[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] RE: [Full-Disclosure]MS should re-write code with security in mind
- To: "Clairmont, Jan M" <jan.m.clairmont@xxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] RE: [Full-Disclosure]MS should re-write code with security in mind
- From: Barry Fitzgerald <bkfsec@xxxxxxxxxxxxxxxx>
- Date: Fri, 20 Aug 2004 12:23:35 -0400
Clairmont, Jan M wrote:
Glenn:
Not to take issue with the performance of encryption, but
what good is performance when it's all spent processing spam, malware, trojans, spyware and all the other cr*p that downloads.
Even things like spybot, zone alarm etc. do not prevent any
of the junk that gets loaded thru mail and port 80, plus any other vulnerabilities that continually open up.
An interesting cost benefit analysis of this would be to take the amount
of bandwidth increase if people used encrypted/authenticated pipes as
upposed to unencrypted/enauthenticated pipes just for mail (in this
case) and compare that to the bandwidth lost in SPAM (only count spam
that would be blocked by said authentication system) and see which comes
out larger.
If the bandwidth consumption is less for the encryption, then you have
your answer.
-Barry
p.s. I'm not sure where to start to get valid numbers on this. Every
scenario I've been able to think of in the time it took to write this
e-mail has major methodological flaws.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html