On 29 Jan 2005 at 5:29, Noel Stoutenburg wrote: > David W. Fenton wrote: > > >If that's the kind of obfuscation to be used, then the archive should > > not be public. If email addresses are obfuscated, they should be > >wholly obfuscated, and not available to either human or software > >viewers of the page. > > to which I would observe that with the processor speed these days, > it's probably trivial to harvest email addresses out of the body of > the message, not only those which are not obfuscated, but those which > have been self-obfuscated. . . .
By "obfuscated", I mean not readable or constructable from the data displayed on the page. The archive that I saw that was obfuscated when viewed but not when googled had this for the email addresses: [email address hidden]. No computer could get the email address from that. Nor could a human being, and I don't mind that. > . . . The heuristic for this would be simple: > find every instance of "net", com", &c., and take the characters > immediately preceding, discard any spaces, convert any instances of > "dot" to a period, check the string immediately preceding that against > a list of known domains, and convert any instances of "at" before the > domain to the @ sign, and consider the characters preceding that to be > a user name. I don't know if anyone has tested whether spammers are harvesting human-obfuscated email addresses -- it could be done by the same methodology that was used in the spam trap test a year or so ago, where it was found that by far the largest amount of spam was harvested from email addresses found on web pages (something like 75% of it vs. a relatively minuscule amount for the next highest source, Usenet, which was something like 10%). Somehow, I strongly doubt the spammers are being that clever. They are criminals, after all (in my opinion), and criminals are notoriously stupid people in general. > Personally in my view, the most expedient solution to Spam, virii, and > worms, is to do as I have done: next time you get a new computer, > save the old one, remove everything from it except the OS, a browser, > and internet related plug ins, and use only the Iomega network for > transferring files from your internet machine to any other. Also, > learn to use the filtering capabilities of your browers, create your > own spam traps. Finally, regularly back up the email archives you > wish to save. I don't get viruses. And the only way I could get rid of spam (temporarily) is to change email addresses. None of your advice above really helps either of those issues at all. > Then, in the worst case, your internet machine is infected with a > virus, it becomes trivial to low-level format the HDD, reinstall the > OS and plug-ins, and restore archives. Viruses and spam are two wholly separate issues. I haven't had a virus infection since about 1997 or so (back when boot sector viruses were the most common), but I've been getting lots of spam. > If you really want to have your main machines connected to the > internet, set up a local server, and put in two firewalls, one between > the internet connection and your bread-and-butter machines, and one > between the internet connectiona dn your ISP's server. No one should connect their PC directly to the Internet. A full-scale firewall is not entirely required. A NAT router prevents any incoming connections from getting to your computer (unless you explicitly redirect the ports involved), and a software firewall on the PC will allow you to control outgoing connections in ways that dedicated firewall boxes never allow at all (i.e., you can authorize outgoing connections by application, which can never be known by an external device). -- David W. Fenton http://www.bway.net/~dfenton David Fenton Associates http://www.bway.net/~dfassoc _______________________________________________ Finale mailing list Finale@shsu.edu http://lists.shsu.edu/mailman/listinfo/finale
