0:00:01.619,0:00:04.150 so its time to move on to the next talk 0:00:04.150,0:00:07.160 this talk has the keynote speech 0:00:07.160,0:00:09.069 by Eric Allman 0:00:09.069,0:00:11.239 Chief Science Officer 0:00:11.239,0:00:12.839 of Sendmail 0:00:12.839,0:00:17.639 and I think that internet mail past present and bit of future 0:00:17.639,0:00:20.759 I will introduce 0:00:20.759,0:00:22.380 his biography 0:00:22.380,0:00:27.409 Eric Allman is the original author of Sendmail and longtime contributor to partial index 0:00:29.149,0:00:33.870 he also wrote ending lock roads C-twelve lock identification 0:00:33.870,0:00:39.530 beside external Sendmail he has worked with database management 0:00:39.530,0:00:40.490 systems and 0:00:40.490,0:00:41.679 and neural 0:00:41.679,0:00:43.159 network based speech recognition 0:00:43.159,0:00:46.410 system administration and networking 0:00:46.410,0:00:50.050 he is chief science officer and co-founder of 0:00:50.050,0:00:50.999 Sendmail 0:00:50.999,0:00:51.509 incorporated 0:00:51.509,0:00:52.789 before joining Sendmail 0:00:52.789,0:00:54.190 he served as CEO 0:00:54.190,0:00:55.529 for Swift 0:00:55.529,0:01:00.620 inc. which is now part of 247 Media Inc. 0:01:00.620,0:01:03.490 he was with the lovern 0:01:03.490,0:01:10.250 and provided the whole scale research software infrastructure for most of the projects at University of Berkeley 0:01:10.250,0:01:12.740 he has contributed as senior 0:01:12.740,0:01:16.369 at the international computer science institute 0:01:16.369,0:01:17.909 to neural network systems and 0:01:17.909,0:01:19.979 ihe was also part 0:01:19.979,0:01:21.740 of Ingress 0:01:21.740,0:01:24.300 invasion of system 0:01:24.300,0:01:28.220 and only co-authored the advisor for 0:01:28.220,0:01:31.639 Unix magazine and was a member of 0:01:31.639,0:01:35.150 the board of directors at Unix association 0:01:35.150,0:01:36.580 he has currently program chair 0:01:36.580,0:01:37.969 0:01:37.969,0:01:44.260 for the conference on e-mail and spam and member of ACM Queue editorial board 0:01:44.260,0:01:45.739 and the board of 0:01:45.739,0:01:48.340 trustee of call performances 0:01:48.340,0:01:53.650 he holds a Master of science degree in computer science from University of California Berkeley 0:01:53.650,0:02:00.650 so please 0:02:01.480,0:02:08.480 make sure, can everyone hear me clearly? 0:02:11.559,0:02:13.989 okay. I'm going to give you a little bit of 0:02:13.989,0:02:15.860 well actually quite a bit of history about 0:02:15.860,0:02:20.339 e-mail and related technologies starting really from 0:02:20.339,0:02:22.840 before the internet existed 0:02:22.840,0:02:27.269 this talk that I gave a couple of years ago and although there's a lot of slides I'm going to 0:02:27.269,0:02:30.459 try and go through it fairly quickly because the more interesting 0:02:30.459,0:02:32.789 current stuff is 0:02:32.789,0:02:34.909 towards the end. The current stuff will be 0:02:34.909,0:02:36.729 some observations about spam 0:02:36.729,0:02:39.949 and e-mail security in general 0:02:39.949,0:02:46.359 and the authentication and reputation which is what I've been working on most recently 0:02:46.359,0:02:50.019 then I'm going to give you some everyone always wants to know what I think will be the future 0:02:50.019,0:02:54.849 of e-mail and I always tell them I don't know any better than they do but they insist on 0:02:54.849,0:02:58.239 having me tell them so I'll come up with a few things there 0:02:58.239,0:03:01.189 I've thrown in some stuff by the way about 0:03:01.189,0:03:04.719 some other things that people have asked me about here so I'm 0:03:04.719,0:03:07.299 trying to adjust the talk to be 0:03:07.299,0:03:08.350 of 0:03:08.350,0:03:09.379 interest to 0:03:09.379,0:03:12.099 what people seem to want to hear 0:03:12.099,0:03:16.299 so first I want to talk about the prehistory of 0:03:16.299,0:03:19.349 of the internet really this is the Arpanet 0:03:19.349,0:03:21.329 starting from zero hosts 0:03:21.329,0:03:25.819 on the network to two hundred and thirteen which is where the Arpanet 0:03:25.819,0:03:29.769 peaked out it couldn't go much larger than two hundred thirteen because 0:03:29.769,0:03:31.509 there was only an eight bit 0:03:31.509,0:03:34.329 host address 0:03:34.329,0:03:37.469 I 0:03:37.469,0:03:40.799 I'm going to talk, plotting things on this kind of graph 0:03:40.799,0:03:44.959 this is date down at the bottom and the number of hosts on the side 0:03:44.959,0:03:49.799 this is a one year scale. I'll keep readjusting the scale as we move up 0:03:49.799,0:03:56.799 otherwise this is just a flat line down at the bottom 0:03:57.469,0:04:04.469 so yes you can 0:04:05.979,0:04:09.949 so this is kind of one thing to start of the history of e-mail 0:04:09.949,0:04:11.750 but it turns out this is 0:04:11.750,0:04:15.719 about an awful lot of things I just want to read you a quote 0:04:15.719,0:04:18.160 that describes this event in December 0:04:18.160,0:04:19.419 well 0:04:19.419,0:04:22.719 on December 9, 1968 Dirk Engelbar 0:04:22.719,0:04:25.240 who by the way who invented the computer mouse 0:04:25.240,0:04:30.080 and with a group of seventeen researchers working with him in the augmentation 0:04:30.080,0:04:34.569 research center at Stanford research institute in Menlo Park, California 0:04:34.569,0:04:39.210 presented a ninety-minute live public demonstration of the on-line system nls 0:04:39.210,0:04:42.580 that they'd been working on since 1962 0:04:42.580,0:04:46.409 the public presentation was a session of the fall short of computer conference hall at 0:04:46.409,0:04:48.850 the convention center in San Francisco 0:04:48.850,0:04:53.090 and was attended by about one thousand computer professionals 0:04:53.090,0:04:54.809 this was the public 0:04:54.809,0:04:56.949 debut of the computer mouse 0:04:56.949,0:05:02.399 but the mouse of the only one of many innovations demonstrated that day including hypertext, object 0:05:02.399,0:05:04.400 address and dynamic file linking 0:05:04.400,0:05:09.569 as well as shared screen collaboration involving two persons of different sites 0:05:09.569,0:05:13.349 communicating over a network with audio and video interface 0:05:13.349,0:05:15.809 Okay imagine that day 0:05:15.809,0:05:17.350 no network exists 0:05:17.350,0:05:18.839 at all 0:05:18.839,0:05:21.169 and they're doing a remote demo with 0:05:21.169,0:05:22.849 audio and video 0:05:22.849,0:05:27.929 they're interacting doing screen sharing over the the internet, they're showing off the mouse for 0:05:27.929,0:05:30.380 the first time that nobody's ever seen 0:05:30.380,0:05:33.259 and he throws in stuff like hypertext and what not 0:05:33.259,0:05:38.030 I can only wish I was there that must have been amazing 0:05:38.030,0:05:40.350 the point I made of course is that 0:05:40.350,0:05:42.550 back in 1968 0:05:42.550,0:05:48.289 they were demoing stuff that we only recently got on the internet 0:05:48.289,0:05:50.720 we havent really come that far 0:05:50.720,0:05:54.069 so in September 1969 0:05:54.069,0:05:56.040 the first Arpanet 0:05:56.040,0:05:58.080 was 0:05:58.080,0:06:02.330 brought up, September second nineteen sixty nine to be precise which happens to be my birthday 0:06:02.330,0:06:05.839 that was a single host at UCLA 0:06:05.839,0:06:10.969 which is a little odd because you think of most networks as having at least two hosts on them 0:06:10.969,0:06:11.610 but 0:06:11.610,0:06:15.159 for a while there was actually only one host on the Arpanet 0:06:15.159,0:06:19.650 this is a very smudged map of the original Arpanet 0:06:19.650,0:06:23.710 they had this thing called the IMP the Internet Message Processor 0:06:23.710,0:06:26.219 which was essentially the routers that 0:06:26.219,0:06:28.729 0:06:28.729,0:06:29.780 but they 0:06:29.780,0:06:31.740 gather the data around the 0:06:31.740,0:06:35.339 Arpanet which wasn't particularly difficult in this case but 0:06:35.339,0:06:38.860 it became so later and then a 0:06:38.860,0:06:44.089 single host which was a Sigma 7. this is obviously by the way somebody's hand drawn 0:06:44.089,0:06:48.490 slide that was done with those ink that gets easily smudged when you 0:06:48.490,0:06:51.439 put your inside of your hand on it 0:06:51.439,0:06:54.150 so fortunately 0:06:54.150,0:06:58.509 that one host a month added at SRI 0:06:58.509,0:07:02.319 university of California Santa barbara and the university of Utah 0:07:02.319,0:07:05.470 which gave us a map like this 0:07:05.470,0:07:07.870 so you can see 0:07:07.870,0:07:12.019 the round things here are the IMPs there's four of them 0:07:12.019,0:07:14.749 and each one of them has exactly one host 0:07:14.749,0:07:15.929 hanging off of it 0:07:15.929,0:07:20.109 you could have up to four hosts connected to a single IMP 0:07:20.109,0:07:23.209 so kind of a mini star topology. 