Firewall Wizards mailing list archives
Re: Screening Outgoing Mail for Content
From: "Perry E. Metzger" <perry () piermont com>
Date: Wed, 05 Aug 1998 16:35:31 -0400
Wilson Roberto Afonso writes:
The screening problem is "AI complete". That is, it requires full AI to detect sufficiently evil violators -- if even that would work. [...] If the user is sophisticated, forget having even hand screening work. If hand screening won't work, what will?On the other hand, if you are paranoid/determined enough, you might just block whatever you cannot screen. So, binary attachments are out, just as uuencoded files etc. If you're not sure it's safe to go, it does not go. Might still not be a 100% safe without hand screening, though.
It won't be 100% safe WITH hand screening. How will your screening program, or person, even notice that a steganography program was run over some innocuous looking text, subtly encoding a message in the formatting in some way that you might find difficult to impossible to detect? Sufficiently determined people can *always* get by. More importantly, though, is the question of whether caring is even sufficiently important. For many firms, employees can leave the building carrying all the confidential material they want in their bag. .pm
Current thread:
- Screening Outgoing Mail for Content Bruce B. Platt (Aug 04)
- Re: Screening Outgoing Mail for Content Marcus J. Ranum (Aug 04)
- Re: Screening Outgoing Mail for Content Perry E. Metzger (Aug 05)
- Re: Screening Outgoing Mail for Content Thomas Schiavinato (Aug 05)
- Re: Screening Outgoing Mail for Content6 Chad Schieken (Aug 05)
- Re: Screening Outgoing Mail for Content6 Joseph S. D. Yao (Aug 06)
- Re: Screening Outgoing Mail for Content Thomas Schiavinato (Aug 05)
- Re: Screening Outgoing Mail for Content Wilson Roberto Afonso (Aug 05)
- Re: Screening Outgoing Mail for Content Joseph S. D. Yao (Aug 05)
- Re: Screening Outgoing Mail for Content and other things cfb (Aug 06)
- Re: Screening Outgoing Mail for Content Perry E. Metzger (Aug 05)
- Re: Screening Outgoing Mail for Content Ted Doty (Aug 05)
- Re: Screening Mail Policy&Product Paul Woodie (Aug 09)
- <Possible follow-ups>
- Re: Screening Outgoing Mail for Content Dave O'Shea (Aug 05)
- Re: Screening Outgoing Mail for Content Godfrey_Cureton (Aug 05)
- Re: Screening Outgoing Mail for Content Dean_Ethier (Aug 05)
- Re: Screening Outgoing Mail for Content Peter Jeremy (Aug 05)