[Full-Disclosure] Re: NEVER open attachments
BlueBoar at thievco.com
Fri Mar 19 20:49:33 GMT 2004
Valdis.Kletnieks at vt.edu wrote:
> If anything, you should *encourage* the use of PGP or S/MIME to sign mail,
> because even if my machine gets whacked by a virus and starts spewing correctly
> signed mail, you will *know* it's my machine doing it and not some
> address-scraping virus on a machine in Zanzibar or someplace.
Well, if a worm nails your machine to the point where it has your
private keys, there's nothing stopping it from carrying a copy on its
way to Zanzibar, for purposes of spoofing as you.
We'd at least know you were compromised at one point, though. :)
Full-Disclosure is hosted and sponsored by Secunia.