Death of antivirus software imminent
Alex Alten
alex at alten.org
Fri Jan 4 18:19:52 EST 2008
At 05:47 PM 1/4/2008 -0500, Leichter, Jerry wrote:
>| ...Also, I hate to say this, we may need to also require that all
>| encrypted traffic allow inspection of their contents under proper
>| authority (CALEA essentially)....
>Why not just require that the senders of malign packets set the Evil Bit
>in their IP headers?
>
>How can you possibly require that encrypted traffic *generated by the
>attackers* will allow itself to be inspected?
You misunderstand me. We can for the most part easily identify encrypted
data, either it is using a standard like SSL or it is non-standard but can be
identified by data payload characteristics (i.e. random bits). If it is a
standard
(or even a defacto standard like Skype) we can require access under proper
authority. If it is not (or access under authority is refused), then just
simply
block or drop the packets, there's no need to inspect them.
- Alex
--
Alex Alten
alex at alten.org
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list