long-morrow @
CS .
YALE .
EDU wrote:
>1. rot13 a uuencoded file before e-mailing it. Describe in the
message
>2. Use an (admittedly) inefficient format for encoding binary, such
as:
>3. PGP encrypt the entire message before transmitting. How will the
It occurs to me that even if an human manager checks a uu-encoded
attachment,how can they be sure that what they find is what it seems.
With the use of a steganographic tool such as Andy Brown's S-Tools. A
user can hide encrypted or binary files inside bitmap or sound
files.(and also on a floppy disk, mail is only one media of many to
worry about)
I think that the only virus defence that makes any sense it to devolve
the responsibility for detection out to the workstation.If every
program, DLL etc is scanned before execution it will (should!) catch
virii before they infect.
This is of course no defence against the transfer of secrets or
pornography.
Regards Steve
--
email: steve .
betts @
biss .
co .
uk (pgp key from www page)
www: http://www.biss.co.uk/~steveb/
phone: (+44) 1 442 233 366 (Office GMT)
Never assume my opinions are the same as my employer's.
|
|
