[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-12-02 21:58:49
On 12/01/2015 08:57 PM, Stephen Farrell wrote:

On 02/12/15 01:43, Chris Lewis wrote:

It's far better to train them in the reality of what they need to do to
preserve their own privacy, than the impossibility of trying to
privacy-protect everything (and still have something anybody wants to use).

Do you have any evidence for the above?

But in any case, I think your argument is clearly wrong because we
know that it is not possible to "train them" in security or privacy.
(That leaves open the possibility that your conclusion is correct
based on some other argument, but very much weakens confidence in
your conclusion for me.)

You will find no person more in agreement that we cannot train 100% of people with PSAs and similar (the fact that 419s still flow is certainly proof of that), but the reality is that most people do learn such things one way or another. You have and I have, otherwise, we'd not be having this discussion. Did you get your knowledge from a PSA? Your parents? School? The media? Nope. But you still got it.

Trying to "measure" the result of training is usually futile, because correctly posing the questions, and getting useful answers is equally complicated and fraught with definitional/terminology problems. I groan whenever these surveys are published, because the questions are badly crafted, the answers irrelevant, the interpretation is completely out to lunch, and the media scrambles it unrecognizeably.

And indeed, does the fact that 1% of people are still liable to fall for a 419 mean that the training, education, PSAs, news media coverage of such things etc was all in vain? No. is it effective? Somewhat. Perfect? No.

The subject is mushy. People are mushy. Measuring things that are mushy in 2+ dimensions is worse. But most of us have managed to survive vastly more dangerous circumstances by learning how to avoid them along the way. It's slow, but it happens. Just type in "how to use email anonymously" into your search engine, and voila!

IMO the onus is on us as technology developers to ensure that what
we make allows those who deploy that to do a good enough job.

Is hiding from clauses sufficient to do that? No, not when the people who use email don't understand that what they put in the bodies of the emails is usually FAR more revealing than a temporary IP address in an Internet cafe does, or the fact that my MTA's IP address indicates, at best, I'm "somewhere in south, maybe eastern ontario".

Nothing you can do with from clauses will affect the bad guys looking at you.

Only the people already conscious/understanding of personal safety/privacy are going understand and make the choices that they need to make to preserve their privacy. A mere from clause is not going to it, and claiming that eliding from clauses does anything significant to preserve privacy is in the end a dangerous lie even just in an email context.

this case there is room for debate about the cumulative privacy
exposure from many messages including MUA IP addresses (or of
popular implementations defaulting to do so) vs. the benefits
accruing to anti-spam techniques.

Please don't minimize it as just being "anti-spam". I say I'm "anti-spam", but what that really means is anti-spam, anti-fraud, anti-malware. The latter two have serious real-world consequences. LE uses this to try to find people contemplating suicide, or equally, people making death/bomb threats or engaging in harassment. ISPs use this to identify and inform customers that are infected with malware.

I (and several others here) could "document" some of what I've seen/been involved with where this matters, but that would in many cases (a) violate NDAs, (b) give the bad guys intel on how to avoid us, (c) probably violate privacy, and (d) since it's just me and not a vetted journal or something equally "reputable", some here will ignore it anyway as hearsay or self-serving BS.

[Which is ironic, because my work almost never involves MSA submission addresses, and it's not parsed let alone recorded. I don't really have a horse in this race.]

This is real life too: user's savings and lives depend on some of this, not just a few annoying spam messages.

Yes, it would be nice for LE to say something, but the approvals required to say _anything_ whatsoever in public take a very long time, it'd probably get dismissed as self-serving hearsay, and as I've seen often, some people get all wobbly when LE is around.

It would also be nice for providers to say something, but the legal constraints of "speaking on behalf of/in public" are even worse. When I did that once for a topic near to this, it took four months to get approvals and I had to go through a media relations course (until I pointed out that they didn't have to worry about be bleating out company future plans/finances because, unlike the senior executives normally taking the course, I couldn't possibly know any of that to leak).

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>