subject:"Re\[2\]\: What changes would you make to stop spam\? \- United Nations Paper"

Re: Re[2]: What changes would you make to stop spam? - United Nations Paper

2006-08-02 Thread John D. Hardin

On Wed, 2 Aug 2006, Sanford Whiteman wrote:

  MAPI. [is]..implemented over DCE/RPC (i.e. LAN-only).
 
 Maybe a nit... but technically not LAN-only using ncacn_http.

Well... *intended* to be LAN-only...

--
 John Hardin KA7OHZICQ#15735746http://www.impsec.org/~jhardin/
 [EMAIL PROTECTED]FALaholic #11174pgpk -a [EMAIL PROTECTED]
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
 Look at the people at the top of both efforts. Linus Torvalds is a
 university graduate with a CS degree. Bill Gates is a university
 dropout who bragged about dumpster-diving and using other peoples'
 garbage code as the basis for his code. Maybe that has something to
 do with the difference in quality/security between Linux and
 Windows.-- anytwofiveelevenis on Y! SCOX
---

Re[2]: What changes would you make to stop spam? - United Nations Paper

2006-08-02 Thread Sanford Whiteman

 Does anyone use [XTND XMIT]?

These  days,  not really. But when Eudora was king and the feature was
usually enabled when supported on the MTA side, I would guess maybe 1%
of  Eudora  users knew of and used the feature. The point is more that
the extension's already been built, but never got a foothold.

--Sandy

Re[2]: What changes would you make to stop spam? - United Nations Paper

2006-08-02 Thread Sanford Whiteman

 So  you think that viruses are going to know how to find and decrypt
 the passwords of all email programs?

Any  data  that  must  be  decrypted  without user intervention can be
accessed  in  its  unencrypted form without user intervention. If user
intervention  is  required  for decryption, well, you pretty much just
have to be there when it happens. These are fundamental rules. A virus
needs no decryption feature per se.

A sniffer can readily isolate plain-text passwords as they go over the
wire.  Alternately,  yep, specific memory inspection routines could be
built  for  all  email  programs  that  are  likely  to  be found on
compromised  machines  --  all,  what, 3 or 4 of them -- regardless of
what  happens  on  the  wire.  This part is child's play for a hacker,
relative  to  the  harder part of finding new attack vectors for those
boxes that are lucky enough to get disinfected and patched.

Marc,  I  have some respect for your optimism, a rare trait in a place
where  others  have  (themselves well-earned) chips on their shoulders
from  pushing  back  a surging, inarguably criminal element from their
networks  all  day.  I  also think that the accusations that you're an
agent  of  some government, enterprise, NGO, etc., are ludicrous based
on  the  fundamental  naïveté of your proposal (like the fact that you
suggested  an  enhancement  which  was already BTDT 8 years ago -- not
going  to get you a lot of followers on such a technical list). Yet: I
concur  that  you  don't  have  anywhere  near sufficient knowledge of
current,  let  alone  historical,  technologies  for  mail sending and
retrieval  to be suggesting... well, to be suggesting any enhancements
or improvements at all.

Look, it's okay to admit that you have to go back to school on those
subjects.  From  your bio, you have grounding in other technical areas
that many people here do not. I didn't know much about mail until 1999
or  so,  and  that was after supporting mail systems (along with other
systems  I actually understood) for, like, 6 years! But I also kept my
mouth  shut  until  1999.  Because  of  that experience, I find myself
agreeing  with  the  overall reaction of, in essence: Kill me now, if
his  proposal  is  going  to be disseminated by any entity who doesn't
have enough techies on staff to shoot it down.

Please,  for  the  good of the world, take a couple of months to study
before your next proposal.

Warmly--

--Sandy

Re: Re[2]: What changes would you make to stop spam? - United Nations Paper

2006-08-02 Thread jdow


From: Sanford Whiteman [EMAIL PROTECTED]


networks  all  day.  I  also think that the accusations that you're an
agent  of  some government, enterprise, NGO, etc., are ludicrous based
on  the  fundamental  naïveté of your proposal (like the fact that you


He claimed he was about to present the paper to a Internet Governance
Forum of the United Nations implying he thought he had some official
capacity in that venue. That's what raised my suspicions.

{O.O}

Re[2]: What changes would you make to stop spam? - United Nations Paper

2006-08-01 Thread Sanford Whiteman

 Please  don't  pollute  the  IMAP  and  POP  protocols this way.

POP3  XTND  XMIT  submission  extensions  already polluted POP3 many
years   ago,   supported  by  many  thousands  of  servers  (tho'  not
necessarily enabled).

--Sandy

Re[2]: What changes would you make to stop spam? - United Nations Paper

2006-08-01 Thread Sanford Whiteman

 MAPI. [is]..implemented over DCE/RPC (i.e. LAN-only).

Maybe a nit... but technically not LAN-only using ncacn_http.

--Sandy

Re: Re[2]: What changes would you make to stop spam? - United Nations Paper

Re[2]: What changes would you make to stop spam? - United Nations Paper

Re[2]: What changes would you make to stop spam? - United Nations Paper

Re: Re[2]: What changes would you make to stop spam? - United Nations Paper

Re[2]: What changes would you make to stop spam? - United Nations Paper

Re[2]: What changes would you make to stop spam? - United Nations Paper

6 matches

Site Navigation

Mail list logo

Footer information