gep2(_at_)terabites(_dot_)com wrote:
No, not a fellow victim; a negligent abuse-enabler
Perhaps, but they're still victims too. The fact of the matter is that there
are a lot of technically VERY clueless folks out there, and unless you've come
up with some kind of magic pill they can take which suddenly makes them
technically savvy, there are going to CONTINUE to be clueless types out there.
We need to simply make it very much harder for viruses and worms to infect those
people's machines. Closing the attachment transmission window (especially for
executable-type attachments) to just a sliver of what it is today will certainly
help a great deal. SPF and other such schemes is unlikely to help very much at
all, because those machines which DO get infected can send viruses, worms, and
spam using their authenticated SMTP. It's outrageous and irresponsible that
nearly everyone's mail clients freely accept and allow people to receive and
click on things like PIF files, which are virtually NEVER used for anything
good. .EXE files are likewise almost never legitimately needed in E-mail, and
those who DO need it usually know why, and from whom they need to be able to
receive such stuff.
We will NEVER solve the spam problem if we don't get a major handle on the virus
and worm problem, and A-V software is NOT the ultimate solution because it
basically all works on the "blacklist" principle (i.e. "if we don't know about
it (yet) then it's probably okay." While A-V software is a valuable component,
and certainly helpful in disinfecting a machine once it's been infected,
hopefully we can come up with a solution that's better than just go around
forever swatting flies. Let's close the window!!
I am not sure if it can be closed. The latest viruses are being sent
around in ZIP files encrypted with a password which people still manage
to open and encryption bypasses virus scanning on gateway level. Unless
we throw out the baby with the bathwater - forbid all attachments, virus
writers will always find a way around whatever semi-blocking technique
we come up with. Same for HTML - unless all HTML is forbidden, I do not
see how any benefit can come from it. But forbidding HTML will close
many existing use cases which many companies and people do every day.
The biggest problem with this approach is that while it might work in
theory, in practice I do not think we can convince any sizable majority
of Internet users to accept it. This is the main problem with any
proposal - aside from the idea itself, it must also be marketed and be
convincing enough to be acceptable.
However, if you want to take a shot at it and write up a BCP document as
a short Internet draft, go ahead. There is definatly a good use of some
attachment blocking such as .EXE files.
I don't want to see any solutions that result in some "authority" deciding
what one can and cannot send.
Right, only community consensus should be applied. It is doable.
I hope so.
We must account for a possibility of a community system being subverted.
Any system that does not account for that will be no better than an
authority. There was a couple research papers floating around that try
to address the same problem in P2P networks - the problem is solvable if
it is taken into account.
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg