PGP messages getting flagged as spam
dan at geer.org
dan at geer.org
Tue Oct 16 13:23:30 CEST 2007
Werner Koch writes:
|
| > If the system is compromised, you cannot be sure of the
| > authenticity of messages coming from there, can you?
|
| Right.
|
And therein is the issue. A year ago, I wrote an
editorial where I made a semi-numeric mostly educated
guess that 15-30% of all home/private systems were
already compromised. I got some hate mail but in
the intervening months, Vint Cert said 40%, Microsoft
said 2/3rds, and IDC said 3/4ths. Whatever the true
number is, real risk management must now assume that
the counterparty to a conversation stands a good chance
of being 0wned.
That said, the discount brokerages are hurting on this
as 0wned machines mean that stock pump&dump schemes
can be pumped by booking real trades from real people
with real money, i.e., steal the password via a key
logger and then time the trade to help with the pump
phase. I've another editorial on that, but suffice it
to say that in at least one instance, the November 06
10-Q filing by e-Trade, the losses in question reached
the level that required SEC disclosure.
Which brings us to a point: Those brokerages want,
and are willing to pay real money for, something like
an Active-X component that at the outset of the trading
session is downloaded fresh, steals the keyboard away
from the operating system, and pipes keystrokes through
an entirely distinct network stack direct to the trading
environment, i.e., makes the home user's PC into a dumb
terminal for a moment. On the one hand, that this could
work is horrifying and the idea of teaching the user
community to say yes to "steal my keyboard" is likewise
horrifying. But on the other hand there is a coherent
argument that people fall in two camps: Those who always
click "YES" and those who never do.
If someone always clicks "YES," then the odds are that
they are alreacy 0wned and, thus, you need to 0wn them
for a moment if you are going to do anything important.
If someone never clicks "YES," then the odds are that
they are canny and self-protecting, so you don't need
to 0wn them up just to have a transaction.
The times, they are a changin'
--dan
More information about the Gnupg-users
mailing list