gnupg encrypted mail and malware/spam

Per Tunedal pt@radvis.nu
Mon May 12 08:38:02 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 20:34 2003-05-11 +0200, Ingo Kl=F6cker wrote:
 >On Sunday 11 May 2003 13:28, Thomas Scheffczyk wrote:
 >> Until now, no comment was given to my first post scriptum:
 >>
 >> 'I do not fear 'ordinary' viruses or other malware. What i =
really
 >> fear is a sophisticated attacker that send on a very slow =
rate
 >> backdoors to single users in my network. I can not =
guarantee the
 >> really no user will start the program. If it is started, =
it's easy to
 >> create a backchannel over allowed traffic like http.'
 >>
 >> Does nobody fear this, too?

 >There's not much you can do to prevent this from happening =
apart from
 >installing a strict policy for the usage of encryption. One =
option
 >would be to disallow MIME (OpenPGP or S/MIME) encrypted =
messages and
 >only allow inline encryption because with inline encryption =
attachments
 >can't be encrypted.
 >
 >Regards,
 >Ingo

Yes, Ingo! GPGrelay encrypts attachments when using inlined =
encryption! I
really like it! A wonderful feature ;-)>
Per Tunedal

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - GPGrelay v0.92

iD8DBQE+v0E+2Jp9Z++ji2YRAnjlAJ42zheesHsNh2eZbImdn00izWv6rwCcC4L2
Hd8631S/5mBvviWdiHqTX/o=3D
=3DV3xD
-----END PGP SIGNATURE-----