Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : Privacy Myth : Re: Privacy Myth Server Time
29 Jul 2024 14:16:53 EDT (-0400)
  Re: Privacy Myth  
From: Patrick Elliott
Date: 7 Apr 2012 23:29:07
Message: <4f810603$1@news.povray.org>
 
On 4/7/2012 5:36 AM, Francois Labreque wrote:
> Le 2012-04-06 00:52, Patrick Elliott a écrit :
>> On 4/5/2012 6:58 PM, Darren New wrote:
>>> On 4/1/2012 8:43, Warp wrote:
>>>> (it broke the 50% mark of all email traversing
>>>> the internet long time ago)
>>>
>>> It broke the 90% mark a long time ago.
>>>
>>> > twharts any kind of comprehensive automatic
>>>> traffic analysis of email (or at least makes it impractical and
>>>> expensive).
>>>
>>> Classifying spam isn't difficult. It's just that ISPs don't want to
>>> carry 10x as much email data as they need to, and it's hard to track
>>> down the source.
>>>
>> They could go a long way by changing the protocol so you can't "fake"
>> the source,
>
> There are many webhosting services that also offer e-mail with their
> package. In those cases, the source would always appear fake since the
> source would be "mailrelay.webhostingcompany.com" instead of
> "mail.francoispetgroomingservices.biz"
>
>> and the tracking, with respect to how it got there, is kept,
>
> It is. Look at the "Received:" lines of the header.
>
>> and correctly reported, so that, even if you changed the supposed start
>> point, somehow, it would be more obvious that the source, as it
>> traversed the network, wasn't the source being reported.
>
> Internal RFC-1918 addressing and dicrepancies between internal DNS vs.
> public DNS names make this impossible.
>
> As an outsider, how can you tell if fred.remoteoffice.mycompany
> (10.2.5.14) and pebbles.datacenter.mycompany (10.254.13.56) are valid
> sources without knowing the internal e-mail architecture of the company?
>
Hmm. Yeah, there is that. In theory, this isn't as big an issue with 
IPv6, since, in principle, every single device, not just IP connection, 
could have its own unique identifier. You could even use MAC for that, 
only.. some people got the idea that you should be allowed to screw with 
those too, so again... Sigh..

In any case, I am not talking about a "complete" solution, just one that 
is marginally less stupid than the ones in existence. Sure, a few "small 
businesses" might look bad, but what would you rather get, 500 different 
emails from 10.254.23.1, each one with a different domain name, or the 
ability to mask out ones that go through 2 other "external" IPs, which 
you can surmise makes it a probable fraud, and only have to look at 1-2 
emails that come from similar locations.

For the most part, unless something goes **very** wrong in a network, or 
a major change happens to its morphology, its not just the endpoint that 
can be used to figure where it came from.

Instead of even an attempt at a smart solution, what we get is clients 
that hide the routing information, and let the scammers add 
"http://www.wellsfargo.com/accounts" to the "mouse over" for all the 
damn links, so that you either a) copy and paste that (it doesn't copy 
the real address under it), and end up at the legit point, of you click 
the link, and end up at "wells.fargo.scam.robyoublind.ru". In other 
words, the ***EXACT OPPOSITE*** of better security, and threat 
identification.


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.