[Full-Disclosure] An anatomy of a PGP Joe Job
From: Gadi Evron (ge_at_egotistical.reprehensible.net)
Date: 05/29/04
- Previous message: Jirka Kosina: "[Full-Disclosure] Re: Linux Kernel sctp_setsockopt() Integer Overflow"
- Next in thread: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] An anatomy of a PGP Joe Job"
- Reply: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] An anatomy of a PGP Joe Job"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Full-Disclosure <full-disclosure@lists.netsys.com> Date: Sat, 29 May 2004 09:48:25 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
How my PGP signature ripped off, and for what purpose
- -----------------------------------------------------
On May first I emailed a couple of mailing lists, announcing a new spam
research related mailing list.
Due to knowing that many viruses and kiddies spoof my email address on a
regular bases, I signed the post.
So far I received about one email a day from people who Googled the PGP
signature that was in a SPAM they got (right through their filters).
That signature was my signature from the spam mailing list.
Irony? Attempted Pay-back? Oh well.
As the emails don't stop and as it happens with Joe Jobs, you must reply
and be nice while you do it.. I decided I'd put this in a short write-up
describing:
1. What happened (the story).
2. A few of my opinions on the subject.
3. A full analysis of the SPAM message. Quite interesting, although
~ there is nothing completely new there.
PGP is used exactly for this purpose. Even if my signature was ripped,
it should be pretty obvious it wasn't made by me. Still, this is a risk
(which isn't completely new either
What _is_ new is the very targeted nature of this PGP Joe Job.
Here is the write up which was supposed to be this email. I figured that
with all the spam elements quoted in it though - it might get caught in
filters:
"An anatomy of a PGP Joe Job"
http://www.math.org.il/PGP-JoeJob.txt
Gadi Evron.
- --
Email: ge@linuxbox.org. Work: gadie@cbs.gov.il. Backup: ge@warp.mx.dk.
Phone: +972-50-428610 (Cell).
PGP key for attachments: http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
ID: 0xD9216A06 FP: 5BB0 D3E2 D3C1 19B7 2104 C0D0 A7B3 1CF7 D921 6A06
GPG key for encrypted email:
http://vapid.reprehensible.net/~ge/Gadi_Evron_Emails.asc
ID: 0x06C7D450 FP: 3B88 845A DF1F 4062 E5BA 569A A87E 8DB7 06C7 D450
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
iD8DBQFAuEBIqH6NtwbH1FARAo+IAJ0bDd5hadrY8HwhSFwR2Q6zwbsvTQCeLqsZ
5Ydp1dn1byoyB6sWCj0iU5A=
=Jup5
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Jirka Kosina: "[Full-Disclosure] Re: Linux Kernel sctp_setsockopt() Integer Overflow"
- Next in thread: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] An anatomy of a PGP Joe Job"
- Reply: Aditya, ALD [Aditya Lalit Deshmukh]: "RE: [Full-Disclosure] An anatomy of a PGP Joe Job"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