0:07:23.209,0:07:27.350 this is actually very important look at this because it's already 0:07:27.350,0:07:29.210 an arbitrary 0:07:29.210,0:07:36.199 networks topology. its not a star configuration its not a ring configuration 0:07:36.199,0:07:37.669 its essentially arbitrary 0:07:37.669,0:07:39.049 hookup 0:07:39.049,0:07:41.030 and that actually 0:07:41.030,0:07:43.849 is something that we had 0:07:43.849,0:07:47.080 that industry had to rediscover as well 0:07:47.080,0:07:48.050 the other thing 0:07:48.050,0:07:49.979 that knows is that there is 0:07:49.979,0:07:51.999 Magnium three sixteen 0:07:51.999,0:07:55.669 a Sigma 7, an XDS nine fourteen 0:07:55.669,0:07:57.969 and a PDP ten there were no 0:07:57.969,0:08:01.449 two identical architectures on the first Arpanet 0:08:01.449,0:08:05.309 it was designed right from the start to be headed off tramps 0:08:05.309,0:08:07.229 this was untrue of 0:08:07.229,0:08:09.449 any network that you saw 0:08:09.449,0:08:11.259 up until 0:08:11.259,0:08:13.100 any other network 0:08:13.100,0:08:14.770 for example 0:08:14.770,0:08:17.749 Microsoft networks always assume you're running windows 0:08:17.749,0:08:19.220 on the program 0:08:19.220,0:08:19.939 hardware 0:08:19.939,0:08:23.659 the Arpanet had a totally different view 0:08:23.659,0:08:25.919 now here's just kind of a humor 0:08:25.919,0:08:28.229 picture did 0:08:28.229,0:08:32.269 this is John Pasto sorry it's not very good 0:08:32.269,0:08:33.699 Steve Carcker 0:08:33.699,0:08:35.540 and Vint Cert 0:08:35.540,0:08:40.539 I have no idea what the pickles are about 0:08:40.539,0:08:44.500 but I do think it's interesting that here are probably the three people who were 0:08:44.500,0:08:46.470 but fathers of the internet 0:08:46.470,0:08:48.690 and they couldn't even get it right 0:08:48.690,0:08:55.690 they've got outputs connected to outputs and inputs to inputs 0:08:58.030,0:08:59.510 so wasn't 0:08:59.510,0:09:02.270 all that long 0:09:02.270,0:09:07.740 before the network was quite a bit bigger this has gone cross country now 0:09:07.740,0:09:09.560 we should point out 0:09:09.560,0:09:11.350 these links 0:09:11.350,0:09:14.620 were really really fast data links 0:09:14.620,0:09:18.830 fifty six kilobytes per second 0:09:18.830,0:09:22.230 and they cost a fortune 0:09:22.230,0:09:23.620 so fact 0:09:23.620,0:09:27.780 that they started off in one little cluster together on the west coast was just to 0:09:27.780,0:09:30.000 save costs as much as anything 0:09:30.000,0:09:32.310 but by September they had spread out 0:09:32.310,0:09:34.000 quite a bit now 0:09:34.000,0:09:35.430 the Arpanet was designed 0:09:35.430,0:09:36.510 to 0:09:36.510,0:09:38.880 share expensive resources 0:09:38.880,0:09:40.040 so 0:09:40.040,0:09:43.450 lots of universities wanted to have their own computer 0:09:43.450,0:09:45.990 but computers were too expensive 0:09:45.990,0:09:47.580 so they could put in 0:09:47.580,0:09:49.830 small machines 0:09:49.830,0:09:51.050 that could 0:09:51.050,0:09:54.149 you could connect to the larger machines with over the net 0:09:54.149,0:09:59.130 and so the two primary protocols of the time were Telnet and FTP 0:09:59.130,0:10:00.660 e-mail was not 0:10:00.660,0:10:01.960 even considered 0:10:01.960,0:10:06.960 in the original design of the Arpanet 0:10:06.960,0:10:10.110 what do the 0:10:10.110,0:10:11.030 teams 0:10:11.030,0:10:13.450 mean the teams in minor. those were 0:10:13.450,0:10:16.580 they're called tips they were 0:10:16.580,0:10:17.860 essentially 0:10:17.860,0:10:19.760 access 0:10:19.760,0:10:22.800 if you will smart 0:10:22.800,0:10:23.650 0:10:23.650,0:10:27.550 well not very smart notes. they weren't actually computers they were places you could log in 0:10:27.550,0:10:30.610 be it just a terminal if you will 0:10:30.610,0:10:32.370 so you know being an IMP 0:10:32.370,0:10:33.590 they had no 0:10:33.590,0:10:37.710 computer there on the network that they could log into the other places 0:10:37.710,0:10:40.950 that's fundamentally it 0:10:40.950,0:10:42.360 okay 0:10:42.360,0:10:46.620 so in late nineteen seventy one was one of the first network e-mail 0:10:46.620,0:10:50.450 was sent if you're going to tell first ever in all of history 0:10:50.450,0:10:55.340 it was sent by this guy Ray Thompson who was indeed the real father of e-mail 0:10:55.340,0:10:59.850 people sometimes try and make me out to be that but it just isn't true 0:10:59.850,0:11:00.970 he really is 0:11:00.970,0:11:01.999 he was working 0:11:01.999,0:11:03.830 at 0:11:03.830,0:11:07.630 Bolt Beranek and Newman which was one of the contractors on the Arpanet 0:11:07.630,0:11:10.869 the original version was just 0:11:10.869,0:11:15.110 part of FTP. he did a file transfer and the 0:11:15.110,0:11:16.010 special semantics were 0:11:16.010,0:11:20.050 it would just depend whatever you had out of the end of some fixed file so each person 0:11:20.050,0:11:21.220 would have an Inbox 0:11:21.220,0:11:23.260 and it would go splat 0:11:23.260,0:11:26.580 and add your text to the end of their 0:11:26.580,0:11:29.520 mailbox I don't think it had headers at the top 0:11:29.520,0:11:33.750 it was in late 1971 and it linked two machines that were creatively named 0:11:33.750,0:11:36.630 the BBNA and BBNB 0:11:36.630,0:11:41.060 there they are the first two e-mail notice that they're sitting right next to each 0:11:41.060,0:11:41.690 other 0:11:41.690,0:11:46.900 the first e-mail was not sent around the world or anything like that. it stayed within a single 0:11:46.900,0:11:48.220 room 0:11:48.220,0:11:53.230 these are PEP temps by the way 0:11:53.230,0:11:58.820 just as an aside now really eleven seventy one Unix one dot oh came out 0:11:58.820,0:12:02.560 that was done by these folks Ken Thompson and Dennis Richie 0:12:02.560,0:12:06.910 Unix 1.0 wasn't particularly interesting from network point of view but 0:12:06.910,0:12:08.399 we all know what 0:12:08.399,0:12:10.860 eventually happened to 0:12:10.860,0:12:15.480 Unix I'm kind of putting this into a historic context 0:12:15.480,0:12:20.190 so let's go to 1973 it was the beginning of a really really exciting 0:12:20.190,0:12:22.390 time at Berkeley, not 0:12:22.390,0:12:23.540 0:12:23.540,0:12:27.360 not entirely because that was the year I entered Berkeley but 0:12:27.360,0:12:29.590 that was one of the reasons 0:12:29.590,0:12:32.120 and at the same time there were people 0:12:32.120,0:12:36.499 running around like this guy Bill Joy who had a lot to do with 0:12:36.499,0:12:37.980 Berkeley NX 0:12:37.980,0:12:41.930 and this guy who's out there somewhere 0:12:41.930,0:12:44.780 you cannot have a better picture 0:12:44.780,0:12:50.460 If I had a picture of him from that your era he's actually leaning down next to a truck 0:12:50.460,0:12:51.420 that said 0:12:51.420,0:12:54.740 that said weak detection unit on it 0:12:54.740,0:13:00.059 but it was only a little tiny then so I didn't take that. This was another guy 0:13:00.059,0:13:01.620 another grad student 0:13:01.620,0:13:05.070 we always thought he was kind of arrogant because 0:13:05.070,0:13:07.549 he said his goal was to be 0:13:07.549,0:13:10.600 the CEO of a major corporation which we thought was 0:13:10.600,0:13:11.769 not something we could 0:13:11.769,0:13:14.260 plan for. He is now CEO Google 0:13:14.260,0:13:18.190 after being CEO Novell on 0:13:18.190,0:13:19.100 well I'm 0:13:19.100,0:13:20.500 Chee had I only 0:13:20.500,0:13:25.120 gone to his school 0:13:25.120,0:13:27.990 so as a result of these and a lot of other 0:13:27.990,0:13:32.310 very creative people that were just a huge number of people that ended up at Berkeley all at the 0:13:32.310,0:13:33.119 same time 0:13:33.119,0:13:36.610 you seemed to be really excited about this Unix stuff 0:13:36.610,0:13:38.900 they came up with 0:13:38.900,0:13:40.000 0:13:40.000,0:13:42.310 what's now known as Berkeley NX 0:13:42.310,0:13:47.350 so first Bill who did the Berkeley software distributions that were quite literally 0:13:47.350,0:13:49.470 just a mad tape 0:13:49.470,0:13:50.129 and 0:13:50.129,0:13:54.030 because of various licensing reasons the best he could do 0:13:54.030,0:13:56.830 couldn't really even legally label the tape 0:13:56.830,0:14:01.470 he put a label out that said this is a tape of this 0:14:01.470,0:14:03.070 and turned it in 0:14:03.070,0:14:08.800 this is the first Beastie mascot drawing. this is out of order. this dint 0:14:08.800,0:14:10.660 actually come until later 0:14:10.660,0:14:11.660 this was 0:14:11.660,0:14:16.610 done by a guy who worked with Sam Lefller who was also one of the Berkeley guys 0:14:16.610,0:14:18.730 at Pixar 0:14:18.730,0:14:20.630 his name is John Lassiter 0:14:20.630,0:14:24.320 and as you know he now runs Disney corporation 0:14:24.320,0:14:30.240 so he owns the original art which is probably worth a fortune then 0:14:30.240,0:14:32.430 so moving along 0:14:32.430,0:14:34.340 Merkle puzzles 0:14:34.340,0:14:36.270 now Merkle puzzles 0:14:36.270,0:14:37.390 probably most of you 0:14:37.390,0:14:40.500 have never even heard of 0:14:40.500,0:14:42.050 a guy named Ralph Merkle 0:14:42.050,0:14:44.160 graduate student at Berkeley 0:14:44.160,0:14:46.070 submitted a proposal 0:14:46.070,0:14:49.600 for a paper for CS two forty four 0:14:49.600,0:14:51.910 which was rejected 0:14:51.910,0:14:53.190 because it was 0:14:53.190,0:14:55.110 an obviously absurd idea 0:14:55.110,0:15:00.020 it was in fact the basis for public key encryption 0:15:00.020,0:15:00.860 and 0:15:00.860,0:15:02.590 without public key encryption 0:15:02.590,0:15:08.590 any kind of authentication and global encryption was completely impractical because before 0:15:08.590,0:15:10.710 that all we had was symmetric keys 0:15:10.710,0:15:13.540 so if there were 0:15:13.540,0:15:15.239 in people on the 0:15:15.239,0:15:17.140 network 0:15:17.140,0:15:20.780 and you need to exchange with them you needed n squared 0:15:20.780,0:15:22.930 copies of keys all over the place and that 0:15:22.930,0:15:25.460 you just couldn't deal with that as n got 0:15:25.460,0:15:29.510 you know to really large numbers like a hundred 0:15:29.510,0:15:32.919 so the other thing was encryption was still 0:15:32.919,0:15:35.690 classified by the US government as a munition 0:15:35.690,0:15:36.900 which means it wasn't legal 0:15:36.900,0:15:39.810 to export it to other countries 0:15:39.810,0:15:44.320 and even back then there were starting to be is substantial amount of international 0:15:44.320,0:15:46.000 involvement with 0:15:46.000,0:15:49.220 Unix and other such systems 0:15:49.220,0:15:50.020 so 0:15:50.020,0:15:52.100 in 0:15:52.100,0:15:56.600 April of 1977 the RSA algorithm was finally published. this of course is the 0:15:56.600,0:15:58.670 one that everyone knows about as the work 0:15:58.670,0:15:59.640 is directly 0:15:59.640,0:16:04.440 based on Merkle's work 0:16:04.440,0:16:06.890 so I think 1977 0:16:06.890,0:16:10.440 as we see that the networks gotten quite a bit larger 0:16:10.440,0:16:12.280 this was 0:16:12.280,0:16:15.490 pretty close to its peak I think 0:16:15.490,0:16:16.839 actually still its bigger 0:16:16.839,0:16:21.030 the pink loans and pink sounds 0:16:21.030,0:16:21.980 by the way 0:16:21.980,0:16:24.179 when i say different architectures 0:16:24.179,0:16:26.030 16 bit words 0:16:26.030,0:16:30.190 36 bit words 60 bit words 0:16:30.190,0:16:31.149 0:16:31.149,0:16:33.040 what else do I have 0:16:33.040,0:16:37.209 up here? just all kinds of things are even some machines that have 0:16:37.209,0:16:39.970 twenty bit words ten bit bytes 0:16:39.970,0:16:42.690 and somehow they've managed to make that work 0:16:42.690,0:16:45.290 there's a couple of interesting things on here they have 0:16:45.290,0:16:48.679 so satellite links to Hawaii and to 0:16:48.679,0:16:51.030 Norway 0:16:51.030,0:16:54.589 and so the the network had gone international 0:16:54.589,0:16:55.450 sort of 0:16:55.450,0:16:57.010 I say sort of because 0:16:57.010,0:16:59.610 it was going to a US 0:16:59.610,0:17:02.160 air force base I think in 0:17:02.160,0:17:04.220 Norway so 0:17:04.220,0:17:06.949 was still considered a military thing at that point 0:17:06.949,0:17:08.070 so 0:17:08.070,0:17:14.450 the non-US citizens weren't supposed to have access to it 0:17:14.450,0:17:16.919 UUCP got published 0:17:16.919,0:17:19.589 in 1978 0:17:19.589,0:17:20.939 it brought 0:17:20.939,0:17:25.539 network access of the sort to universities that didn't have to darker contracts which were 0:17:25.539,0:17:27.000 I've hard to get 0:17:27.000,0:17:30.990 and by the way getting an Arpanet link was very expensive so you pretty much 0:17:30.990,0:17:37.190 needed to have a darker sponsor which is to be able to afford it 0:17:37.190,0:17:43.340 in May of 1978 the first ever spent was sent on the 0:17:43.340,0:17:46.489 Arpanet. at the time it was a DEC salesman and 0:17:46.489,0:17:49.300 I'll tell you more about what he did 0:17:49.300,0:17:51.809 shortly 0:17:51.809,0:17:54.000 late 1979 0:17:54.000,0:17:56.090 was the appearance of Usenet 0:17:56.090,0:17:58.980 which was based originally on UUCP although 0:17:58.980,0:18:00.890 could easily work over the Arpanet 0:18:00.890,0:18:05.520 this made it was the predecessor of what we would now call forums and blogs and 0:18:05.520,0:18:06.570 things like that 0:18:06.570,0:18:12.440 but most importantly it made flame words possible 0:18:12.440,0:18:14.240 and then 0:18:14.240,0:18:15.200 finally 0:18:15.200,0:18:21.140 in September 1979 UCB got an Arpanet nose. they actually had the one before 0:18:21.140,0:18:24.190 but it had then shut down because the 0:18:24.190,0:18:26.410 the guy who ran it 0:18:26.410,0:18:30.170 was told that he had failed to demonstrate that his 0:18:30.170,0:18:34.380 research was going to enable them to build smarter bombs 0:18:34.380,0:18:36.240 literally i saw the letter 0:18:36.240,0:18:38.049 but by 0:18:38.049,0:18:38.909 this point 0:18:38.909,0:18:41.600 the group I was working on INGREs 0:18:41.600,0:18:43.990 got that link 0:18:43.990,0:18:46.250 we were database management 0:18:46.250,0:18:50.500 system and of course the government was very interested in data bases 0:18:50.500,0:18:54.500 and in particular distributed databases 0:18:54.500,0:18:56.760 we didn't have a very big 0:18:56.760,0:19:00.360 grasp so we had a whopping 9600 baud 0:19:00.360,0:19:05.960 link to the Arpanet. this is for all of campus 0:19:05.960,0:19:07.029 actually it was for 0:19:07.029,0:19:09.309 CS division 0:19:09.309,0:19:11.550 which was not all of campus but 0:19:11.550,0:19:13.659 you know the folks some of the departments 0:19:13.659,0:19:15.640 didn't have a clue what a network was 0:19:15.640,0:19:18.880 but everyone in the CS division wanted 0:19:18.880,0:19:20.000 0:19:20.000,0:19:21.700 access to the Arpanet 0:19:21.700,0:19:26.750 of course because it was the newest shiny bling thing to have and everyone 0:19:26.750,0:19:27.719 had to get there 0:19:27.719,0:19:29.880 well we had a PDP-11 0:19:29.880,0:19:34.570 that really could handle that many simultaneous logins much less 0:19:34.570,0:19:38.150 the ports that were expensive at the time 0:19:38.150,0:19:42.390 to put this into perspective we had a PDP-11 seventy that had a one point five micro 0:19:42.390,0:19:46.660 second cycle time so substantially less than one minute 0:19:46.660,0:19:48.990 the 16-bit word and we have 0:19:48.990,0:19:52.669 a lot of memory we had a 196K of memory 0:19:52.669,0:19:54.780 on the system 0:19:54.780,0:19:55.910 we would have to put 0:19:55.910,0:19:58.990 a DH-11 ports 0:19:58.990,0:19:59.730 another 0:19:59.730,0:20:05.200 this is a port multiplex where you get 16 words cost about 4700 dollars so 0:20:05.200,0:20:06.960 about 300 dollars 0:20:06.960,0:20:10.410 per port which doesn't sound like much but remember 0:20:10.410,0:20:14.340 that's like 1,000 dollars per port today 0:20:14.340,0:20:15.590 so 0:20:15.590,0:20:16.840 well I have to show off 0:20:16.840,0:20:20.890 some things this is a PDP 11 seventy.this is what computers are supposed to look like 0:20:20.890,0:20:22.880 unlike what they are today 0:20:22.880,0:20:25.610 they had switches and lights and 0:20:25.610,0:20:32.610 all kinds of cool things and dials. Ah it was great so 0:20:33.300,0:20:34.670 we had 0:20:34.670,0:20:37.120 we were what we're able to do was 0:20:37.120,0:20:41.040 release two TT white ports three hundred baud TT white ports 0:20:41.040,0:20:44.790 to be shared among everyone in the computer science division 0:20:44.790,0:20:47.140 at Berkeley 0:20:47.140,0:20:49.950 probably about 0:20:49.950,0:20:51.920 fifty people well 0:20:51.920,0:20:54.149 forty professors. there were 0:20:54.149,0:20:57.280 other students but we just said no you know 0:20:57.280,0:20:58.250 still 0:20:58.250,0:21:00.640 can't handle it can't possibly do that 0:21:00.640,0:21:03.440 but professors could have their 0:21:03.440,0:21:05.400 computer 0:21:05.400,0:21:08.010 terminal sorry in their office 0:21:08.010,0:21:11.470 and they had a line that ran into the-mail room and there was a plug board 0:21:11.470,0:21:12.140 he could 0:21:12.140,0:21:16.170 put in the patch code between your office and whatever computer