At 09:37 PM 12/26/2003 -0500, Adam Back wrote:
The 2nd memory [3] bound paper (by Dwork, Goldber and Naor) finds a flaw in in the first memory-bound function paper (by Adabi, Burrows, Manasse, and Wobber) which admits a time-space trade-off, proposes an improved memory-bound function and also in the conclusion suggests that memory bound functions may be more vulnerable to hardware attack than computationally bound functions. Their argument on that latter point is that the hardware attack is an economic attack and it may be that memory-bound functions are more vulnerable to hardware attack because you could in their view build cheaper hardware more [....]
Once nice thing about memory-bound functions is that,
while spammers could build custom hardware farms in Florida or China,
a large amount of spam is delivered by hijacked PCs or abused relays/proxies,
which run on standard PC hardware, not custom, so it'll still be slow.
do the math.
d*b --- s
where: d = stamp delay in seconds
s = spam size in bytes
b = bandwidth in bytes per secondassuming unlimited bandwidth, if a stamp spammer compromises roughly the same number of PCs as were compromised during the last worm attack (350,000) at 15 seconds per stamp, you end up with 1.4 million stamps per minute or 2 billion stamps per day. When you compare that to the amount of spam generated per day (high hundred billion to low trillion), they are still a few machine short of what is necessary to totally render stamps useless. Yes, maybe one spammer could muster a few machines to be a nuisance but that's the extent of it.
When dealing with hardware acceleration, it becomes a hardware war. If they can make a custom hardware, Taiwan can make us USB stamp generators, postage goes to a period of rapid inflation, and the world goes back to where was before with no advantage to spammer's.
Penny Black or any other system that involves tweaking the email protocols gets a one-time win in blocking spam, because older badly-administered mail relays won't be running the new system - if their administrators upgrade them to support the new features, hopefully that will turn off any relay capabilities. That doesn't apply to cracked zombie machines, since the crackers can install whatever features they need, but at least all of those Korean cable-modem boxes won't run it.
again, work the numbers to figure out the basic model and where the threat roughly lives. Personally, I think that any system that tweaks the e-mail protocols basically loses for reasons of adoption and backwards compatibility. I've put a lot of effort into the camram implementation to create significant backwards compatibility without leaving someone vulnerable to spam.
also, zombied machines are a threat but the beauty of any proof of work system is that the machine will start overheating if it's used too much and the CPU load will become noticeable to the user. So in a way, stand generating zombies might actually do the net some good and takeout these machines. or cause another blackout in New York State...
---eric
-- Speech recognition in use. Incorrect endings, words, and case is closer than it appears
