Even if you use cryptography to secure your email (and almost nobody does anyway) you still may not be safe, as Lenny Foner pointed out on a mailing list recently:
Someone was saying that the forged email generated by that pesky Klez virus would encourage people to use digitally signed email (so you should be able to verify that the sender is really that email address instead of a forged email address). He responded:
Signed on the Windows box? Since these things are running on OS’s
that don’t have a security perimeter (otherwise, these worms wouldn’t
be running there in the first place, right?), then:
(a) Son of Klez grabs your passphrase, and then
(b) Forges -signed- mail from youWhat better way to completely invalidate the whole -concept- of
trusting cryptographically-signed mail? The mere existence of
anything like this would certainly give lots of plausible deniability
to anyone trying to prove in court that they did -not- sign a message,
make some transaction, etc. In court now, a handwritten signature
doesn’t prove much, since forgers exist—it’s the testimony by the
signer or the witness that the signer signed something, or the
circumstances around it that lead to a preponderance of evidence one
way or the other (I’m assuming a civil proceeding here). But with
Son of Klez, there doesn’t even have to be a human forger in the loop.Such things are already easy to write, of course. But someone arguing
that they didn’t sign something might have an uphill battle convincing
a jury that some evildoer had compromised their machine. If they
could point to a known worm that did this and had compromised a
million machines, they wouldn’t have to make the case that they were
some special target—merely that they ran with the herd and used the
same operating system everyone else did.This is why, about a decade ago, I was arguing that the -right- way to
use things like PGP was in a special-purpose box that -only- ran PGP,
had a built-in keyboard and screen, and only talked to the rest of the
world via a serial connection that -only- passed cleartext and signed
or encrypted stuff. The idea was that you write the mail anywhere
(on the box or not), have -its screen- show you the contents, then
sign/encrypt there, in the secure environment, where people can’t
easily infect your machine with a keyboard sniffer, or have it change
what you -thought- you were signing just before it gets signed, etc.
Pilots didn’t (quite) exist, and are only now getting fast enough not
to be painful for certain private-key operations, so I didn’t pursue
it at the time. But it was obvious that running PGP on a general-purpose
machine was sheer folly, especially if it ran a popular and insecure OS.
(I’ve omitted many technical details here; for example, you wouldn’t
-really- want to run this on a Pilot unless you broke its ability to
sync, since every sync is a way to compromise the code it’s running.)P.S. I can’t wait for the stealthy worm that grabs credit card
numbers which are entered in forms. Or makes phantom purchases
on Amazon, or phantom bids on eBay, or… All of these would be
tremendously disruptive, yet awfully easy to write…
