Re: Re: DNS load research
2005-03-23 14:01:15
... explain to us the worst possible scenario that _you_ can imagine for a
virus that wants to do the most damage to the Internet by using SPF.
Here is my worst-case scenario. A year from now SPF and SenderID are
locked in competition between two incompatible protocols. Progress is
slow, because most ISPs are waiting for the outcome before committing to
install one or the other. Along comes the "SPF-doom" virus, a DDoS attack
on some prominent domains, maybe CNN and MSNBC, and maybe FTC, just to get
the politicians pissed off. SPF is part of it, but it really isn't the
major part of the attack. The virus writers had some other motivation for
featuring SPF in the name, and including some bizarre SPF lookups in their
attack.
Now you have a very big PR problem, much bigger than any of the technical
problems we are talking about now. The problem is to explain to the world
what really happened, and why SPF isn't to blame. Think of the CNN report
about a year ago, interviewing the president of SCO about a DDoS attack
they suffered. I had to play it twice to see that my first impression was
not what the SCO guy actually said, but what he implied. The impression I
had after the first viewing was that SCO was attacked by some "open-source"
hackers. The whole discussion was about how DDoS attacks work, the
hacker's motives (fight over ownership of Unix), SCO's victimization,
etc. There was a short disclaimer from CNN at the end, but I didn't really
hear that until my second viewing.
Of course, nobody would be so dastardly as to organize something like this,
but it would be nice if we could make it completely implausible. If it
takes more than five minutes to explain to a CNN reporter the absurdity of
blaming SPF, they will ignore the explanation and go with the sensational
story.
-- Dave
************************************************************* *
* David MacQuigg, PhD * email: dmquigg-spf(_at_)yahoo(_dot_)com *
*
* IC Design Engineer * phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* * 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. * Tucson, Arizona 85710 *
************************************************************* *
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: SPF-compiling DNS Server, (continued)
- Re: SPF-compiling DNS Server, Stuart D. Gathman
- Re: SPF-compiling DNS Server, Radu Hociung
- Re: SPF-compiling DNS Server, David MacQuigg
- RE: Re: DNS load research, Scott Kitterman
- Re: Re: DNS load research, Radu Hociung
- RE: Re: DNS load research, Scott Kitterman
- Re: Re: DNS load research,
David MacQuigg <=
- Re: Re: DNS load research, Andy Bakun
- RE: Response to DDoS using SPF, David MacQuigg
- RE: Response to DDoS using SPF, Andy Bakun
- RE: Response to DDoS using SPF, David MacQuigg
- Re: Response to DDoS using SPF, Chris Haynes
- Re: Response to DDoS using SPF, David MacQuigg
- RE: Response to DDoS using SPF, Scott Kitterman
- Off Topic - English Syntax, David MacQuigg
- Re: Off Topic - English Syntax, Chris Haynes
- Re: Off Topic - English Syntax, David MacQuigg
|
|
|