you want to have access 0:21:16.170,0:21:18.370 to and there were two those 0:21:18.370,0:21:22.040 for the Arpanet machine which was the machine I was 0:21:22.040,0:21:23.040 working on then 0:21:23.040,0:21:26.770 and of course people would come along they want access to the Arpanet. they just 0:21:26.770,0:21:27.289 unplug 0:21:27.289,0:21:31.020 one of the cables that was in there and plug in theirs 0:21:31.020,0:21:35.010 there were professors having screaming matches at each other in the hallways and it 0:21:35.010,0:21:37.960 probably came to fisticuffs at some point 0:21:37.960,0:21:42.340 and of course they all came to me and wanted me to fix the problem 0:21:42.340,0:21:47.029 I wasn't it and I don't know how they thought I was going to fix the problem 0:21:47.029,0:21:51.960 which I was an undergraduate then I don't know how they thought I was gonna fix the problem. What I did however was observe what they really wanted was not access to the 0:21:51.960,0:21:53.490 Arpanet like FTP and 0:21:53.490,0:21:54.880 Telnet 0:21:54.880,0:21:55.920 what they want 0:21:55.920,0:21:58.970 was e-mail.Email was the killer rap 0:21:58.970,0:22:00.750 even back then 0:22:00.750,0:22:05.270 we had something called Berknet that linked our internal machines 0:22:05.270,0:22:09.300 using RS 232 lines of 9600 baud this is written by 0:22:09.300,0:22:13.860 a guy named Eric Schmidt yes the very same Eric Schmidt who is now CEO of Google and he's a better 0:22:13.860,0:22:17.500 CEO than he is a coder 0:22:17.500,0:22:20.640 but it worked 0:22:20.640,0:22:25.440 as it turns out we also had a UUCP connection which ran from the main department machine 0:22:25.440,0:22:25.690 which 0:22:25.690,0:22:30.680 was a VAX OM 780 call Ernie CoVAX 0:22:30.680,0:22:32.860 and so I wrote something called deliver mail 0:22:32.860,0:22:34.380 deliver mail was just 0:22:34.380,0:22:37.000 a quick hack to forward 0:22:37.000,0:22:41.610 messages between networks it dint have time to anything like fixing headers or 0:22:41.610,0:22:42.900 anything like that 0:22:42.900,0:22:45.740 so it was a disaster in some sense waiting to happen 0:22:45.740,0:22:51.290 well it got the professors off of my back so as far as I was concerned it was a success 0:22:51.290,0:22:53.359 It got released in four 0:22:53.359,0:22:54.520 point zero what 0:22:54.520,0:22:58.140 is now four zero BSD which is four BSD at the time 0:22:58.140,0:23:03.230 in 1980 and much to my shock it turned out to be very popular Berkeley 0:23:03.230,0:23:06.190 was not unique lots and lots of places 0:23:06.190,0:23:11.150 have this problem 0:23:11.150,0:23:15.700 and so there is deliver mail on the chart now you can see this is 0:23:15.700,0:23:16.870 pretty much 0:23:16.870,0:23:20.880 toward the end of the the Arpanet era 0:23:20.880,0:23:22.520 the Arpanet 0:23:22.520,0:23:23.680 geographically now looks 0:23:23.680,0:23:24.620 like this 0:23:24.620,0:23:28.240 the circles by the way were exploded in the other 0:23:28.240,0:23:31.110 material that I had but I dint want to 0:23:31.110,0:23:32.500 give you all of that but 0:23:32.500,0:23:35.190 there is several satellite link now 0:23:35.190,0:23:36.269 0:23:36.269,0:23:40.279 there's a direct satellite link to London that's still at Hawaii link 0:23:40.279,0:23:41.300 and so forth 0:23:41.300,0:23:43.429 if you look carefully you will see the 0:23:43.429,0:23:45.120 main 0:23:45.120,0:23:46.840 university 0:23:46.840,0:23:53.840 military and military contractors sites 0:23:58.450,0:24:03.810 that's all of them. Sizemo I don't know if Sizemo had an Arpanet link I don't think 0:24:03.810,0:24:07.990 they did although they could have 0:24:07.990,0:24:10.880 it would have been in here somewhere so 0:24:10.880,0:24:13.899 0:24:13.899,0:24:16.410 I think that came later 0:24:16.410,0:24:17.760 let's put it this way 0:24:17.760,0:24:22.800 we Berkeley ended up being the gateway between the UUCP and the Arpanet 0:24:22.800,0:24:27.080 cos it didn't take people long to figure out a route-mail 0:24:27.080,0:24:30.770 you're there you had to do it manually but it could be done 0:24:30.770,0:24:34.300 I will have a comment about that later 0:24:34.300,0:24:36.640 so let's continue on to the next phase 0:24:36.640,0:24:40.090 by 1981 through 1988 0:24:40.090,0:24:43.790 this goes from 213 hosts that were on 0:24:43.790,0:24:48.320 the Arpanet to 3300 hosts in seven years 0:24:48.320,0:24:53.460 so we'll start with our usual graph 0:24:53.460,0:24:58.180 this was when I started first putting SMTP on a Sendmail 0:24:58.180,0:25:02.590 worked on Sendmail before because things like header writing 0:25:02.590,0:25:06.810 was becoming a real problem. you couldn't reply to addresses. everyone you had to be 0:25:06.810,0:25:09.000 to be a guru in order to 0:25:09.000,0:25:14.330 figure out how to address things there was even an entire book 0:25:14.330,0:25:15.590 put up 0:25:15.590,0:25:16.910 that described 0:25:16.910,0:25:19.570 how to do addressing 0:25:19.570,0:25:21.070 but 0:25:21.070,0:25:22.769 Berkeley got a contract 0:25:22.769,0:25:25.140 to do the 0:25:25.140,0:25:26.390 base 0:25:26.390,0:25:31.090 platform operating system platform to support darker research they had all of these 0:25:31.090,0:25:33.720 diverse machines 0:25:33.720,0:25:37.700 but they discovered that that made it really hard for research projects to share work with 0:25:37.700,0:25:41.920 each other so they decided that there would be a standard platform it would be the VAX 0:25:41.920,0:25:43.259 1178 0:25:43.259,0:25:45.260 running Berkeley Unix 0:25:45.260,0:25:48.039 and one of things they needed was an SMTP server 0:25:48.039,0:25:50.780 is by the way I haven't said anything about 0:25:50.780,0:25:56.350 SMTP being published it wasn't published and I was working on up very early drafts 0:25:56.350,0:26:02.100 and what happened was Bill Joy asked me random data base not Sendmail 0:26:02.100,0:26:03.990 Bill Joy came up to me and said 0:26:03.990,0:26:06.470 you know would you do this 0:26:06.470,0:26:07.630 and 0:26:07.630,0:26:14.300 in a moment of weakness said sure how hard can it be 0:26:14.300,0:26:17.840 25 years later I'm telling you who it is 0:26:17.840,0:26:20.570 harder than it looks 0:26:20.570,0:26:21.900 and 0:26:21.900,0:26:23.340 few months later 0:26:23.340,0:26:28.149 4.1a which was technically test release 0:26:28.149,0:26:30.290 came out with Sendmail 0:26:30.290,0:26:31.849 SMTP which also have 0:26:31.849,0:26:33.770 the first networks that 0:26:33.770,0:26:35.160 so 0:26:35.160,0:26:37.130 this is 0:26:37.130,0:26:39.570 Berkeley Unix on the internet 0:26:39.570,0:26:42.230 except the internet doesn't exist yet 0:26:42.230,0:26:47.620 sort of exists. there is this test platform but the world still using Arpanet 0:26:47.620,0:26:53.120 finally about a year after I started implementing SMTP the specs were 0:26:53.120,0:26:53.940 published 0:26:53.940,0:26:55.650 after 0:26:55.650,0:26:57.220 it's been shipped 0:26:57.220,0:27:01.940 its an internet tradition by the way 0:27:01.940,0:27:04.290 January 1st 1983 0:27:04.290,0:27:08.530 was the flag day it was just called the flag day 0:27:08.530,0:27:10.470 that was the day that 0:27:10.470,0:27:12.800 the government said we're going to turn off 0:27:12.800,0:27:14.580 the Arpanet 0:27:14.580,0:27:17.200 and they literally just said 0:27:17.200,0:27:19.620 we're going to send out a message into all the IMPs 0:27:19.620,0:27:21.940 to stop forwarding packets 0:27:21.940,0:27:24.809 and if you're not on the internet by then 0:27:24.809,0:27:27.480 you're going to lose your network connectivity 0:27:27.480,0:27:31.470 and there were a whole bunch of people who said yeah yeah they're bluffing and guess what 0:27:31.470,0:27:34.180 they lost their network connectivity 0:27:34.180,0:27:36.460 but Berkeley was there we didn't 0:27:36.460,0:27:37.269 so 0:27:37.269,0:27:39.520 that was cool 0:27:39.520,0:27:44.659 in September of 1983 the same year a 4.2 BSD shipped 0:27:44.659,0:27:47.190 this was kind of the basis for 0:27:47.190,0:27:50.030 at least from the user interface 0:27:50.030,0:27:53.390 was the basis for 0:27:53.390,0:27:55.420 Unix as we know it today 0:27:55.420,0:27:57.910 so it had all the network and 0:27:57.910,0:27:59.190 stuff and 0:27:59.190,0:28:00.370 at that point 0:28:00.370,0:28:04.910 we were able to track down John Lasetter and have him do an update 0:28:04.910,0:28:08.830 and does it seem much more important at the time so 0:28:08.830,0:28:11.910 here's Beastie in color with the attractive green 0:28:11.910,0:28:17.890 tennis shoes and so forth 0:28:17.890,0:28:20.890 once again for historic context I have to 0:28:20.890,0:28:22.400 