You didn't need to go to that trouble. Next time just ask me and I'll send them an e-mail from you.
Larry Seltzer Contributing Editor, PC Magazine [email protected] http://blogs.pcmag.com/securitywatch/ -----Original Message----- From: Drsolly [mailto:[email protected]] Sent: Wednesday, July 22, 2009 8:16 PM To: Tomas L. Byrnes Cc: Larry Seltzer; [email protected] Subject: RE: [funsec] Bank security My bank thinks that PKI is a brand of peanut. They just wanted a plain, vanilla email. And I sent them one. And they're happy. Hey - the email says it came from me, so they have their auditable verification. On Wed, 22 Jul 2009, Tomas L. Byrnes wrote: > Well, if they used PKI, that would be true (that the e-mail could be > authenticated whereas the fax cannot). > > It is true that you can at least verify the final relay MTA, if you > control the delivery MTA, which you can't for sure with a fax (caller ID > can be spoofed). > > So there is some truth that e-Mail is slightly more verifiable than fax. > > > > >-----Original Message----- > >From: [email protected] [mailto:[email protected]] > >On Behalf Of Larry Seltzer > >Sent: Wednesday, July 22, 2009 3:19 AM > >To: Drsolly; [email protected] > >Subject: Re: [funsec] Bank security > > > >OMFG.... > > > >Larry Seltzer > >Contributing Editor, PC Magazine > >[email protected] > >http://blogs.pcmag.com/securitywatch/ > > > > > >-----Original Message----- > >From: [email protected] [mailto:[email protected]] > >On Behalf Of Drsolly > >Sent: Wednesday, July 22, 2009 4:44 AM > >To: [email protected] > >Subject: [funsec] Bank security > > > >I sent my bank a fax to tell them about my change of address. They sent > >a > >fax back, asking me to phone them. The lady I spoke to, said that they > >couldn't do it from a fax, they needed an email. I asked why; she said > >that it was so they could be sure it came from me. > > > >Apparently, anyone can send an fax, but if an email has me in the > >from-line, that proves it came from me. > > > >And this is a bank. > > > >And we wonder why there's fraud ... > > > >_______________________________________________ > >Fun and Misc security discussion for OT posts. > >https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > >Note: funsec is a public and open mailing list. > > > > > > > >_______________________________________________ > >Fun and Misc security discussion for OT posts. > >https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > >Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
