[Spambayes] full o' spaces

T. Alexander Popiel popiel at wolfskeep.com
Sat Mar 8 17:23:14 EST 2003


In message:  <RQ8621Y61JG6ZYX2D0OM54JFHCZT07.3e6a70d0 at myst>
             <tim at fourstonesExpressions.com> writes:
>3/8/2003 3:18:55 PM, Paul Moore <lists at morpheus.demon.co.uk> wrote:
>
>>>
>>> Ok, I'm off my soapbox. <smile>  This has been a great discussion.
>>
>>Can I borrow that box for a moment? Thanks... :-)
>
>I yield the floor.

Okay, I'll grab the box for a moment...

>>If you liken the spambayes
>>approach to an anti-virus strategy, it suddenly looks much better :-)
>
>Hmmm... interesting analog, but it only goes so far.  Viruses would be a 
>vastly smaller threat had microsoft engaged in the strategy that I'm arguing 
>for.  Trojans, worms, etc... the face of the online world would be 
>considerably different had they invested in building fundamentally secure 
>systems...

To build a fundamentally secure system, though, we'd be replacing
SMTP with something that actively prevented impersonation and
forgery, as well as possibly providing a provable audit trail back
to original sender, along with their identity.  We're not coming
even close to that... so I think that the anti-virus analogy is
quite appropriate.  We're layering a band-aid on top of a
fundamentally insecure system, and patching any leaks as we hear
about them.

Microsoft is not to blame for all the worms and trojans.  Microsoft
is merely the juiciest target at the moment.  Do recall that the
first worm to make headline news (the Morris worm back in 1988)
targetted VAX and Sun 3 systems through sendmail vulnerabilities.
I could rant for a while that it is human nature to build weak
systems and again human nature to abuse such systems... but that's
not a particularly useful thread for the spambayes list.

- Alex



More information about the Spambayes mailing list