ON Tuesday, September 3, 2002, 9:45:24 AM, you wrote:
DH> Hello Gerard! DH> On Tuesday, September 3, 2002 at 9:05:13 AM you wrote: >> Anyway, one of the problems I have with MS software is that it tags >> all sorts of personal info to your files and now I find that TB! does >> this to :-( DH> Hm, I just tested it with your message and saw that my e-mail was DH> added as an X-header (X-Sender). After thinking about it a few minutes DH> I - an outspoken privacy and security freak - find that not just quite DH> but completely correct. DH> In most cases it may not seem interesting to see that a mail to you DH> has been transferred wrongly to me. But wouldn't you as the receiver DH> of such a message want to know that the message could have been read DH> by me? DH> Go one step further, one of your business associates writes a DH> confidential but non-encrypted message to you, he addresses it wrongly DH> (accidentally) to me. I read it, find the information quite DH> interesting - perhaps I could use it to outbid you in a pitch - and DH> then re-direct it to you, so nobody will notice anything. I outbid you DH> and you never come to know what happened. I can think of another DH> scenario - concerning personal information and gossip within a company DH> - where it would be good to know that messages are wrongly delivered. DH> Perhaps the accidentally wrong address happens frequently due to a DH> user's mistake. wouldn't you want to know that so you can tell him? DH> And what about using this feature especially to run confidential DH> information to someone outside - a kind of Man in the Middle attack?* DH> BTW, the point in signing messages with PGP (or similar schemes) is to DH> prevent *any* meddling with messages ... DH> *I know, this can also be achieved by just BCCing or mass mailing etc. Hi Dierk, I also gave it some thought and I will agree with you on most parts but I have 2 big BUT's. 1) I have seen no documentation about this "feature" and I hate to see my name appear in places I did not know about it before hand. 2) Think about this scenario. I agree send you something and re-direct it to make sure a 3th party can't see that it was me who supplied the info. I would then be unpleasantly surprised if it could be traced back so easily. -- Best regards, Gerard -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Using The Bat! v1.61 on Windows 2000 5.0 Build 2195 Service Pack 3 ________________________________________________ Current version is 1.61 | "Using TBUDL" information: http://www.silverstones.com/thebat/TBUDLInfo.html
