But to trojan a machine to send spam. no way that becomes a federal crime,
and today I believe it can be even classed as an act of terrorism.
You are forgetting one thing. Most of the activity behind the zombie nets
is directed from countries where that is not the case, or where the laws
are weaker. For example some of the East European countries have only
recently introduced copyright laws, similar to those in the western world.
In one country - I think it was Moldavia (but I may be mistaken), it is only
a crime to hack into a government-owned machine, for example.
FIRST lets close the open system, not keep on thinking of reasons to boo hoo
legitimate ideas.
I am all for that - as I have said before, I am all in favour of any
method of authentication that meets the following criteria:
1) Has a realistic chance of being adopted globally. It does not
matter how elegant the method is, if none of the "big players"
adopt it.
2) Solves the problem of establishing with a reasonable degree of
certainity that the sender is who he is. Any such method will
fail on a compromised system - there is no way any software on
a different machine can deteremine whether the "right" human is
actually pressing the keys. We just have to acknowledge that
limitation and move on - a "solution" to the problem of
compromised systems is beyond the scope of this.
3) Can not be (easily) abused to result in a DoS attack.
--
Fridrik Skulason Frisk Software International phone: +354-540-7400
Author of F-PROT E-mail: frisk(_at_)f-prot(_dot_)com fax:
+354-540-7401
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg