Re: [Evolution] I guess I am going to have to change my e-maill address.



On 2012-08-29, Adam Tauno Williams <awilliam whitemice org> wrote:

Yes, and why this whole notion of hidden and revolving and multiple
addresses is just stupid;
Certainly not.  The rule of least privilege is state of the art.  The
philosophy is held in high regard by everyone sufficiently
knowledgeable about network security.

Really... it is mocked in my knowledgeable circles!

Your "circle" evidently doesn't include even the most basic network
security knowledge.  The rule of least privilege is well established,
utilized by security admins at all fortune 500 companies, but also
taught to those who don't even have a MS in NS.  The most basic
entry-level network security classes present this concept.  Without a
competing paradigm, only ignorance can explain why someone would not
endorse it.

That is "security through obscurity".  It is a dumb idea.

"Security through obscurity" is not even close to the same concept as
the rule of least privilege.  Perhaps your colleagues are mocking
"security through obscurity", and you've erroneously took it to be a
buzz word for the rule of least privilege.

The rule of least privilege entails avoiding needless disclosure and
needless access privileges.  There is nothing confusing or complex
about this.  "Security through obscurity" is.  That is, it's an
attempt at using complexity to confuse an adversary, and generally
fails because the attacker can decompose the complexity, while the
complexity also gives cause for more defects in the infrastructure
(which can then be exploited).

Changing your address is not "least privilege" at all,

Of course not.  No one suggested that.  Given the same disclosure, a
new address has the same result.  It's the use of a non-disclosed
address that gains the advantage of least privilege (whether it has
changed or not).

it is just obscurity.

Using forwarding addresses is more complex than just having one
address, but the security benefit is not dependant on the mere
presence of the complexity, so it would be naive to call it security
through obscurity.

Security controls are often more complex that the absense thereof, but
that in itself does not mean you have "security through obscurity".

suddenly it is very difficult for me to contact someone I have a
legitimate reason to communicate with.
How so?  If it's difficult for you, you have a broken or inadequite
tool.  A proper tool enables you to supply whatever email address is
appropriate (which is not necessarily your internal address).

No, the person I want to communicate with has changed their e-mail
address... that has nothing to do with the tool.  My messages to them
either disappears into the ether, or bounces.  Communication then has
failed.

Correcting a poorly implemented system has inconveniences, of course.
So ideally you do it right the first time.  But if someone screwed up
(by failing to utilize the rule of least privilege when distributing
their address), the resulting inconvenience is a poor excuse for not
correcting the problem.

I don't fear disclosure.  I want disclosure.  HERE I AM!  If you
have something interesting to say - send it my way.

The rule of least privilege does not entail no disclosure at all.  The
key here is mitigating *needless* disclosure.  If someone needs to
send you an email, they need an email address that reaches you.
Disclosing a forwarding address unique to that sender is quite in line
with the rule of least privilege, without foolishly disclosing (what I
will call) an uncontrolled universally known address.

If you are a real end-user the probability you will get blocked by
the 'e-mail firewall' is extremely low.

Not in the slightest.  Senders who self-serve their email delivery can
expect ~50% of their mail to be blocked as a result of this crudely
naive (or profit-driven) blocking practice.

Indeed, it's easy for simple users, but advanced users have better
options.  Although I have spamassasin score my email, it rarely finds
anything malicious -- thanks to the rule of least privilege ensuring
that spam doesn't come in the first place.

And that it is very hard for anyone to contact you;

Nonsense.  It's easier to contact me than you.  My approach makes me
highly available, because I am not depending on an unreliable blocking
strategies that could treat ham like spam.  If I were to consider you
to have a legitimate need to email me, for example, the forwarding
email address that I would disclose to you has no blocking at all --
your message would not be blocked, full stop, even if you want to tell
me how good viagra is.

Of course, if I don't consider you to have a legitimate need to email
me, then indeed, I am very hard to email -- and rightly so.  This is
because I am in control.

which introduces more of an impediment to communication than
anything the EFF is whinging about.

It's impediments that are outside of the end users knowledge or
control that the EFF (and myself) are most opposed to (e.g. spamhaus).
The EFF does not oppose all impediments, particularly that of users
who are in control over their own delivery.  The EFF certainly does
not oppose users controlling disclosure of a means to contact them,
and rightly so.

The EFF frequently borders on delusion regarding how users will use
their computers; if they completely have their way everyone will be
driven to proprietary services because the Open services will be
impossibly tedious.

Quite the contrary.  It's predominately proprietary services that
implement the crude money saving DNSBLs -- precisely because it's a
cheap way to reduce server costs, and the side-effect of quality
reduction goes unnoticed to most novice users.

Open source hobbyists who roll their own do so pursuant to quality of
service, and would be quite foolish to configure a DNSBL to outright
block delivery, when they can get that kind of lousy service from a
proprietary email provider.  It is this group who is most in line with
EFF principles.  It is the corporate conglomerates who are most
opposed.  The corporate conglomerates want control, and they have it
due to lack of appreciation and application of EFF principles.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]