Re: covert channel and noise -- was Re: proposal ...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Ed Gerck wrote:
> 
> Dean Anderson wrote:
> >
> >It isn't the case that the spammer
> > intended to send a message about the superbowl, but somehow "noise"
> > altered the message to a solicitation on viagra. Rather, they intended to
> > send a message on viagra, and you recieved their message, noise free.
> > But seeing the solication for viagra, you became upset, and reported a
> > complaint about the inappropriate use of the channel. In
> > information-theory-speak, you report a "communication in violation of the
> > security model"; a covert or sneaky channel.
> 
> I guess we agree that if the message can be read by the intended recipient
> then it's not in a covert channel. A covert channel is one that can't even
> be detected by the intended recipient. But, you may ask, "who" is the
> intended recipient?
> 
> In anti-spam email systems, we can usually recognize three "whos":
> 
> #1: My MTA
> #2: My MUA
> #3: Myself
> 
> The spammer's strategy is to send the spam message in such a  way
> that it is undetectable by my MTA-MUA, while it is detectable and
> readable by me. In short, it needs to use a covert channel through my
> MTA-MUA, but not to me.
> 
> An example of such a covert channel is if a spammer hides information
> in the subject line by using wrongly spelled forms of "viagra",
> information which my MTA-MUA cannot detect. It's not a covert channel
> for me but it is for my defenses. But, once that message passes
> through to me, it becomes detectable, readable and I call it spam.
> 
> Does this mean that spam is defined by the rule
> 
>         "I (only) Know It When I See It!"
> 
> and we have to accept a large failure rate in preventing spam, that
> can only be solved by laws and law enforcement?
> 
> I want to emphasize that it does not have to be. Suppose a user can make
> email senders pay a burden at their MTA or even at their MUA (e.g., a
> bounce requesting encryption and solution to a puzzle). In addition, using a
> selective scale defined by the user (so that selected mail senders have
> less burden) at their MTA and MUA, the user can make the spammer pay a
> price *as high as desired* by the user (not limited by R. Brown's comments).
> In such case, the covert channel cannot even be established unless
> the spammer pays a price -- a price that can be *as high as desired* by
> the *user*. This is the essence of the proposal (the devil is in details).
> 
> I take the example of the front door of your house. If you leave it open,
> so that a thief has no burden getting in, a thief probably will steal
> something from you -- even though the law says that theft is illegal.
> What we need is to put a lock into our email communications door. A lock
> that can be as hard to pick as the user wants, and yet easy to use
> as the user wants it to be used.
> 
> Spammers are thiefs -- they steal time and resources, they make us
> reject legitimate email. They cost a lot of  money to all of us.
> They have not been and will not be deterred by law alone. There
> is also no "world law" and spammers are often hidding behind
> legitimate users that change all the time. We can't lock the
> spammers' doors everywhere, we have to lock our door at our house.
> 
> BTW, to propose something simple, "running code" helps before any
> discussion.  In a system as complex as email, however, one would
> have to be naive to even think about "running code" before "running
> comments." I thank you all for the public discussion on this topic,
> through which I have learned a great deal, including people's first
> barriers to change.


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]