Re: [Asrg] request for review for a non FUSSP proposal
Rich Kulawiec <rsk@gsp.org> Thu, 25 June 2009 11:39 UTC
Return-Path: <rsk@gsp.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 03B163A6AAD for <asrg@core3.amsl.com>; Thu, 25 Jun 2009 04:39:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.279
X-Spam-Level:
X-Spam-Status: No, score=-6.279 tagged_above=-999 required=5 tests=[AWL=-0.280, BAYES_00=-2.599, J_CHICKENPOX_23=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 540ENSvpTK1U for <asrg@core3.amsl.com>; Thu, 25 Jun 2009 04:39:17 -0700 (PDT)
Received: from taos.firemountain.net (taos.firemountain.net [207.114.3.54]) by core3.amsl.com (Postfix) with ESMTP id DED1F3A6B49 for <asrg@irtf.org>; Thu, 25 Jun 2009 04:39:04 -0700 (PDT)
Received: from squonk.gsp.org (bltmd-207.114.17.162.dsl.charm.net [207.114.17.162]) by taos.firemountain.net (8.14.1/8.14.1) with ESMTP id n5PBZR2T009923 for <asrg@irtf.org>; Thu, 25 Jun 2009 07:35:29 -0400 (EDT)
Received: from avatar.gsp.org (avatar.gsp.org [192.168.0.11]) by squonk.gsp.org (8.14.1/8.14.1) with ESMTP id n5PBUmS5014533 for <asrg@irtf.org>; Thu, 25 Jun 2009 07:30:48 -0400 (EDT)
Received: from avatar.gsp.org (localhost [127.0.0.1]) by avatar.gsp.org (8.14.3/8.14.3/Debian-4) with ESMTP id n5PBZLkT014531 for <asrg@irtf.org>; Thu, 25 Jun 2009 07:35:21 -0400
Received: (from rsk@localhost) by avatar.gsp.org (8.14.3/8.14.3/Submit) id n5PBZL9v014522 for asrg@irtf.org; Thu, 25 Jun 2009 07:35:21 -0400
Date: Thu, 25 Jun 2009 07:35:21 -0400
From: Rich Kulawiec <rsk@gsp.org>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <20090625113521.GA7313@gsp.org>
References: <4A3F9B2B.8020603@tana.it> <4A3FF3AF.9030401@telmon.org> <4A3FF7F1.1060705@nd.edu> <4A3FFB64.6030409@telmon.org> <20090622215251.GA2137@gsp.org> <4A400246.9060103@telmon.org> <20090623100542.GA9628@gsp.org> <4A40B2C0.8090604@telmon.org> <20090623203753.GA14617@gsp.org> <4A41D76E.3040404@telmon.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <4A41D76E.3040404@telmon.org>
User-Agent: Mutt/1.5.18 (2008-05-17)
Subject: Re: [Asrg] request for review for a non FUSSP proposal
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jun 2009 11:39:19 -0000
On Wed, Jun 24, 2009 at 09:36:14AM +0200, Claudio Telmon wrote: > I don't think that much action would be needed. If my system is > compromised, the tokens I have were compromised. My friends would > complain (the "local" blame that works), and the spammer would have a > token for the mailing list, the one I use, so it would be able to send > spam to the list. (a) How would your friends know? and (b) What stops an attacker who has compromised Fred *and* Barney's computer from using Barney's tokens from Fred's computer? Keep in mind that since the attacker has full control over both systems, he/she also has, or can have, all of Fred and Barney's email credentials -- login names, passwords, etc. and (c) I get the sense that this will scale as N^2, which doesn't bode well. > Dealing with the framework without an address book would be actually > impossible. So you want me to stop using the mail client I've used for years -- which I've deliberately chosen because of its simplicity, speed, features, and most importantly, security? Not a chance. Moreover, even if I had a mail client with an address book, why would I want to put 11,500 people in it? Especially since the overwhelming majority of those communications are one-time? > With respect to numbers, I cannot answer. People and > software explicitly dealing with large lists of addresses/subscribers > would usually need to deal with an equal (well, double) number of > tokens. People like you, dealing, if I understand correctly, with a > large number of occasional correspondents, would need to do the same. I'm already way too busy to even try to answer most of my email; where am I going to get all the extra time needed to do this task? Especially given that there is no meaningful anti-spam value: if today I approve a token from Fred, that doesn't help me at all if Fred's computer is compromised tomorrow night and delivers 50 spam messages to me before I wake up the next morning. I could have done *nothing* and done just as well. > > Moreover, "informing the owners" has already proven to be a badly-losing > > strategy. *If* the owners actually receive such communication > > (telling them their system is probably compromised), they tend to > > either disbelieve it, ignore it, classify it as a phish--often correct, > > deny it, or act ineffectively to remedy the situation. > > Do you feel that the same would be true if the communication were not an > automated communication but a communication from correspondents, not by > email, and maybe implying the (temporary) inability to communicate with > some of them? This would actually severely limit the usability of the > scheme. Two points; first: If it's not automated, it won't scale. If it's automated, then it will be faked billions of times and people will quickly learn not to pay any attention to it. Second: how am I going to communicate with correspondents "not by email" when that's the only way I *have* to communicate with them? You can't seriously expect me or anyone else to spend out time IM'ing or phoning or otherwise trying to convince people that their system is compromised. I see several thousand attempts per day on this address alone that are obviously from compromised end-user systems. > > No anti-spam > > scheme which requires effective, clueful participation by end-users has > > any chance of working: if they existed (in very large numbers) then we > > wouldn't have such a large spam problem because (a) their systems would > > be compromised in huge numbers and (b) they would have learned by > > now to never respond to any spam. > > I don't know. Me, as probably each of us, I'm often asked by friends to > "reinstall" their systems because they are full of garbage. [...] > Should I receive spam using their token, I could be much more aggressive > than I've been until now, and maybe others would do the same. This kind > of blame usually works with other communication channels (again, people > disseminating phone numbers), why shouldn't it work with email? People > usually don't care of ineffective blame, but don't like to be considered > stupid by their friends. We're now 6-7 years into the period when Windows systems are compromised at will by attackers and used not just for spam, but for DoS attacks and all kinds of other mischief. Yet there has been no mass migration away from these insecure and insecurable systems -- just a little bit of movement here and there. Your approach won't get them to change either. They'll either (a) deny there's a problem (b) run some anti-malware tool on their compromised system and believe what it says (c) get someone else to do (b) or (d) in rare cases, get the system detoxed using known-clean boot media or by starting over...but will then get it re-infested a month later the same way they got it infested the first time. ---Rsk
- [Asrg] request for review for a non FUSSP proposal Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] request for review for a non FUSSP pro… Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Paul Russell
- Re: [Asrg] request for review for a non FUSSP pro… Steve Atkins
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Lyndon Nerenberg
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Douglas Otis
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Seth
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Douglas Otis
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… John Levine
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Seth
- Re: [Asrg] request for review for a non FUSSP pro… Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- [Asrg] VPNs (was: request for review for a non FU… Alessandro Vesely
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] VPNs (was: request for review for a no… Claudio Telmon
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] request for review for a non FUSSP pro… Seth
- Re: [Asrg] request for review for a non FUSSP pro… Danny Angus
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Ian Eiloart
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] request for review for a non FUSSP pro… Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Rich Kulawiec
- Re: [Asrg] VPNs vs consent Rich Kulawiec
- Re: [Asrg] VPNs (was: request for review for a no… Rich Kulawiec
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] request for review for a non FUSSP pro… Alessandro Vesely
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Rich Kulawiec
- Re: [Asrg] VPNs Alessandro Vesely
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Claudio Telmon
- Re: [Asrg] VPNs vs consent Jose-Marcio Martins da Cruz
- Re: [Asrg] VPNs vs consent Claudio Telmon
- [Asrg] Shared addresses (was: Re: VPNs vs consent) Claudio Telmon
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs Alessandro Vesely
- Re: [Asrg] VPNs Bill Cole
- Re: [Asrg] VPNs der Mouse
- [Asrg] A Vouch By Feedback proposal (was: VPNs) Alessandro Vesely
- Re: [Asrg] VPNs Daniel Feenberg
- [Asrg] gmail as source of spam (was VPN) David Wilson
- Re: [Asrg] A Vouch By Feedback proposal J.D. Falk
- Re: [Asrg] A Vouch By Feedback proposal Alessandro Vesely
- Re: [Asrg] A Vouch By Feedback proposal Claudio Telmon
- Re: [Asrg] A Vouch By Feedback proposal der Mouse
- Re: [Asrg] VPNs Rich Kulawiec
- Re: [Asrg] VPNs Bill Cole
- [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] Too Big to Block? Chris Lewis
- Re: [Asrg] Too Big to Block? Dotzero
- Re: [Asrg] Too Big to Block? Chris Lewis
- Re: [Asrg] A Vouch By Feedback proposal Ian Eiloart
- Re: [Asrg] Too Big to Block? Ian Eiloart
- Re: [Asrg] A Vouch By Feedback proposal Rich Kulawiec
- Re: [Asrg] Too Big to Block? Rich Kulawiec
- Re: [Asrg] A Vouch By Feedback proposal Ian Eiloart
- Re: [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] Too Big to Block? Alessandro Vesely
- Re: [Asrg] Too Big to Block? der Mouse
- Re: [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] Too Big to Block? der Mouse
- Re: [Asrg] Too Big to Block? John Leslie
- Re: [Asrg] EPOSTAGE Too Big to Block? John Levine
- Re: [Asrg] EPOSTAGE Too Big to Block? John Leslie
- [Asrg] archives Tom Petch
- Re: [Asrg] archives Bill Cole
- Re: [Asrg] archives Claudio Telmon
- Re: [Asrg] archives Tom Petch