lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ILEPILDHBOLAHHEIMALBMEMOGJAA.jasonc@science.org>
From: jasonc at science.org (Jason Coombs)
Subject: [inbox] Re: Fwd: Re: Administrivia: Binary Executables w/o Source

Nick FitzGerald will probably have the last word on this after the
debilitating blow delivered thus by his over-achieving intellect:
>> Ah, but Nick, I *DO* have omniscient access to the non-mythical IP-to-user
>> mapping list -- and so do you. ...
>No, we don't.
>It then can post from that machine using
>whichever of the addresses it chooses.
>all you get in the virus' message headers
>is what the first SMTP relay it
>hit records in its Received: headers.
>Finally, consider the subscriber to poster
>(or "lurker") ratio.

I see nothing at all wrong with blaming you personally for all of the spam
that originates from CLEAR Net Mail, New Zealand and ends up at FD. You are
the closest person of competency to the problem. ;-)

You discount the number of fixed-IP DSL and other broadband connections
employed by people who are candidates to have the FD e-mail address lurking
somewhere on their hard drive. That first-and-only SMTP relay hop directly to
netsys.com MX 199.201.233.10 will still give the FD MTA an opportunity to do
SMTP forensic logging, and all we need is the IP address to convict many FD
subscribers of willful, premeditated, or negligent wormicide.

You also dismiss implicitly the likelihood that the oblivious real end-user
will be spewing non-spam, non-worm communications and getting themselves
profiled and logged all over the place as the demonstrable temporary owner of
the IP address in question during the time period of interest...

Just think "doubleclick".

Sincerely,

Jason Coombs
jasonc@...ence.org


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