Security Concern: Unsigned Windows Executable

reynt0 reynt0 at cs.albany.edu
Sun Jun 7 01:31:11 CEST 2009


On Fri, 5 Jun 2009, Robert J. Hansen wrote:
  . . .
> Active MitM is pretty much the military incendiary bomb in the living
> room.  A competent attacker who is controlling your network traffic and
> wishes to subvert your system has so many ways to do it that you stand
> effectively no chance of preventing it.

Well, you know, there may be a matter of attitude involved
here.  The worm who keeps twitching and twisting is the one
who escapes the bird's beak, not the worm who just goes
limp.  Being more advanced than worms, it's up to us humans
to figure how to escape the harms of our more advanced
varieties of attacks, and posting to gnupg-users asking for
usable suggestions is part of what to do, just like trying
to get as close as possible to in-person to exchange public
keys, using SHA checksums and checking for replicated
verification despite multiple sourcing, hiring experts as
appropriate to get gradations of opinions but doing one's
own thinking and making one's own decisions, and so on.



More information about the Gnupg-users mailing list