Scott Grizzard wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I agree completely and wholeheartedly about your recommendations -
> Window$ is evil and vulnerable beyond compare. /Given/ /that/, can I
> send/receive encrypted email in a way that is still scanned by antivirus
> on the client's computer?
>
> In an ideal world, the recipient would be using Linux, and there would
> be no need, but, in an ideal world, blah blah blah.
>
> Iff I use Windows, and if I use gnupg encryption (or S/MIME), would the
> anti-malware on the local computer scan the message /before/ it was
> read, or is the anti-malware bypassed completely, leaving a giant
> security hole no matter what OS I am using?
>
> I have been looking all over the web for an answer, and I have found
> /nothing/ so far.
Hi Scott,
Now WHAT does THAT tell you? If you find nothing there very well might
be NOTHING! Tell the client, don't use Window$ on the outside Internet.
Everything that ventures outside of the office should be Linux. Unless
they are rich. Then they can try mac, if they like.
That said, you could arrange to have it scanned first by setting up a
Linux firewall/Internet server that did everything you wanted done to
all the packets before it let them out to the rest of the office. All
traffic to or from the outside world through this physical box.
http://www.linux.com/archive/articles/113821
That way, the Window$ junkies would never see Linux, yet everything they
saw would be sanitized. Of course, then the boss couldn't hole up and
watch p*rn. I think these are called Linux gateway servers or something
like that.
>>> I am being forced to use "that other OS" in a project, and I had a
>>> question about email malware protection.
>> Hi Scott,
>>
>> If your project for the client does not directly involve email, just set
>> up firewall, anti malware and turn off all "Windows Services" that your
>> client is not using. Then set up a Linux box or notebook for your own
>> email at that site and call it a day.
>>
>> Strongly recommend the client also set up a Linux box for all Internet
>> use, and clearly disclaim any liability if your advice in this regard is
>> not adhered to.
>>
>> If your "other OS" project could work disconnected from the outside
>> Internet so much the better.
>>
>> Micro$oft and Internet just do not mix. Never trust them together.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAko1x1kACgkQARR1QiSWUG5XrgCeOBicaNm9p0w9Gogd4gFDQhTd
> uKQAn0RuMerfwehOUv2GztMu5po3gYsq
> =+FLV
> -----END PGP SIGNATURE-----
>
> -----------------------------------------------------------------------
> This list is provided as an unmoderated internet service by Networked
> Knowledge Systems (NKS). Views and opinions expressed in messages
> posted are those of the author and do not necessarily reflect the
> official policy or position of NKS or any of its employees.
>
-- Regards,Pete http://pete-theisen.com/ http://elect-pete-theisen.com/ ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:13:50 EDT