[IP] More insecurity
Begin forwarded message:
From: Bob Frankston <Bob19-0501@xxxxxxxxxxxxxxxxxx>
Date: June 22, 2005 2:46:29 PM EDT
To: Dave Farber <dave@xxxxxxxxxx>
Subject: More insecurity
I just found another letter from Bank of America that I had
quarantined. I keep a list of sites that require extra security and
make sure that their mail comes from a site in their domain. This
isn’t a perfect algorithm but it’s a first order projecting against a
large percentage of the phishing attacks.
Maintaining my own site I can take measures that I would not tolerate
if forced upon me. I can also catch exceptions and handle them myself.
In this case the message was a notification that I had changed my
email address (which is correct) but it came from ms1.par3.com
(63.251.12.15). Looking back one level I find that it had come from
ms1.par3.com (10.10.0.125). Makes it hard to verify its authenticity.
Of course Outlook’s “security” isn’t troubled by this – it simply
believe the “from” address and thus when I say I should trust mail
from @alert.bankofamerica.com it does nothing to deal with spoofing.
Approaches with a third party security token and encryption are steps
in the right direction though only early steps that have their own
issues.
The problem is compounded by AOL and others that don’t allow me to
send mail from my domain – I must use UNTRUSTED third paties like
Comcast and RCN instead. For now I go through DynDNS or TZO.
Bob Frankston
http://www.frankston.com
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/