Re: [OT] Re: Things we should know about PGP
On Wed, 2012-05-09 at 20:22 +0000, Camaleón wrote:
> On Wed, 09 May 2012 19:33:52 +0200, Ralf Mardorf wrote:
>
> > On Wed, 2012-05-09 at 17:26 +0000, Camaleón wrote:
> >> Exactly. For instance, those who think that PGP signed messages will
> >> improve security when reading/posting e-mails >;-)
> >
> > AFAIK a signed message can't become dirty.
>
> What is what you understand by "dirty"?
>
> I can send the same spam, virus-inside or crap message with a signature
> or without it. That changes nothing.
>
dirty {adj} [fig.] e.g. remove words, add words.
> > So it's secure that nobody add a word, removed a word or completely
> > edited the message. This might be a kind of security some people wish
> > to have.
>
> You can still get false-positives that make the signature cannot be
> properly verified so you think the message is not legitimate while it is.
I did wrote something similar off-list to whomever, but it wasn't only
about computers and signing mails:
A lot of stuff that seems to make "things" more clear, don't
make
"things" more clear.
Signing emails tend to give the impression, that this would
ensure
security, but it doesn't. Nobody can hack a signed message in a
valid time, without much luck. The needed prime factorization or
what ever should be needed can't be done, anyway.
As I already pointed out. Somebody e.g. could hack the view of a
mailing list archive, seemingly signed mails with edited
contend. Than this wrong information is in the Internet,
pretending to be the signed original. The mob will believe this
is absolute truth. They are hungry for absolute truth. This is a
loss of civilization.
Instead of thinking their selfs or at least reading stuff like
"Plato's allegory of the cave", they declare absolute illusion
to absolute truth, but it's the absolute untruth.
OTOH there are valid situations to sign messages.
Reply to: