gnupg encrypted mail and malware/spam
Mon May 12 08:38:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
At 20:34 2003-05-11 +0200, Ingo Kl=F6cker wrote:
>On Sunday 11 May 2003 13:28, Thomas Scheffczyk wrote:
>> Until now, no comment was given to my first post scriptum:
>> 'I do not fear 'ordinary' viruses or other malware. What i =
>> fear is a sophisticated attacker that send on a very slow =
>> backdoors to single users in my network. I can not =
>> really no user will start the program. If it is started, =
it's easy to
>> create a backchannel over allowed traffic like http.'
>> Does nobody fear this, too?
>There's not much you can do to prevent this from happening =
>installing a strict policy for the usage of encryption. One =
>would be to disallow MIME (OpenPGP or S/MIME) encrypted =
>only allow inline encryption because with inline encryption =
>can't be encrypted.
Yes, Ingo! GPGrelay encrypts attachments when using inlined =
really like it! A wonderful feature ;-)>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - GPGrelay v0.92
-----END PGP SIGNATURE-----