ietf-mxcomp
[Top] [All Lists]

Re: When spoofing is.

2004-03-19 21:22:32

On Sat, Mar 20, 2004 at 02:12:20AM +0100, Alex van den Bogaerdt wrote:

On Fri, Mar 19, 2004 at 03:49:06PM -0800, Mark C. Langston wrote:

Why should the recipient identify this entity?  Those postcard sites are
vulnerable to spoofing, let them fix their own problems.


Because Grandma might like to know which of her grandkids sent the
postcard.

So exactly how does Grandma _know_ who sent the card?

I asked: _know_, not _guess_ or _believe_.


To the layperson, the three are identical, thus the distinction for
Grandma is irrelevant, as she doesn't have the technical knowledge to
distinguish among the three in this arena.

She knows because her children and children's children have told her
what their email addresses are; she knows because her friends have told
her what their email addresses are.  More than that, she knows because
that's who the computer told her it was, and she has no reason, nor
desire, to doubt it.  Grandma trusts that From: header (or whatever
prettified equivalent is presented to her by her MUA) as surely as she
trusts the Caller-ID display on her phone, or even as much as she trusts
that the voice she hears on the other end of that phone is who she
thinks it is.

Solving problems by creating problems for others won't aid our efforts.
Particularly when it seems that the problems have been created to
address unspoken motives.

You have seen no problems so there are no problems ?  Sure...

That's not what I said.  I said that sniping at legitimate services
under the guise of attacking spammers isn't likely to win friends and
influence people.  We should be conservative in what we break.

-- 
Mark C. Langston                                    Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org                                       
mark(_at_)seti(_dot_)org
Systems & Network Admin                                SETI Institute
http://bitshift.org                               http://www.seti.org


<Prev in Thread] Current Thread [Next in Thread>