[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] [IP] do-not-email list canned

To: <gep2 at terabites.com>, <dave at farber.net>
Subject: Re: [Asrg] [IP] do-not-email list canned
From: "George Ou" <george_ou at netzero.com>
Date: Wed, 16 Jun 2004 12:07:23 -0700
Cc: carl at media.org, asrg at ietf.org
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <B0000031675@nts1.terabites.com>
Sender: asrg-bounces at ietf.org

----- Original Message ----- 
From: <gep2 at terabites.com>
To: <dave at farber.net>
Cc: <carl at media.org>; <asrg at ietf.org>
Sent: Tuesday, June 15, 2004 3:20 PM
Subject: [Asrg] [IP] do-not-email list canned

> The REAL failure of their whole "authentication" approach (and this is
shared by
> Microsoft's halfwit idea too, and indeed all the
"authentication/authorization"
> approaches), is that infected spambot zombie machines can and will send
out spam
> using their (legitimate) own authorization.  So, yeah, they can track down
the
> infected machines, but for each one they track down, there'll be ten more.

I'm curious to know how a zombie machine will have a legitimate SPF,
CallerID, or Domain Key.  Are you suggesting each worm/virus infected zombie
will somehow register it's own legitimate domain and authoritative DNS
server?  Seems a bit stretched wouldn't you say?  I've heard a lot of
skepticism (some well founded) on authentication before, but this argument
is ridiculous.

> Until they really solve the virus/worm problem (and none of these
approaches
> solve that, either, except the one I've been proposing) you don't solve
the
> zombie spambot problem, and if you don't solve the zombie spambot problem,
then
> you CANNOT solve the DDOS problem or the spam problem by these
ill-conceived and
> almost wholly nonsensical "authentication" approaches.

Actually, Windows XP SP2 (due out in a few months) will solve most of these
problems when everyone installs it.  I think Microsoft will even snail mail
a CD to anyone who requests it due to bandwidth limitations for free.  It
effectively mitigates 2 of the biggest holes that have created this mass
army of Zombies, Worms and Viruses.  Worms are mitigated by a default-on
Firewall that blocks all inbound traffic from the Public Internet.  Viruses
are mitigated by an Authenticode mechanism that prevents untrusted email
attachments from executing.  Even if that attachment is manually saved to
the hard drive, it will retain it's state and still not execute unless the
user manually forces it to run.  Since the bulk of the machines hanging on
the Internet are Windows XP, this will be a significant step in the health
of the Internet.

George Ou

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] [IP] do-not-email list canned
  - From: william(at)elan.net
- RE: [Asrg] [IP] do-not-email list canned
  - From: Larry Seltzer
- Re: [Asrg] [IP] do-not-email list canned
  - From: Jon Kyme

References:
- [Asrg] [IP] do-not-email list canned
  - From: gep2

Prev by Date: Re: [Asrg] [IP] do-not-email list canned
Next by Date: Re: [Asrg] [IP] do-not-email list canned
Previous by thread: Re: [Asrg] [IP] do-not-email list canned
Next by thread: Re: [Asrg] [IP] do-not-email list canned
Index(es):
- Date
- Thread