It prevents the mail from ever been send.


Kind regards,

The Traveler

Look at your server statistics... how many password retrievals does the Nexus get? They are all sent out in plain text.

Yes, they are send out in plain text, but only after you successfully answered the security question. So if that question is not answered correcly, there is no mail send.


Kind regards,

The Traveler

No doubt about that.

So let's say you have 200-300 valid password retrievals by real Nexus members in a year. If a spy monitors the Nexus mail server 24h/365d, how many mails can he read in plain text?

Ah, but there you assume that the nexus mail server is compromised.

Also the mails that are send are not stored anywhere on the nexus server.


Kind regards,

The Traveler

No I don't. Not the Nexus mail server by itself, but the connection between the Nexus mail server and the recipient mail server.

A vulnerability and zero-day interchange group I'm part of uses a forwarding system to their main server. Basically we all bounce off server A to get to our board/IRC. The server will not accept any ingress connections unless they are routed through this system (with a couple obvious exceptions). This also gives everybody the exact same out proxy. And because our IP addresses come from the same exit node, all of us, it makes a confusing mess for anyone that's infiltrated the DMZ of our network.

We have a system of relaying information when the outproxy has changed so we can all update the way we connect. If our intrusion prevention system gave us a reason to panic our primary server could move from pole to pole on this planet and all we have to do is update our forwarding script.

We highly prefer using high traffic websites [e.g. game servers] because with our unknown i dividual IP adresses and the high volume of traffic recieved to the forwarding server by its own use userbase adds another sscurity blanket.

We don't focus on passwords exclusively, we do use an 'individual key' system as well that is used to make sure that the person submiting their password is actually the person that SHOULD submit their login password. If you don't have this key then your password is useless.

Just an example,
1ce

This discussion triggered a new thought with me for how to do authentication in such cases. I will work this out when I have a tad more time.


Kind regards,

The Traveler

Sweet, I guess that's what it's all about. Maybe 1ce has additional thoughts.

Peace, Ufo.


Yes, I know. But the more ppl use TOR, the more traffic is generated, which helps keeping other users anonymous. If you use TOR you still have a 20% chance to be anonymous. I guess that's better than nothing.

We could always set up the mailing system in a jail (freeBSD). I've always been rather dond of connectionless data transfers (ICMP or UDP for example) to conceal an activitt as something not worth paying attention to.

A lot of very good rootkits have created hell for admins using this strategy. This works extremely well with a VPN, but anything typical requires a client and that adds an impressive challenge/unecesary security risk.

I was referring to weak wireless security. And to the delusion that passwords keep us safe. Passwords, at least the way I feel about them, are just a big strong door. If the rest of the infrastructure is weak then they are a totally useless means of security other than a visual deterrent. If I could just open or break a window vs picking the lock and kicking the door down I'll always take that option.

Another note (this time without metaphors) perhaps we can use tokens (that expire) in an email to direct users back to the nexus to view their messages. Rather than use the emails to deliver the messages themselves. There is actually quite a few scripting methods that none of the big name email providers (or web browsers) filter for we can use to do this automaticaly.