* [9fans] spam rejection after reception does have limits @ 2003-09-27 22:46 ron minnich 2003-09-28 1:11 ` boyd, rounin 2003-09-28 8:10 ` Lucio De Re 0 siblings, 2 replies; 34+ messages in thread From: ron minnich @ 2003-09-27 22:46 UTC (permalink / raw) To: 9fans I just got this linuxbios list message rejected from some random host somewhere due to the racy, dirty subject line: Subject: New config tool The naughty word, according the the system that rejected it, was 'tool'. This situation is impossible. I'm getting truckloads of bounced mail for no real reason. I think mail as we have known it for a quarter century is going down, one way or another. (I'm remembering it was just 25 years ago that Dave Crocker was down the hall from me at Udel working on RFC 822 and the MMDF stuff -- seems like -- well, 25 years ago -- creak, creak). The early ARPANET mail work was predicated on the fact the great unwashed weren't allowed on the ARPANET unless you were vetted, or unless your buddy gave you the TIP dial-in 800 #. We have a half-working solution now on 9grid. I agree with everything everyone has said about the limitations of import /mail/box but I don't see the current SMTP-based systems lasting a whole lot longer if you can't even say Subject: Thank you in a mail message. ron ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-27 22:46 [9fans] spam rejection after reception does have limits ron minnich @ 2003-09-28 1:11 ` boyd, rounin 2003-09-28 9:08 ` Charles Forsyth 2003-09-28 8:10 ` Lucio De Re 1 sibling, 1 reply; 34+ messages in thread From: boyd, rounin @ 2003-09-28 1:11 UTC (permalink / raw) To: 9fans > We have a half-working solution now on 9grid. I agree with everything > everyone has said about the limitations of import /mail/box but I don't > see the current SMTP-based systems lasting a whole lot longer ... i'm with you captain ... ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 1:11 ` boyd, rounin @ 2003-09-28 9:08 ` Charles Forsyth 2003-09-28 9:16 ` boyd, rounin 0 siblings, 1 reply; 34+ messages in thread From: Charles Forsyth @ 2003-09-28 9:08 UTC (permalink / raw) To: 9fans > everyone has said about the limitations of import /mail/box but I don't > see the current SMTP-based systems lasting a whole lot longer ... i used to think that about XML then again, there aren't whole conferences about SMTP so you might be lucky. more seriously, what's more likely is that Microsoft (say) will suddenly leap in to point out that SMTP clearly doesn't work and therefore everyone ought to use such-and-such a scheme that, curiously, works best with their servers everywhere and where the protocol is lightly documented and hard to match. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 9:08 ` Charles Forsyth @ 2003-09-28 9:16 ` boyd, rounin 0 siblings, 0 replies; 34+ messages in thread From: boyd, rounin @ 2003-09-28 9:16 UTC (permalink / raw) To: 9fans ----- Original Message ----- From: "Charles Forsyth" <forsyth@caldo.demon.co.uk> To: <9fans@cse.psu.edu> Sent: Sunday, September 28, 2003 11:08 AM Subject: Re: [9fans] spam rejection after reception does have limits > > everyone has said about the limitations of import /mail/box but I don't > > see the current SMTP-based systems lasting a whole lot longer ... > > i used to think that about XML > then again, there aren't whole conferences about SMTP > so you might be lucky. XML what a mess [reaches ...] ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-27 22:46 [9fans] spam rejection after reception does have limits ron minnich 2003-09-28 1:11 ` boyd, rounin @ 2003-09-28 8:10 ` Lucio De Re 2003-09-28 8:59 ` boyd, rounin 2003-09-29 9:13 ` Douglas A. Gwyn 1 sibling, 2 replies; 34+ messages in thread From: Lucio De Re @ 2003-09-28 8:10 UTC (permalink / raw) To: 9fans On Sat, Sep 27, 2003 at 04:46:50PM -0600, ron minnich wrote: > > We have a half-working solution now on 9grid. I agree with everything > everyone has said about the limitations of import /mail/box but I don't > see the current SMTP-based systems lasting a whole lot longer if you can't > even say > > Subject: Thank you > > in a mail message. > Choate is quite correct <default disclaimer> that the solution is not a technological one, but a social one. It has always been: in NetNews, the recommended response to unacceptable behaviour was to ignore it, which still applies, in spades. Not reject it, not get angry about it, simply ignore it, as early as possible. Choate suggests legal recourse, within the existing system. Again, harrassment could be used, I think it would work if one could target the perpetrator rather than some innocent, unwitting victim. Our job is to provide the tools that make prosecution possible, together with the features that diminish unprosecuted/unprosecutable harrassment to a level where communication is not worse than lack of communication. But the objective will be to get rid of SPAM and e-mail viruses altogether, whether attainable or not. 9grid proposes a distributed mailbox. We have that already, just a different model, the difference is that the new model is still under development and does not carry the legacy baggage of RFC821/2 with it. I don't think it's such a big deal to admit that RFC821/2 are obsolete (I do mean RFC2822 and any other successor as well) and that a new approach is required. The difficulties can be listed: - Legacy: can't be helped, that's where the problem lies in the first place. - Acceptance: critical mass problem, will probably sort itself out, possibly making somebody very, very rich. - Design: Once the actual issues are properly identified, there is really very little left other than redefine the concepts of RFC821/2 for a new world order. One can even safely discard all the legacy stuff that RFC822 addressed as it no longer exists. Of course, one can jump into the breach and provide a totally new solution (distributed fileservices for mailboxes), but that's a technicality. I'm sure even Collyer will agree. So what are the issues? - Unsolicited mail: I want to be able to send some, receive some, but most of it is unwanted. Maybe the "Don't speak to strangers" rule applies and one ought to get an introduction. Historically, it seems to me this has happened before (the Renaissance?). It puts certain introduction agents in an enviable position, but then they probably are there because they can be trusted (notaries, that type of thing, perhaps?). I think it boils down to identity and I think the PEM people and the ITU-T tried to provide a mechanical solution to a political problem and we may have to undo this. As long as a technical solution is sought or believed to be valid, there will be an option for social enginnering to subvert it. - Theft of Identity: somebody has hijacked a trusted identity. We've lived with this for a long time, one makes it as difficult as possible for the identity to be stolen, then makes is as easy as possible to recover from the damage. A Choate solution would report it to the "authorities", in my understanding of Choate's opinion more to deter future perpetrators than to punish the current one. It's a judgement call, my opinion is more neutral, but doesn't conflict with Choate's and certainly requires an "authority" capable of prosecuting a perpetrator. How one persuades a sensitive organisation to disclose such attacks when it may damage its reputation? By threatening with much more damaging sanctions if it doesn't. Yet another social rather than technical solution. But the tools are technological ones and need careful design not to become a form of oppression. I'm sure I ought to list more issues and problems, but this is boring enough, let someone else add to this list. Keep in mind that I believe Ron is right: we don't have a lot of time left. ++L PS: I don't have a problem with each mail recipient acting as its own CA and issuing certificates left, right and centre that can be used to further certify agents on behalf of the sender. X.509's certification hierarchy allows for this and it may be best employed as a certification audit trail. I'm not (yet) competent enough to code the tools to create and inspect such a certification audit trail, but I believe there is ample competence on this list to do it, and do it timeously. PPS: Choate, I hope I haven't ruined your reputation irreparably by agreeing with you. I certainly could have miscronstrued your opinions and I apologise in advance if I did. Please do not hesitate to correct me (in private would be preferable, I won't hesitate to issue public corrections if required). ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 8:10 ` Lucio De Re @ 2003-09-28 8:59 ` boyd, rounin 2003-09-28 9:42 ` Lucio De Re ` (2 more replies) 2003-09-29 9:13 ` Douglas A. Gwyn 1 sibling, 3 replies; 34+ messages in thread From: boyd, rounin @ 2003-09-28 8:59 UTC (permalink / raw) To: 9fans > Choate is quite correct <default disclaimer> that the solution is > not a technological one, but a social one. nonsense, he thinks like an american; litigation being the 'solution'. > ignore it, which still applies, in spades. ignore it? how do do you ignore it whenit is thrown in your mailbox and some of it is just plain harrassment. > Not reject it, not get angry about it, simply ignore it, as early > as possible. it's a 'no can do'. > Choate suggests legal recourse, within the existing system. Again, > harrassment could be used, I think it would work if one could target > the perpetrator rather than some innocent, unwitting victim. you can't target the T -- that is the root of the problem. the Received: headers give you a clue, but they are by no means certain. > Our job is to provide the tools that make prosecution possible, > together with the features that diminish unprosecuted/unprosecutable > harrassment to a level where communication is not worse than lack > of communication. But the objective will be to get rid of SPAM > and e-mail viruses altogether, whether attainable or not. no, i know when to use a technical solution and when to use a legal/political one. in this case a technical