---------------
From: John Levine <johnl_at_taugh.com>
...
It would be really nice if anyone suggesting a postage scheme do at
least a rudimentary threat analysis like this, what are likely ways
that bad guys will try to defraud it, what are the countermeasures,
and how expensive are they.
I believe "defraud" does not cover the range of analysis needed, because
"fraud" implies using the system to benefit the bad guy. Because the
spammers are SO happy with the current system, the analysis has to
include any abuse of the system which will make it undesirable to the
general population, even if there's no (immediate) benefit to the
spammer.
Thus not only must it address hijacked and spoofed postage, but also
attacks which cause slow downs, dropped messages, false
positives/negatives, and all the scenarios which spring from hijacked
PC's. Banks have to deal with sob stories about grandmothers losing
their life savings, and this new system will have to deal with it, too.
Personally, I lump these systems into the same bin of pipe dreams as the
UN-sanctioned anti-spam strike team, sweeping in on the spammers in a
Blackhawk and bursting through the window in their kevlar suits. Except
the latter would be cooler. :-> But neither one would work well, and
neither one is going to happen.
"In my very humble opinion"
Andy Valencia
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg