Am Montag, den 05.03.2012, 13:13 -0800 schrieb Mark Hahn: > How many people here have suffered from fake emails? i don't know anyone.
Hmh, you have a point. But, for example, I'm also paranoid enough to want to be able to encrypt mails to other devs, for example when I've found holes in their modules. To go back to "it never happened before": Well, that's nice, but it's not exactly reassuring. If you say "nobody DoS'ed socket.io servers before although it's super-easy to take them down", that imo just means that socket.io is not important enough yet. One-way communication isn't exactly a great path for social engineering, but it might happen. Meh, well, as long as everyone is aware of it... maybe I'm overreacting. But if I got a spoofed mail from a close friend or a relative claiming that I have to do something very urgently and it looked legitimately, I might not think about security if the sender never signs his mails anyways. For me, it's just "best practice" - although I just switched back to non-webmail a few days ago myself.
signature.asc
Description: This is a digitally signed message part
