Jus a quick question about your theory... Would you use the same argument for SSL for say, internet banking.
I seriously wouldn't want to know that when connecting to my local bank that there are hackers sniffing SSL particularly just for passwords just because, regardless of wether it be a bank, the traffic is SSL. Just a different perspective. Karma ----- Original Message ----- From: "Kevin Crichton" <[EMAIL PROTECTED]> To: "veins" <[EMAIL PROTECTED]> Cc: "Dave Bujaucius" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, February 26, 2002 7:27 PM Subject: Re: Unencrypted Email > I know people may be worried about sending unencrypted email over the > internet, but some critics point out that if you send out encrypted > email it is more likely to come to the attention of those parties > interested in users using encryption since they would reason that people > using encryption have something to hide, even when all they want is privacy. > > Yours, > > Kevin Crichton PhD (St. Andrews), MCSE > ICL, Lytham > > veins wrote: > > > > > It is common knowledge that unencrypted messages sent over an unsecured > > Internet connection *can* be viewed in clear text and thus the contents > > compromised. My questions: > > > > 1. Is it really easy? How readily available are sniffing tools that > > can do this? > > > > Any common sniffing tool can allow to do that, sometimes with minor > > alteration. > > > > 2. Can it be done from a user's home dial up or DSL type connection? > > Can someone in California somehow be scanning mail leaving a New York > > location? > > > > basically, someone would need to compromise one of the mail servers between > > the sender and the recipient, so yes it is possible, but no it's not > > possible for > > everyone. > > > > 3. Outside of government agencies that have access to selected ISP's, > > how likely is it that a company could be targeted by an outside person > > or organization? > > > > it still depends on wether or not a mail server is compromised somewhere. > > > > veins > > > > > > > > > **************************************************************************** ************ > This message is confidential, its contents do not constitute > a commitment by AXA except where provided for in a written agreement > between you and AXA. > Any unauthorised disclosure, use or dissemintation, either whole > or partial, is prohibited. If you are not the intended recipient of the message, > please notify the sender immediately. > **************************************************************************** ************* > > >
