[148288] in cryptography@c2.net mail archive
Re: [Cryptography] Explaining PK to grandma
daemon@ATHENA.MIT.EDU (James A. Donald)
Tue Nov 26 22:32:07 2013
X-Original-To: cryptography@metzdowd.com
Date: Wed, 27 Nov 2013 12:15:20 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <20131126171750.GB21240@localhost>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-11-27 03:17, Nico Williams wrote:
> On Tue, Nov 26, 2013 at 08:50:16AM -0800, Jon Callas wrote:
>> On Nov 26, 2013, at 5:08 AM, Phillip Hallam-Baker <hallam@gmail.com> wrote:
>>> I think everyone is barking up the wrong tree here.
>>>
>>> How do you explain how the car works to gran? [...]
>>
>> Agree totally. It has to be so simple as to be invisible, [...]
>
> But users have to understand the risks [inherent in driving a killing
> machine such as a car, or sending sensitive data over any one
> transport].
>
> I believe users need to know, and be educated if need be, about scams
> (e.g., phishing) and how to recognize when they are at risk.
People are still astonished that the from field is easily forgeable. My
sister is an intelligent woman, and still tends to trust the from
field, even though I showed her how I could easily send her emails with
any from field that I liked.
We know in principle how implement email such that the from field works,
at least to the extent that if it appears to come from
example@example.com, that proves that the sender can receive, or
intercept, mail sent to example@example.com.
Fixing email so that the from field works is easy. It should have been
done. It would not stop phishing, but would put a big crimp in it.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
