[PLUG] what is the point of PGP-signed emails?

Jason Van Cleve jason at vancleve.com
Wed Dec 10 11:54:01 UTC 2003 

Quoth Zot O'Connor, on Wed, 10 Dec 2003 02:00:23 -0800:

> You are failing to understand:  "When sent", and even "when delivered"
> is not the same as "when read/detected."  Not everyone reads all the
> email within minutes of it being sent.  As stated below if the time
> period is 2 hours, that may be faster than the email can be delivered.

No, I understand the process, I think.  I'm just saying that where it
takes more than a day for spammers' certificates to be flagged as evil,
spam will still get through to the recipient, since most people check
their email at least once a day.

> If I am not clear, I am sorry,  otherwise please stop juxtaposing
> unlike values.

I'm not sure I did.  You said at first that detection would take
"minutes to days".  If so, then a two-hour wait time would only catch a
small percentage of spam (based on a linear proportion of detection
times), correct?  Unless you believe the majority of spam will be caught
within two hours, and that only a few will take as long as days. 
Obviously, neither of us has graphed this prediction.  The point is,
unless that two-hour wait is ample for a large majority of spam, it is a
high price to pay, because most people want speedy delivery, as someone
else mentioned.  So it does matter how long detection takes.

Remember, we are up against a great ROE for spammers.  That's why it's
such a big goddamn problem.  If we only try to further inconvenience
them, they'll just get better at what they do.

> Send 5 million emails on a LAN (a virtual catch all account should do
> it).  It is all the same exact note, just the TO: field changes.
> 
> Now run the process that creates unique senders, keys, and signatures
> for each of the mails.  See if it is negligible.

Yes, sir, that would require more processing.  My question, why should
the spammer need to create a different key for each email?  I see that
it would ensure delivery (not accounting for traditional spam filters)
and would make that two-hour wait a moot point, but if it really makes
it so difficult to spam in bulk, then couldn't the spammer just use the
same key for a number of emails?

> Many of the Nigerian scams use the email for the return address. 
> Access to those emails can be monitored but traces are easier to
> cleanse.  If a key in involved, that key must be kept around at the
> scammers end (or access to it).

This is a process of which I lack understanding.  In my mind, the
spammer will generate arbitrary keys just to get emails through to the
consumer.  Nobody knows anything about those keys, thus they are just as
useless as a return address for finding out who sent the spam.  Explain
how the key is involved after the email is received.

> And that process leaves a ton of information.  In this case it would
> merely prove that the virus used that machine to generate the keys. 
> While that makes for a great story, lots of spam is still generated on
> within the spammers' machines.

Okay, but even so, how does signing emails with unknown keys leave any
forensics?  Are you thinking spammers' boxes could be seized and the
keys found on them?  Not likely.

(Then again, if it does serve to incriminate the sending machines, that
would only mean rooted and RAT-infested machines would become the
primary MO.  That doesn't sound very nice.)

> Umm, you are taking the line out of context.  The point was to make
> each email have a resource use that needs real time (milliseconds). 
> You and I will not notice it, but even a virus will be impacted (as
> per the 5 million email examples above).  A monetary tax makes no
> sense since it will not be billed to the right person or entity
> (though in general it might make everyone must tighter about security,
> but that won't happen for a while).

Agreed.  But you'll have to quantify this, to make a real argument. 
First, we have to decide how much spam is sent from spammers' own
machines versus how much is sent from hacked boxen--how much processing
power have the spammers at their disposal, considering the rate at which
networks can actually send email.  If as you say a separate key has to
be created for every email (of which I remain dubious), then the flow of
spam may indeed be reduced.  But will it make a difference over time? 
Considering Moore's Law is not yet in any danger, I have to wonder.

But if you think your solution is worthwhile, I'd be interested in
reading a complete description.

--Jason Van Cleve

--
My new years resolution is 1280x1024.

More information about the PLUG mailing list