run in some things 0:28:22.400,0:28:26.670 in 1985 there was a company actually did some more research it was originally called 0:28:26.670,0:28:31.300 control video corporation changed his name to quantum computer services 0:28:31.300,0:28:36.980 an year later that changed its name to America Online 0:28:36.980,0:28:40.210 they had the walled garden they had an e-mail 0:28:40.210,0:28:44.470 only among other AOL subscribers they weren't connected to the internet 0:28:44.470,0:28:45.720 in any 0:28:45.720,0:28:49.030 any sense 0:28:49.030,0:28:50.810 this is really important 0:28:50.810,0:28:55.720 may 1987 a guy named Rick Adams who worked in Sizemo 0:28:55.720,0:28:59.440 went off and started the first commercialized PE 0:28:59.440,0:29:05.500 there was apparently another one that started on exactly the same day so the two people 0:29:05.500,0:29:07.830 get to fight each other over who was first 0:29:07.830,0:29:11.500 the difference is that UUNET turned into one of the largest pieces 0:29:11.500,0:29:15.100 in the world and the other one didn't 0:29:15.100,0:29:16.549 so 0:29:16.549,0:29:18.669 this was the first time that you could 0:29:18.669,0:29:21.470 get access to the internet without being 0:29:21.470,0:29:24.490 a government 0:29:24.490,0:29:25.610 government-sponsored 0:29:25.610,0:29:29.860 so that's a big deal 0:29:29.860,0:29:34.460 so of next chunk of history we'll take from 1988 to 1993 at this point 0:29:34.460,0:29:35.940 I'm going in about 0:29:35.940,0:29:37.340 ten x 0:29:37.340,0:29:40.320 both on the internet just in progress graphs 0:29:40.320,0:29:42.130 pretty clear 0:29:42.130,0:29:43.570 so 0:29:43.570,0:29:48.549 this was kind of the first security incidents on the internet the internet worm 0:29:48.549,0:29:52.140 It was written by Grampston in a Harvard and who 0:29:52.140,0:29:56.620 probably should have flunked out because he didn't understand commentary growth 0:29:56.620,0:29:59.670 and he really thought that this thing would run 0:29:59.670,0:30:03.390 quietly on the internet and first of all there was a bug in his 0:30:03.390,0:30:04.380 program 0:30:04.380,0:30:07.410 so it didn't kill itself off as it was supposed to and 0:30:07.410,0:30:11.900 he didn't understand that if each machine infects 4 machines 0:30:11.900,0:30:13.580 that's a really large 0:30:13.580,0:30:15.200 power 0:30:15.200,0:30:17.680 not a small one 0:30:17.680,0:30:23.470 but it did make people start to think for the first time about 0:30:23.470,0:30:30.000 security on the internet up until the internet had been kind of 0:30:30.000,0:30:31.739 a very collegiate 0:30:31.739,0:30:32.420 atmosphere 0:30:32.420,0:30:37.360 you had to be to be on the internet you had to be a researcher to get on it 0:30:37.360,0:30:41.409 if you wanted an account on somebody else's machine to be good all you do is they can 0:30:41.409,0:30:45.070 I had an account and go sure give you an account 0:30:45.070,0:30:48.529 so security dint seem all that important but 0:30:48.529,0:30:49.669 this made it clear that 0:30:49.669,0:30:53.890 it was 0:30:53.890,0:30:59.690 March 1989 in fact exactly 30 years ago this past Friday two days 0:30:59.690,0:31:01.070 ago 0:31:01.070,0:31:03.510 Tim Berners-Lee proposed what 0:31:03.510,0:31:06.030 we now know as the world wide web 0:31:06.030,0:31:10.740 he did a prototype browser that was published in October 0:31:10.740,0:31:12.799 of 1990 0:31:12.799,0:31:17.649 and but that one kind of disappeared it was more concerned 0:31:17.649,0:31:18.779 research 0:31:18.779,0:31:21.440 organization in Switzerland 0:31:21.440,0:31:23.330 so there's Tim 0:31:23.330,0:31:27.299 I think that was not 0:31:27.299,0:31:33.820 contemporary. I think he had more hair when he proposed it 0:31:33.820,0:31:36.720 okay 0:31:36.720,0:31:39.320 we had the internet 0:31:39.320,0:31:41.100 and that allowed 0:31:41.100,0:31:41.840 non 0:31:41.840,0:31:44.630 government people to get access to the net 0:31:44.630,0:31:49.780 but the backbone of the internet was still run by the national science foundation getting transferred 0:31:49.780,0:31:50.480 from 0:31:50.480,0:31:52.310 the military 0:31:52.310,0:31:54.460 over to 0:31:54.460,0:31:58.200 non military government funding but it was still 0:31:58.200,0:31:59.530 funded 0:31:59.530,0:32:06.530 and their rules that an acceptable use policy that said no commercial traffic 0:32:07.160,0:32:09.370 so UUNET customers could 0:32:09.370,0:32:13.660 run commercial traffic to each other but they could write to other people. there wasn't any chance 0:32:13.660,0:32:17.800 that would run over these wires 0:32:17.800,0:32:18.670 that effectively said 0:32:18.670,0:32:23.830 you can't use the the internet for commercial purposes at all 0:32:23.830,0:32:24.649 CIX 0:32:24.649,0:32:30.430 which then stood for commercial internet exchange was where the various 0:32:30.430,0:32:34.690 largish ISP were started to be regional. there was one on the west coast and one 0:32:34.690,0:32:37.760 on the east coast and one of the southeast and 0:32:37.760,0:32:38.890 so forth said 0:32:38.890,0:32:42.300 we're all going to run wires together into one room 0:32:42.300,0:32:46.070 we're going to put a big router there and we're going to be able to exchange traffic with us 0:32:46.070,0:32:48.960 without ever going over an SF net 0:32:48.960,0:32:52.769 because we're not allowed commercial traffic and they essentially said cut the government 0:32:52.769,0:32:57.539 out of the equation which was great as that's what the government wanted anyway 0:32:57.539,0:32:58.250 so 0:32:58.250,0:33:03.450 1991 July was the first time he could really use the internet for 0:33:03.450,0:33:07.340 anything commercial 0:33:07.340,0:33:13.529 1992 a multipurpose internet mail extensions was published a USENET 0:33:13.529,0:33:14.300 conference 0:33:14.300,0:33:16.470 0:33:16.470,0:33:21.110 and this allowed embedding something other than plain text 0:33:21.110,0:33:21.850 into 0:33:21.850,0:33:25.310 e-mail messages notably at the time it was used for 0:33:25.310,0:33:27.700 pictures or graphs and 0:33:27.700,0:33:30.130 things like that there was discussion about maybe 0:33:30.130,0:33:31.690 maybe some day we could 0:33:31.690,0:33:36.960 do sound and possibly way way way in the distant future we may be able to think about video but 0:33:36.960,0:33:41.450 it was really just pictures 0:33:41.450,0:33:46.300 okay 1993 through 1996 is taking us from one point three million to 0:33:46.300,0:33:49.639 to almost thirteen million 0:33:49.639,0:33:51.420 0:33:51.420,0:33:55.549 February of 1993 NCSA mosaic was released this is the national center 0:33:55.549,0:33:59.350 for super computer applications at the university of Illinois 0:33:59.350,0:34:00.620 Champane Urbana 0:34:00.620,0:34:02.800 it's the first broadly used 0:34:02.800,0:34:05.429 browser and in fact 0:34:05.429,0:34:07.360 was the direct descendant 0:34:07.360,0:34:08.960 sorry the 0:34:08.960,0:34:10.440 direct parent of 0:34:10.440,0:34:12.099 Netscape 0:34:12.099,0:34:19.099 and Mozilla and so forth all kind of goes back to NCSA mosaic 0:34:19.739,0:34:21.450 now Sendmail had been 0:34:21.450,0:34:26.149 I had abandoned Sendmail for a number of years because I've gone to work for start-up 0:34:26.149,0:34:26.659 and 0:34:26.659,0:34:30.719 they seem to want action work on what I was being paid for 0:34:30.719,0:34:32.369 and 0:34:32.369,0:34:34.109 Sendmail had diverged 0:34:34.109,0:34:38.489 and so there were many versions of it. some of them had some good ideas some of them some not 0:34:38.489,0:34:39.519 so good 0:34:39.519,0:34:40.869 ideas 0:34:40.869,0:34:43.219 every vendor 0:34:43.219,0:34:47.449 like DEC and HP and IBM and so forthhad their own 0:34:47.449,0:34:49.449 proprietary version of Sendmail 0:34:49.449,0:34:53.509 and you couldn't really share things between them and I came along and I came 0:34:53.509,0:34:55.809 back to the university 0:34:55.809,0:34:59.249 first a lot of these things and that a lot of other things all of these things is the 0:34:59.249,0:35:00.599 Sendmail 8 which is 0:35:00.599,0:35:01.980 the Sendmail which 0:35:01.980,0:35:05.319 pretty much still exists to this day 0:35:05.319,0:35:06.719 0:35:06.719,0:35:07.699 that was 0:35:07.699,0:35:10.289 way more successful than I had 0:35:10.289,0:35:10.989 anticipated 0:35:10.989,0:35:12.439 and 0:35:12.439,0:35:14.450 that turned into a problem 0:35:14.450,0:35:16.249 later as we'll see 0:35:16.249,0:35:17.539 Netscape was founded 0:35:17.539,0:35:19.209 in 1994 0:35:19.209,0:35:24.680 Mark Reasen was one of the principles in that and he essentially left 0:35:24.680,0:35:31.539 NCSA took the source code with him and co founded the company 0:35:31.539,0:35:38.539 the green code spam anyone remember the greencode spam? 0:35:38.630,0:35:39.700 now I mentioned 0:35:39.700,0:35:41.829 there was the first spam 0:35:41.829,0:35:43.429 earlier 0:35:43.429,0:35:46.859 but it wasn't really a spam 0:35:46.859,0:35:50.299 as i said the network previously largely cooperative 0:35:50.299,0:35:53.039 you know had flame wars but they were 0:35:53.039,0:35:54.259 mostly innocent 0:35:54.259,0:35:55.779 could be dealt with 0:35:55.779,0:36:00.379 turns out that spam was not new. the first electronically 0:36:00.379,0:36:01.210 transmitted 0:36:01.210,0:36:03.239 commercial 0:36:03.239,0:36:04.049 message 0:36:04.049,0:36:07.959 was in September 13th 1904 0:36:07.959,0:36:10.309 using the telegraph 0:36:10.309,0:36:15.699 so advertisers had figured out this new technology was going to be someplace they 0:36:15.699,0:36:18.569 could thrive 0:36:18.569,0:36:19.789 the first 0:36:19.789,0:36:22.869 e-mail spam was this DEC salesman 0:36:22.869,0:36:25.700 who DEC had released a new 0:36:25.700,0:36:27.979 part of the computer and decided that 0:36:27.979,0:36:31.109 he really want all of its customers to know about this 0:36:31.109,0:36:31.929 so he sent 0:36:31.929,0:36:33.619 an e-mail message 0:36:33.619,0:36:36.059 with copying every single customer 0:36:36.059,0:36:37.230 did he had 0:36:37.230,0:36:41.259 well it turns out the-mail programs of the time they thought about having 0:36:41.259,0:36:45.309 you know three or four may be ten recipients on a message 0:36:45.309,0:36:47.409 not a thousand 0:36:47.409,0:36:50.170 and so it broke the-mail system broke 0:36:50.170,0:36:51.859 all kinds of things 0:36:51.859,0:36:53.769 but I don't really cannot this is the first 0:36:53.769,0:36:57.109 spam because he said gee I didn't know 0:36:57.109,0:36:58.749 he apologized 0:36:58.749,0:37:02.630 well he wasn't trying to do anything malicious. he genuinely thought that 0:37:02.630,0:37:05.939 his customers would want to know about this new machine 0:37:05.939,0:37:09.359 there is also a 1988 a chain letter 0:37:09.359,0:37:11.589 called make money fast it was 0:37:11.589,0:37:13.619 a pyramid scheme 0:37:13.619,0:37:14.760 But it wasn't 0:37:14.760,0:37:17.219 really technically a spam either 0:37:17.219,0:37:21.109 but we're definitely seeing the greed is good attitude coming to 0:37:21.109,0:37:22.900 the internet much to do 0:37:22.900,0:37:24.829 disgust of a lot of us 0:37:24.829,0:37:29.219 and they call a nation was two lawyers and from Texas Canter and Siegel 0:37:29.219,0:37:31.070 who 0:37:31.070,0:37:34.369 advertise in technically Usenet 0:37:34.369,0:37:35.389 not e-mail 0:37:35.389,0:37:37.309 they sent every single 0:37:37.309,0:37:38.319 news group 0:37:38.319,0:37:40.469 the same posting 0:37:40.469,0:37:46.009 offering to sign people up for a price for the green card lottery which was so people 0:37:46.009,0:37:48.109 non-residents could work in the US 0:37:48.109,0:37:52.249 they didn't tell you that you could sign yourself up for free 0:37:52.249,0:37:57.890 but if you gave them money they'd be happy to do for you what you could do for free 0:37:57.890,0:38:02.590 and they were completely unapologetic about this they said wait a minute here we have 0:38:02.590,0:38:03.279 the right 0:38:03.279,0:38:04.240 to do this 0:38:04.240,0:38:06.339 they even published a book 0:38:06.339,0:38:08.959 on how to spam 0:38:08.959,0:38:11.689 and they made a ton of money off of that book too 0:38:11.689,0:38:15.979 I believe that brought them this far by the way and have 0:38:15.979,0:38:19.639 gone into 0:38:19.639,0:38:21.419 you know 0:38:21.419,0:38:24.259 very long 0:38:24.259,0:38:27.209 0:38:27.209,0:38:31.559 April 1994 Webcaller was the first full text 0:38:31.559,0:38:33.069 Webcaller 0:38:33.069,0:38:38.929 and was the beginning of search engines as we know them today 0:38:38.929,0:38:40.579 the first 0:38:40.579,0:38:44.929 well this is pseudo liar as good a time as virus was an e-mail message that went around 0:38:44.929,0:38:46.109 saying 0:38:46.109,0:38:47.409 it's 0:38:47.409,0:38:50.300 the subject was good times it said 0:38:50.300,0:38:52.759 there's a virus running around the network 0:38:52.759,0:38:56.439 if you even open that message 0:38:56.439,0:39:02.119 it will trash your machine you know the message because it has the subject good times 0:39:02.119,0:39:05.589 forward this to everyone you know 0:39:05.589,0:39:08.080 the warning was itself 0:39:08.080,0:39:09.150 the virus 0:39:09.150,0:39:12.329 and it was tremendously effective I had to spend 0:39:12.329,0:39:15.299 about two days calming down people about this 0:39:15.299,0:39:16.629 just saying no 0:39:16.629,0:39:21.259 don't forward it 0:39:21.259,0:39:23.359 the 0:39:23.359,0:39:25.089 as I have said so 0:39:25.089,0:39:27.359 earlier Sendmail 8 was very very 0:39:27.359,0:39:28.550 successful 0:39:28.550,0:39:32.799 so successful that I really couldn't support it myself anymore 0:39:32.799,0:39:34.679 just because untenable so 0:39:34.679,0:39:41.639 I formed a Sendmail consortium was which was a group of volunteers that helped do this in 1995 0:39:41.639,0:39:47.029 and later 1995 SMIME was published this was the first attempt to do 0:39:47.029,0:39:49.879 but it actually wasn't the first it was the 0:39:49.879,0:39:52.869 best known to this day attempt to do 0:39:52.869,0:39:54.729 encryption and authentication in e-mail 0:39:54.729,0:39:57.450 that 0:39:57.450,0:39:59.249 back book was published 0:39:59.249,0:40:02.420 I don't remember 0:40:02.420,0:40:07.499 exactly when but it was in 1994 0:40:07.499,0:40:11.549 right in this time frame 0:40:11.549,0:40:17.160 this is 1996 to 2000 from about thirty million two hundred nine 0:40:17.160,0:40:19.779 million hosts 0:40:19.779,0:40:24.979 Hotmail was founded. I thought this was insane at the time which is why I don't 0:40:24.979,0:40:27.209 you know I'm not filthy rich right now 0:40:27.209,0:40:28.519 Hotmail 0:40:28.519,0:40:33.950 it had access to the internet so I said well of course you've already got a mailbox they 0:40:33.950,0:40:36.089 gave you free-mail boxes 0:40:36.089,0:40:37.269 and it took off 0:40:37.269,0:40:41.159 like mad it was crazy 0:40:41.159,0:40:42.569 in 0:40:42.569,0:40:44.329 1997 0:40:44.329,0:40:48.369 Microsoft said hey wait a minute maybe this internet thing isn't going to go away after 0:40:48.369,0:40:49.079 all 0:40:49.079,0:40:50.809 and we should get in on it 0:40:50.809,0:40:53.609 and so they put a very bad 0:40:53.609,0:40:55.799 SMTP gateway into exchange 0:40:55.799,0:40:59.260 they slapped the network onto their existing 0:40:59.260,0:41:01.049 worker tools which 0:41:01.049,0:41:04.070 were not designed for a hostile environment at all 0:41:04.070,0:41:07.689 they did no consideration whatsoever of securing 0:41:07.689,0:41:12.349 and just dropped a huge number of people on the internet 0:41:12.349,0:41:14.779 essentially naked and unprotected 0:41:14.779,0:41:16.010 and we're still 0:41:16.010,0:41:18.160 dealing with this to this day 0:41:18.160,0:41:19.780 the only thing that was 0:41:19.780,0:41:24.079 impressive about this was Microsoft in a very short period of time was able to 0:41:24.079,0:41:26.209 completely redefine the company 0:41:26.209,0:41:28.410 as an internet company and 0:41:28.410,0:41:32.059 much faster than anyone had thought possible 0:41:32.059,0:41:33.799 Yahoo was founded in 0:41:33.799,0:41:36.409 October ninety seven 0:41:36.409,0:41:37.869 we all know about that 0:41:37.869,0:41:40.549 a Microsoft acquired hot mail 0:41:40.549,0:41:45.289 they were able to do it as fast as they wanted the rumor 0:41:45.289,0:41:48.609 unconfirmed is that they paid 400 million dollars 0:41:48.609,0:41:55.609 for this company that was barely over a year old and had something like ten employees 0:41:59.089,0:42:00.689 quite a coop 0:42:00.689,0:42:05.299 in March of 1998 I and a friend of mine co-founded Sendmail Inc. 0:42:05.299,0:42:06.420 Sendmail 0:42:06.420,0:42:08.759 even with the help of the consortium 0:42:08.759,0:42:13.179 was still stuck with research problems and so we said we can commercialize this 0:42:13.179,0:42:15.649 here's a very well read picture of the 0:42:15.649,0:42:17.160 initial 0:42:17.160,0:42:24.160 people in the company and two of us are still there 0:42:24.630,0:42:30.329 now into the virus era March of 1999 Melissa there was an Outlook 0:42:30.329,0:42:31.809 macrovirus 0:42:31.809,0:42:34.740 was a hypersoft was really kind of 0:42:34.740,0:42:38.929 a worm as much as it was a virus 0:42:38.929,0:42:44.699 in January 2000 the government finally relaxed the