[8571] in cryptography@c2.net mail archive
Re: it's not the crypto
daemon@ATHENA.MIT.EDU (Arnold G. Reinhold)
Tue Feb 6 16:09:49 2001
Mime-Version: 1.0
Message-Id: <v0421010db6a6089ec201@[24.218.56.92]>
In-Reply-To: <20010205135857.AA58235C42@smb.research.att.com>
Date: Tue, 6 Feb 2001 15:11:42 -0500
To: Steve Bellovin <smb@research.att.com>, cryptography@c2.net
From: "Arnold G. Reinhold" <reinhold@world.std.com>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
At 8:58 AM -0500 2/5/2001, Steve Bellovin wrote:
>Every now and then, something pops up that reinforces the point that
>crypto can't solve all of our security and privacy problems. Today's
>installment can be found at
>http://www.privacyfoundation.org/advisories/advemailwiretap.html
>
>For almost all of us, the end systems are the weak points, not the
>transmission!
>
>
While I certainly agree with your general point, I don't think this
case is good exemplar.
"The exploit requires the person reading a wiretapped email
message to be using an HTML-enabled email reader that also
has JavaScript turned on by default."
The notion that e-mail should be permitted to contain arbitrary
programs that are executed automatically by default on being opened
is so over the top from a security stand point that it is hard to
find language strong enough to condemn it. It goes far beyond the
ordinary risks of end systems.
The closest analogy I can thinking of is the early days of the 20th
century when some doctors began prescribing radium suppositories for
a variety of ills.
Arnold Reinhold
