Re[2]: New whitepaper "The Phishing Guide"

[Karsten Heidrich <karsten () heidrich-da de>]

All,

it is true that many problems in the Phishing area would be eliminated
by using e.g. S/MIME or other trusted signature mechanisms.

That is only provided customers and the casual internet user know how
to work with it. I strongly doubt that much will change for at least
the next 5 to 7 years. The knowledge of the users has to change; and
that - unfortunately - is a slow and winding path.

Just imagine your grandmother trying to verify S/MIME or PGP. Have
fun.


Thursday, September 23, 2004, 4:57:03 PM, you wrote:

AM> Gunter Ollmann (NGS) wrote:

AM> [snip]

> > While the Phishers
> > develop evermore sophisticated attack vectors, businesses flounder to
> > protect their customers' personal data and look to external experts for
> > improving email security. Customers too have become wary of "official"
> > email, and organisations struggle to install confidence in their
> > communications.

AM> Sometimes it's unbelivable how long it takes organizations to discover
AM> that email can be signed.  Especially nowdays when all major mail 
AM> readers have support for at least S/MIME (and the really good ones have
AM> support for at least PGP ;-) ).




-- 
Regards
 Karsten

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature