Re: [perpass] A reminder, the Network is the Enemy...

Ted Lemon <mellon@fugue.com> Wed, 20 November 2013 23:13 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B59171AE155 for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 15:13:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.426
X-Spam-Level:
X-Spam-Status: No, score=-2.426 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.525, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7uOLO8SStfkr for <perpass@ietfa.amsl.com>; Wed, 20 Nov 2013 15:13:57 -0800 (PST)
Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by ietfa.amsl.com (Postfix) with ESMTP id EEEFD1AE557 for <perpass@ietf.org>; Wed, 20 Nov 2013 15:13:55 -0800 (PST)
Received: from [10.0.10.40] (c-174-62-147-182.hsd1.nh.comcast.net [174.62.147.182]) by toccata.fugue.com (Postfix) with ESMTPSA id 42E1C238248B; Wed, 20 Nov 2013 18:13:47 -0500 (EST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 7.0 \(1822\))
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <dbeq89lhsqj0krnes41rnrodc6sjmcecr8@hive.bjoern.hoehrmann.de>
Date: Wed, 20 Nov 2013 18:13:46 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <55D41CD1-7D56-4DF5-98A5-8EFFBF86C42A@fugue.com>
References: <9B79CCC3-853E-42F4-8390-ED0EE019C275@icsi.berkeley.edu> <B4A3135B-1391-4794-BE23-D823962C294C@fugue.com> <dbeq89lhsqj0krnes41rnrodc6sjmcecr8@hive.bjoern.hoehrmann.de>
To: Bjoern Hoehrmann <derhoermi@gmx.net>
X-Mailer: Apple Mail (2.1822)
Cc: perpass <perpass@ietf.org>, Nicholas Weaver <nweaver@icsi.berkeley.edu>
Subject: Re: [perpass] A reminder, the Network is the Enemy...
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 23:13:58 -0000

On Nov 20, 2013, at 5:43 PM, Bjoern Hoehrmann <derhoermi@gmx.net> wrote:
> Online advertisers are happy to help you identify your targets and put
> code on their computers, <http://en.wikipedia.org/wiki/Malvertising>.

Malvertising is a scattershot approach, not a targeted approach.   If you have access to a lot of demographic data, you may with some difficulty be able to target an attack to an individual, but scraping the HTTP at the server is a _lot_ easier.   Making that impossible increases the cost of this type of attack significantly.