Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Email Spoofing Flaw Affects Over 30 Popular Email Clients
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  
Author Message
Muso
l33t
l33t


Joined: 22 Oct 2002
Posts: 686
Location: The Holy city of Honolulu

PostPosted: Tue Dec 05, 2017 3:58 pm    Post subject: Email Spoofing Flaw Affects Over 30 Popular Email Clients Reply with quote

MailSploit

Quote:
If you receive an email that looks like it's from one of your friends, just beware! It's possible that the email has been sent by someone else in an attempt to compromise your system.

A security researcher has discovered a collection of vulnerabilities in more than 30 popular email client applications that could allow anyone to send spoofed emails bypassing anti-spoofing mechanisms.

Discovered by security researcher Sabri Haddouche, the set of vulnerabilities, dubbed MailSploit, affects Apple Mail (macOS, iOS, and watchOS), Mozilla Thunderbird, several Microsoft email clients, Yahoo Mail, ProtonMail, and others.

Although most of these affected email client applications have implemented anti-spoofing mechanisms, such as DKIM and DMARC, MailSploit takes advantage of the way email clients and web interfaces parse "From" header.

_________________
People Of Love

Kindness Evokes Kindness

Peace Emits Positive Energy
Back to top
View user's profile Send private message
Ant P.
Advocate
Advocate


Joined: 18 Apr 2009
Posts: 4518

PostPosted: Wed Dec 06, 2017 4:52 pm    Post subject: Reply with quote

E-mail is the worst method of communication humans have ever invented. I'm damn fluent in high-order ironic subtext and I can still say e-mail is worse with a straight face. It's like the Unix Wars left us a radioactive parting gift for the next 10 millenia.
_________________
*.ebuild // /etc/service/*
Back to top
View user's profile Send private message
aidanjt
Veteran
Veteran


Joined: 20 Feb 2005
Posts: 1104
Location: Rep. of Ireland

PostPosted: Thu Dec 07, 2017 1:20 pm    Post subject: Reply with quote

Only seems to affect clients that try to be too smart for their own good.
_________________
juniper wrote:
you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16750

PostPosted: Thu Dec 07, 2017 5:28 pm    Post subject: Reply with quote

aidanjt wrote:
Only seems to affect clients that try to be too smart for their own good.
What is "too smart"?
_________________
Ladies and gentlemen, allow me to present, Man Not Caring. -- Perry Cox
Back to top
View user's profile Send private message
aidanjt
Veteran
Veteran


Joined: 20 Feb 2005
Posts: 1104
Location: Rep. of Ireland

PostPosted: Thu Dec 07, 2017 7:30 pm    Post subject: Reply with quote

pjp wrote:
What is "too smart"?

Automatically decoding base64 strings in the sender field?
_________________
juniper wrote:
you experience political reality dilation when travelling at american political speeds. it's in einstein's formulas. it's not their fault.
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16750

PostPosted: Fri Dec 08, 2017 12:25 am    Post subject: Reply with quote

Ah, that. I was thinking you meant something more specific to this issue and not a generic problem. Thanks.
_________________
Ladies and gentlemen, allow me to present, Man Not Caring. -- Perry Cox
Back to top
View user's profile Send private message
Bones McCracker
Veteran
Veteran


Joined: 14 Mar 2006
Posts: 1605
Location: U.S.A.

PostPosted: Mon Dec 11, 2017 10:04 am    Post subject: Reply with quote

This wouldn't even be a problem if they'd just put a chip in everybody's head. Then you could digitally sign with irrefutable biometrics and have complete messaging integrity.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum