On 2012-08-29, Adam Tauno Williams <awill...@whitemice.org> wrote: > >> > Yes, and why this whole notion of hidden and revolving and multiple >> > addresses is just stupid; >> Certainly not. The rule of least privilege is state of the art. The >> philosophy is held in high regard by everyone sufficiently >> knowledgeable about network security. > > Really... it is mocked in my knowledgeable circles!
Your "circle" evidently doesn't include even the most basic network security knowledge. The rule of least privilege is well established, utilized by security admins at all fortune 500 companies, but also taught to those who don't even have a MS in NS. The most basic entry-level network security classes present this concept. Without a competing paradigm, only ignorance can explain why someone would not endorse it. > That is "security through obscurity". It is a dumb idea. "Security through obscurity" is not even close to the same concept as the rule of least privilege. Perhaps your colleagues are mocking "security through obscurity", and you've erroneously took it to be a buzz word for the rule of least privilege. The rule of least privilege entails avoiding needless disclosure and needless access privileges. There is nothing confusing or complex about this. "Security through obscurity" is. That is, it's an attempt at using complexity to confuse an adversary, and generally fails because the attacker can decompose the complexity, while the complexity also gives cause for more defects in the infrastructure (which can then be exploited). > Changing your address is not "least privilege" at all, Of course not. No one suggested that. Given the same disclosure, a new address has the same result. It's the use of a non-disclosed address that gains the advantage of least privilege (whether it has changed or not). > it is just obscurity. Using forwarding addresses is more complex than just having one address, but the security benefit is not dependant on the mere presence of the complexity, so it would be naive to call it security through obscurity. Security controls are often more complex that the absense thereof, but that in itself does not mean you have "security through obscurity". >> > suddenly it is very difficult for me to contact someone I have a >> > legitimate reason to communicate with. >> How so? If it's difficult for you, you have a broken or inadequite >> tool. A proper tool enables you to supply whatever email address is >> appropriate (which is not necessarily your internal address). > > No, the person I want to communicate with has changed their e-mail > address... that has nothing to do with the tool. My messages to them > either disappears into the ether, or bounces. Communication then has > failed. Correcting a poorly implemented system has inconveniences, of course. So ideally you do it right the first time. But if someone screwed up (by failing to utilize the rule of least privilege when distributing their address), the resulting inconvenience is a poor excuse for not correcting the problem. > I don't fear disclosure. I want disclosure. HERE I AM! If you > have something interesting to say - send it my way. The rule of least privilege does not entail no disclosure at all. The key here is mitigating *needless* disclosure. If someone needs to send you an email, they need an email address that reaches you. Disclosing a forwarding address unique to that sender is quite in line with the rule of least privilege, without foolishly disclosing (what I will call) an uncontrolled universally known address. > If you are a real end-user the probability you will get blocked by > the 'e-mail firewall' is extremely low. Not in the slightest. Senders who self-serve their email delivery can expect ~50% of their mail to be blocked as a result of this crudely naive (or profit-driven) blocking practice. >> Indeed, it's easy for simple users, but advanced users have better >> options. Although I have spamassasin score my email, it rarely finds >> anything malicious -- thanks to the rule of least privilege ensuring >> that spam doesn't come in the first place. > > And that it is very hard for anyone to contact you; Nonsense. It's easier to contact me than you. My approach makes me highly available, because I am not depending on an unreliable blocking strategies that could treat ham like spam. If I were to consider you to have a legitimate need to email me, for example, the forwarding email address that I would disclose to you has no blocking at all -- your message would not be blocked, full stop, even if you want to tell me how good viagra is. Of course, if I don't consider you to have a legitimate need to email me, then indeed, I am very hard to email -- and rightly so. This is because I am in control. > which introduces more of an impediment to communication than > anything the EFF is whinging about. It's impediments that are outside of the end users knowledge or control that the EFF (and myself) are most opposed to (e.g. spamhaus). The EFF does not oppose all impediments, particularly that of users who are in control over their own delivery. The EFF certainly does not oppose users controlling disclosure of a means to contact them, and rightly so. > The EFF frequently borders on delusion regarding how users will use > their computers; if they completely have their way everyone will be > driven to proprietary services because the Open services will be > impossibly tedious. Quite the contrary. It's predominately proprietary services that implement the crude money saving DNSBLs -- precisely because it's a cheap way to reduce server costs, and the side-effect of quality reduction goes unnoticed to most novice users. Open source hobbyists who roll their own do so pursuant to quality of service, and would be quite foolish to configure a DNSBL to outright block delivery, when they can get that kind of lousy service from a proprietary email provider. It is this group who is most in line with EFF principles. It is the corporate conglomerates who are most opposed. The corporate conglomerates want control, and they have it due to lack of appreciation and application of EFF principles. _______________________________________________ evolution-list mailing list evolution-list@gnome.org To change your list options or unsubscribe, visit ... https://mail.gnome.org/mailman/listinfo/evolution-list
