funsec mailing list archives
Re: facebook messages worm
From: der Mouse <mouse () rodents-montreal org>
Date: Thu, 7 Aug 2008 15:40:43 -0400 (EDT)
The *real* problem is that digital signatures for E-mail work in *exactly the same way* and provide *the same protection* as SSL does for the Web.[That's] wrong.That the same people who don't understand that the little padlock doesn't guarantee that you're talking to the website you think you are, will also fail to understand that the little e-mail padlock doesn't guarantee that the e-mail is from who you think it is.
This sound as though you're saying "protection A doesn't provide what the typical naïve user mistakes it for; protection B also doesn't provide what the typical naïve user mistakes it for; therefore, it's OK to say that protection A and protection B provide *the same protection* in *exactly the same way*". Even though they don't provide the same protections (secrecy against passive snoopers is a big one) and the protections they do provide are not done in the same way (in at least two respects). Which is what I'm calling foul on. They are the same in one (admittedly fairly significant) respect - not being what they're naïvely mistaken for - but that hardly makes them the same, and definitely does not mean they do what *is* the same in the smae way. /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML mouse () rodents-montreal org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: [Full-disclosure] facebook messages worm Juha-Matti Laurio (Aug 06)
- Re: facebook messages worm Gadi Evron (Aug 06)
- Re: facebook messages worm Martin Tomasek (Aug 07)
- Re: facebook messages worm Gadi Evron (Aug 07)
- Re: facebook messages worm John C. A. Bambenek, GCIH, CISSP (Aug 07)
- Re: facebook messages worm Valdis . Kletnieks (Aug 07)
- Re: facebook messages worm John C. A. Bambenek, GCIH, CISSP (Aug 07)
- Re: facebook messages worm der Mouse (Aug 07)
- Re: facebook messages worm Valdis . Kletnieks (Aug 07)
- Re: facebook messages worm der Mouse (Aug 07)
- Re: facebook messages worm Martin Tomasek (Aug 07)
- Re: facebook messages worm Gadi Evron (Aug 06)