[Asrg] kiosks, was where the message originated
Dotzero
dotzero at gmail.com
Tue Jan 13 06:11:55 PST 2009
On Mon, Jan 12, 2009 at 7:43 PM, John Levine <johnl at taugh.com> wrote:
>> So, what's to stop me using your email address as the return address
>> in that kiosk?
>
> Technically, nothing.
>
> In practice, it's a pretty poor way to defame people or send spam,
> particularly if it's the kind of kiosk where you pay with a credit
> card so there is an extremely reliable audit trail should someone take
> offense.
>
Given the amount of CC information floating around at relatively low
cost to people with ill intent, I would not rely on "an extremely
reliable audit trail". It will take you to a p0wn3d person in an
extremely reliable way.
> Keep in mind that any kind of security is a tradeoff, and in this case
> the tradeoff sure looks like a kiosk will send send mail that people
> people want, not spam.
>
I don't have enough experience with mail kiosks (I've never used one
in my life and haven't noticed receiving from one - and yes, I do tend
to look at headers) to make an assertion one way or the other
regarding people wanting mail from kiosks. What do you base your
assertion on John? Not meaning to be combative, actually looking for a
data point.
More information about the Asrg
mailing list