[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Secure POP Mail (was Mailmasher)

To: [email protected]
Subject: Secure POP Mail (was Mailmasher)
From: [email protected] (Ben Combee)
Date: Mon, 30 Sep 96 23:43:00 CDT
In-Reply-To: <v03007812ae75892bd1d9@[206.119.69.46]>
Organization: Motorola/MIMS/MSPG/CTSD
References: <v03007812ae75892bd1d9@[206.119.69.46]>
Sender: [email protected]

>>>>> "Robert" == Robert Hettinga <[email protected]> writes:
    Robert> Take a look at:

    Robert> http://www.mailmasher.com/

    Robert> It's a way to get your mail through a web page. Pretty
    Robert> useful when you're at a braindead "cyber-cafe" machine and
    Robert> want to read your mail.  The problem is, mailmasher knows
    Robert> you POP password.

    Robert> Anyway to do this more securely?

Strick in SF ([email protected]) did a hack last year to put S/KEY into
yak.net's POP server.  If you had that setup on your account, you
could give Mailmasher the one time password, and it would be none the
wiser when you were finished.  Of course, it would still be able to
make copies of all the mail in your inbox folder plus it could field a
denial of service attack by keeping the connection open, but it
wouldn't be able to relogin.

Source might be on the Yak's web site... I'm not sure right now, I'm
just on a firewalled shell account, so I can't get to www.yak.net to
check.

-- 
Ben Combee, Software Developer (Will write assembly code for food)
Motorola > MIMS > MSPG > CTSD > Advanced ICs > Austin Design Center
E-mail: [email protected]   Phone: (512) 891-7141

References:
- Mailmasher
  - From: Robert Hettinga <[email protected]>

Prev by Date: Re: the theory of split currency
Next by Date: No Subject
Prev by thread: Mailmasher
Next by thread: Re: Mailmasher
Index(es):
- Date
- Thread