Re: PGP 6.5.1 has been released

From: ___Viper___ _ (viper_____at_private)
Date: Sun Jul 11 1999 - 07:05:18 PDT

Next message: GZ Apple: "aix 4.2 4.3.1, adb"

Previous message: Darren Reed: "Re: your mail"
Maybe in reply to: Cody Brownstein: "PGP 6.5.1 has been released"
Next in thread: Mark Wooding: "Re: PGP 6.5.1 has been released"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Having the option" never hurt anyone.
You can produce SDAs, and use them if you wish,
AND you can NOT open executables that arrived in
your mailbox and you don't trust.

It's madness to say that it is a "security threat".
With your logic, e-mailing is a security threat as well ;-)
Who knows what you can send over e-mail !

Take care,
V.

>From: "Steven M. Bellovin" <smbat_private>
>Reply-To: "Steven M. Bellovin" <smbat_private>
>To: BUGTRAQat_private
>Subject: Re: PGP 6.5.1 has been released
>Date: Wed, 7 Jul 1999 10:38:15 +0200
>MIME-Version: 1.0
>From owner-bugtraqat_private Wed Jul  7 08:03:08 1999
>Received: (qmail 2616 invoked from network); 7 Jul 1999 14:53:19 -0000
>Received: from softdnserror (HELO lists.securityfocus.com) (216.102.46.4)
>by softdnserror with SMTP; 7 Jul 1999 14:53:19 -0000
>Received: from LISTS.SECURITYFOCUS.COM by LISTS.SECURITYFOCUS.COM
>(LISTSERV-TCP/IP release 1.8d) with spool id 22185 for
>BUGTRAQat_private; Wed, 7 Jul 1999 07:52:02 -0700
>Approved-By: aleph1at_private
>Received: from securityfocus.com (216.102.46.2) by lists.securityfocus.com
>with          SMTP; 7 Jul 1999 08:40:11 -0000
>Received: (qmail 10517 invoked by alias); 7 Jul 1999 08:40:11 -0000
>Delivered-To: BUGTRAQat_private
>Received: (qmail 10514 invoked from network); 7 Jul 1999 08:40:11 -0000
>Received: from rumor.research.att.com (192.20.225.9) by securityfocus.com
>with          SMTP; 7 Jul 1999 08:40:11 -0000
>Received: from research.att.com ([135.207.30.100]) by rumor; Wed Jul  7
>      04:31:18 EDT 1999
>Received: from smb.research.att.com ([135.207.25.14]) by research; Wed Jul
>7          04:38:22 EDT 1999
>Received: by smb.research.att.com (Postfix,          from userid 54047) id
>13750ACADC; Wed,  7 Jul 1999 10:38:20 +0200          (CEST)
>Received: from smb.research.att.com (localhost [127.0.0.1]) by
>smb.research.att.com (Postfix) with ESMTP id BB3D6ABC21; Wed,  7 Jul
>   1999 10:38:15 +0200 (CEST)
>X-Mailer: exmh version 2.0.2 2/24/98
>Message-ID:  <19990707083820.13750ACADCat_private>
>Sender:       Bugtraq List <BUGTRAQat_private>
>X-To:         Cody Brownstein <cbrownstat_private>
>X-cc:         BUGTRAQat_private
>
> >
> >Self-Decrypting Archives. You may now encrypt files or folders into
> >Self-Decrypting Archives (SDA) which can be used by users who do not even
> >have PGP. The archives are completely independent of any application,
> >compressed and protected by PGP's strong cryptography.
>
>I'm glad this was on bugtraq -- any crypto product with "self-decrypting
>archives" is a serious security threat, at least for the other versions
>I've
>seen.  They involve an executable that does *something* -- but what?  The
>world has recently learned what I hope the folks on this list have long
>known -- that you can't trust email with executable content.
>


______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Next message: GZ Apple: "aix 4.2 4.3.1, adb"
Previous message: Darren Reed: "Re: your mail"
Maybe in reply to: Cody Brownstein: "PGP 6.5.1 has been released"
Next in thread: Mark Wooding: "Re: PGP 6.5.1 has been released"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:51:59 PDT