The future of security
Ben Laurie
ben at algroup.co.uk
Wed Jun 2 08:15:25 EDT 2004
Peter Gutmann wrote:
> No they won't. All the ones I've seen are some variant on the "build a big
> wall around the Internet and only let the good guys in", which will never work
> because the Internet doesn't contain any definable inside and outside, only
> 800 million Manchurian candidates waiting to activate. For example
> MessageLabs recently reported that *two thirds* of all the spam it blocks is
> from infected PCs, with much of it coming from ADSL/cable modem IP pools.
> Given that these "spammers" are legitimate users, no amount of crypto will
> solve the problem. I did a talk on this recently where I claimed that various
> protocols designed to enforce this (Designated Mailers Protocol, Reverse Mail
> Exchanger, Sender Permitted From, etc etc) will buy at most 6-12 months, and
> the only dissent was from an anti-virus researcher who said it'd buy weeks and
> not months.
SPF will buy me one thing forever: I won't get email telling me I sent
people spam and viruses.
> The alternative proof-of-resource-consumption is little better,
> since it's not the spammers' resources that are being consumed.
Nevertheless these resources are limited, and better security would make
them more limited.
> There is one technological solution which would help things a bit, which is
> Microsoft implementing virus throttling in the Windows TCP stack. Like a
> firebreak, you can never prevent fires, but you can at least limit the damage
> when they do occur. Unfortunately I don't see this happening too soon, both
> because MS aren't exactly at the forefront of implementing security features
> (it took them how many years to add the most basic popup-blocking?), and
> because of liability issues - adding virus throttling would be an admission
> that Windows is a petri dish.
Duh. So viruses would fix the stack.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list