[Dailydave] Semi-anonymized moderation.

[Brian]

On Mon, Jan 28, 2008 at 12:30:52PM -0800, Mark Loveless wrote:
> I actually agree with you 100% on houses. However I was referring to
> computers... ;-)
> 
> Here is the main reason the house argument doesn't work. I cannot
> postal mail you a letter or a package that creates a hidden backdoor
> into your house that only I have the key to. Sure maybe if I mailed
> you a bomb, I could create a crude opening in your house, but it
> would hardly be secret or hidden.

Again, small improvements are better than none.

Anthrax via postal mail might not blow a whole in your house, but it
has a good chance at killing most of the people inside.  Then what
would you do?  Oh, install a gamma irradiation system at the postal
service to proactively filter a newly used known attack at a common
choke point.

You can manually iron all of your inbound postal mail, since its
mostly good enough [0], or you could have your postal service
implement the filtering [1].  Yes, the postal service has known evasions
to this attack.  You can go on ironing your mail, I will continue to
let the postal service filter out most of the attacks.

Again, small improvements are better than none.

> Now as for my comment about no security is better than lame
> security, let me clarify. Yes the point was somewhat exaggerated to
> drive the point home. However what I meant was, there are things you
> can do from a hardening perspective that are just as effective as
> A/V, and they are free. 

By your exaggeration, you miss the point.  Every household has an
iron, ok you might not own one but most Americans probably do.  I
would much rather have the USPS use their known evaidable solution
than to convince everyone in the US to iron their mail.

Again, small improvements are better than none.

Brian

[0] - http://www.pittsburghlive.com/x/tribune-review/trib/pittsburgh/s_425621.html
[1] - http://www.usps.com/news/facts/lfu_021202.htm