Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on re spoofing scams?

From: Dave Farber <dave () farber net>
Date: Sat, 17 Jan 2004 10:37:24 -0500

Delivered-To: dfarber+ () ux13 sp cs cmu edu
Date: Sat, 17 Jan 2004 10:22:22 -0500
From: Rich Kulawiec <rsk () gsp org>
Subject: Re: [IP] more on re spoofing scams?
To: gep2 () terabites com
Cc: Dave Farber <dave () farber net>

On Fri, Jan 16, 2004 at 01:30:41PM -0500, Dave Farber wrote:
> One of the things that Microsoft needs to change in Internet Explorer [snip]

There's no reason for anyone to be using IE any more, and a lot of
reasons for them not to: some of which relate directly to the kind
of obfuscation that spoofers employ.  So quite honestly, the "answer"
is not to have M$ try to fix it -- after all, there are now hundreds
of outstanding security/privacy bugs in IE and they've refused to fix
those -- the answer is to dump IE for clearly superior browsers like
Mozilla or Opera.

> For example, spammers have started using disposable domain
> names, randomly generated subdomains, and "front" servers (often at
> www.geocities.com) that make it harder to block these rogue sites.

Arguably, this should be done at the IP layer and not in the browser:
oh, not that I disagree with where you're going with this, it's an
entirely good idea, but doing it at the IP layer takes care of HTTP,
SMTP, DNS, etc.  And given that we're seeing spammers using IM, the
Windows Messenger service, etc., blocking at the IP layer deals with
everything at once.

I hate saying this.  We've fought so hard for so long for an open 'net
and this is precisely the opposite.  But the ISPs who continue to take
payoffs from spammers in order to keep them connected are making it
necessary.  So, as a consequence, I'm now dropping ALL IP traffic to
and from a handful of networks: they no longer exist as far as I'm
concerned.  Sadly, I think this is just the beginning.

> Again, the big problem there is caused by HTML-burdened E-mail, scripting,
> and links which claim they're one thing (say, "http://confirm.ebay.com";) and 
> which actually behind the scenes link to some rogue site in Romania or
> somewhere.

Yes. That's why I strongly advise not to send or receive HTML email: it's
not only wasteful, but dangerous and rude.
---Rsk 
-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: