Rich Kulawiec writes:
> What all of this means is that once a list passes N members, where
> we can debate about N, the probability that at least one of those
> members has already been compromised even before they've joined the
> list starts rapidly increasing.
This is true, but you've omitt
I hope it doesn't surprise anybody that despite being proponent of
this project I'm quite sympathetic to Rich.
Barry Warsaw writes:
> That assumes an open membership policy. Wouldn't much of this be
> mitigated with a closed subscription policy?
Not if the target membership isn't already para
On 03/18/2017 09:04 PM, Rich Kulawiec wrote:
> On Fri, Mar 17, 2017 at 09:54:48AM +1100, Morgan Reed wrote:
>> I'd submit that this is tantamount to saying "it's impossible to make a
>> 100% secure system so why bother even trying".
>
> Then you're not grasping my point. Let me try again.
>
> I
On Tue, Mar 21, 2017 at 04:04:20PM +0100, johny wrote:
> Shifting the attacker to actively compromise devices is an overall
> improvement.
If "compromising devices" was difficult, I might agree. But it's not.
Devices of all descriptions have been and are being compromised in
enormous numbers on a
On Sun, Mar 19, 2017 at 07:33:24AM -0400, Richard Damon wrote:
> I would say that the problem that is being attempted to solve is
> fundamentally impossible to do perfectly. It is impossible to distribute
> messages in a secure manner to a number of recipients that you don't have
> total control ov
