Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Full-Disclosure] RE: [Full-disclosure]MS should re-write code with security in mind

From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Fri, 20 Aug 2004 12:23:35 -0400
Clairmont, Jan M wrote:


Glenn:
Not to take issue with the performance of encryption, but what good is performance when it's all spent processing spam, malware, trojans, spyware and all the other cr*p that downloads. 
Even things like spybot, zone alarm etc. do not  prevent any
of the junk that gets loaded thru mail and port 80, plus any other vulnerabilities that continually open up.
An interesting cost benefit analysis of this would be to take the amount of bandwidth increase if people used encrypted/authenticated pipes as upposed to unencrypted/enauthenticated pipes just for mail (in this case) and compare that to the bandwidth lost in SPAM (only count spam that would be blocked by said authentication system) and see which comes out larger.
If the bandwidth consumption is less for the encryption, then you have your answer. 

            -Barry
p.s. I'm not sure where to start to get valid numbers on this. Every scenario I've been able to think of in the time it took to write this e-mail has major methodological flaws. 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: