|> Any solution that requires secrecy will be some combination |of: little |> benefit, difficult to impossible to deploy, and/or easy to |compromise |> once discovered. | |Well, Williams post of his file is a good example. Any (not if |I am sure) spammer that may read this list now sees that file |and can then insert those keywords and walla!
A great example. Keywords for whitelisting are a fragile solution, and an example of something best sent directly rather than on a list IMO. (very tight security required) On the other hand, a list of IP sources that are whitelisted and the protocols for using/generating that list represent a strong solution that can and should be described openly. That's the contrast I was trying to draw (not the specifics but the character). |We are not talking security here, it is more like football |plays. You do not want the other side to see what your plays |are, less they can then plan to counter them. I suppose I take a stronger position. I consider the stability of open messaging systems a security issue, and I'm used to working in that mode - perhaps that colors my views. No doubt it's not a good idea to broadcast your plays to the "enemy". >From my perspective, though, I heavily devalue any "play" that could be compromizing in enemy hands and prefer heavily actions that are of little help to the opposition when exposed. Just an opinion. Thanks! _M --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
