| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Aug 2006 15:13:16 -0500
From: "John Dietz" <www.whitewolf@...il.com>
To: "L. Victor" <fullblaststorm@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Re: Gmail emails issue
Yes, I realize SSL is not that secure either, but I was just using it as an
example in comparison to plain ole pure-text email. The point I was making
is not to assume your emails are in any way private/secure. You must use
something else if you want any kind of "secure" communications medium.
There are plenty of solutions out there with varying levels of security, but
I had no intent on going through these and comparing them all.
On 8/4/06, L. Victor <fullblaststorm@...il.com> wrote:
>
>
> 2006/8/5, Denis Jedig < seclists@...eticon.de>:
> >
> > > On Fri, 4 Aug 2006 11:45:01 -0500 John Dietz wrote:
> > > > if it were. If the information you are sending/receiving is of a
> > > > particularly sensitive nature, I would suggest you find some other
> > > medium,
> > > > such as SSL with encryption.
> >
> >
> Even connections with SSL can be dumped, analysed by providers and
> successfully decrypted in some cases such as if only the destination server
> has its own sertificate, but user doesn't.
>
>
>
--
There is intelligence is in having all the answers, but wisdom lies in
knowing which of the questions to answer.
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists