<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [gnso-ff-pdp-may08] Proposed additional text, section 5, following line 363
- To: joe@xxxxxxxxxxxxxxxxxx, gnso-ff-pdp-May08@xxxxxxxxx
- Subject: Re: [gnso-ff-pdp-may08] Proposed additional text, section 5, following line 363
- From: "Mike O'Connor" <mike@xxxxxxxxxx>
- Date: Tue, 02 Sep 2008 13:43:42 -0500
i'm going to issue a "possible minority view" tag on this one. there
was nothing approaching consensus around these points.
At 01:02 PM 9/2/2008, Joe St Sauver wrote:
--=======AVGMAIL-48BD85F30000=======
Content-Type: text/plain; charset=us-ascii
Section 5, lines 358-363, PDF pages 16-17, reads:
"Note: The WG did not answer the following charter-questions due to
the lack of:
o A robust technical, and process, definition of "fast flux"
o Reliable techniques to detect fast flux networks while avoiding
false positives,
o Reliable information as to the scope and penetration of fast flux
networks,
o Reliable information as to the financial and non-financial impact
of fast flux networks
I would propose the addition of the following text after line 363:
"Some members of the working group believe that the Mannheim fast flux
score formula would provide a robust and mechanically applicable
definition of "fast flux" which would minimize false positives, and
believe that the use of whitelisting plus manual review can eliminate
any remaining potential false positives.
"The working group received multiple offers of fast flux-related data
from <insert list of fastflux data sources here [I'm aware of at least
two or three, but I'll defer to the data collection subcommittee for a
definitive list]>. The working group accepted [or rejected] data from
those sources, and [did what with it?], finding [what?]. Those interested
in working with that data can apply to obtain access to it by contacting
[who?]
"While it may not be possible to definitively distinguish the costs of
cybercrime associated with fast flux from the costs of cybercrime
conducted separate from fast flux, the working group did receive
reports on aggregate estimates of cybercrime-related costs, and even
if a fraction of 1% of all cybercrime can be tied to fastflux, the
costs would be staggering. Moreover, at least in some cases such as
the use of fast flux to distribute child pornography, there are
substantial non-financial human costs which should also be recognized."
Regards,
Joe
Disclaimer: all opinions strictly my own
--=======AVGMAIL-48BD85F30000=======
Content-Type: multipart/alternative;
boundary="=======AVGMAIL-48BD85F30000======="
--=======AVGMAIL-48BD85F30000=======
Content-Type: text/plain; x-avg=cert; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Content-Description: "AVG certification"
No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.169 / Virus Database: 270.6.14/1647 - Release Date: 9/2/2008 6:=
02 AM
--=======AVGMAIL-48BD85F30000=======--
--=======AVGMAIL-48BD85F30000=======--
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|