PGP Signature and Melissa Stuff
Joerg Bencke
PMMAIL Discussion List <PMMAIL-L@VM.EGE.EDU.TR>
Mon, 26 Apr 1999 10:26:34 +0200
Hi John.
At least HAPPY99 hacked the Winsock.dll and not the email client, so a PGP
sig would not have appeared on the hacked messages.
With Melisa, I dont know, so it might be Melissa hacked outlook and could
have used outlooks pgp-plugin. OTH, you should never configure your client
to remember your PGP password, so it should have been strange having to
enter the password when your not sending mail.
So I guess its 50:50 :-)
About encrypting making sense in business only :
If only such mail is envelpoed, the wrong people might get nosy and try to
setup a trojan at your computer to catch the secret key file. Cracking
that is possible, so from then on, they read your enc. stuff cause it is
important (It gotta be, after all, its encrypted).
Ohh, this trojan already exists in different versions out in the net.
Josch