RE: Re[2]: [Full-Disclosure] Would you trust these Emails (EBAY & PAYPAL)

From: Aditya, ALD [Aditya Lalit Deshmukh] (aditya.deshmukh_at_online.gateway.technolabs.net)
Date: 02/22/04

  • Next message: anony mous: "[Full-Disclosure] Proofpoint Protection Server remote MySQL root user vulnerability" 
    To: <partysan_FFF@gmx.net>, <full-disclosure@lists.netsys.com>
Date: Sun, 22 Feb 2004 10:32:40 +0530

    >
    > A concept like PGP would probably be fairly safe. Mails from your
    > bank, for instance, should be digitally signed. That would make them
    > a lot harder to fake. I agree on the non-HTML part, they are an
    > unnecessary risk.

    pgp would be fairly safe if the user manages to decrypt the signature and manages to verify the *CORRECT* signature from the correct location.

    unnecessary complicated steps that most users will never do.

    i had deployed gpg on my machines but my users never ever sign their mail or even encrypt it even thought it is just a click of a button ( gpg fontend, quite stable also )

    >
    > Is there a way to track where the credit card information from the
    > fake paypal site goes?
    >
    >

    maybe the credit card co do have a red flag false credit numbers that can be and are being tracked like this ....

    ________________________________________________________________________
    Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: anony mous: "[Full-Disclosure] Proofpoint Protection Server remote MySQL root user vulnerability"