solution would work. in any case the courts don't really recognise a stream of, completely forgable, bits as any form of proof: eg. al capone finally got done for _tax evasion_, rather than hist other 'activities'. litigation is a fools game. read _the justice game_: http://www.portia.org/books/jgame.html > PS: I don't have a problem with each mail recipient acting as its > own CA and issuing certificates left, right and centre that can be > used to further certify agents on behalf of the sender. X.509's > certification hierarchy allows for this and it may be best employed > as a certification audit trail. you don't understand the the faults of PKI. issuing certs left right and center breaks the 'trust'. paying money to root CA's (which i don't trust) is a waste of money and time. look at the bastion of security Verisad (sic). since the wildcard A records where installed spam has skyrocketed and so has the discussion about it on 9fans. like my man dave [not presotto] told me that 'i' should 'cut that shit out'. however, since i got spamoff to go [@sdgm.net], which included filling up dan's proc table once, the thousands of spam just get flung back at 'em and then they bounce and then they get trashed, rather than filling up /mail/box/boyd/mbox, which keeps me (and i suppose dan) happy. it chews up resources, but it doesn't fill /n/dump. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 8:59 ` boyd, rounin @ 2003-09-28 9:42 ` Lucio De Re 2003-09-28 10:18 ` boyd, rounin ` (3 more replies) 2003-09-28 10:16 ` Charles Forsyth 2003-09-29 9:14 ` Douglas A. Gwyn 2 siblings, 4 replies; 34+ messages in thread From: Lucio De Re @ 2003-09-28 9:42 UTC (permalink / raw) To: 9fans On Sun, Sep 28, 2003 at 10:59:25AM +0200, boyd, rounin wrote: > > > Choate is quite correct <default disclaimer> that the solution is > > not a technological one, but a social one. > > nonsense, he thinks like an american; litigation being the 'solution'. > Ron agrees with him, too: in the good ole days we cut miscreants out. Not a _legal_ solution, a _social_ one. The tool was technology, but if no one else gave you a connection or account, you were out for good. > > ignore it, which still applies, in spades. > > ignore it? how do do you ignore it whenit is thrown in your mailbox > and some of it is just plain harrassment. > OK, then: receive it, resend it, get it delivered elsewhere and rejected once again. It's pity it can't start a loop, I suppose? > > Not reject it, not get angry about it, simply ignore it, as early > > as possible. > > it's a 'no can do'. > Objection, my Lord! Ignoring it at the door knock level is as early as one can wish for. Now, how do we do it? > > Choate suggests legal recourse, within the existing system. Again, > > harrassment could be used, I think it would work if one could target > > the perpetrator rather than some innocent, unwitting victim. > > you can't target the T -- that is the root of the problem. the Received: > headers give you a clue, but they are by no means certain. > So what's the solution? Generating traffic and punish everyone else? Sounds like Pharaoh and the Plagues of Egypt. > no, i know when to use a technical solution and when to use a > legal/political one. in this case a technical solution would work. > Both require _new_ tools. As a technologist, it is easy to think that politicians are fools. Which is why no technologist has ever run a country, into the ground or otherwise. > you don't understand the the faults of PKI. issuing certs left right and > center breaks the 'trust'. paying money to root CA's (which i don't trust) > is a waste of money and time. > Between you and Choate, you're getting irritating: "You don't understand..." Maybe you can explain, if you're so fucking clever! > look at the bastion of security Verisad (sic). since the wildcard A records > where installed spam has skyrocketed and so has the discussion about > it on 9fans. > What's that got to do with X.509? Mark Shuttleworth explained to me that there were two official top-level CAs, a third one never took itself seriously. The key, apparently, was in the policy document, which is of course what you now criticise. It was worth a whole lot of money, to Mark and associates. Anyone can be a CA, it's just too late to ride the Netscape bandwagon. But for private use, all that's needed is a set of easy to use tools. Not far from what MS released with Win2K. I haven't looked at Shuttleworth's (Thawte's) web of trust model, but it probably undermines the CA monopoly pretty successfully. > however, since i got spamoff to go [@sdgm.net], which included filling > up dan's proc table once, the thousands of spam just get flung back > at 'em and then they bounce and then they get trashed, rather than > filling up /mail/box/boyd/mbox, which keeps me (and i suppose dan) > happy. it chews up resources, but it doesn't fill /n/dump. > Well, it's probably a good solution in the First and New Worlds. But here in Africa bandwidth is more expensive than disk space or instruction cycles (we pay for our mail to get to you _and_ your mail to get to us). Generating traffic is not appropriate. It really never was, and will never be as there will always be some other use for the bandwidth that is more deserving. ++L PS: Any bet how long it will take for spammers to figure a way around Boyd's block? ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 9:42 ` Lucio De Re @ 2003-09-28 10:18 ` boyd, rounin 2003-09-28 10:50 ` boyd, rounin ` (2 subsequent siblings) 3 siblings, 0 replies; 34+ messages in thread From: boyd, rounin @ 2003-09-28 10:18 UTC (permalink / raw) To: 9fans > PS: Any bet how long it will take for spammers to figure a way around > Boyd's block? i understand its failure modes, but it raises the bar and it's in the public domain so it's open to scrutiny. brahma% cd log/mail brahma% ls -l alrw--w--w- M 262286 boyd boyd 65712 Sep 28 05:57 audit alrw--w--w- M 262286 boyd boyd 126632 Sep 28 05:57 errors alrw--w--w- M 262286 boyd boyd 88174 Sep 28 05:57 rejects brahma% wc -l errors 1349 errors brahma% so when stuff starts winding up in my mbox, i'll just raise the bar. that's how security works: what have you got to guard? how much is it worth to guard it? short of hacking an stmp server (which i'm loathed to do) i'd implement a stat based black/white list. you do not, in my beloved corps, screw up with smtp. btw: whoever got snarf/copy/paste right on windows' drawterm did a great job. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 9:42 ` Lucio De Re 2003-09-28 10:18 ` boyd, rounin @ 2003-09-28 10:50 ` boyd, rounin 2003-09-28 11:18 ` Lucio De Re 2003-09-28 11:05 ` boyd, rounin 2003-09-28 15:33 ` ron minnich 3 siblings, 1 reply; 34+ messages in thread From: boyd, rounin @ 2003-09-28 10:50 UTC (permalink / raw) To: 9fans now is all ISPs enforced the rule that the MGRS coords of the ISP or the sender were added as the standard sig at least you could call in a JDAM on them, but this is very open to blue-on-blue man-in-the-middle attacks. -- MGRS 31U DQ 52579 12613 ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 10:50 ` boyd, rounin @ 2003-09-28 11:18 ` Lucio De Re 2003-09-28 11:44 ` boyd, rounin 0 siblings, 1 reply; 34+ messages in thread From: Lucio De Re @ 2003-09-28 11:18 UTC (permalink / raw) To: 9fans On Sun, Sep 28, 2003 at 12:50:09PM +0200, boyd, rounin wrote: > > now is all ISPs enforced the rule that the MGRS coords of the > ISP or the sender were added as the standard sig at least > you could call in a JDAM on them, but this is very open to > blue-on-blue man-in-the-middle attacks. > -- > MGRS 31U DQ 52579 12613 ICBMs? :-) :-) There's a definite need for delegation of authority with associated acceptance of responsibility in the sender-exchanger relationship. ISPs have rules about use, but enforcement by severance is inadequate. I maintain that the solution has to involve punishment, probably to the point where the few that are caught will have to pay on behalf of those who get away. Our recent legislation (in South Africa) attempted to address the problem, but lacked the understanding (oops, I'm doing a Choate here) to arrive at a sensible product (the ECT Act is online somewhere, but it's frightfully irritating in its ability to get close to bone without quite ever making it, mail me and I'll look for it). What I found immensely annoying is that no one was able to provide sensible alternatives to even the most inappropriate sections of the Act. And it's not through lack of interest, it just seemed impossible to formulate in legislative terms what was technologically obvious. And I don't exclude myself from the list of attempts. There is a serious communication gap between technologists and users and it looks insurmountable. Let's not ignore that in our quest. ++L ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 11:18 ` Lucio De Re @ 2003-09-28 11:44 ` boyd, rounin 0 siblings, 0 replies; 34+ messages in thread From: boyd, rounin @ 2003-09-28 11:44 UTC (permalink / raw) To: 9fans JDAM: http://www.fas.org/man/dod-101/sys/smart/ppcp97c1.htm ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 9:42 ` Lucio De Re 2003-09-28 10:18 ` boyd, rounin 2003-09-28 10:50 ` boyd, rounin @ 2003-09-28 11:05 ` boyd, rounin 2003-09-28 11:47 ` Lucio De Re 2003-09-29 9:14 ` Douglas A. Gwyn 2003-09-28 15:33 ` ron minnich 3 siblings, 2 replies; 34+ messages in thread From: boyd, rounin @ 2003-09-28 11:05 UTC (permalink / raw) To: 9fans > Between you and Choate, you're getting irritating: "You don't > understand..." Maybe you can explain, if you're so fucking clever! you need a root CA or some other CA you trust. this depends on the DNS, which can be spoofed, hence possiblty giving you a false public key. key revocation never worked. TLS/SSL is so complex that the bugs kept turning up. someone at the labs even had a theoretical [impractical, but possible] an attack on it. that's why we don't use 2DES, 'cos there is theoretical attack where you meet in the the middle. sure, it's costly, but the solution is to go to 3DES. DES 'died' back in the