Interesting People mailing list archives
more on re spoofing scams?
From: Dave Farber <dave () farber net>
Date: Sat, 17 Jan 2004 10:37:24 -0500
Delivered-To: dfarber+ () ux13 sp cs cmu edu Date: Sat, 17 Jan 2004 10:22:22 -0500 From: Rich Kulawiec <rsk () gsp org> Subject: Re: [IP] more on re spoofing scams? To: gep2 () terabites com Cc: Dave Farber <dave () farber net> On Fri, Jan 16, 2004 at 01:30:41PM -0500, Dave Farber wrote: > One of the things that Microsoft needs to change in Internet Explorer [snip] There's no reason for anyone to be using IE any more, and a lot of reasons for them not to: some of which relate directly to the kind of obfuscation that spoofers employ. So quite honestly, the "answer" is not to have M$ try to fix it -- after all, there are now hundreds of outstanding security/privacy bugs in IE and they've refused to fix those -- the answer is to dump IE for clearly superior browsers like Mozilla or Opera. > For example, spammers have started using disposable domain > names, randomly generated subdomains, and "front" servers (often at > www.geocities.com) that make it harder to block these rogue sites. Arguably, this should be done at the IP layer and not in the browser: oh, not that I disagree with where you're going with this, it's an entirely good idea, but doing it at the IP layer takes care of HTTP, SMTP, DNS, etc. And given that we're seeing spammers using IM, the Windows Messenger service, etc., blocking at the IP layer deals with everything at once. I hate saying this. We've fought so hard for so long for an open 'net and this is precisely the opposite. But the ISPs who continue to take payoffs from spammers in order to keep them connected are making it necessary. So, as a consequence, I'm now dropping ALL IP traffic to and from a handful of networks: they no longer exist as far as I'm concerned. Sadly, I think this is just the beginning. > Again, the big problem there is caused by HTML-burdened E-mail, scripting,> and links which claim they're one thing (say, "http://confirm.ebay.com") and
> which actually behind the scenes link to some rogue site in Romania or > somewhere. Yes. That's why I strongly advise not to send or receive HTML email: it's not only wasteful, but dangerous and rude.---Rsk
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on re spoofing scams? Dave Farber (Jan 16)
- <Possible follow-ups>
- more on re spoofing scams? Dave Farber (Jan 17)