On Tue, Jun 05, 2001 at 12:59:03PM -0700, Dan Kaminsky wrote: > An immediate design fix would be to use a different coloring and fontfacing > scheme to refer to full names, rather than quoted email addresses from the > address book. This should self-document decently, since over the course of > sending a number of mails users should learn to associate one character type > with one form of name and the other with the other. Then, when the attack > hits, people see things "backwards" and some method of investigation can be > made available. Nice idea. Novell Groupwise has similar problems with displaying the address book "name" instead of the address (though Groupwise is *not* vulnerable to the same attack that forces the spoofed entry into the address book). It would be nice if these email systems would always display both the name and the address. Perhaps use both different colors, and the familiar <> construct, e.g. "myfriendat_private <attackerat_private>" the way other packages like Netscape Messenger, Mozilla Mail, Pine, and Mutt do. -Peter
This archive was generated by hypermail 2b30 : Tue Jun 05 2001 - 23:13:08 PDT