Full Disclosure mailing list archives
Re: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind
From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Fri, 20 Aug 2004 12:23:35 -0400
Clairmont, Jan M wrote:
An interesting cost benefit analysis of this would be to take the amount of bandwidth increase if people used encrypted/authenticated pipes as upposed to unencrypted/enauthenticated pipes just for mail (in this case) and compare that to the bandwidth lost in SPAM (only count spam that would be blocked by said authentication system) and see which comes out larger.Glenn:Not to take issue with the performance of encryption, but what good is performance when it's all spent processing spam, malware, trojans, spyware and all the other cr*p that downloads.Even things like spybot, zone alarm etc. do not prevent any of the junk that gets loaded thru mail and port 80, plus any other vulnerabilities that continually open up.
If the bandwidth consumption is less for the encryption, then you have your answer.
-Barryp.s. I'm not sure where to start to get valid numbers on this. Every scenario I've been able to think of in the time it took to write this e-mail has major methodological flaws.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind Clairmont, Jan M (Aug 20)
- Re: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind Barry Fitzgerald (Aug 20)
- Re: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind Valdis . Kletnieks (Aug 20)
- <Possible follow-ups>
- [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind Clairmont, Jan M (Aug 20)
- Re: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind Nick FitzGerald (Aug 20)
- RE: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind Todd Towles (Aug 20)
- Re: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind Barry Fitzgerald (Aug 20)