----- Original Message ----- From: "Phil Barnett" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, January 29, 2004 12:53 AM Subject: Re: [gentoo-user] GnuPG and missing public keys on keyservers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 28 January 2004 3:12 pm, Nuckerl Stefan wrote: > Just to let you know any connection you do to any > machine is logged by your provider (time + IP). So faking an emailname etc. > won't help because they have to prove, that the you really did it and > that's going to be impossible if you didn't do it. >I own my own server. The mail logs rotate away in 24 hours. There is no law >that states I must keep them for any period of time. In fact, the longer I >keep them, the more liable to produce them I may become. Oh god, you own your little server, hows that. I don't want to sound like an asswhole, but I need to clear things up for you. You are no ISP, ISPs have to keep logs. Whoever provides your connection has to keep logs dude. Guess how they catch hackers ???? So don't come up with that crap I own my own server. Have you ever been to court, when they come up with a 5 meter long sheet where all your connections are listed ???? The way hackers don't get caught is to get a line where no one can tell who used it. To sue you they have to prove, that you commited the crime and they can only do that by proving, that your connection was used and that is done by tracing back the IPs through logs, you are only in deep shit if someone hacked into your box used your connection to do some dirty tricks and you can't prove it because you have no logs :-) Then he sends a email from your box, he uses no signature, of course now you tell the jury, hey I always sign my message, this message isn't mine it doesn't have my sig. So if there is no signature on it, how can one tell if you send it or someone else send it :-) Folks this is lame, GPG won't help you. So to say it again, GPG won't help you in case someone faked your emailadress, you won't be able to prove shit, because no one can guarantee, that you added a signature to the mail. The only thing GPG is good for is for someone that receives the mail, he can tell if he can trust this message or if he should be careful, because your signature is not there and therefore it isn't guaranteed, that is was you, got that? - -- "The true measure of a man is how he treats someone who can do him absolutely no good." - Samuel Johnson (1709-1784) KI4DPT -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAGEtfWMqSOYd58pwRAurOAKCAmVL1FrpNkxMTLkVRyA0zj6xUCQCfTXE0 rAgv0hu66cvA6IrL77IpUm4= =Ff/D -----END PGP SIGNATURE----- -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
