Re: [Asrg] An "ideal" false positive (TMGRS take 2)

Rich Kulawiec <rsk@gsp.org> Sun, 14 February 2010 22:46 UTC

Return-Path: <rsk@gsp.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E16528B797 for <asrg@core3.amsl.com>; Sun, 14 Feb 2010 14:46:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.505
X-Spam-Level:
X-Spam-Status: No, score=-6.505 tagged_above=-999 required=5 tests=[AWL=0.094, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WuUJ4xVJbTag for <asrg@core3.amsl.com>; Sun, 14 Feb 2010 14:46:16 -0800 (PST)
Received: from taos.firemountain.net (taos.firemountain.net [207.114.3.54]) by core3.amsl.com (Postfix) with ESMTP id 4F8123A72E7 for <asrg@irtf.org>; Sun, 14 Feb 2010 14:46:16 -0800 (PST)
Received: from squonk.gsp.org (bltmd-207.114.17.32.dsl.charm.net [207.114.17.32]) by taos.firemountain.net (8.14.4/8.14.4) with ESMTP id o1EMlft7019423 for <asrg@irtf.org>; Sun, 14 Feb 2010 17:47:43 -0500 (EST)
Received: from avatar.gsp.org (avatar.gsp.org [192.168.0.11]) by squonk.gsp.org (8.14.3/8.14.3) with ESMTP id o1EMo5px000257 for <asrg@irtf.org>; Sun, 14 Feb 2010 17:50:05 -0500 (EST)
Received: from avatar.gsp.org (localhost [127.0.0.1]) by avatar.gsp.org (8.14.3/8.14.3/Debian-9ubuntu1) with ESMTP id o1EMlab9012477 for <asrg@irtf.org>; Sun, 14 Feb 2010 17:47:36 -0500
Received: (from rsk@localhost) by avatar.gsp.org (8.14.3/8.14.3/Submit) id o1EMlZGQ012476 for asrg@irtf.org; Sun, 14 Feb 2010 17:47:35 -0500
Date: Sun, 14 Feb 2010 17:47:35 -0500
From: Rich Kulawiec <rsk@gsp.org>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <20100214224735.GB11546@gsp.org>
References: <4B61D1BA.6060807@tana.it> <20100129135607.GB27203@gsp.org> <FBFC96085D5112AA96E23D0F@lewes.staff.uscs.susx.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <FBFC96085D5112AA96E23D0F@lewes.staff.uscs.susx.ac.uk>
User-Agent: Mutt/1.5.20 (2009-06-14)
Subject: Re: [Asrg] An "ideal" false positive (TMGRS take 2)
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Feb 2010 22:46:17 -0000

On Fri, Jan 29, 2010 at 02:33:56PM +0000, Ian Eiloart wrote:
> So, does that mean that all computer mediated communication is pointless?

Of course not. But it does mean that anything originating on an
end-user system should never be used as an input to a security policy
mechanism, since The Bad Guys can either fabricate or block an
arbitrary number of such inputs as they see fit. [1]

---Rsk

[1] Within the constraint that they can only do so from those systems
which they control.  But given that the number of such systems is
already very large and still growing, and that there is no reason
at all to think that this trend will reverse or even slow down, this
constraint is not really very limiting in practice.