[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is the list down?

> I guess that means forging a message from each of us; when I first tried
> subscribing, it wouldn't accept my subscription from mycroft.rand.org for
> my mail address of rand.org without human intervention, so the attacker
> couldn't do it from his own account without forging.  I just did an
> experiment verifying that "Reply-to" is honored by Majordomo, which
> would explain why I didn't get acked for the unsubscribe on Saturday.
would Majordomo still have copies of these replies???
that should point the finger (hopefully)
> Cooperative anarchy works only when people can be either motivated
> or coerced into being cooperative.  As the net keeps increasing
> exponentially the probability of sucking in a critical mass of loonies
> increases along with it.  As with public key cryptography, it takes only
> a linear increase in loonies to seriously interfere with the exponentially
> increasing (relatively) sane population.
> Well... countermeasures.  Majordomo could require its subscriptions signed
> with a valid public key (PGP or RIPEM) with the public key in the signed
> body, and process future transactions for that individual only if they're
> signed.  That's still open to a spam attack, though, where the attacker
> can subscribe 30 variations of (say) Jim Gillogly's address with different
> public keys constructed just for that, and Gillogly wouldn't be able to
> send the right unsubscriptions.
increase human intervention ie a human needs to authorise unsubscribes 
(or doesn't accept replys) as not all ppl use pgp or ripem  

> Hurm.
> 	Jim Gillogly
> 	Mersday, 18 Thrimidge S.R. 1994, 16:09

		 Yours in SYNC. Robert Sturtz
   __                                                                     __
__///       [email protected]      (Ice-Fox on irc)       __///
\XX/      Vice-President of Eastern Wargamers And Roleplayers Club     \XX/