| 1 |
On Fri, 30 May 2008 02:05:42 +0300 |
| 2 |
Daniel Iliev <daniel.iliev@×××××.com> wrote: |
| 3 |
|
| 4 |
> On Thu, 29 May 2008 08:38:27 +0000 (UTC) |
| 5 |
> daniel.iliev@×××××.com wrote: |
| 6 |
> |
| 7 |
> > W. Canis wrote: |
| 8 |
> > > OK, I can't bring myself a "proof of concept". |
| 9 |
> > |
| 10 |
> > Allow me to help you with that part. |
| 11 |
> > |
| 12 |
> > Personally I still think signatures in public mailing lists are |
| 13 |
> > overrated. |
| 14 |
> > |
| 15 |
> > NOT signed by |
| 16 |
> > Some Gentoo user with a security job and 5 minutes of time |
| 17 |
> > |
| 18 |
> > P.S. Daniel - I really hope this is ok with you. I took your dare |
| 19 |
> > literally for this one time. Your personality won't be abused by me |
| 20 |
> > again. |
| 21 |
> |
| 22 |
> |
| 23 |
> No problem,..ehh..PSZ, I presume? :) |
| 24 |
> |
| 25 |
> It was I who gave the idea and the challenge. Don't worry, it's really |
| 26 |
> fine by me. |
| 27 |
> |
| 28 |
> I admit I looks very much as if the message was sent by me and could |
| 29 |
> be deceiving at first glance, but: |
| 30 |
> |
| 31 |
> |
| 32 |
> FAKE: |
| 33 |
> === |
| 34 |
> Received: from observed.de (observed.de [81.169.134.89]) |
| 35 |
> by pigeon.gentoo.org (Postfix) with ESMTP id AE151E05BC |
| 36 |
> for <gentoo-user@l.g.o>; Thu, 29 May 2008 08:38:27 |
| 37 |
> +0000 (UTC) |
| 38 |
> === |
| 39 |
> |
| 40 |
> |
| 41 |
> NOT FAKE: |
| 42 |
> === |
| 43 |
> Received: from fg-out-1718.google.com (fg-out-1718.google.com |
| 44 |
> [72.14.220.153]) |
| 45 |
> by pigeon.gentoo.org (Postfix) with ESMTP id 3E5ACE0229 |
| 46 |
> for <gentoo-user@l.g.o>; Mon, 26 May 2008 00:30:07 |
| 47 |
> +0000 (UTC) |
| 48 |
> === |
| 49 |
|
| 50 |
Except that even that can be faked. |
| 51 |
|
| 52 |
The header is part of the payload, so can be whatever the user decides |
| 53 |
to put in, simply fake some a set of relay lines, and how do you know? |
| 54 |
|
| 55 |
Rob. |
| 56 |
-- |
| 57 |
gentoo-user@l.g.o mailing list |
Archives