Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

Speak of the devil...

Speak of the devil...

  • Comments 2

The other day, I wrote a blog post about the possibility of instant message spam filtering.  I wondered whether or not there was even a need for instant message spam filtering.

Well, just yesterday, I logged into Yahoo Messenger and I got spammed on my IM (ie, I got spimmed).  On the other hand, I also got a request from somebody I didn't know to be added to my Live Messenger contacts list.  I declined the request because I had no idea who that person was.  This illustrates both the strength and the potential weakness of instant message filtering.  My security settings in Yahoo Messenger clearly allow any old ham-and-egger to send me messages even though they aren't on my contact list.  By contrast, Live Messenger requires (according to my settings, I think) people to first be on my list before they can send me stuff.

I'm not completely satisfied with either option.  Clearly, I would prefer to leave myself wide open to people who want to contact me like my Yahoo Messenger settings. I don't want to have to pre-admit everybody who I can think of to my contacts list before they can talk to me, like Live Messenger.  The problem is that as email has so readily demonstrated, I cannot be so loosey-goosey so as to allow anybody to contact me.  Spammers will send me stuff, but so will people with viruses.

Reputation-based sending is an intriguing idea, both for Instant Messenging and for email filtering.  If we only allow people with a good reputation to send me messages then, in theory, I should never get questionable material.  Perhaps we can rate senders on a scale from -9 to +9.  I would always accept messages from people rated +5 to +9, and never accept anything below zero.  The problem is the people rated between 0 and +4 (actually, probably -2 to +2).  Sometimes people can get a bad reputation by accident.  Other times people can get a good reputation by accident.  And, perhaps the most problematic, people without a reputation can still get their shots in before their reputation gets downgraded.

I would implement a system wherein people rated +5 to +9 can send me mail anytime, complete with any type of attachment.  People rated below -2 would never be able to send me mail.  People in between the grey zone would only be allowed to send certain types of mail (ie, text only, no attachments, etc).  The problem here, again, is that the filtering service would need to maintain extensive whitelists and blacklists.  That's a lot of maintenance, and these lists are constantly changing.  Perhaps a central repository is what is needed.  The problem there is that one size does not fit all.

 The challenge continues...

Leave a Comment
  • Please add 5 and 8 and type the answer here:
  • Post
  • mmm.. nice design, I must say..

  • Stupore! Amo questo luogo!:)))))))

Page 1 of 1 (2 items)