Re: PGP spoof decrypted output?

From: Rich Henning (vulnerableat_private)
Date: Fri Jun 07 2002 - 09:25:09 PDT

Next message: Dave Booth: "Re: Phone Switches + telephone banking etc"

Previous message: Brian Hatch: "Re: PGP spoof decrypted output?"
In reply to: Olaf Kirch: "Re: PGP spoof decrypted output?"
Next in thread: Olaf Kirch: "Re: PGP spoof decrypted output?"
Next in thread: Roger Burton West: "Re: PGP spoof decrypted output?"
Next in thread: McAllister, Andrew: "RE: PGP spoof decrypted output?"
Reply: Olaf Kirch: "Re: PGP spoof decrypted output?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 07, 2002 at 01:50:57PM +0200, Olaf Kirch wrote:
> [-- PGP output follows (current time: Fri Jun  7 13:45:05 2002) --]
> gpg: Signature made Fri Jun  7 13:44:59 2002 CEST using DSA key ID DEADBEEF
> gpg: Good signature from "Olaf Kirch <okirat_private>"
> [-- End of PGP output --]
> 
> [-- The following data is signed --]
> 
> Of course, this sort
> of spoof will only work on mailers such as mutt where you cannot
> clearly tell PGP output from message content (and you have to pay attention
> to other cues, such as the "s" flag shown in the mail folder listing).

Also, in mutt, pgp signatures are displayed as attachments (or in my
config they are).  Your "spoof" was displayed as plain text and not
highlighted as an attachment.

-- 
[ rich henning      ]
[ henninrpat_private ]

Next message: Dave Booth: "Re: Phone Switches + telephone banking etc"
Previous message: Brian Hatch: "Re: PGP spoof decrypted output?"
In reply to: Olaf Kirch: "Re: PGP spoof decrypted output?"
Next in thread: Olaf Kirch: "Re: PGP spoof decrypted output?"
Next in thread: Roger Burton West: "Re: PGP spoof decrypted output?"
Next in thread: McAllister, Andrew: "RE: PGP spoof decrypted output?"
Reply: Olaf Kirch: "Re: PGP spoof decrypted output?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 07 2002 - 15:44:43 PDT