Re: [WP?;] shared whitelist writeup

Dan,

I haven't had a chance to look at your cooperative whitelist pointers yet, 
but this is the response I got back from Paul Hoffman, who is not prepared 
to release his whitelist for such a scheme.  And now I think about it, it 
is a glaring vulnerability.   (And that's before even thinking about the 
privacy concerns you mention.)

The bottom line is that the security will need to be much more carefully 
thought out if this is going to fly at any significant scale.

>>The suggestion was not that email addresses are exchanged, but SHA-1 
>>hashes of them, for precisely the reason you raise.
>
>Nope, not even that. A list of SHA-1 hashes can be used as a basis for 
>dictionary attacks to determine the list of good LHS against the list of 
>good domain names.

#g
--


At 04:00 AM 1/22/03 -0500, Dan Brickley wrote:
>... here is a pointer
>to the whitelist-sharing spam filter application I worked on lately, as 
>discussed
>in coffeebreak. FWIW I use it, and take advantage of local access to a 
>(hashed)
>version of W3C's list of probably-not-spammer mailing list subscribees. It 
>works
>well, although each day I have several msgs from people who addresses 
>don't match.
>
>Details: http://www.w3.org/2001/12/rubyrdf/util/foafwhite/intro.html
>google has a few more pointers, 
>http://www.google.com/search?q=%20foaf%20whitelist
>my own whitelist: http://tux.w3.org/~danbri/rdfweb/foafwhite.xml (feel 
>free to use)
>
>I'm thinking of making a few changes.
>
>  - decouple basic idea from foaf (though foaf might prove useful for 
> discovery/trust
>    addons)
>  - add both case-normalised and as-is hashes of each mailbox, so that if
>    mailto:danbri@W3.org is on your whitelist, and you check for 
> mailto:danbri@w3.org,
>    you'll get a match.
>  - bundle up the code I'm running
>  - write it up (I'm wondering whether there's a corner of swad-e where 
> such a
>    piece of writeup makes sense. it isn't a million miles from the Trust 
> WP...)
>
>
>FWIW I had a brief exchange with someone from Mozilla.org about 
>possibility of
>whitelist exchange to support spam-filtering on mailing lists, some time 
>ago. You
>mentioned possibility of interest from folk running IETF lists too, maybe 
>that
>would be enough to get critical mass? We'd need to think about privacy 
>issues a bit
>more carefully before encouraging people to do this. Knowing that a person 
>is on
>some publically visible technically oriented list isn't such a 
>controversial fact, but
>if the technique were adopted for more controversial 
>(sex/politics/health/etc) fora,
>we would need to tiptoe rather carefully. Ultimately I would like W3C and 
>other
>large mailing list hosts to expose such whitelists for re-use and sharing, 
>but I
>wouldn't want to do that without thinking through the issues.
>
>I do think that whitelist sharing is the way to go re spam filtering, 
>augmented by
>content-based filtering. Whitelists paint spammers into a corner, where 
>they have to
>forge From: headers to get mail through to an audience. An obnoxious 
>practice, but
>one that makes a starker line between 'goodies' and 'baddies'.
>
>Thoughts, suggestions, devastating critiques welcome as always :)
>
>Dan
>
>
>
>Dan

-------------------
Graham Klyne
<GK@NineByNine.org>

Received on Thursday, 23 January 2003 06:42:04 UTC