Re: [Asrg] An "ideal" false positive (TMGRS take 2)

der Mouse <mouse@Rodents-Montreal.ORG> Mon, 15 February 2010 01:01 UTC

Return-Path: <mouse@Sparkle.Rodents-Montreal.ORG>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9654C28C149 for <asrg@core3.amsl.com>; Sun, 14 Feb 2010 17:01:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.607
X-Spam-Level:
X-Spam-Status: No, score=-9.607 tagged_above=-999 required=5 tests=[AWL=0.381, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5PTzxWvShnd2 for <asrg@core3.amsl.com>; Sun, 14 Feb 2010 17:01:43 -0800 (PST)
Received: from Sparkle.Rodents-Montreal.ORG (Sparkle.Rodents-Montreal.ORG [216.46.5.7]) by core3.amsl.com (Postfix) with ESMTP id 6AC3628C0DB for <asrg@irtf.org>; Sun, 14 Feb 2010 17:01:43 -0800 (PST)
Received: (from mouse@localhost) by Sparkle.Rodents-Montreal.ORG (8.8.8/8.8.8) id UAA21851; Sun, 14 Feb 2010 20:03:02 -0500 (EST)
From: der Mouse <mouse@Rodents-Montreal.ORG>
Message-Id: <201002150103.UAA21851@Sparkle.Rodents-Montreal.ORG>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
Date: Sun, 14 Feb 2010 19:58:04 -0500 (EST)
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
In-Reply-To: <20100215002309.GB21231@gsp.org>
References: <4B61D1BA.6060807@tana.it> <20100129135607.GB27203@gsp.org> <4B6321ED.4050403@tana.it> <20100215002309.GB21231@gsp.org>
Subject: Re: [Asrg] An "ideal" false positive (TMGRS take 2)
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Feb 2010 01:01:44 -0000

> The Bad Guys who have their hands on those 100M+ systems out there
> can use them, or any other systems they have access to, to create an
> essentially-unlimited number of accounts at any/all of the 10K+
> freemail providers out there. [2]

Quite.

This exerts pressure (in the evolutionary sense) against trusting
anything from those webmail providers.

I consider this a good thing.

It also is a reason the botnet herders (the smarter ones, at least)
will be hesitant to use that ability, because if that evolutionary
pressure gets strong enough to get "the net" to start distrusting those
webmailers more strongly and actively, the value of having that access
drops correspondingly.  They (FWVO "they") won't spend that coin unless
they believe they'll get enough value to make it worth it.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse@rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B