Not really. Those are getting rarer and rarer as older libraries get phased out (remember, joe average programmer is never in a position to write an exploitable buffer; the buffer was written by some grad student at Berkely 10 years ago as part of a library).
Check vulndev. Check bugtraq. The bugs coming out now are not for the most part "crafted user input overflows the heap" but rather "crafted user input is passed to a SQL interpreter" or "crafted user input is used as a format string". There are, incidentally, fairly good static tests for these things, but A) Java (and C and C++) doesn't use them and B) they unacceptably limit the range of possible applications.
Amen. And also people get hung up on the current fad of changing bits in binary files that are sent directly from point A to point B. But that's not the only model; a message could be delivered through, say, character frequencies in a classified ad or a slashdot post. Or in those "random" phrases in spam (for all we know they already are).
The point of steganography is that it hides the message's routing information. In World War II, the US Navy managed to gain a lot of operational information about the Japanese Navy simply by analyzing message traffic and routing. A steganographic message can just be placed somewhere publicly accessible and no routing information would ever be traced. The English composer Byrd did this, actually: he hid messages to pro-Catholic English rebels in his music (or so some modern musicologists say). These motets were sung all over the place, and anyone with ears to hear it, heard it. Everybody else just thought it was a pretty song.
I stand by my definition. A law is a theory that is short enough to be expressed simply in an equation (or sentence, I suppose) and basic enough that other theories are built on it. Like, for instance, Newton's Laws of Motion or Maxwells Laws of Electrodynamics (both of which, incidentally, are factually disproven now but match the data closely enough that it's not embarassing to teach them).
Oh, and a minority should decide what the majority wants their kids to learn in schools their taxes fund?
A minority of people in this country understand the Calculus. They should be the ones who decide what everyone's kids learn in school. So, yes, exactly: a minority should decide what the majority's kids learn in schools everyone's taxes fund. That's because the minority is often smarter.
Gravity is accepted by probably about 99.9999999999% of the world. Evolution is accepted by a minority of the world.
Oh, science is a democracy now? I'm supposed to let the mouth-breathing, troglodytic masses who can't be bothered to learn what an allele is have a say in the science education in public schools? Why does the fact that a large portion of the world is too stupid / lazy / superstitious to learn about evolution matter to you?
Nope, that won't work. Vulnerability disclosures must include a working exploit; otherwise I could anonymously destroy my competitors by posting false but hysterical vulnerability reports about their products.
As I said in another post: software companies don't give us their software for free; similarly, we shouldn't give them consulting services for free. If I find a vulnerability, I don't owe the software company anything and I'm under no particular obligation to tell them before I tell anyone else.
Or are you saying it is irresponsible / immoral / illegal to state a provable fact about the security of a software system?
However, it is also true that we live in a society under the rule of law. You really ought to look up what "rule of law" really means if you don't understand the implications of it yet.
What's unlawful about trying to find out if a product you paid for is secure and fit for the purpose for which it was marketed?
I'll go one further: if you find out the product isn't secure or fit, how are you under any obligation to tell the company that makes it that fact? Are they paying you to be a consultant? No. Do they give you software for free? Let's assume not. So, why should you give them consulting services for free?
I agree, we can't get rid of spam with this attitude. I'm simply stating the fact that this attitude exists
I think it's very important for people to remember that we know everything we need to know to blacklist spam-friendly ISPs. We know and we don't do it. Technical solutions have given us everything we need, it now just takes the will to do it.
Good luck with that, btw; I personally don't think end users care enough about spam to risk losing emails from clients.
Cool. I thought it was possible to spoof headers or something like that:
http://www.cert.org/tech_tips/email_spoofing.html
Silly me.
You're not silly, you just missed the point of that link. When the spammer HELOs your mail server, he may well say that he's outgoing.whitehouse.gov delivering a message from president@whitehouse.gov. What he can't fake is that he's coming from IP address 1.2.3.4 (or whatever). You already know what netblock he's actually on, and who's responsible for that netblock.
Only because they find spam-friendly ISPs. These ISP's, after, say, the 3rd spammer warning, would be blocked under my proposal.
But we already know which ISPs are spam friendly, because as I pointed out above IP addresses aren't forged. We already know and they aren't being blocked en masse, probably because these same ISPs carry legitimate traffic and we collectively feel that false positives are worse than false negatives. This is a social and political problem.
Look, we don't need a new technology to tell us what ISP is responsible for a given mailing. You can already find out what ISP hosts the mailer that sent you any mail you received. Better yet, with SPF you can already tell if the owner of the mailing domain has authorized that IP address to send you mail. What you need to do if you want to push for this kind of solution is go out and advocate that we use the knowledge we already have to apply the SMTP Death Penalty you advocate to the bad ISPs
Look at Spamhaus; they essentially advocate what you want. They have some popularity but the ISPs aren't dead yet because A) lots of people don't use spamhaus and B) lots of those who do have to stop using it because they can't get important emails from people who happen to use the same ISP as spammers.
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses ( ) Mailing lists and other legitimate email uses would be affected ( ) No one will be able to find the guy or collect the money (X) It is defenseless against brute force attacks (X) It will stop spam for two weeks and then we'll be stuck with it (X) Users of email will not put up with it ( ) Microsoft will not put up with it ( ) The police will not put up with it ( ) Requires too much cooperation from spammers (X) Requires immediate total cooperation from everybody at once (X) Many email users cannot afford to lose business or alienate potential employers ( ) Spammers don't care about invalid addresses in their lists (X) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it ( ) Lack of centrally controlling authority for email ( ) Open relays in foreign countries ( ) Ease of searching tiny alphanumeric address space of all email addresses (X) Asshats ( ) Jurisdictional problems ( ) Unpopularity of weird new taxes ( ) Public reluctance to accept weird new forms of money (X) Huge existing software investment in SMTP (X) Susceptibility of protocols other than SMTP to attack (X) Willingness of users to install OS patches received by email (X) Armies of worm riddled broadband-connected Windows boxes ( ) Eternal arms race involved in all filtering approaches (X) Extreme profitability of spam (X) Joe jobs and/or identity theft ( ) Technically illiterate politicians (X) Extreme stupidity on the part of people who do business with spammers (X) Dishonesty on the part of spammers themselves (X) Bandwidth/overhead costs that are unaffected by client filtering ( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical ( ) Any scheme based on opt-out is unacceptable ( ) SMTP headers should not be the subject of legislation (X) Blacklists suck ( ) Whitelists suck ( ) We should be able to talk about Viagra without being censored ( ) Countermeasures should not involve wire fraud or credit card fraud (X) Countermeasures should not involve sabotage of public networks (X) Countermeasures must work if phased in gradually ( ) Sending email should be free (X) Why should we have to trust you and your servers? ( ) Incompatiblity with open source or open source licenses ( ) Feel-good measures do nothing to solve the problem ( ) Temporary/one-time email addresses are cumbersome ( ) I don't want the government reading my email ( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work. ( ) This is a stupid idea, and you're a stupid person for suggesting it. ( ) Nice try, assh0le! I'm going to find out where
you live and burn your house down!
Now, more specifically, you said:
"Step 1 is to make all emails tracable to the server (or at least to the ISP) they came from. This can be done by assigning each legitimate email server (or group of servers from one ISP/company) a Public and Private key pair."
We already do this: we can tell exactly what IP address (and therefore, what ISP) an email originated from. All the public-private key pair idea adds to this is: 1. additional server and network overhead 2. an additional point of ema
and then this information is handed down to the PM. There's not much the PM can do about it once he realizes the timeline is impossible except beg his boss to get a renegotiation going.
Then he's not a project manager, and giving him that title doesn't make it so. He's a team leader. If he doesn't interact with the clients, there's no way you can call him a project manager.
In my time as a programmer I heard a lot of people complaining about requirements changes. My inclination was to say it's not the client's job to make good requirements. If the client was in a place to make non-vague requirements he probably wouldn't need your help programming them.
A good project manager will listen to the client's end user vision of the product before the project starts, and (this is the key part) during the development make the client aware of consequences of their delays or changes.
Keeping logs cuts both ways: if you're the ISP, logs are what will pull your ass out of the fire. If the FBI shows up at your office with proof that child porn has entered your network, logs are about the only way you can shift the blame to someone else.
(Which is stupid, since logs can be easily faked, but they seem to really impress people.)
Otherwise it would be GNU/X Window/Gnome/KDE/Enlightenment
Well, I don't know about that. The "GNU" in GNU/Linux refers to glibc and gcc. That's a lot more central than a windowing system or web browser. I mean, glibc is what gives you functions like printf() and write() that every other application uses. I think "GNU/Linux" as a term makes sense because no matter what kind of application you are developing, you need to know if you have the GNU userland or not; that isn't true for the other categories of software you mentioned.
Slashdot Mirror
There's an API to print, too, oddly enough.
Not really. Those are getting rarer and rarer as older libraries get phased out (remember, joe average programmer is never in a position to write an exploitable buffer; the buffer was written by some grad student at Berkely 10 years ago as part of a library).
Check vulndev. Check bugtraq. The bugs coming out now are not for the most part "crafted user input overflows the heap" but rather "crafted user input is passed to a SQL interpreter" or "crafted user input is used as a format string". There are, incidentally, fairly good static tests for these things, but A) Java (and C and C++) doesn't use them and B) they unacceptably limit the range of possible applications.
Amen. And also people get hung up on the current fad of changing bits in binary files that are sent directly from point A to point B. But that's not the only model; a message could be delivered through, say, character frequencies in a classified ad or a slashdot post. Or in those "random" phrases in spam (for all we know they already are).
The point of steganography is that it hides the message's routing information. In World War II, the US Navy managed to gain a lot of operational information about the Japanese Navy simply by analyzing message traffic and routing. A steganographic message can just be placed somewhere publicly accessible and no routing information would ever be traced. The English composer Byrd did this, actually: he hid messages to pro-Catholic English rebels in his music (or so some modern musicologists say). These motets were sung all over the place, and anyone with ears to hear it, heard it. Everybody else just thought it was a pretty song.
Microsoft's version of the second one is here, and it won several awards.
Umm... then learn Lisp, rather than re-inventing a half-assed bloated version of it.
It's funnier when I remember to include the link to the second-oldest HLL still in use, which thought of this a long time ago.
An extensible language whose syntax can be manipulated programmatically? Why has nobody thought of this before?!
Ha! Tell that to Berkeley or Hilbert some time.
And actually, the assumptions underlying even simple differential calculus are hardly axiomatic, and could easily be questioned.
Meh.
I stand by my definition. A law is a theory that is short enough to be expressed simply in an equation (or sentence, I suppose) and basic enough that other theories are built on it. Like, for instance, Newton's Laws of Motion or Maxwells Laws of Electrodynamics (both of which, incidentally, are factually disproven now but match the data closely enough that it's not embarassing to teach them).
I think that's more because we don't use the phrase "Philosopher's Stone" in American English than any ideological bent
Laws are a type of theory: the type that can be easily expressed in a simple equation.
A minority of people in this country understand the Calculus. They should be the ones who decide what everyone's kids learn in school. So, yes, exactly: a minority should decide what the majority's kids learn in schools everyone's taxes fund. That's because the minority is often smarter.
Oh, science is a democracy now? I'm supposed to let the mouth-breathing, troglodytic masses who can't be bothered to learn what an allele is have a say in the science education in public schools? Why does the fact that a large portion of the world is too stupid / lazy / superstitious to learn about evolution matter to you?
Well, when they put similar notices in Physics textbooks that gravity is a theory, not a proven fact, I'll stop complaining.
Well, they did port NT4 to Alpha, MIPS, and PPC, didn't they?
Nope, that won't work. Vulnerability disclosures must include a working exploit; otherwise I could anonymously destroy my competitors by posting false but hysterical vulnerability reports about their products.
As I said in another post: software companies don't give us their software for free; similarly, we shouldn't give them consulting services for free. If I find a vulnerability, I don't owe the software company anything and I'm under no particular obligation to tell them before I tell anyone else.
Or are you saying it is irresponsible / immoral / illegal to state a provable fact about the security of a software system?
What's unlawful about trying to find out if a product you paid for is secure and fit for the purpose for which it was marketed?
I'll go one further: if you find out the product isn't secure or fit, how are you under any obligation to tell the company that makes it that fact? Are they paying you to be a consultant? No. Do they give you software for free? Let's assume not. So, why should you give them consulting services for free?
I agree, we can't get rid of spam with this attitude. I'm simply stating the fact that this attitude exists
I think it's very important for people to remember that we know everything we need to know to blacklist spam-friendly ISPs. We know and we don't do it. Technical solutions have given us everything we need, it now just takes the will to do it.
Good luck with that, btw; I personally don't think end users care enough about spam to risk losing emails from clients.
You're not silly, you just missed the point of that link. When the spammer HELOs your mail server, he may well say that he's outgoing.whitehouse.gov delivering a message from president@whitehouse.gov. What he can't fake is that he's coming from IP address 1.2.3.4 (or whatever). You already know what netblock he's actually on, and who's responsible for that netblock.
But we already know which ISPs are spam friendly, because as I pointed out above IP addresses aren't forged. We already know and they aren't being blocked en masse, probably because these same ISPs carry legitimate traffic and we collectively feel that false positives are worse than false negatives. This is a social and political problem.
Look, we don't need a new technology to tell us what ISP is responsible for a given mailing. You can already find out what ISP hosts the mailer that sent you any mail you received. Better yet, with SPF you can already tell if the owner of the mailing domain has authorized that IP address to send you mail. What you need to do if you want to push for this kind of solution is go out and advocate that we use the knowledge we already have to apply the SMTP Death Penalty you advocate to the bad ISPs
Look at Spamhaus; they essentially advocate what you want. They have some popularity but the ISPs aren't dead yet because A) lots of people don't use spamhaus and B) lots of those who do have to stop using it because they can't get important emails from people who happen to use the same ISP as spammers.
(couldn't resist, given that last line. The why not is included in the "dumb 'form letter'")
Your post advocates a
(X) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
(X) It is defenseless against brute force attacks
(X) It will stop spam for two weeks and then we'll be stuck with it
(X) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
(X) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(X) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
(X) Susceptibility of protocols other than SMTP to attack
(X) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
(X) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(X) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
(X) Bandwidth/overhead costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
(X) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
(X) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
( ) Sending email should be free
(X) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where
you live and burn your house down!
Now, more specifically, you said:
"Step 1 is to make all emails tracable to the server (or at least to the ISP) they came from. This can be done by assigning each legitimate email server (or group of servers from one ISP/company) a Public and Private key pair."
We already do this: we can tell exactly what IP address (and therefore, what ISP) an email originated from. All the public-private key pair idea adds to this is:
1. additional server and network overhead
2. an additional point of ema
I've honestly never needed anything other than slocate and grep. What do these apps offer that standard tools don't?
(Before you whine about platforms, remember that grep and slocate, like almost all GNU utilities, are available on Windows, too.)
Then he's not a project manager, and giving him that title doesn't make it so. He's a team leader. If he doesn't interact with the clients, there's no way you can call him a project manager.
In my time as a programmer I heard a lot of people complaining about requirements changes. My inclination was to say it's not the client's job to make good requirements. If the client was in a place to make non-vague requirements he probably wouldn't need your help programming them.
A good project manager will listen to the client's end user vision of the product before the project starts, and (this is the key part) during the development make the client aware of consequences of their delays or changes.
Keeping logs cuts both ways: if you're the ISP, logs are what will pull your ass out of the fire. If the FBI shows up at your office with proof that child porn has entered your network, logs are about the only way you can shift the blame to someone else.
(Which is stupid, since logs can be easily faked, but they seem to really impress people.)
Well, I don't know about that. The "GNU" in GNU/Linux refers to glibc and gcc. That's a lot more central than a windowing system or web browser. I mean, glibc is what gives you functions like printf() and write() that every other application uses. I think "GNU/Linux" as a term makes sense because no matter what kind of application you are developing, you need to know if you have the GNU userland or not; that isn't true for the other categories of software you mentioned.