Yes, I realize SSL is not that secure either, but I was just using it as
an example in comparison to plain ole pure-text email. The point I was
making is not to assume your emails are in any way private/secure. You must
use something else if you want any kind of "secure" communications medium.
There are plenty of solutions out there with varying levels of security, but
I had no intent on going through these and comparing them all.
On 8/4/06, L. Victor <fullblaststorm@xxxxxxxxx> wrote:
>
>
> 2006/8/5, Denis Jedig < seclists@xxxxxxxxxxxx>:
> >
> > > On Fri, 4 Aug 2006 11:45:01 -0500 John Dietz wrote:
> > > > if it were. If the information you are sending/receiving is of a
> > > > particularly sensitive nature, I would suggest you find some other
> > > medium,
> > > > such as SSL with encryption.
> >
> >
> Even connections with SSL can be dumped, analysed by providers and
> successfully decrypted in some cases such as if only the destination server
> has its own sertificate, but user doesn't.
>
>
>
--
There is intelligence is in having all the answers, but wisdom lies in
knowing which of the questions to answer.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/