On message signing and Enigmail...

[Robert J. Hansen]

On 2/1/12 4:29 PM, Christopher J. Walters wrote:
> However, I disagree with your statement that there is no way to 
> check: one can check the headers of each message to see from where 
> they originated.

Easily forged, and machines are too easy to compromise.  This idea that
an IP address is clear and convincing evidence of origin is absolute
bonkers.  An IP address is evidence of *routing*.

> Before you mention it, I know that headers can be spoofed, however,
> I very much doubt that a troll or spammer would go to the trouble
> of creating a key-pair in my name to sign messages, as well as the
>  trouble to spoof the headers.

I personally know fourteen-year-olds who would do this just for the
pleasure of screwing with you.  Consider Anonymous, whose stated raison
d'etre is to do it all for the lulz and because none of them is as cruel
as all of them.  Anonymous gets in the news when it goes after big
targets, but you think a bunch of technically competent high school
students wouldn't direct this against a particularly hated teacher, or
the designated class pariah, or...?

Maybe I have a darker view of human nature than you do, that's certainly
possible, but I think it's a critical mistake to apply rational-actor
theory to criminals.  (It's just as critical of a mistake to apply
rational-actor theory to human beings.  Human beings ain't rational
actors.)

> P.S.  I could show a proof of concept very easily, to support my 
> premise that the headers can be used to check which one is valid. 
> However, it is a good deal of work for me, and it is really up to
> you to refute my argument.

The only way this argument can be refuted is for me to commit a felony
(breaking the Computer Fraud and Abuse Act).  I'll happily give a
general outline of how it can be done, but I'm not going to commit a
felony just to prove a point.  That way lies madness.