lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <278BF4A2-0D5E-4CD9-98C0-E0E70FB43E28@gmail.com>
Date: Thu, 26 Jul 2007 19:30:45 -0600
From: Tremaine Lea <tremaine@...il.com>
To: Ronald MacDonald <ronald@...cd.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Hash

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 26-Jul-07, at 7:17 PM, Ronald MacDonald wrote:

> On 27/07/07, Tremaine Lea <tremaine@...il.com> wrote:
>> Apparently you've never heard of a mail administrator tagging
>> outbound email for all users. It's pretty common.  Of course, you may
>> lack the experience of dealing with large companies.
>>
>> Have a nice day.
>>
>> - ---
>> Tremaine Lea
>> Network Security Consultant
>> Intrepid ACL
>> "Paranoia for hire"
>
> In truth, as the aforementioned Network Security Consultant be able to
> tell us, Google mail signatures can be edited before sending out the
> email. Nick's got a very good point, and it'd have been very easy for
> Sergio to remove the sig.
>
> Regards,
> Ronald.
>
>
>
> --  
> Ronald MacDonald
> http://www.rmacd.com/
> 0777 235 1655


Sure, it's possible.  Possibly Sergio is lazy.  As he sent it via  
gmail's auth smtp servers and not from webmail, it's just as possible  
it happened in his mail client.

And all of that aside, who cares?  We see signatures like that all  
the time on mailing lists.  It's pretty obvious they're useless in  
this context.

- ---
Tremaine Lea
Network Security Consultant
Intrepid ACL
"Paranoia for hire"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iQEcBAEBAgAGBQJGqUrFAAoJEKGa22zRy9WCKNMIANjtxEAQto3Nf3vKcU6NyFZC
BIHOZDCjIl63dSJh75ZlLtiwLio8pCEYnlKwqdIzetgMvAHNAwMTGm6rjSi3QIaF
05BVstEhVDSLaj1ATrJ38y9WMXTtJRVFfA6lLvVe9o2DE2P8Ec6RdxDTPyMG479I
9qFVMp9mZKmxZUiKxMgFl4c5zNWGpZ1JThUY/ZWUEzlnVDwc8jIqgmO5ENwdy7bY
lufy9fMNIom5tpc6VEc3GBUl45r263pkMGQmumU5lnguM4V17hJQrJrE0GJvBmry
Ut6c2OimKn2iveQ0TC7dmSOHT4EB0y7abi4tzwUy2DLYsMpoEIslJPiRcSSbnwU=
=kOFu
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