Evil PGP sigs thread must die. was Re: Stop it with putting your e-mail body in my MUA OT

Yes, but once again you must consider content, given that most mail
clients don't automatically verify signatures. Most of us will have to
make a judgement call as to whether or not to bother to check the
signature.

The higher the degree of "importance" of the content, the more likely I am
to check the signature, and the more likely I am to take verification
steps if not signed.

If the content is not "important", I won't bother checking the signature.

Lest anybody confuse my argument, I think PGP signatures are a good thing.
I just don't think people need to sign everything they send. And I'm
talking about posts to Nanog here, not private communication. In private
communication, it's reasonable to sign most everything sent with official
business purpose.

If the majority of mail clients automatically verified pgp signatures, I
would be totally in favor of signing every single email. But the simple
fact is that not only do most mail clients not support that, many mail
clients can't even display the signed text inline! Surely a compromise is
needed for now.

Andy

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills 301-682-9972
Xecunet, LLC www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access

[snip]

Yes, but once again you must consider content, given that most mail
clients don't automatically verify signatures. Most of us will have to

And _therein_ lies the problem. And if the clued among us do not pressure
vendors to Do The Right Thing, history has proven they will Do The Profitable
Thing instead.

Lest anybody confuse my argument, I think PGP signatures are a good thing.
I just don't think people need to sign everything they send. And I'm
talking about posts to Nanog here, not private communication. In private
communication, it's reasonable to sign most everything sent with official
business purpose.

As I mentioned before - sign everything. It's just a good habit to be in, and
there are no good arguments against it (except for the preceding one about
MUAs not supporting PGP commands, and _that_ can be changed with pressure
from those purchasing the software. Which (surprise!) many of us are either
in charge of, or have influence over.)

If the majority of mail clients automatically verified pgp signatures, I
would be totally in favor of signing every single email. But the simple

So _help create that majority_. Sitting around complaining on NANOG that support
doesn't exist will not improve the situation. Let your vendor know that this
is an important^W^Wa critical feature for you.

fact is that not only do most mail clients not support that, many mail
clients can't even display the signed text inline! Surely a compromise is
needed for now.

As the mutt homepage says: All mail clients suck. This one sucks less.

If we want things to Not Suck, the only way it's going to happen is if we
put some effort into making it so.

Thus spake "Andy Dills" <andy@xecu.net>

Yes, but once again you must consider content, given that most mail
clients don't automatically verify signatures. Most of us will have to
make a judgement call as to whether or not to bother to check the
signature.

The higher the degree of "importance" of the content, the more likely I am
to check the signature, and the more likely I am to take verification
steps if not signed.

If the content is not "important", I won't bother checking the signature.

Why not just upgrade to a modern MUA and not have to worry?

OE only supports S/MIME for now, but it does automatically verify every message,
including checking that the From: line matches the key. It makes a big stink if
the signature doesn't match, but just displays a simple little icon if it's
verified correctly. How can you prefer to check messages manually and therefore
cause the problems you describe?

Lest anybody confuse my argument, I think PGP signatures are a good thing.
I just don't think people need to sign everything they send. And I'm
talking about posts to Nanog here, not private communication. In private
communication, it's reasonable to sign most everything sent with official
business purpose.

Ironically, there's no need to sign intrabusiness email because it's trackable
by trusted authorities and therefore implicitly trusted for non-legal matters.
It's personal email that needs a trust mechanism.

If the majority of mail clients automatically verified pgp signatures, I
would be totally in favor of signing every single email. But the simple
fact is that not only do most mail clients not support that, many mail
clients can't even display the signed text inline! Surely a compromise is
needed for now.

Sure. Use old-style signatures if you're going to sign every message, and we
can transition to new-style signatures once most people upgrade.

S

>Thus spake "Andy Dills" <andy@xecu.net>
>> Yes, but once again you must consider content, given that most mail
>> clients don't automatically verify signatures. Most of us will have to
>> make a judgement call as to whether or not to bother to check the
>> signature.
>>
>> The higher the degree of "importance" of the content, the more likely I am
>> to check the signature, and the more likely I am to take verification
>> steps if not signed.
>>
>> If the content is not "important", I won't bother checking the signature.
>
>Why not just upgrade to a modern MUA and not have to worry?
>
>OE only supports S/MIME for now, but it does automatically verify every message,
>including checking that the From: line matches the key. It makes a big stink if
>the signature doesn't match, but just displays a simple little icon if it's
>verified correctly. How can you prefer to check messages manually and therefore
>cause the problems you describe?

