On Tue, 2004-11-09 at 12:04 +0100, Roger Schmid wrote: > ASMTP is a nearly useless solution, since most users using outlook > and other Mailclients which are storing passwords.. any worm should > be able to use the cached passwords.. or using mapi to send worms > thru outlook which of course will authenticate with the cached > password in the background.
The same goes for any authentication method. Have the virus spy out the keyboard and catch all the SSH accounts etc. Once a machine is infected there is not much to do at the moment. I am possibly one of the few who like the Trusted Computing model because of that as the above won't be possible then anymore, unless someone takes a gun and puts it to my head or is one of the big industrials leaders ehmm "someone working for Mr.Bush and friends", but there are a number of movies about that out there and if they want to harass/spy you they will do that anyway. <SNIP> > btw: i never understand why using a far away smtp relay when most > isp's offer an SMTP server to the customer of them ? Because my SMTP does allow me to relay my messages to other users, while local ISP's don't allow me to relay using my domain. Next to that I trust my own SMTP to deliver messages correctly and it also supports IPv6 and TLS. Also reconfiguring my mailer on my laptop everytime I go somewhere else is a nuisance. Thus I simply use submission ;) It also adds a layer of authentication as any mail sent by me will have been logged from the same host and signed by the same PGP key. If somebody sends a silly message sounding to be from me (yes, this sadly has happened by some sick persons) I can quite easily claim it was not me sending the message on both those two grounds. Greets, Jeroen
signature.asc
Description: This is a digitally signed message part
