[17564] in cryptography@c2.net mail archive
Re: WYTM - "but what if it was true?"
daemon@ATHENA.MIT.EDU (dan@geer.org)
Fri Jun 24 11:46:13 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: dan@geer.org
To: cryptography@metzdowd.com
In-Reply-To: Your message of "Wed, 22 Jun 2005 10:14:45 EDT."
<339a1cad4e1bdb360a9e1878eff88d67@allan.org>
Date: Fri, 24 Jun 2005 10:47:41 -0400
What do you tell people to do?
<commercial_message>
Defense in depth, as always. As an officer at
Verdasys, data-offload is something we block
by simply installing rules like "Only these
two trusted applications can initiate outbound
HTTP" where the word "trusted" means checksummed
and the choice of HTTP represents the most common
mechanism for spyware, say, to do the offload
of purloined information. Put differently,
if there 5,000 diseases but only two symptoms,
then symptomatic relief is the more cost-effective
approach rather than cure. In this case, why do
I care if I have spyware if it can't talk to its
distant master? (Why do I care if I have a tumor
if angiostatin keeps it forever smaller than 1mm
in diameter?) Of course, there are details, and,
of course, I am willing to discuss them at far
greater length.
</commercial_message>
--dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