early '90s (unless you were the NSA, where it probably died well before that). once you had encrypted the 'crack' dictionary [~50k 'words'] with all the 4096 salts busting a password file with a shell script and took seconds. generating the dictionary back then took a month. i did this once, as an experiment and to test internal security. on that point i'm NDA'd on any further discussion. # 248 622 ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 11:05 ` boyd, rounin @ 2003-09-28 11:47 ` Lucio De Re 2003-09-28 11:58 ` boyd, rounin 2003-09-29 9:14 ` Douglas A. Gwyn 1 sibling, 1 reply; 34+ messages in thread From: Lucio De Re @ 2003-09-28 11:47 UTC (permalink / raw) To: 9fans On Sun, Sep 28, 2003 at 01:05:19PM +0200, boyd, rounin wrote: > > > Between you and Choate, you're getting irritating: "You don't > > understand..." Maybe you can explain, if you're so fucking clever! > > you need a root CA or some other CA you trust. this depends on > the DNS, which can be spoofed, hence possiblty giving you a false > public key. > That was the point I was trying to make. I'll issue you a certificate (a tiny one, without all the stupid frills). Not only, I'll issue you a CA certificate, so you can in turn certify your ISP or your pretty cousin that acts as your SMTP gateway. I'll accept their certificates as being your agent. I probably won't accept them as proof of their identity, however. That's an interesting aside not to be indulged here. > key revocation never worked. > I accept that. It doesn't look like it could conceivably be taken seriously by anyone. We've had our banks (we have only a few here as the entrance qualifications are absurdly steep) fall foul of expiry. But why I should trust Veristupid (sic) in preference to a bank that's more or less managed my overdraft for the past 25 years, I fail to understand. Yet everyone jumped in horror when MSIE raised the alarm. More of that lack of communication between tech and non-tech. Even within one's brain, seemingly, as the only squawkers I heard were techies. But when I revoke the certificate I issued to you, I will (hopefully) know about it. That type of revocation had better work. > TLS/SSL is so complex that the bugs kept turning up. someone at the > labs even had a theoretical [impractical, but possible] an attack on it. > That was addressed and fixed. I assume that real cryptographers know what they are doing, the maths is too convoluted (life is too short) for me to do it myself. But I'm prepared to respect the experts with a reputation (Steve Bellovin come to mind, but there are plenty others). If there is a preferable approach, it hasn't made any dent in my awareness. And I accept I'm not on the coal face, nor does "good" imply "successful", nor do all clever schemes get published for the health of the Internet (think NSA), still, if SSL could migrate to TLS against entropy, maybe further migration towards greater entropy is possible. > that's why we don't use 2DES, 'cos there is theoretical attack where > you meet in the the middle. sure, it's costly, but the solution is to go > to 3DES. DES 'died' back in the early '90s (unless you were the NSA, > where it probably died well before that). > DES has yet to be shown not to be intentionally back-doored. But respected encryption algorithms are ten-a-penny, to the great confusion of those who have to make decisions and cannot possibly be expected to know everything cryptographic. I thought TLS used blowfish and that rijndael had been picked as the final word in international trusted encryption schemes? > once you had encrypted the 'crack' dictionary [~50k 'words'] with all > the 4096 salts busting a password file with a shell script and took > seconds. generating the dictionary back then took a month. > Cracking the Unix security to read /etc/shadow or /etc/master.passwd takes a different approach. As you suggest, the solution should be less expensive than the problem. You forget that the price you pay has little in common with the gains of your enemy. That is also an important factor. I'm upgrading a site of some two hundred users right now, with the option to change from DES to RC5 for login passwords. The trauma involved in the migration is going to offset any possible security gain by orders of magnitude, specially as the sharing of passwords seems more the norm than the exception around here. Why bother? ++L ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 11:47 ` Lucio De Re @ 2003-09-28 11:58 ` boyd, rounin 2003-09-28 12:17 ` Lucio De Re 0 siblings, 1 reply; 34+ messages in thread From: boyd, rounin @ 2003-09-28 11:58 UTC (permalink / raw) To: 9fans > Why bother? at the time i had a small concern about virii turning up in the dynamically loadable microcode. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 11:58 ` boyd, rounin @ 2003-09-28 12:17 ` Lucio De Re 0 siblings, 0 replies; 34+ messages in thread From: Lucio De Re @ 2003-09-28 12:17 UTC (permalink / raw) To: 9fans On Sun, Sep 28, 2003 at 01:58:56PM +0200, boyd, rounin wrote: > > > Why bother? > > at the time i had a small concern about virii turning up in the dynamically > loadable microcode. Life was a lot easier for those of us who, like me, admired in wonderment the behaviour of the ping-pong virus without giving it much more of a thought because it had only so far affected the computers of other, less sophisticated users. I guess my security days started when my PC was eventually compromised and I had to figure out what was going on. ++L ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 11:05 ` boyd, rounin 2003-09-28 11:47 ` Lucio De Re @ 2003-09-29 9:14 ` Douglas A. Gwyn 2003-09-29 9:37 ` boyd 1 sibling, 1 reply; 34+ messages in thread From: Douglas A. Gwyn @ 2003-09-29 9:14 UTC (permalink / raw) To: 9fans boyd, rounin wrote: > that's why we don't use 2DES, 'cos there is theoretical attack where > you meet in the the middle. sure, it's costly, but the solution is to go > to 3DES. DES 'died' back in the early '90s (unless you were the NSA, > where it probably died well before that). DES was never authorized for protecting classified information (except in a true emergency). AES, however, is authorized for two levels of protection (e.g. SECRET in an unclassified environment), and since AES is much faster than 3DES it seems a much better choice. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-29 9:14 ` Douglas A. Gwyn @ 2003-09-29 9:37 ` boyd 0 siblings, 0 replies; 34+ messages in thread From: boyd @ 2003-09-29 9:37 UTC (permalink / raw) To: 9fans DES was never authorized for protecting classified information (except in a true emergency). yup. but the point is that is that if mere mortal only has DES then go for 3DES. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 9:42 ` Lucio De Re ` (2 preceding siblings ...) 2003-09-28 11:05 ` boyd, rounin @ 2003-09-28 15:33 ` ron minnich 2003-09-28 15:39 ` boyd, rounin 3 siblings, 1 reply; 34+ messages in thread From: ron minnich @ 2003-09-28 15:33 UTC (permalink / raw) To: 9fans On Sun, 28 Sep 2003, Lucio De Re wrote: > Ron agrees with him, too: in the good ole days we cut miscreants > out. I wouldn't go that far. In the good 'ole days, DARPANET was an elitist institution: nobody got in unless DARPA said ok. The boundaries were both institutional and economic -- getting a DARPANET link at your site was costly. We didn't cut them out; they never had a chance to get in. ron ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 15:33 ` ron minnich @ 2003-09-28 15:39 ` boyd, rounin 2003-09-28 17:12 ` ron minnich 0 siblings, 1 reply; 34+ messages in thread From: boyd, rounin @ 2003-09-28 15:39 UTC (permalink / raw) To: 9fans > I wouldn't go that far. In the good 'ole days, DARPANET was an elitist > institution: nobody got in unless DARPA said ok. bingo. it was designed to be a closed, fault tolerant, net for the military. run by bob <guess>? ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 15:39 ` boyd, rounin @ 2003-09-28 17:12 ` ron minnich 2003-09-28 17:22 ` boyd 0 siblings, 1 reply; 34+ messages in thread From: ron minnich @ 2003-09-28 17:12 UTC (permalink / raw) To: 9fans On Sun, 28 Sep 2003, boyd, rounin wrote: > Ron sez: > > I wouldn't go that far. In the good 'ole days, DARPANET was an elitist > > institution: nobody got in unless DARPA said ok. > body sez: > it was designed to be a closed, fault tolerant, net for the military. > > run by bob <guess>? yeah. I saw Dave Crocker at SGI about ten years ago and we were talking about the inappropriate uses that "the great unwashed" were putting the internet to -- uses never envisioned when it was "elite net" and only certain folks got to use email, much less hook up to it. He had seen cases of people sending billing and payment notices for their business, in the clear, over email, with sensitive bits in them. We were both kind of amazed (appalled) at how things had worked out. But why not? The protocols were all designed with one assumption: if you were on the net at all, you had passed some sort of barriers already. Now, of course, it is tending to collapse so this may be less of a problem in a short while. "Your message was rejected as Spam. The subject was: Your new tool has arrived. The word which caused the rejection was: tool" Second try: Subject: That you-know-what is here at the you-know-what "Your message was rejected as ..." Third try: Subject: U got thing here now cum get it "You message ..." [[ recipient of email goes out of business waiting for email about their new tool ]] ron ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 17:12 ` ron minnich @ 2003-09-28 17:22 ` boyd 0 siblings, 0 replies; 34+ messages in thread From: boyd @ 2003-09-28 17:22 UTC (permalink / raw) To: 9fans funny old world. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 8:59 ` boyd, rounin 2003-09-28 9:42 ` Lucio De Re @ 2003-09-28 10:16 ` Charles Forsyth 2003-09-28 10:23 ` boyd, rounin 2003-09-29 9:14 ` Douglas A. Gwyn 2 siblings, 1 reply; 34+ messages in thread From: Charles Forsyth @ 2003-09-28 10:16 UTC (permalink / raw) To: 9fans >> PS: I don't have a problem with each mail recipient acting as its >> own CA and issuing certificates left, right and centre that can be >> used to further certify agents on behalf of the sender. X.509's >> certification hierarchy allows for this and it may be best employed >> as a certification audit trail. >you don't understand the the faults of PKI. issuing certs left right and >center breaks the 'trust'. paying money to root CA's (which i don't trust) >is a waste of money and time. there has been quite a bit of work done and published before and after x.509 (and PGP as well for that matter). i recently discovered http://www.anu.edu.au/people/Roger.Clarke/EC/Bled03.html, which is quite a good brisk survey, with trenchant observations. Carl Ellison has a good web site with lots of useful links: to other good web sites: http://world.std.com/~cme/html/spki.html. aside: the parent site has a link that takes a good whack at ASN.1 ``ASN.1 is viewed differently by writers of standards and implementers. Neither group is unanimous in its evaluation, but it tends to be predominantly favoured by the former and predominantly despised by the latter.'' http://world.std.com/~cme/P1363/asn1.html ``... for a total code size [for ASN.1] of 55085 characters, as compared to the original 48 characters [for the obvious if less flexible C version] ... an expansion in code by a factor of 1148'' ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 10:16 ` Charles Forsyth @ 2003-09-28 10:23 ` boyd, rounin 2003-09-29 3:23 ` salomo3 0 siblings, 1 reply; 34+ messages in thread From: boyd, rounin @ 2003-09-28 10:23 UTC (permalink / raw) To: 9fans > is quite a good brisk survey, with trenchant observations. 'tranchant' [cutting] now that's a good present participle. 'double tranchant' == double edged sword ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 10:23 ` boyd, rounin @ 2003-09-29 3:23 ` salomo3 2003-09-29 3:32 ` boyd 0 siblings, 1 reply; 34+ messages in thread From: salomo3 @ 2003-09-29 3:23 UTC (permalink / raw) To: 9fans >> is quite a good brisk survey, with trenchant observations. > > 'tranchant' [cutting] now that's a good present participle. > > 'double tranchant' == double edged sword Yup, Like the scottish claymore. None of your wimpy M60s or whatever you carry. These are weapons for *real* men - the scourge of spammers, etc.. :-) joel ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-29 3:23 ` salomo3 @ 2003-09-29 3:32 ` boyd 2003-09-29 5:18 ` Lucio De Re 2003-09-29 13:53 ` Joel Salomon 0 siblings, 2 replies; 34+ messages in thread From: boyd @ 2003-09-29 3:32 UTC (permalink / raw) To: 9fans effective, but no 'stand off' range. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-29 3:32 ` boyd @ 2003-09-29 5:18 ` Lucio De Re 2003-09-29 9:18 ` boyd 2003-09-29 13:53 ` Joel Salomon 1 sibling, 1 reply; 34+ messages in thread From: Lucio De Re @ 2003-09-29 5:18 UTC (permalink / raw) To: 9fans On Sun, Sep 28, 2003 at 11:32:09PM -0400, boyd@sdgm.net wrote: > > effective, but no 'stand off' range. Real fighters are not afraid to face their enemy. Read "Dune" by (need I say it) Frank Herbert (avoid the sequels). ++L ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-29 5:18 ` Lucio De Re @ 2003-09-29 9:18 ` boyd 0 siblings, 0 replies; 34+ messages in thread From: boyd @ 2003-09-29 9:18 UTC (permalink / raw) To: 9fans real fighters [Sun Tsu] are smart enough to want to live to fight another day, UNLESS they are placed in 'death ground'. in that case _all bets are off_. what is the value of a dead warrior who could have tactically withdrawn to grease more of them the next time? look at the VC or the 'muj'. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-29 3:32 ` boyd 2003-09-29 5:18 ` Lucio De Re @ 2003-09-29 13:53 ` Joel Salomon 1 sibling, 0 replies; 34+ messages in thread From: Joel Salomon @ 2003-09-29 13:53 UTC (permalink / raw) To: 9fans boyd@sdgm.net said: > effective, but no 'stand off' range. > that's for the bagpipe to do. --Joel ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 8:59 ` boyd, rounin 2003-09-28 9:42 ` Lucio De Re 2003-09-28 10:16 ` Charles Forsyth @ 2003-09-29 9:14 ` Douglas A. Gwyn 2 siblings, 0 replies; 34+ messages in thread From: Douglas A. Gwyn @ 2003-09-29 9:14 UTC (permalink / raw) To: 9fans boyd, rounin wrote: > in any case the courts don't really recognise a stream of, completely > forgable, bits as any form of proof: eg. al capone finally got done > for _tax evasion_, rather than hist other 'activities'. Al Capone predated the digital age. Tax evasion was within Federal jurisdiction, whereas most of his crimes were not. It is true that tax evasion was relatively easy to prove. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: [9fans] spam rejection after reception does have limits 2003-09-28 8:10 ` Lucio De Re 2003-09-28 8:59 ` boyd, rounin @ 2003-09-29 9:13 ` Douglas A. Gwyn 2003-09-29 9:44 ` SPAM: " Charles Forsyth 1 sibling, 1 reply; 34+ messages in thread From: Douglas A. Gwyn @ 2003-09-29 9:13 UTC (permalink / raw) To: 9fans Lucio De Re wrote: > Choate suggests legal recourse, within the existing system. Again, > harrassment could be used, I think it would work if one could target > the perpetrator rather than some innocent, unwitting victim. Not really, since perpetrators can spring up so much more quickly than the legal system can move to punish them. If you think that "setting an example" would help much, look at previous prosecution of hackers and see what a deterrent it was. > - Legacy: can't be helped, that's where the problem lies > in the first place. Indeed, if you want to leave your mailbox open to receive mail from people using other systems, you're stuck, because there is no reliable way to distinguish between legitimate mail and proxy mail. The only technical fix for that would have to be at those systems, which need to stop acting on directions received remotely. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: SPAM: Re: [9fans] spam rejection after reception does have limits 2003-09-29 9:13 ` Douglas A. Gwyn @ 2003-09-29 9:44 ` Charles Forsyth 2003-09-29 15:21 ` Douglas A. Gwyn 0 siblings, 1 reply; 34+ messages in thread From: Charles Forsyth @ 2003-09-29 9:44 UTC (permalink / raw) To: 9fans >>If you think that "setting an example" would help much, >>look at previous prosecution of hackers and see what a >>deterrent it was. clearly it didn't deter them all, but how can we know that that detection and prosecution didn't deter some, perhaps even quite a few, from attempting it? ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: SPAM: Re: [9fans] spam rejection after reception does have limits 2003-09-29 9:44 ` SPAM: " Charles Forsyth @ 2003-09-29 15:21 ` Douglas A. Gwyn 2003-09-29 16:02 ` Joel Salomon 0 siblings, 1 reply; 34+ messages in thread From: Douglas A. Gwyn @ 2003-09-29 15:21 UTC (permalink / raw) To: 9fans Charles Forsyth wrote: > but how can we know that that > detection and prosecution didn't deter > some, perhaps even quite a few, from attempting it? The problem is, it just drives the worst offenders deeper into the underground. Drug trafficking and terrorism have been targets of detection and prosecution, and overall this appears to have made those problems worse, in some ways, than they might otherwise have been. Of course that's a judgment call, and there is no way to perform the experiment to find out for sure. I would prefer to see development of a social climate in which it is so universally acknowledged that such attacks are not acceptable that ordinary people take steps to stop it when they detect it, instead of delegating the problem to government agents. ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: SPAM: Re: [9fans] spam rejection after reception does have limits 2003-09-29 15:21 ` Douglas A. Gwyn @ 2003-09-29 16:02 ` Joel Salomon 2003-09-29 21:24 ` boyd 0 siblings, 1 reply; 34+ messages in thread From: Joel Salomon @ 2003-09-29 16:02 UTC (permalink / raw) To: 9fans > I would prefer to see development of a social climate in which > it is so universally acknowledged that such attacks are not > acceptable that ordinary people take steps to stop it when they > detect it, instead of delegating the problem to government > agents. > Boyd, you may fire when ready. --Joel ^ permalink raw reply [flat|nested] 34+ messages in thread
* Re: SPAM: Re: [9fans] spam rejection after reception does have limits 2003-09-29 16:02 ` Joel Salomon @ 2003-09-29 21:24 ` boyd 0 siblings, 0 replies; 34+ messages in thread From: boyd @ 2003-09-29 21:24 UTC (permalink / raw) To: 9fans Boyd, you may fire when ready. aquire, target, verify [with a 3rd party], shoot. we'd prefer a lot of things, but it's not gonna happen. ^ permalink raw reply [flat|nested] 34+ messages in thread
end of thread, other threads:[~2003-09-29 21:24 UTC | newest] Thread overview: 34+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2003-09-27 22:46 [9fans] spam rejection after reception does have limits ron minnich 2003-09-28 1:11 ` boyd, rounin 2003-09-28 9:08 ` Charles Forsyth 2003-09-28 9:16 ` boyd, rounin 2003-09-28 8:10 ` Lucio De Re 2003-09-28 8:59 ` boyd, rounin 2003-09-28 9:42 ` Lucio De Re 2003-09-28 10:18 ` boyd, rounin 2003-09-28 10:50 ` boyd, rounin 2003-09-28 11:18 ` Lucio De Re 2003-09-28 11:44 ` boyd, rounin 2003-09-28 11:05 ` boyd, rounin 2003-09-28 11:47 ` Lucio De Re 2003-09-28 11:58 ` boyd, rounin 2003-09-28 12:17 ` Lucio De Re 2003-09-29 9:14 ` Douglas A. Gwyn 2003-09-29 9:37 ` boyd 2003-09-28 15:33 ` ron minnich 2003-09-28 15:39 ` boyd, rounin 2003-09-28 17:12 ` ron minnich 2003-09-28 17:22 ` boyd 2003-09-28 10:16 ` Charles Forsyth 2003-09-28 10:23 ` boyd, rounin 2003-09-29 3:23 ` salomo3 2003-09-29 3:32 ` boyd 2003-09-29 5:18 ` Lucio De Re 2003-09-29 9:18 ` boyd 2003-09-29 13:53 ` Joel Salomon 2003-09-29 9:14 ` Douglas A. Gwyn 2003-09-29 9:13 ` Douglas A. Gwyn 2003-09-29 9:44 ` SPAM: " Charles Forsyth 2003-09-29 15:21 ` Douglas A. Gwyn 2003-09-29 16:02 ` Joel Salomon 2003-09-29 21:24 ` boyd
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).