encryption policy 0:42:44.699,0:42:45.630 finally admitted it 0:42:45.630,0:42:49.710 that everyone outside the US had encryption anyway 0:42:49.710,0:42:53.439 and so we might as well be able to play in the game 0:42:53.439,0:42:54.859 with the rest of the world 0:42:54.859,0:42:57.079 we immediately put 0:42:57.079,0:43:02.449 encryption TLS encryption into Sendmail all in fact we've already had it implemented 0:43:02.449,0:43:04.239 but we couldn't release it 0:43:04.239,0:43:05.420 and so 0:43:05.420,0:43:07.419 this came out we 0:43:07.419,0:43:13.909 pushed out the version that already had TLS 0:43:13.909,0:43:19.489 what we wanted to do was had the government changed its mind we had to be too late 0:43:19.489,0:43:24.150 so we dot to that really fast but they didn't change their minds but the they may have changed 0:43:24.150,0:43:27.329 not change their mind because they've realized it was 0:43:27.329,0:43:31.069 two weeks later it's too late 0:43:31.069,0:43:33.920 in March of 2000 we 0:43:33.920,0:43:35.570 released an interface called Milter 0:43:35.570,0:43:36.919 this is 0:43:36.919,0:43:39.110 a way to do 0:43:39.110,0:43:42.429 plugins into Sendmail that allow you to do email filtering 0:43:42.429,0:43:45.279 was specifically designed for anti-spam 0:43:45.279,0:43:52.199 the MTA market changed a lot back then or essentially not the market 0:43:52.199,0:43:55.819 the world had been about reliability and 0:43:55.819,0:43:56.450 getting 0:43:56.450,0:43:59.279 mail from A to B without losing it 0:43:59.279,0:44:04.399 and around here was when spam was getting so bad people said no we need to do is not 0:44:04.399,0:44:05.209 forward 0:44:05.209,0:44:06.119 anything that 0:44:06.119,0:44:07.779 might be 0:44:07.779,0:44:10.319 problematic 0:44:10.319,0:44:11.469 and 0:44:11.469,0:44:12.339 April 0:44:12.339,0:44:18.019 2000 the I love you virus this is a Visual Basic virus he had to 0:44:18.019,0:44:22.659 click on it but it's turns out that people couldn't resist clicking on 0:44:22.659,0:44:27.209 a text that's called I love you 0:44:27.209,0:44:31.069 they were sad what can I say 0:44:31.069,0:44:33.260 2001 to the Present 0:44:33.260,0:44:35.699 well we've gone from that 0:44:35.699,0:44:38.229 hundred ten thousand roughly up to 0:44:38.229,0:44:40.299 about four hundred forty million 0:44:40.299,0:44:45.709 well as of the last survey I could find 0:44:45.709,0:44:49.239 0:44:49.239,0:44:55.019 well let's see let's start off with an unequivocal the virus it was kind of one of the symbols 0:44:55.019,0:44:57.760 up Postfix which was a competitor to 0:44:57.760,0:45:00.359 Sendmail was released 0:45:00.359,0:45:03.819 Postfix was actually really good 0:45:03.819,0:45:09.249 alternative and Lisa and I when he was writing Postfix we would exchange a lot of email 0:45:09.249,0:45:12.979 talking but I talked with him at one point before it was released 0:45:12.979,0:45:17.829 and taken surely say much longer than he expected 0:45:17.829,0:45:20.929 I said i asked him how the-mail was going and he said 0:45:20.929,0:45:24.590 well its taken longer than I thought that's that's harder than it looks isn't it 0:45:24.590,0:45:28.869 the it's been an exercise in humility 0:45:28.869,0:45:32.219 so you think that I hate him because he's 0:45:32.219,0:45:33.589 competitor of Sendmail but 0:45:33.589,0:45:36.349 no hes one of the good guys 0:45:36.349,0:45:41.899 the SPR project which was one of the first attempt to do e-mail authentification 0:45:41.899,0:45:44.819 in one sense or another start up 0:45:44.819,0:45:45.560 in 0:45:45.560,0:45:48.159 2003 0:45:48.159,0:45:53.130 also you know oh three was the Sobig.F virus. It was the largest 0:45:53.130,0:45:53.930 attack 0:45:53.930,0:45:58.279 on today using something called .div files program information files 0:45:58.279,0:46:00.549 as attachment 0:46:00.549,0:46:04.509 it was significant because it contained it's own SMTP engine 0:46:04.509,0:46:05.909 up until then 0:46:05.909,0:46:06.869 things have been 0:46:06.869,0:46:12.769 piggybacking on exchange so submitting mail as though you were users submitting from 0:46:12.769,0:46:13.280 Outlook 0:46:13.280,0:46:14.399 this one 0:46:14.399,0:46:15.290 had 0:46:15.290,0:46:18.479 SMTP engine optimized for 0:46:18.479,0:46:20.239 sending out trash 0:46:20.239,0:46:27.239 It had adaptive context so it kept changing itself so it was harder to find fingerprints and self-destructed 0:46:27.459,0:46:30.159 on a particular day. so something 0:46:30.159,0:46:32.509 automated to just kind of disappear 0:46:32.509,0:46:33.579 on one day 0:46:33.579,0:46:36.379 I don't think anybody knows why 0:46:36.379,0:46:40.910 all sort working on domain keys which is a another 0:46:40.910,0:46:45.920 technology for the authentication.I'll talk about that SPF later 0:46:45.920,0:46:51.239 the MyDoom virus came out it was even spread faster was even bigger than 0:46:51.239,0:46:52.329 sobig 0:46:52.329,0:46:53.539 0:46:53.539,0:46:57.479 it's big innovation was that it used network as 0:46:57.479,0:46:59.139 well as e-mail 0:46:59.139,0:47:03.979 and it was specifically designed to infect machines to use them as spam engine so arguably 0:47:03.979,0:47:08.709 this was the beginning of Zombie farms 0:47:08.709,0:47:10.959 In February 2004 0:47:10.959,0:47:14.490 Microsoft announces sender id which was 0:47:14.490,0:47:17.249 really kind of SPF with 0:47:17.249,0:47:19.379 synthetic sure 0:47:19.379,0:47:24.239 and in December of four DKIM work began. DKIM was 0:47:24.239,0:47:26.330 an extension of the domain keys 0:47:26.330,0:47:30.130 there were some experience with domain keys we realize that there were some things that 0:47:30.130,0:47:31.640 needed too 0:47:31.640,0:47:35.079 have improved and so far I was very much involved in the DKIM work 0:47:35.079,0:47:37.059 so that's 0:47:37.059,0:47:41.219 unfortunately the five years I've been working on this stuff now 0:47:41.219,0:47:43.059 and 0:47:43.059,0:47:44.270 2007 0:47:44.270,0:47:47.969 the actual DKIM based sign in spec was 0:47:47.969,0:47:50.900 released much to our relief 0:47:50.900,0:47:52.109 different tack 0:47:52.109,0:47:55.830 some of the early RCs for EAI were published 0:47:55.830,0:47:58.239 and 0:47:58.239,0:48:02.389 toward the end of last year EAI's email address 0:48:02.389,0:48:04.939 e-mail address 0:48:04.939,0:48:06.319 internationalization 0:48:06.319,0:48:09.759 and the idea is you been able to send around 0:48:09.759,0:48:14.779 text in Japanese and so forth there were hacks even have domain names in Japanese 0:48:14.779,0:48:17.160 but you couldn't have an e-mail 0:48:17.160,0:48:17.919 address 0:48:17.919,0:48:19.009 in Japanese 0:48:19.009,0:48:20.149 the EAI says 0:48:20.149,0:48:21.880 we want it to be 0:48:21.880,0:48:24.259 completely 100% international as a whole 0:48:24.259,0:48:26.249 all through e-mail 0:48:26.249,0:48:28.380 a good thing 0:48:28.380,0:48:33.439 a lot of people don't realize that the venerable RC twenty twenty 0:48:33.439,0:48:35.619 one and twenty two which 0:48:35.619,0:48:39.899 were the other internal specs for years were actually just recently 0:48:39.899,0:48:40.409 updated 0:48:40.409,0:48:44.709 so the new numbers you have to memorize are fifty three twenty one in fifty three twenty 0:48:44.709,0:48:47.640 two 0:48:47.640,0:48:48.319 this 0:48:48.319,0:48:51.310 I was the latest map that I could find so this 0:48:51.310,0:48:54.300 pretty old back in 1999 Bill Cheswick 0:48:54.300,0:48:55.589 produced this 0:48:55.589,0:48:57.999 this does not show the hosts 0:48:57.999,0:49:00.769 on the internet this shows the ISPs 0:49:00.769,0:49:03.489 on the internet 0:49:03.489,0:49:06.779 and I won't go into any more detail 0:49:06.779,0:49:09.079 and I don't recall what the 0:49:09.079,0:49:10.409 calling yes 0:49:10.409,0:49:11.719 so 0:49:11.719,0:49:13.339 let me get into this this year 0:49:13.339,0:49:14.590 0:49:14.590,0:49:18.529 probably messaging spam security and authentication 0:49:18.529,0:49:23.519 so lets talk about spamming a little. I wasn't going to talk about spamming but 0:49:23.519,0:49:28.629 ever since I got here people in asking me about it so there's still a lot of interest about it 0:49:28.629,0:49:29.979 obviously 0:49:29.979,0:49:33.599 the stand is arguably an economic issue the cost 0:49:33.599,0:49:34.899 to send 0:49:34.899,0:49:40.429 a message is far lower than the cost to receive it 0:49:40.429,0:49:42.160 if this were true of 0:49:42.160,0:49:44.759 physical junk mail 0:49:44.759,0:49:49.100 then a dump mail truck would come up to my house every day and just dump all the junk mail 0:49:49.100,0:49:51.269 off on my lawn 0:49:51.269,0:49:53.559 