if only the destination server
> has its own sertificate, but user doesn't.
>
>
>

-- 
There is intelligence is in having all the answers, but wisdom lies in
knowing which of the questions to answer.

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