[hashcash] Re: Opportunistic signatures - a proposed design
- From: "Eric S. Johansson" <esj@xxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Wed, 01 Sep 2004 01:58:32 -0400
Atom 'Smasher' wrote:
the hole is a spammer subscribing to the list, and sending out as much
spam as they can, before they get turned off. what's the solution for
this... spam filters on the lists? moderated lists? unmoderated posts
granted to users after they've "proven" their value to the list? new
members must be voted in?
collecting addresses and spoofing the list are not practical... on most
lists, a small percentage of the members do most/all of the posting.
this also takes more work than spammers are interested in.
fine. This saves me work. Let's just ignore mailing lists and let
somebody else solve the problem.
if someone can afford to send out enough email where that's a concern
(ebay? amazon? buy?), and they don't want to stamp it, there's a good
chance that they're a spammer.
OTOH, let's say i subscribe to a mailing list,
<special-offers@xxxxxxxxxxxxxxx>. well, having subscribed to a mailing
list, i can accept stamps for that address.
seriously... this SHOULD be a burden to anyone doing a mass mailing! i
think of that as a FEATURE, not a BUG.
I understand. But there are a serious number of "know it all" types who
insist on getting their knickers in a twist over the mailing list issue.
We have to be prepared to answer and if the answer is going to be
mailing lists can just go pound sand, then let's give them a bucket full
and a hammer.
at the egress point for any aggregation of any number of e-mail users,
traffic patterns start to look significantly like a spammer. The
greater the aggregation, the greater the likeness.
=============
if it were true that spamminess of an email can be correlated to the
volume of email passing through a node, then spam filters wouldn't work.
spam filters have many features they can measure by content, volume,
addresses, domain name validity etc. Hashcash is a rate limiter and
primarily affects spam through the slowing down of how fast you can send
it. Now, look at what I said in that light.
500 users minting stamps on 500 desktops is not a significant burden.
500 users having all stamps generated by an outbound "stamp server"
could be.
yup, that's right. Unless of course the organization says "we're not
touching the desktop. If you tell us to, go pound sand and have a nice
day." In my experience, this is any organization with more than 100
desktops.
thus, a market will exist for an outbound "stamp server", specially set
up for minting stamps. i suppose that's inevitable... but when they hit
the surplus market....
yes. They certainly well and I've worked out how to take advantage of
"spare CPU capacity" within an organization. It might be a CPU cycles
sponge as it were
but then you're talking about domain signatures, not user signatures?
yahoo already invented that. and home users aren't going to have a
"secure" box anywhere... not as long as M$ is in business. so the
problem of stolen signing keys might be reduced for companies that can
afford to not keep keys on desktops, but the problem doesn't go away.
no, that is not what I am talking about. I am talking about individual
signatures associated with a given e-mail address. I was talking also
on the context of an enterprise or ISP environment. The same technique
will also scale down to the individual user.
Personal boxes will get more secure. They are significantly more secure
than they were five years ago. Continuing to dither about stolen keys
due to viruses and other intrusions will only serve to keep security off
the desktop. If there's nothing there to protect, why protect it. As
soon as there is something that to protect and a few people get burned,
then they will be action on many fronts to make the desktop more secure
and quickly.
If you're going to continue to dither about this, you might as well bend
over, grab your ankles and say "I'm ready for my close-up Mr. intruder"
because there isn't going to be a solution that is either practical or
one that will make you happy.
i would assume that a machine gets owned, and between 2-3am that night
the spam will start... send out a flood of spam while the mark is
sleeping, and when they wake up they'll have a lot of people ~very~
angry at them.
see my point above. If there's something to protect, the people will
demand some way to protect it. It's not going to happen a minute before.
If you take care and protect your keys with passphrases or external
devices, you are much better shape unless you machine has been
compromised at which point, you are screwed
===============
for >99% of users, those precautions will not be taken.
at which point, you are screwed. And then you will demand protection
from it happening again.
agreed then: M$ is the problem ;)
actually, computers or the problem. It doesn't matter which OSes out
there, compromises will happen, people will get burned, lawyers will get
rich.
in all this argument of risk factor vs. risk factor, one thing neither
of us can show is actuarial tables. Until you can show that for a given
number of hours on the net running particular piece of software etc. you
have a 0.000x percent intrusion rate, all discussions of risk are just
blowing smoke. 100 percent fine Caribbean smoke.
when risks are categorized, people will demand protection analogs of
police, fire, insurance.
assuming a compromised machine, the nice thing about hashcash vs signing
keys is that it throttles the rate at which spam can be sent...
compromised signing keys on a compromised computer would essentially
guarantee a DoS attack against everyone in the address book... the only
limiting factor is the speed of the connection.
a compromised machine in a hashcash universe would be limited to sending
out what... ~30 emails/sec? and that's at 100% load. my mom would notice
that, and call someone (not me, i dunno nuthin about windoze).
summary: public keys can prevent forgery, not spam.
understood. But the human factors aspect of dropping the cost of
hashcash and substituting a signature as a forgery resistant channel
between two parties, is hugely beneficial to the end-user. The reason
all security measures fail today is because of human factors. Why do we
still use passwords? It's because they suck less than all the
alternatives. Why is e-mail plaintext? Because it's easier to use than
trying to remember a passphrase. Why do e-mail and browser applications
remember passwords for you? Because it sucks less than remembering
passwords.
so, we can go around this barn again or we can figure out a good, human
factors friendly way of minimizing stamp load when it is really needed.
This is important because a large number of attacks against hashcash
are political. They are "I'm not touching my desktops", "why should I
spend stamp time every time I send a message to someone I know","what
about mailing lists", and a host of others. They all appeared to boil
down to a resentment to spending CPU cycles unnecessarily. but what
they really are is failures of human factors. And when it comes to
human factors vs. security, human factors always win unless there is
some dude with an M-16 standing near you.
---eric
Other related posts:
