Re: [Full-disclosure] Fwd: GWAVA Sender Notification (Content filter)
Date: 05/10/05

  • Next message: Oliver Goebel: "[Full-disclosure] CAIF 1.2 released"
    To: James Tucker <>
    Date: Mon, 09 May 2005 23:44:09 -0400

    On Tue, 10 May 2005 02:32:41 BST, James Tucker said:
    > Surely this kind of message is a really bad idea.

    You know it, I know it, and the A/V vendors know it.

    > What is the possible true business value of such a filter?

    The true business value is for the A/V vendor, who can blat out a
    free spam to the forged MAIL FROM: address (which is probably scraped off
    a disk by the worm/virus and therefor likely an actual address.

    In this case, the bozos at GWAVA can spam you about finding something they
    didn't consider acceptable.

    > What is the potential impact upon security to disclose the information
    > that this mail does?

    It demonstrates that the site running it is lame enough to still be running
    A/V software that spams people.

    > What is the cost of deployment of this system against the costs
    > related to it's potential, and actual effects?

    The GWAVA people don't care. They've been paid for the product already, and
    they're not the ones paying for the bandwidth.

    Remember - you're talking here about a market segment *founded* on the business
    model that *partially* patching some other vendor's broken software will lead
    to a permanent gravy train. Once you've wrapped your brain around the morals
    and ethics of that business model, it's obviously a very tiny step to spamming
    other people about the wonders of the product.



    Full-Disclosure - We believe in it.
    Hosted and sponsored by Secunia -

  • Next message: Oliver Goebel: "[Full-disclosure] CAIF 1.2 released"