Re: all xterms
On Wed, 3 Nov 1999, Tomasz Wegrzanowski wrote:
> On Wed, Nov 03, 1999 at 08:12:11PM +0000, Jules Bean wrote:
> > On Wed, 3 Nov 1999, Tomasz Wegrzanowski wrote:
> > > 4)
> > > there is >50% chance than admin wont bother to check mail by
> > > pgp from command line. Most of them have motto of
> > > 'I will fix it tommorow'(here:it = mutt) and believe that if someone
> > > signed mail it is validly signed
> >
> > NO.
> >
> > The admin has the correct path to pgp or gpg in his .muttrc. So it gives
> > him the 'bad key' error.
>
> So there is a HUGE hole between admins in poland and in your country.
> Here the majority of admins ...(fill blanks yourselves, cause I dont
> want to flame)
I'm sorry.
But I don't really care about an admin who can't even be bothered to
follow up the 'couldn't exec pgp' (or whatever) error that mutt gives in
this case.
If that doesn't raise alarm bells with them, it's not going to be terribly
hard to crack their systems.
> > >
> > > 6)
> > > *EVIL CRACKER* exploits this hole
> > >
> > > This will need a good expert on social engeenering and some luck
> > > but it is a *little* security hole
> >
> > I disagree
>
> Ok, sorry, but I'm sure there are crackers using similar methods
> (two programs that doesnt cooperate well plus admin's laziness)
>
I still don't call that a security hole.
Jules
/----------------+-------------------------------+---------------------\
| Jelibean aka | jules@jellybean.co.uk | 6 Evelyn Rd |
| Jules aka | jules@debian.org | Richmond, Surrey |
| Julian Bean | jmlb2@hermes.cam.ac.uk | TW9 2TF *UK* |
+----------------+-------------------------------+---------------------+
| War doesn't demonstrate who's right... just who's left. |
| When privacy is outlawed... only the outlaws have privacy. |
\----------------------------------------------------------------------/
Reply to: