On Mon, 2003-08-18 at 20:03, Kai MacTane wrote: > At 8/18/03 09:35 AM , Yorkshire Dave wrote: > > >I've had people sending me listwashing tokens for > >months, and to date I've only seen 2 which I couldn't get anywhere with. > >I suspect blowfish or similar is beyond the ability of some of them, > >they can't use what they can't understand, which is why we're seeing > >variants on classic ciphers. Think about it, if you were trying to hide > >information in a message, would a simple shift even get considered? > > Someone here recently pointed out that spammers routinely break into other > people's machines, and come up with all sorts of creative ways around > whatever we try to use to block their garbage. They may be immoral, > unethical, pathetic wastes of flesh with no regard for the desires or > property of others, but *they are NOT stupid*.
The ability to break into a machine doesn't imply anything beyond criminal skript kiddie & insecure machine. Even cracking has an easy point-and-click interface for windows users now. > Okay, some of them are stupid -- we see the occasional indication that one > or another of them can't even figure out how to use their own ratware > (leaving in $RAND strings and such). But if we start considering all of > them to be stupid, we'll be underestimating them, which could be a really > bad mistake. I'm not underestimating them all, there are some very clever ones I'm sure. Look upon it as taking out the weak ones :) > Perhaps they're using such simple algorithms simply to save their own CPU > power? After all, generating a ROT13 or ROT5 version of each email address > in a million-message spam run has got to be less intensive than generating > an MD5, Blowfish, or other hash. > I don't see CPU overhead as a great issue for them unless they're all running on very old hardware. Another possible explanation is that the spamware author just took the shortest route, spammers asked for coded so they got the first code that came into his head. As long as it's worth blocking on it, I'll keep working at ciphers. If all the spammers start using real encryption I'll look for another way. I'm just taking advantage of a stupid subset of spammers while I can. -- Yorkshire Dave -- Scanned by MailScanner at wot.no-ip.com ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
