[liberationtech] Revised Liberationtech Mailing List Guidelines

Greg Norcie greg at norcie.com
Fri Aug 3 21:32:21 PDT 2012 

This is a good logic, but there is still a problem even if Google scans
uploads.

Both state and nonstate actors often use zero day vulnerabilities. Since
a zero day has never been seen before, there is no signature for it in
any virus database.
--
Greg Norcie (greg at norcie.com)
GPG key: 0x1B873635


On 8/3/12 9:10 PM, Omer Gibreel wrote:
> Greeting,
> 
> as i have suggested previously, a person could upload the doc file
> to Google doc and select the option of sharing the link publicly, this
> would allow people to access your document online. another method which
> has already been stated before is to just copy and paste the content on
> the email indicating the starting point of the document and the ending
> point. also if you are worried about virus from google doc i have just
> done a search and found out that google doc has an
> internal mechanism for scanning virus from document that are being
> shared. here is more information on that in this page under the subtitle
> security  http://support.google.com/a/bin/answer.py?hl=en&answer=172541, 
> 
> well i hope this help and if anyone has any
> information concerning the security of accessing document
> using Google doc i hope they can share it with us. i also agree
> with kyrah there is no point in using drop box as it would be as if we
> are downloading a document into out system there is no difference
> between a downloading a file from drop box and a downloading a file from
> a email attachments. 
> 
> 
>     ------------------------------------------------------------------------
>     Omer Gibreel
>     010-8074-0882 // omegato at hotmail.com // twitter:@OmerGibreel
>     Seoul National University
>     Master Candidate of Management Information System 
>     ------------------------------------------------------------------------
> 
> 
>         /
>         /
> 
> 
> 
>> Date: Fri, 3 Aug 2012 23:42:54 +0200
>> From: kyrah at kyrah.net
>> To: liberationtech at lists.stanford.edu
>> Subject: Re: [liberationtech] Revised Liberationtech Mailing List
> Guidelines
>>
>> Hi,
>>
>> Many thanks, Yosem, Brian and Nathan for this initiative!
>>
>> > Any sharing that needs to be done can use public Google Docs
>> > or Dropbox links.
>>
>> This may be a silly question, but how exactly does downloading something
>> from a a Dropbox link differ from downloading an email attachment? The
>> basic issue of potentially malicious binaries from a potentially spoofed
>> source is still there, isn't it?
>>
>> Unless I am overlooking something (which may very well be the case),
>> isn't the main issue here about trusting binaries -- regardless whether
>> they are sent as attachments, or as links to some download site? Just
>> thinking aloud here... perhaps the policy could be extended to encourage
>> sharing information in plain text/html whenever possible?
>>
>> Best, kyrah
>>
>> --
>> For extra security, this message has been encrypted with double-ROT13.
>>
>> _______________________________________________
>> liberationtech mailing list
>> liberationtech at lists.stanford.edu
>>
>> Should you need to change your subscription options, please go to:
>>
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>> If you would like to receive a daily digest, click "yes" (once you
> click above) next to "would you like to receive list mail batched in a
> daily digest?"
>>
>> You will need the user name and password you receive from the list
> moderator in monthly reminders. You may ask for a reminder here:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>> Should you need immediate assistance, please contact the list moderator.
>>
>> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
> 
> 
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> 
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> Should you need immediate assistance, please contact the list moderator.
> 
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>

More information about the liberationtech mailing list