Well, if they used PKI, that would be true (that the e-mail could be authenticated whereas the fax cannot).
It is true that you can at least verify the final relay MTA, if you control the delivery MTA, which you can't for sure with a fax (caller ID can be spoofed). So there is some truth that e-Mail is slightly more verifiable than fax. >-----Original Message----- >From: [email protected] [mailto:[email protected]] >On Behalf Of Larry Seltzer >Sent: Wednesday, July 22, 2009 3:19 AM >To: Drsolly; [email protected] >Subject: Re: [funsec] Bank security > >OMFG.... > >Larry Seltzer >Contributing Editor, PC Magazine >[email protected] >http://blogs.pcmag.com/securitywatch/ > > >-----Original Message----- >From: [email protected] [mailto:[email protected]] >On Behalf Of Drsolly >Sent: Wednesday, July 22, 2009 4:44 AM >To: [email protected] >Subject: [funsec] Bank security > >I sent my bank a fax to tell them about my change of address. They sent >a >fax back, asking me to phone them. The lady I spoke to, said that they >couldn't do it from a fax, they needed an email. I asked why; she said >that it was so they could be sure it came from me. > >Apparently, anyone can send an fax, but if an email has me in the >from-line, that proves it came from me. > >And this is a bank. > >And we wonder why there's fraud ... > >_______________________________________________ >Fun and Misc security discussion for OT posts. >https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >Note: funsec is a public and open mailing list. > > > >_______________________________________________ >Fun and Misc security discussion for OT posts. >https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
