I think he meant that something like Carnivore could easily pick up the = fact that only one out of ~100 messages were encrypted by parsing the = message headers, and then somehow note that fact, or start a brute force = decryption of it on the square miles of the NSA's underground server clusters.
John Hebert -----Original Message----- From: Alvaro Zuniga To: [email protected]; will hill Sent: 6/17/03 7:52 PM Subject: Re: GPG does not provide "end to end encryption", but only = mail conte nt encryption was RE: [brlug-general] Cox and smtp pain today. On Tuesday 17 June 2003 02:31 pm, will hill wrote: > On 2003.06.17 09:48 John Hebert wrote: > > Ray, > > > > Just to be technically clear and correct for those who may not = know, GPG > > does not provide end to end mail encryption, but only mail content > > encryption. Even if you use GPG to encrypt the contents of your = mail > > message, it is possible for people (mail sysadmins, bad guys sniffing, > > etc.) to see the message headers (mail recipient's address, etc.). > > That and it stands out like a sore thumb when you only take the trouble to > encrypt 1% of your mail. How does it stand out? This is an encrypted message using the a base64 output=20 from a Thawte certificate. The function used to create this message is=20 openssl_pkcs7_encrypt( ). To: Some User <[EMAIL PROTECTED]> From: Apache Server <[EMAIL PROTECTED]> Subject: Encryption MIME-Version: 1.0 Content-Disposition: attachment; filename=3D"smime.p7m" Content-Type: application/x-pkcs7-mime; name=3D"smime.p7m" Content-Transfer-Encoding: base64 MIIBgwYJKoZIhvcNAQcDoIIBdDCCAXACAQAxggE2MIIBMgIBADCBmjCBkjELMAkG A1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBU b3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZp Y2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMwAgMJ 5xwwDQYJKoZIhvcNAQEBBQAEgYAJ2bpqBkv8ywFtWGkq96Z15D5UJQByfJHVMm9E P6oeBwUpgRzsgE3/n1nLrGFlosnXO5ma4h+9PmG3M7H1zmHxsYW5co+WW27LtemY B9G56aklV7Tkf6xG4hm8r2k2yHbqQEma87Jl1rPTw7Ns80rGMNNZn4T1yMcU3Mt7 xG9u0jAxBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgICAKAECMcYWN20CpwkgAgA k4N33hVu+w=3D=3D This message actually spells: "This is an encrypted message" The encryption counterpart is exponentially longer in comparison.=20 Alvaro Zu=F1iga _______________________________________________ General mailing list [email protected] http://brlug.net/mailman/listinfo/general_brlug.net
