funsec mailing list archives

Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups)

From: Rich Kulawiec <rsk () gsp org>
Date: Mon, 19 Oct 2009 08:20:27 -0400

On Sat, Oct 17, 2009 at 07:41:46AM -0700, chris () blask org wrote:

IMHO, a sender-authentication system that runs over SMTP and allows at
least *some* mail to be highly-verifiable as known-good - and that was
easy to adopt at the user level - could spread like wild fire and drive
adoption and refinement thereby reducing the value of spam to near-zero.
(fwiw I think this would require some amount of strong auth to work
at all)


You're not getting it.

All such systems have *already* been defeated by The Bad Guys.  It's
thus utterly pointless to even discuss them or debate their technical
merits or implementation details.  Before any proposal like this can
progress beyond "nice idea but incongruent with reality", you'll have
to present a workable plan for un-zombie'ing 100M+ systems and keeping
them that way.  Oh, and you'll also have to present a workable plan
for reclaiming a correspondingly higher number of compromised email
accounts and keeping them that way.

Good luck with that.

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups), (continued)
- - - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Larry Seltzer (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) der Mouse (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Dan White (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) der Mouse (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Valdis . Kletnieks (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) der Mouse (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Nick FitzGerald (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Paul M. Moriarty (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Michael Collins (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) der Mouse (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Rich Kulawiec (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Larry Seltzer (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Nick FitzGerald (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Rich Kulawiec (Oct 20)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) G. D. Fuego (Oct 20)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Valdis . Kletnieks (Oct 20)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Nick FitzGerald (Oct 20)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Rich Kulawiec (Oct 20)
    - Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups) Rich Kulawiec (Oct 20)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) chris (Oct 19)
    - Re: Public Policy and Consumer ISP Hygiene (was Comcastpop-ups) Rich Kulawiec (Oct 19)

(Thread continues...)