Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

  • Terry Zink: Security Talk

    Sender authentication part 26: DomainKeys in a nutshell

    • 1 Comments
    Now that we understand how digital signatures work, let's take a look at DomainKeys. Like SPF and SenderID, DomainKeys is a mechanism of sender authentication. DomainKeys uses public key encryption to authenticate messages. It works in the following way...
  • Terry Zink: Security Talk

    Facebook spamming me with annoying ads

    • 0 Comments
    Has anyone noticed those annoying ads on Facebook? It's in my News Feed, I have a couple of notices from my friends and then an ad to join an Awesome Club and suit up! I don't mind having ads at the top of the screen, but come on Facebook, leave them...
  • Terry Zink: Security Talk

    Some stats on SPF, DomainKeys and DKIM

    • 0 Comments
    I'm taking a quick timeout from my series on explaining Sender Authentication to post some quick stats on authentication. I took an 8-hour snapshot of our logs to collect some statistics. I started tracking how often senders use SPF, DomainKeys and DKIM...
  • Terry Zink: Security Talk

    Found some spammers today with SPF records set up

    • 4 Comments
    I came across some spam in my inbox today. This company was pushing pump-and-dump stock spam for a medical company. I saw that the company passed an SPF check. That's odd, I thought. A spammer passing an SPF check? So, I decided to check out the SPF records...
  • Terry Zink: Security Talk

    Sender authentication part 25: Digital signatures

    • 0 Comments
    We've seen encryption, secret key encryption and public key encryption. Public key encryption allows a sender to encrypt the contents of the message and have only the intended recipient read it. They do this by encrypting with the public key and decrypting...
  • Terry Zink: Security Talk

    Sender authentication part 24: Public key encryption

    • 1 Comments
    The basic idea behind secret key encryption is the following: You don't have to keep the algorithm a secret. You do need to keep the key a secret. To increase the security of the contents, you lengthen the size of the key. This is all well and good, except...
  • Terry Zink: Security Talk

    Sender authentication part 23: Secret key encryption and one-way functions

    • 2 Comments
    We saw in my previous post that substitution ciphers are a method of encoding a message such that its contents are unintelligible (much like the ramblings of many of the presidential candidates), and they are fairly easy to break with computers that can...
  • Terry Zink: Security Talk

    Sender authentication part 22: Introduction to encryption

    • 3 Comments
    It's been a long time since I took the unit on encryption in my 4th year Telecommunications class in university, but I did quite well in it (I believe I got 5/5 on the assignment). For you see, the concept of encryption is relevant to our next section...
  • Terry Zink: Security Talk

    In transit

    • 0 Comments
    My posting has been on-again, off-again lately because I am in the process of moving from Canada down to Seattle. I hope to begin more regular posting (once every two days or so) shortly.
  • Terry Zink: Security Talk

    New spamming tactic?

    • 11 Comments
    Over the past couple of days, we've seen either the beginning of a new botnet tactic, or we changed something on our networks that is causing network problems. The shift in tactics is the amount of time that a bot will connect to our service, we issue...
  • Terry Zink: Security Talk

    Phishing vs Spoofing

    • 1 Comments
    One of things I've noticed amongst the public is the confusion between the terms phishing and spoofing . The two are not synonymous. Phishing attacks generally use spoofing as a strategy but spoofing attacks are not necessarily phishing. Spoofing is impersonating...
  • Terry Zink: Security Talk

    Where has all the pdf spam gone?

    • 4 Comments
    I'm checking our statistics on the amount of pdf spam we're seeing, and after Aug 20 (last week) it seems to have disappeared. It hasn't disappeared entirely, of course. But my spam rules that targeted this stuff have gone from a couple million hits per...
  • Terry Zink: Security Talk

    Sender authentication part 21: Some recommendations

    • 4 Comments
    In documentation that Microsoft is going to release shortly, they have some recommendations on how to set up your SenderID records as well as a list of frequently asked questions. I will post a link to the relevant documents when they become available...
  • Terry Zink: Security Talk

    Sender authentication part 20: Advantages of PRA vs MAIL FROM

    • 3 Comments
    Microsoft is shortly coming out with some documentation on SenderID and the business case for its implementation. Hopefully by now I have demonstrated its usefulness. The Purported Responsible Address has a couple of advantages when deciding to support...
  • Terry Zink: Security Talk

    Sender authentication part 19: How spammers evade SPF

    • 6 Comments
    How would a spammer get around SPF? One way is the method used by Spammer-X in his book Inside the Spam Cartel . Spammer-X is a retired spammer (so he says) and goes into a lot of the details in his book. I'll give a review when I'm done this series on...
  • Terry Zink: Security Talk

    Notes on the CEAS

    • 4 Comments
    Here's a round up of my random thoughts on the CEAS: 1. The stuff on image spam detection was interesting, but it's a little late. Spammers have moved on to other tricks. 2. Speaking of the stuff on image spam, the false positive rates were very high...
  • Terry Zink: Security Talk

    I haven't disappeared

    • 1 Comments
    I've just been busy with a bunch of stuff over the past two weeks. I plan to resume to normal blogging in the near term.
  • Terry Zink: Security Talk

    See you at the CEAS!

    • 1 Comments
    Well, today I'm off to the Conference on Email and Antispam , in Mountain View, California. It's on Aug 2-3, 2007. I'm not speaking or presenting anything this, but maybe next year I'll present a topic like "How to write an antispam blog."
  • Terry Zink: Security Talk

    Sender authentication part 18: More hazards

    • 5 Comments
    The other hazard I'd like to look at with regards to SPF and SenderID is the issue of newsletters, or more specifically, bulk emailers. Bulk emailers have a long and checkered history of using questionable email practises. They put in lots of advertising...
  • Terry Zink: Security Talk

    Sender authentication part 17: Hazards of SenderID and SPF

    • 3 Comments
    Both SenderID and SPF have their critics. I'd like to touch on two potential problems with them: the first is the issue of email forwarding. There's no official standard on how email is to be forwarded (in terms of rewriting the headers). Suppose that...
  • Terry Zink: Security Talk

    Sender authentication part 16: SenderID vs SPF

    • 1 Comments
    SPF and SenderID are similar to each other in the way they act, but the differences between them are in what they are designed to target (at least how I see it). Both OpenSPF and Wikipedia say that SenderID and SPF are designed to address different problems...
  • Terry Zink: Security Talk

    Some notes on PDF spam

    • 2 Comments
    I started tracking some statistics on pdf spam this weekend. The following numbers will seem a little inflated (since spam performance metrics always appears better on weekends) but they are still interesting. Of all the messages with PDF attachments...
  • Terry Zink: Security Talk

    Sender authentication part 15: How SenderID interprets SPF records

    • 2 Comments
    In my last post, we were introduced to the new SPF record syntax that is specifically designed for SenderID. The question now is how does SenderID treat SPF records that were originally designed to be used with SPF? SenderID allows the spam filter to...
  • Terry Zink: Security Talk

    Sender authentication part 14: Introduction to SenderID

    • 2 Comments
    Now that we've moved our way through the workings of SPF, let's take a look at Microsoft's own branded technology, SenderID (I don't mean that Microsoft invented it since it derives from an earlier standard, only that Microsoft advocates the use of it...
  • Terry Zink: Security Talk

    July 12 - My third year anniversary!

    • 9 Comments
    Today is a special day at Microsoft, it is the three-year anniversary of the day I joined Frontbridge (now Microsoft Exchange Hosted Services) as a spam analyst. Ah, what a memorable three years it has been. On our first day on the job, me and three...
Page 39 of 46 (1,144 items) «3738394041»