Maybe the following has something to do with his desire to avoid using Micro$oft products as you advocate, *especially* as regards to letting a M$ email client automatically process PGP .sigs on incoming email.

jc "the timing couldn't have been better" dill

<http://www.eeye.com/html/Research/Advisories/AD20020710.html&gt;

Remote PGP Outlook Encryption Plug-in Vulnerability

Release Date:
July 10, 2002

Severity:
High (Remote Code Execution)

Systems Affected:
NAI PGP Desktop Security 7.0.4
NAI PGP Personal Security 7.0.3
NAI PGP Freeware 7.0.3

Description:

The beer is still cold, the days are still long, the exploits still start as
jokes (this time over a beer with a three letter agency) and the
advisories... we'll just say, "All of your SCADA are belong to us."

A vulnerability in the NAI PGP Outlook plug-in can be exploited to remotely
execute code on any system that uses the NAI PGP Outlook plug-in's. By
sending a carefully crafted email the message decoding functionality can be
manipulated to overwrite various heap structures pertinent to the PGP
plug-in.

This vulnerability can be exploited by a user simply selecting a "malicious"
email, the opening of attachments is not required. When the attack is
performed against a target system, malicious code will be executed within
the context of the user receiving the email. This can lead to the compromise
of the targets machine, as well as their PGP encrypted communications. It
should also be noted that because of the nature of the SMTP protocol this
vulnerability can be exploited anonymously.

Technical Description:

Exploitation:

By creating a malformed email we can overwrite a section of heap memory that
contains various data. By overwriting this section of heap with valid
addresses of an unused section in the PEB, which is the same across all NT
systems, we can walk the email parsing and eventually get to something
easily exploitable:

CALL DWORD PTR [ecx]

This pointer addresses references a function pointer list. At the time of
exploitation, an attacker controlled buffer address is the first item on the
stack. By overwriting the function pointer list pointer address with the
address of an Import table, we can call any imported function. Our current
stack will be passed into the function for parameter use. as is. The first
item on our stack is an address that points to attacker-controlled data.

By overwriting the address, with the address of the
SetUnhandledExceptionFilter() IAT entry, execution will redirect into this
address when the default exception handler is called,

After returning from SetUnhandledExceptionFilter() PGP Outlook will fail as
it crawls back down the call stack, after cycling through the exception list
it will call the DefaultExceptionFilter, which now contains the address of
our code. This of course can also be exploited silently using frame
reconstruction.

Due to the large size of an example vulnerable email we are not including it
in our advisory. We will be updating the research section of our website
with a link to an example email. http://www.eEye.com

Where do you want your secret key to go today?

Vendor Status: NAI has worked quickly to safeguard customers against this
vulnerability. They have released a patch, for the latest versions of the
PGP Outlook plug-in, to protect systems from this flaw. You may download the
patch from:
http://www.nai.com/naicommon/download/upgrade/patches/patch-pgphotfix.asp
Note: This issue does not affect PGP Corporate Desktop users.

Discover: Marc Maiffret
Exploitation: Riley Hassell

Greetings: Kasia, and the hot photographer from Inc Magazine. Phil
Zimmerman, the godfather of personal privacy, much respect.

Copyright (c) 1998-2002 eEye Digital Security
Permission is hereby granted for the redistribution of this alert
electronically. It is not to be edited in any way without express consent of
eEye. If you wish to reprint the whole or any part of this alert in any
other medium excluding electronic medium, please e-mail alert@eEye.com for
permission.

Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are
NO warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is at the
user's own risk.

Feedback
Please send suggestions, updates, and comments to:

eEye Digital Security

info@eEye.com

No. It is precisely the public e-mail messages which should always be signed, since they are the ones likely to reach the largest audience, and the ones that are likely to have the biggest negative impact if they are successfully spoofed.

  You should sign all private e-mail, too, but the public e-mail messages are the ones that need it the most.

what is amazing is that if this was really that important.. how is
it that mankind has gotten this far without the need of
authenticating every piece of communication.

but what this all has to do with nanog, i don't understand at all.