On Thu, Oct 28, 2010 at 01:29:37AM -0400, Chris Lewis wrote:
On 10/27/2010 6:29 AM, Rich Kulawiec wrote:
It doesn't matter. The entire issue of end-user authentication is
dead, dead, dead thanks to 100+ million zombies with keystroke loggers.
It doesn't matter how clever the tech is, how slick the UI is, how
minimal the effort is.
Oh, then, port 25 blocking and SMTP submit authentication is dead
dead dead too, predicated on the _same_ zombies and keyloggers?
Yes.
If I might use a (trendy!) zombie analogy, it may still be moving forward
but it's already starting to die.
(Not that I'm opposed to either measure: I was jumping up and down
screaming for emergency port 25 blocking years ago when we were
all realizing WTF was going on. But it needed to be done right then
and there, IMMEDIATELY, not most of a decade later.)
I think that as we devise and debate anti-spam tactics, we need to keep
in mind the distinction between what spammers are doing and what spammers
could do. What they're doing today is: evading these countermeasures --
to a certain degree. What they could do is: a heck of a lot more of it.
Will they? I dunno. Just like I don't know if they'd take the time and
trouble to subvert end-user authentication en masse. But I think it's
starting to be worth it for them.
And that line of thinking is the basic of my argument against a lot
of things: I don't think we should try to roll out, on a large scale,
anything that we know a priori can be defeated at will. A wise adversary
(and some of ours *are* wise) wouldn't interfere with that process:
they would simply let us expend our resources, set up the whole thing,
congratulate ourselves on our success...and *then* neatly undercut it.
As to "can be defeated at will", I think that now includes anything
which has buried in it the presumption that end-user systems are secure.
We already know that Windows systems (with rare exceptions like the
one on Schneier's desk, if he has one) are not secure for any reasonable
value of "secure". And Macs, while so far demonstrating more resistance,
are not invulnerable. Neither are Linux boxes, particularly those
that are cookie-cuttered and not maintained. Neither are fill-in-the-blank.
So I think one of our working assumptions should be that just about
anything on an end-user's desk can turn hostile without warning at any time.
(And perhaps, given the ubiquity of smart phones: anything in their pocket.)
---rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg