funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Public Policy and Consumer ISP Hygiene(was Comcastpop-ups)

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 21 Oct 2009 11:03:53 +1300
Valdis Kletnieks wrote:

<<snip good stuff>>

As has been pointed out, there's around 100M compromised boxes with credentials
waiting to be abused.  Anything that fails to account for that is simply
not worth the effort, as it's broken as designed.


...and, as this was all obvious _before_ the "solutions" we have been 
talking about were designed, I'd argue that saying they were "broken as 
designed" is a tad too polite to their designers.

Anyone who knew anything about the problem reputedly being addressed 
should have been well aware of these limitations, so these things were 
actually "broken _by_ design".  Any of the "designers" of these reputed 
solutions who says otherwise, or who allowed these suggested 
"solutions" to progress to RFC stage, is admitting their lack of 
expertise and knowledge of the actual problem set and therefore is 
admitting to being _incompetent_ to have been involved in said 
designing, etc...

If you agree at all with "der Mouse's" view of the sad state of the 
separation of authority and responsibility in the "Internet governance" 
sphere, the above result ("fixing the SMTP spam problem" was run by a 
bunch of essential incompetents and/or had to progress through a 
process that imposed incompetence on the results), you wouldn't be at 
all surprised by the outcome.



Regards,

Nick FitzGerald


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: