lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1065560177.3182.20.camel@tantor.nuclearelephant.com>
From: jonathan at nuclearelephant.com (Jonathan A. Zdziarski)
Subject: Spam with PGP

> ---8<---
> </body></html>ahdmf uvhuex qnzysthoa
> r
>  xdgmeqxqyawg
> --->8---
> 
> And this nonsense "words" fool bayesian filters. 


they won't fool any good Bayesian filter, and actually I've found that
they are an excellent way to identify spam, as many spammers are too
stupid to change the jumble of letters at the end.

but more importantly, a good bayesian filter that sees these "words"
that it doesn't know should assign them a fairly neutral value.  DSPAM
assigns new tokens .4.  Since Bayesian filtering uses the most
interesting tokens (interesting meaning with the highest distance from a
neutral .5), these tokens won't even get used in the final calculation
and will be for all practical purposes ignored.

and as I said, should the spammer start using these same "words" in
multiple mailings, they'll be a great way to tag the spam.

> As I said before, I think that bayesian filters are not perfect
> (spammers use tricks to circumvent them). And I also think that
> rulebased ones are'nt perfect too 

I haven't found a good trick spammers have used to get around my filters
yet...the fact that Bayesian learns each user's specific behavior also
makes it extremely difficult for a spammer to craft a message that would
get through to a large number of people (how they make the little money
they do make) since you can't just run a message through a rules list
like you can with heuristic-based filters.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