<<< Date Index >>>     <<< Thread Index >>>

Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

2. Your logic sounds convincing, but interposing a proxy that
systematically changes incoming messages raises red flags in my mind.

        Digital signatures would not work, obviously.

However, which is the reason to keep a malformed message? It's like the stupid thing antivirus software does, "cleaning" infected messages which have obviously *not* sent by the computer's owner. In the case of the Sircam virus, AV software failed catastrophically, not discarding thousands of messages with confidential documents sent without the knowledge of their owners, not to talk about the extremely useful notifications sent by those amazingly clever pieces of cr... errr, software.

If someone builds faulty software which generates bad MIME headers, such messages should be treated as hostile messages and dropped. Period. What happened when Microsoft tried to make Windows "intelligent" so that an executable "wrongly" labelled with an audio MIME type it would be correctly "opened" (I mean, executed)?

By trying to make poor programmers' life easier, we make our own lives harder. So, the only secure way to deal with a corrupt message is to drop it. Period.



        Borja.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iD8DBQFBStPEULpVo4XWgJ8RAiAYAKCU/iZrJdYW/j4OafV8VRwVZGKT8gCdHmhv
AFNM8MrITjWR1d7HaXajcJo=
=iVnR
-----END PGP SIGNATURE-----