gnupg encrypted mail and malware/spam

Ingo Klöcker
Sun May 11 20:37:03 2003

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Sunday 11 May 2003 13:28, Thomas Scheffczyk wrote:
> Until now, no comment was given to my first post scriptum:
> 'I do not fear 'ordinary' viruses or other malware. What i really
> fear is a sophisticated attacker that send on a very slow rate
> backdoors to single users in my network. I can not guarantee the
> really no user will start the program. If it is started, it's easy to
> create a backchannel over allowed traffic like http.'
> Does nobody fear this, too?

No, but only because being a single user on a single computer I don't=20
have to fear the ignorance of other users.

There's not much you can do to prevent this from happening apart from=20
installing a strict policy for the usage of encryption. One option=20
would be to disallow MIME (OpenPGP or S/MIME) encrypted messages and=20
only allow inline encryption because with inline encryption attachments=20
can't be encrypted. Another option would be to disallow any encryption.=20
Of course both options are not applicable if you want to exchange data=20
in encrypted attachments.

Another more complicated option would be to only allow inline encryption=20
for personal mail and to allow MIME encryption with a personal=20
"business" key which is also known to the company (key escrow) or with=20
an additional company key (i.e. all messages are encrypted with the=20
user's personal key _and_ the company key) for all business related=20
mail. All incoming MIME messages which can't be decrypted would be=20
rejected or whatever. This would assure that all attachments can be=20
scanned for malware and on the same time allow personal use of=20
encryption for normal text messages.


Content-Type: application/pgp-signature
Content-Description: signature

Version: GnuPG v1.2.1 (GNU/Linux)