lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <9AD9D61578B84144912BCB44CBEF9EAD0700E9FB@usnssexc03.us.kworld.kpmg.com>
From: kenng at kpmg.com (Ng, Kenneth (US))
Subject: Spam Solution

There isn't going to be any one solution that solves the spam problem.  And
even if there were, it would be years before we got the bulk of the email
systems to handle it.  And along the way you know some of the vendors will
do their usual "embrace extend exterminate" dirty tricks to put others at a
disadvantage.  And when sites start using only the new infrastructure there
will be pain.  But by every means we deny to the spamers, that leaves one
less avenue open to them, and forces them to spend resources to find new
means.  The better ones will adapt, the slower ones will go extinct.  Think
of it as evolution in action.  Yes, its sick, but we're going to be breeding
better spammers.

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Gadi Evron
Sent: Friday, June 18, 2004 6:38 AM
To: Alavan
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Spam Solution


 > Also, if spammers can't forge, so what? They'll just grab the domain
 > name from the PC they've hijacked and send away or go back to using the
 > e-mail client on the machine. Once the spammers change their methodology
 > (which they do all the time to counter anti-spam efforts), these
 > measures will have little to no effect.

I believe this is the main issue here.

Spammers already have and use the technology to circumvent all this, so
they don't even need to invent new tricks.

As long as there are drone armies and unsuspecting "stupid" users, these
kind of solutions, although interesting and helpful, are useless to stop
actual spam.

Another issue is that non of the people I talked this over with see how
this can work unless globally adopted by everyone. An adoption of this
system over a few years simply won't work. It needs to be over-night and
that's not going to happen.

	Gadi Evron.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized. 

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.         
*****************************************************************************


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