[FoRK] At what point is email officially broken?
Jim Whitehead <
ejw at soe.ucsc.edu
> on >
Thu Dec 7 09:42:50 PST 2006
> Why, yes, I got that the first time. What specifically needs fixing?
This is trolling for a specific technical recommendation. I don't
want to go down that particular path.
I want to focus on my main point, which is the current email
infrastructure is broken in the sense that it permits excessively
large amounts of spam. Once there is agreement that the current
infrastructure is broken, then we can begin to examine the design
space of possible solutions.
Yes, I did read the document you referenced (http://www.craphound.com/
spamsolutions.txt). One can view it as an attempt to defend the
existing infrastructure by pointing out problems in the suggested
fixes. It doesn't work: even after all of the half-baked solutions
have been (rightfully) dismissed, the spam problem is still with us,
and email is still slowly dying.
This is why I'm avoiding giving a technical "fix". Once I do this,
you'll point out the N objections to that fix from the
spamsolutions.txt post, and thereby dismiss the main point, claiming
that since there is no good fix, the email system therefore must not
be broken. However, it's entirely possible for the email system to be
broken, even if there is no known (at present) fix.
A more productive way to view (http://www.craphound.com/
spamsolutions.txt) is as a series of goals for a new email
infrastructure (avoid these known pitfalls). It will not be possible
to avoid all of the pitfalls identified. Like any design process,
there will be tradeoffs.
>> Eliminating all security holes in software the size of current
>> applications is, as far as I know, beyond the current state of the
>> art in software engineering.
> Correct. So what's your point? I guess I was mistaken in assuming
> that you were already aware that Windows has so many holes, an
> machine will likely be compromised in less time than it takes to
> download the patches.
My point is that eliminating Windows and Outlook would mean that
security attacks would start focusing on whatever became the existing
dominant platform. Since it is beyond the state of the art to make
software completely secure at present, this means that *whatever* the
dominant platform may be, it will be susceptible to security attacks.
Mac OS X has been lucky so far.
More information about the FoRK