ietf-asrg
[Top] [All Lists]

[Asrg] 'GIEIS' - Additonal Condierations

2003-07-01 09:11:37
Thanks for your comments. My response are in the body of the message below. This post relates to the 'GIEIS' system viewable here at:

http://homepage.ntlworld.com/giza.necropolis

Updates will be carried out this evening.

Mark McCarron.


From: "Danny Angus" <danny(_at_)apache(_dot_)org>
To: "Mark McCarron" 
<markmccarron_itt(_at_)hotmail(_dot_)com>,<asrg(_at_)ietf(_dot_)org>
Subject: RE: [Asrg] (no subject)
Date: Tue, 1 Jul 2003 14:33:57 +0100

Mark McCarron wrote:

>  SMTP is a dying
> protocol, imagine what it would be like in 10 years?

Erm .. I don't think that is quite correct, surely?
I know that IM is growing in popularity and I wouldn't be surprised if SMTP was loosing "market share" but to describe what must be one of, if not the, most widely used internet protocols as dying is preposterous.

Perhaps you could back up your claim with evidence, I'd be happy to eat humble pie if you're right.


Mark's Response:

SMTP is a dying protocol. It was never designed to handle the current flow of email on the Internet nor provide the security for it. As long as SMTP exists, spam, virus', worms and trojans will only grow on the Internet to an unbelievable level. Every resolution has been attempted and failed. Let me make this crystal clear for everyone, SMTP cannot EVER be secured. We are rapidly coming to the point were email would be withdrawn completely. This is not some idle threat, but a proposal seriously being considered. Anyone who knows the technical side of SMTP, will tell you quite clearly that the protocol itself is to blame. Spam accounts for 30% of all traffic on the Internet now, what percentage would it be in 10 years?


> This will be easy enough.  There will be a period of transition.
> Its not as
> hard as everyone thinks.  I agree it will be a challange, but hey
> come on,
> its not rocket science.

The science is not the hard bit, it is the cost. I'm sure we could come up with a dozen really secure mail protocols from the expertise on this list alone. Do you imagine that updates for every piece of mail software will be made available free it might not be available at all for some systems if you can't write it yourself, or that the admins who have to install and manage it will do so without incurring cost?


Mark's Response:

As I stated before and you can try this for yourself, the cost of implementing 'GIEIS' would be exceeded by the loss to business by keeping the SMTP protocol. Allow me to demonstrate this clearly for everyone. Yesterday, I calculated (at ciphertrust.com) that 1000 employees, earning an average of $15,000 per year, recieving 20 spam messages a day would result in losses of $31,250. Now, America has approx. 300 Million inhabitants, lets say 2 thirds of the population are not affected by spam in the workplace. That still leaves us with 100 Million who would be. Now we'll assume that their average wage would be $15,000 per year (very reasonable assumption), if it cost 1000, $31,250, then it costs $31.25 per person, per year. $31.25 multiplied by 100 Million is $3,125,000,000 per year. This is just for America alone. 'GIEIS' could absorb $1 Billion per year and still make business a substantial profit. Oh, and one other point, I haven't even begun to add on the cost of virus', trojans, etc. Therefore, 'GIEIS' has complete financial justificaton.

Also, a protocol alone can NEVER secure email. That is impossible. It needs an architecture such as 'GIEIS'.



On a home user basis it may be trivial but in the wicked world of business any such change would cost a packet, look at the cost of installing y2k patches.



Mark's Response:

Yep, but it was done.



> The system we tested it on was a private network, also, it wasn't
> using the
> full aspects of the 'GIEIS' design.  It was just a feasibility
> test and it
> responded well, in fact, 100%.

100% of what? did you try to break it, did you try to fool it, what happens to mail if you launch a DOS attack on the token server?

Mark's Response:

Dos (denial of service) does not work on every machine. Proper security measures eliminate this threat. Dry run 'GIEIS' for yourself, its unbreakable.



> alone.  For those of you who remember MSN started out as an x.25 network
> without any pop3 servers.  If I remember correctly they were a
> form of IMAP

AFAIK MSN used to provide SMTP "kick" whereby the act of logging into the network provoked the SMTP server to attempt to deliver your mail to you. I may be wrong though.

Mark's Response:

SMTP is an outgoing mail server not incoming. I think your referring to the pop 3 server which would have been in 1998/1999.

Mark McCarron.

_________________________________________________________________
Find a cheaper internet access deal - choose one to suit you. http://www.msn.co.uk/internetaccess


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] 'GIEIS' - Additonal Condierations, Mark McCarron <=