On Sun, Oct 26, 2003 at 06:01:09PM -0700, kenw@kmsi.net said:
I'm a little puzzled, and I hope people won't object to my asking about this.
As I see it, we're experiencing an ever-increasing flood of garbage network traffic. While not all of it is easy or appropriate to target, it seems to me there's some "low hanging fruit" that could generate serious gains with relatively little investment.
A few things that make sense to me (as a non-ISP network consultant) include:
[snip] Some good thoughts in this thread. I think Sean is right about this being an end-user problem, and although we _can_ mitigate that problem somewhat at other parts of the network, that amounts to treating the symptoms rather than the disease. The 3 things that would do the most to help eliminate this problem (millions of easily 0wned end-user hosts) right now are all things that lie in Microsoft's domain: 1) enable Internet Connection Firewall by default; 2) enable automatic Windows Update patch installation by defuault; [*] 3) modify the HTML engine in Outlook/OE such that it can ONLY render HTML, and any active content is ignored - in other words, replace MSIE as a backend HTML rendering engine with, say, lynx. [**] (and even if the above were all incorporated into all subsequent releases of Windows, it might take years before the old insecure hosts were finally replaced ...) Nothing new to this crowd, I'm sure, but I sure wish there was a way to make this a priority to the folks at MS, who are really the only people with the ability to make this happen. Without their compliance, the problem will never improve (not as long as they're as dominant as they currently are). -- Scott Francis || darkuncle (at) darkuncle (dot) net illum oportet crescere me autem minui [*] I'm well aware of the potential disaster were the WindowsUpdate site to be trojaned. However, corporate IT should be updating from a single server by the schedule of their windows admins, and for everybody else ... it couldn't be much worse than the current state of affairs. [**] I've given up on hoping that email will return to the plain old text it was intended to be. I'm in the minority on that opinion, and I'm willing to settle for HTML in email if it can be rendered in a non-harmful manner (i.e. plain vanilla HTML only).