On Mon, 15 Jun 2009 [email protected] wrote [both ">>>"
and ">" are by gpg2.20.maniams]:
. . .
3. This sender has so far sent me multiple files with signatures. The
data files are named "filename_dd_mm_yy.html" and the signature is
always called signature.bin (no date of no identifiable marks). All data
files are only signed and not encrypted
. . .
*Probably *one of the following two is happening
1. This signature is NOT GPG compliant
2. Probably this signature is GPG / PGP compliant but GPG is unable to
recognise this as a GPG signature
. . .
Or maybe the "signature.bin" files are not really
signatures, but eg some attack file which some
attack code on the "click here" website (you mentioned
in your original post) would try to run on your
host with your privileges? Isn't something like that
a known attack, exploiting some browser vulnerability?
Or maybe the "signature.bin" files are intentionally
bad, to frustrate you into going ahead and doing the
"click here" trick which so far you have been
level-headed enough not to be fooled by? Or maybe
frustrate you into opening the html files you received,
and they contain some attack code? Or maybe a simpler
trick, hoping you might somehow run the .bin files just
by mistake, and they are attack files? Or maybe there
is some attack on some crypto software's code which is
felt to look at signature files insecurely? Or who knows
what ... :-) ? Have you looked at the "signature.bin"
files in a (secure) editor or similar? HTH
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
