ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

investigating meta-spam

2005-10-16 05:40:43
from [JFC (Jefsey) Morfin] [Permanent Link]
I consider working on a Draft on "meta-spam" and would be interested in comments and in interests to participate to a preparatory mailing list. I define meta-spam as:
"sending non approved information within regular protocols, headers, contents, etc. for a further results unexpected by the receiver".
This definition is most probably to edit. May be I just rising here a well known issue named and worked on in another way?
The concept certainly covers meta information in HTML pages, tags in protocols, URLs, etc. that can be used in filtering traffic (OPES, censoring, profiling, obtaining information on privacy, personal behaviours) or further retrievals through search engine queries. I may also cover some "subliminal" networking applications: sending semi-hidden information to obtain a desired user comportment like in advertising, intox, denials of thinking, psychological war.
Conceptually this may be a fundamental mechanism of cybernetics (as the art of efficient independent system governance in using analog models obtained by feed-backs). There is therefore a need to distinguish between legitimate, necessary, authorised meta-informing and meta-spaming. And to define authorisation/prevention (like for example the cookies related arsenal) and IFF (information friend/foe filtering). Trolling is probably a form of meta-spam. To which extent string oriented solutions helps meta-spaming? In ASCII, in multilingual environment? What are the pollution possibilities (for example using URL meta-spaming, using homograph meta-spaming, what about the babel names [use of the punycoded version of an IDN]? etc.).
Hacking in using plain text information rises the question of the nature of the architexting we use all the time and of networked languages. What is the XML, HTML, etc. security solutions? It is also a problem for the concept of "para-data" which is fundamental to the DRS I work on (distributed registry system) and to the multi-Internet architectures (for example using classes): the legitimate conditions for co-working systems to hold in parallel different data for the same meta-data.
I am not familiar with applications firewalling but I suppose it is a problem their designers meet?
The most immediate concern is when an RFC may help meta-spaming over private issues or represent a security threat: it should then be part of the security considerations. The resulting commercial, hatred, privacy and civil rights, etc. violations incitements or manipulations should be considered. Structural ways should be found to make them impossible. When one considers the importance of the spam, on-line advertising, privacy protection, etc. in the users concerns, no one can doubt that the identification of meta-spaming characteristics and of the ways to contain it is a key issue.
This is most probably one of the most achieved because one of the simplest vector for machine, mental, community security violation? 
Thank you for your comments.
jfc


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Can the USA welcome IETF (was: Last Call under RFC 3683 concerningDean Anderson (reissued)), Spencer Dawkins
Next by Date:  Last call tools, Sam Hartman
Previous by Thread:  Can the USA welcome IETF (was: Last Call under RFC 3683 concerning Dean Anderson (reissued)), Eduardo Mendez
Next by Thread:  Re: investigating meta-spam, Sam Hartman
Indexes:  [Date] [Thread] [Top] [All Lists]