gnupg encrypted mail and malware/spam

John Clizbe JPClizbe@attbi.com
Sun May 11 03:54:01 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Eugene Smiley wrote:
>
> I think you are missing the point with regard to the issue of
> server based virus scanning. It isn't that hard to imagine a
> virus generating an email via Outlook which is then passed to
- --------------------------------^^^^^^^
> GPGRelay; the user isn't paying attention, types the passphrase,
> and it get's emailed; the user on the other end decrypts it and
> opens the attachment... BLAMO!

Ding! There's the REAL culprit - There seems to be as many LookOut!
exploits out on the 'Net as there are attacks against InternetExploder.

Perhaps a less-easily hijacked MUA is needed. What you describe here is
more E-mail worm than SPAM.

- --
John P. Clizbe                     Inet:   JPClizbe@EarthLink.net
Golden Bear Networks               PGP/GPG KeyID: 0x608D2A10
  "Most men take the straight and narrow. A few take the road less
traveled.  I chose to cut through the woods."
  "There is safety in Numbers... *VERY LARGE PRIME* Numbers
9:00PM Tonight on _REAL_IRONY_:  Vegetarian Man Eaten by Cannibals
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+va1bHQSsSmCNKhARAqzaAKDgMv56IqkJGjjQSVGKzogavvfyFwCfa2Oz
358LuEyVVYm3v04zI8QaaXY=
=GB8D
-----END PGP SIGNATURE-----