ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Re: Graylisting

2004-05-06 11:14:50
from [Jim Witte] [Permanent Link] 
  My suggestion for a BCP would be to recommend that blacklists have a
CBL-style page for de-listing addresses.  But rather than de-listing
them entirely, the addresses can be moved to an associated "grey
list", which is published as "addresses under dispute".  If the
This idea is a tad bit complicated (perhaps too much so), and in my mind a little bit Draconian, but.. What about a graylist that would, after identifying a zombie host, graylist it, then contact the owner with instructions on installing the latest Windows patch? Preferably this would happen automatically, so the user's email would pop up a box saying "You're computer has been identified as potentially sending zombie-spam. Click here to install the latest Windows update" (or something like that) ISP's could require installation of a background program that could handle this (using suitably encrypted/signatured communications so as not to be hijacked).
This wouldn't work for Mac or Linux though (it could work for Mac, as there is a centralized source for updates - Apple), but probably not for Linux - although people running Linux boxen should know better.. Anothiuer problem is for people with dial-up connections, downloading a bloated 15MB windows patch (I've never understood why a small security patch can't be a reasonable size of 600K - even some of MacOSX's are 1.5MB). And of course, it requires cooperation of ISPs and users.
The big up-side that I see is that it forces (or at least coerces) people to *fix* their OS's. In time, perhaps people (and/or their ISPs) will put more pressure on MS to either make a secure, transparent Software Update which *only* deals with security vulnerabilities (as opposed to the "latest and most bloated" improvement from Redmond), or to make security of their OS (more) of a priority - although that might be technically unfeasible unless MS stopped ALL development to go through all 10 million lines or whatever of Windows code, or rewrote parts of it from scratch (or switched to Darwin ;-) 

Jim Witte
jswitte(_at_)bloomington(_dot_)in(_dot_)us
Indiana University CS
---
Sed quis custodiet ipsos custodes?


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] Re: Graylisting, Jim Witte <=
Previous by Date:  RE: [Asrg] draft-irtf-asrg-bcp-blacklists-00, Hallam-Baker, Phillip
Next by Date:  Re: [Asrg] draft-irtf-asrg-bcp-blacklists-00, Chris Lewis
Previous by Thread:  [Asrg] RE: 2a. Blacklists, collateral damage and anonymity, Hallam-Baker, Phillip
Next by Thread:  [Asrg] Message Level Authentication, Bill Mcinnis
Indexes:  [Date] [Thread] [Top] [All Lists]