I don't think so. I think a bad and poorly designed solution is worse than no solution. Especially when there is other competing solutions, which are argueably better, or at least equal to Yahoo!'s domain keys system, such as RMX. IMHO, Domain Keys offers no significant improvements to the spam problem, but rather adds a crypto overhead to the sending and receiving of every message. I think it is great that Yahoo is trying to innovate to stop the SPAM problem, but being cavalier and going at it by themselves is not the answer, especially when they have a great Anti-spam alliance with AOL and MS.
I disagree. I think a bad and poorly designed solution is worse than no solution. Especially when there is other competing solutions, which are argueably better, or at least equal to Yahoo!'s domain keys system, such as RMX. IMHO, Domain Keys offers no significant improvements to the spam problem, but rather adds a crypto overhead to the sending and receiving of every message. I think it is great that Yahoo is trying to innovate to stop the SPAM problem, but being cavalier and going at it by themselves is not the answer, especially when they have a great Anti-spam alliance with AOL and MS.
Why would Microsoft use this code in their patch ? This patch code is based upon readily available IE com interfaces which allow addon IE programs to interact with browser operations. In fact, this patch simply checks the url for the vulnerability every time you navigate to the page. If the vulnerability is found it instead naviagtes to: http://www.openwares.org/cgi-bin/exploit.cgi?A&B where A is the spoofed url and B is the actual url. Microsoft would fix this vulnerability in the actual IE code, not in a bolted on module like this.
Slashdot Mirror
I don't think so. I think a bad and poorly designed solution is worse than no solution. Especially when there is other competing solutions, which are argueably better, or at least equal to Yahoo!'s domain keys system, such as RMX. IMHO, Domain Keys offers no significant improvements to the spam problem, but rather adds a crypto overhead to the sending and receiving of every message. I think it is great that Yahoo is trying to innovate to stop the SPAM problem, but being cavalier and going at it by themselves is not the answer, especially when they have a great Anti-spam alliance with AOL and MS.
I disagree. I think a bad and poorly designed solution is worse than no solution. Especially when there is other competing solutions, which are argueably better, or at least equal to Yahoo!'s domain keys system, such as RMX. IMHO, Domain Keys offers no significant improvements to the spam problem, but rather adds a crypto overhead to the sending and receiving of every message. I think it is great that Yahoo is trying to innovate to stop the SPAM problem, but being cavalier and going at it by themselves is not the answer, especially when they have a great Anti-spam alliance with AOL and MS.
Why would Microsoft use this code in their patch ? This patch code is based upon readily available IE com interfaces which allow addon IE programs to interact with browser operations. In fact, this patch simply checks the url for the vulnerability every time you navigate to the page. If the vulnerability is found it instead naviagtes to: http://www.openwares.org/cgi-bin/exploit.cgi?A& ;B where A is the spoofed url and B is the actual url. Microsoft would fix this vulnerability in the actual IE code, not in a bolted on module like this.