Re: spoofing email addresses

To: John Stracke <jstracke at centive.com>
Subject: Re: spoofing email addresses
From: Iljitsch van Beijnum <iljitsch at muada.com>
Date: Fri, 28 May 2004 21:07:39 +0200
Cc: ietf at ietf.org
In-reply-to: <40B7396A.2090309@centive.com>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <B2403217-AEA1-11D8-A66A-000A95B3BA44@hxr.us> <200405262100.i4QL00Ua008101@calcite.rhyolite.com> <200405271456.i4REuawJ022844@turing-police.cc.vt.edu> <294A7108-AFFA-11D8-8E28-000A95CD987A@muada.com> <40B7396A.2090309@centive.com>
Sender: ietf-bounces at ietf.org

On 28-mei-04, at 15:06, John Stracke wrote:

(I've yet to see a proposal that works if the spammers start utilizing zombie machines that snarf the already-stored credentials of the user to send mail)....

The question is whether spammers can obtain new credentials (stolen or otherwise) faster than others can blacklist them.

And, if you had actually read the message you replied to, you would have realized that the answer is yes.


I don't see why.

Send out a worm that makes N zombies, have each zombie send one message under the local user's credentials, and none of them will get blacklisted.

That makes the number of spam messages received by an email user (on average) equal to the number of email users divided by the number of systems vulnerable to becoming a zombie. So one spam a day/week/month or so = a lot better than the current situation.

Don't assume that the high level of vulnerability we're seeing today will remain the same in the future. (It will remain > 0 though.) There was a time when desktop systems would completely crash regularly because badly written software would take down the whole system. Software quality isn't beter these days, but desktop operating systems are now able to protect the system against most software errors. I'm sure we'll see similar developments in the area of security. Zone Alarm (network access restricted on a per-application basis) and the MacOS keychain system (access to passwords and certificates restricted on a per-application basis) are the way of the future.

--
"Every computer sold in the US is safe by default.  It is powered off,
disconnected, in a factory sealed box" - Sean Donelan, on NANOG


_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

References:
- Re: spoofing email addresses
  - From: Andrew Newton
- Re: spoofing email addresses
  - From: Vernon Schryver
- Re: spoofing email addresses
  - From: Valdis . Kletnieks
- Re: spoofing email addresses
  - From: Iljitsch van Beijnum
- Re: spoofing email addresses
  - From: John Stracke

Prev by Date: Re: STD series of documents
Next by Date: telecom recovery unlikely as long as best effort is industry's only business model
Previous by thread: Re: spoofing email addresses
Next by thread: Re: spoofing email addresses
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: spoofing email addresses

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.