but it's not fortunately 0:49:53.559,0:49:57.150 notice that that possible misuse isn't necessarily about 0:49:57.150,0:49:59.819 dollars or yen or anything like that 0:49:59.819,0:50:04.199 it's not currency it can be things like CPU time memory usage 0:50:04.199,0:50:06.519 human time etc 0:50:06.519,0:50:09.530 notice that every single thing we try to do 0:50:09.530,0:50:12.440 to protect ourselves from spam until this point 0:50:12.440,0:50:16.049 has increased the cost to the receiver 0:50:16.049,0:50:20.239 so as we put in more and more antispam security what actually 0:50:20.239,0:50:21.479 move this function 0:50:21.479,0:50:24.479 to be more advantageous for the spammer 0:50:24.479,0:50:27.839 its a little strange 0:50:27.839,0:50:29.690 now there are a bunch of 0:50:29.690,0:50:30.570 possible approaches 0:50:30.570,0:50:32.989 there is of course 0:50:32.989,0:50:35.519 content filtering which is what 0:50:35.519,0:50:40.129 people normally do for example ninety days and filters and so forth this is getting 0:50:40.129,0:50:44.299 pretty close to its limits and it doesn't fix the crossfire 0:50:44.299,0:50:49.060 epostage which is what you really do use some kind of money you can 0:50:49.060,0:50:52.449 attach it to each message 0:50:52.449,0:50:53.919 unfortunately needed any 0:50:53.919,0:50:58.559 pretty huge infrastructure to do all that payment processing and 0:50:58.559,0:51:01.169 that's there's a lot of bickering on how to do that 0:51:01.169,0:51:04.099 and acceptance problems. people don't 0:51:04.099,0:51:08.649 but it's always been afraid i refuse to pay anything to send a message that 0:51:08.649,0:51:10.909 we're going to ask you to do 0:51:10.909,0:51:12.400 a tenth of a cent 0:51:12.400,0:51:18.709 hundredth of the cent promotes per message. no no its too expensive. I can't afford it 0:51:18.709,0:51:23.479 that's a legitimate concerns about some elements that sort of thing they're work around 0:51:23.479,0:51:24.999 challenge response is 0:51:24.999,0:51:26.350 popular 0:51:26.350,0:51:31.020 when you get mail from someone the never talked to before you send them back challenge if they 0:51:31.020,0:51:35.739 would respond there's a human being on the other hand what the bill through 0:51:35.739,0:51:37.039 unfortunately a lot of 0:51:37.039,0:51:37.650 people 0:51:37.650,0:51:41.319 get the challenges are spam and never replied 0:51:41.319,0:51:47.049 five thousand scale well it's particularly bad for 0:51:47.049,0:51:50.350 automated systems that are trying to send out mail like your bank 0:51:50.350,0:51:52.430 sending your bank statements 0:51:52.430,0:51:54.599 just don't respond well to that 0:51:54.599,0:51:56.239 challenge response 0:51:56.239,0:51:58.230 havshcash is 0:51:58.230,0:52:01.179 technique to do CPU 0:52:01.179,0:52:02.270 using time 0:52:02.270,0:52:04.469 CPU time memory 0:52:04.469,0:52:05.199 whatever 0:52:05.199,0:52:10.180 it's completely useless for Zombie farms because they're not burning their own resources they're 0:52:10.180,0:52:10.680 burning 0:52:10.680,0:52:14.099 some victims resources so what's the point 0:52:14.099,0:52:18.829 gray listing is where you get a message from somebody that you never seen before you 0:52:18.829,0:52:21.559 do a temporary failure on it 0:52:21.559,0:52:26.249 and wait for them to come back is there is generally don't have a cue as a cue is 0:52:26.249,0:52:27.259 expensive 0:52:27.259,0:52:30.469 but it turns out they don't actually have to have a cue because they don't change 0:52:30.469,0:52:33.079 the message very much that isn't it 0:52:33.079,0:52:36.989 he trying these things multiple times are going back to keep track of what happened 0:52:36.989,0:52:41.549 before you just try multiple times if three copies of their message gets through all the better 0:52:41.549,0:52:44.779 that 0:52:44.779,0:52:48.130 and on of course authentication that this is the 0:52:48.130,0:52:51.379 if we know who actually sent the message 0:52:51.379,0:52:54.099 maybe we can hunt down and kill them 0:52:54.099,0:52:54.750 the 0:52:54.750,0:52:56.539 0:52:56.539,0:52:58.019 maybe not kill them 0:52:58.019,0:53:00.049 there's something a little less 0:53:00.049,0:53:05.600 that is insufficient by itself people go how well what authenticated that's good right 0:53:05.600,0:53:09.499 well spammer can authenticate as themselves 0:53:09.499,0:53:16.499 so you're saying it's authenticate it doesn't mean it's still something you don't want to read 0:53:16.529,0:53:17.519 so 0:53:17.519,0:53:19.749 let me just talk about fish in the little bit 0:53:19.749,0:53:22.750 fishing and spamming are not quite the same thing although there's often 0:53:22.750,0:53:24.459 a lot of overlap 0:53:24.459,0:53:28.679 fishing is trying to track some money into giving up some cards had a private information 0:53:28.679,0:53:33.939 too often to get a bank account information or older than he needed to identity theft 0:53:33.939,0:53:37.599 it's not limited to do e-mail and it's not 0:53:37.599,0:53:42.220 the Nigerian or four nineteen spam was working in physical mail 0:53:42.220,0:53:45.699 long before it hit the-mail I have personally receive 0:53:45.699,0:53:47.859 those badly typed 0:53:47.859,0:53:48.849 letters 0:53:48.849,0:53:54.720 that were exactly of four elections than I am and Nigerian dictator in these to get 0:53:54.720,0:54:01.099 a hundred million dollars out and you've been identified as the trustworthy dot dot dot 0:54:01.099,0:54:05.430 pranksters have been preying on the elderly as long as there have been elderly 0:54:05.430,0:54:09.029 so for none of this is new 0:54:09.029,0:54:10.170 that's true 0:54:10.170,0:54:14.859 basic forms of vision was one call your shop and fishing which is really just 0:54:14.859,0:54:19.759 send out these things to enough people I hope in some ways to promote the body 0:54:19.759,0:54:22.669 which works by the way unfortunately 0:54:22.669,0:54:27.589 are there still people think you can get something for nothing 0:54:27.589,0:54:30.079 well what's being called spear fishing 0:54:30.079,0:54:31.890 he is actually pretty bad 0:54:31.890,0:54:37.259 this is where they actually spend a fair amount of time researching an individual 0:54:37.259,0:54:39.889 they do a custom-made 0:54:39.889,0:54:40.939 message 0:54:40.939,0:54:47.120 I have received some of these things that for example claim to be from the IRS saying that 0:54:47.120,0:54:48.369 so no I didn't 0:54:48.369,0:54:52.130 something earlier about this them 0:54:52.130,0:54:53.339 some of them 0:54:53.339,0:54:58.469 with some of our forms somewhere and it has leader urgent that we contact some so immediately 0:54:58.469,0:54:59.230 or else 0:54:59.230,0:55:00.859 then the forced 0:55:00.859,0:55:01.979 we're actually were 0:55:01.979,0:55:04.479 forced to freeze all of our bank accounts 0:55:04.479,0:55:09.670 and so forth they know who I am and also with the company 0:55:09.670,0:55:12.959 not a thing that people will do it is %uh 0:55:12.959,0:55:14.649 people throw away 0:55:14.649,0:55:18.269 but bank saying some things that have the last four digits of your account number on 0:55:18.269,0:55:18.759 it 0:55:18.759,0:55:22.189 which is perfectly safe because they don't have a whole credit card number 0:55:22.189,0:55:23.900 well I'm wrong that right 0:55:23.900,0:55:26.060 all that out dumpster no I didn't 0:55:26.060,0:55:29.189 they send you a letter claiming to be from your 0:55:29.189,0:55:30.980 %uh credit card prior 0:55:30.980,0:55:35.570 they have the last four digits of your account number to give you exactly the same information 0:55:35.570,0:55:36.770 that you're legitimate 0:55:36.770,0:55:40.389 credit card company would 0:55:40.389,0:55:41.239 and 0:55:41.239,0:55:43.159 that's a lot easier to trick people 0:55:43.159,0:55:46.819 they can't stand significant money 0:55:46.819,0:55:49.329 talking to someone 0:55:49.329,0:55:51.849 so up 0:55:51.849,0:55:54.549 one other thing about the fishing know which is 0:55:54.549,0:55:58.690 but the cracker what I just described attackers lot of Harvard be 0:55:58.690,0:56:00.480 pretend to be someone you trust 0:56:00.480,0:56:05.160 an authentication can actually help with that if it claims to be from one bank and would 0:56:05.160,0:56:06.799 not from my bank 0:56:06.799,0:56:11.089 and we're done 0:56:11.089,0:56:11.900 0:56:11.900,0:56:15.399 there's really two forms of authentication 0:56:15.399,0:56:16.859 and the standards 0:56:16.859,0:56:20.839 I'm not stand ready an FBI forms of half days 0:56:20.839,0:56:22.620 plus which is where where you look 0:56:22.620,0:56:25.539 our message across to you whose sending 0:56:25.539,0:56:29.579 they're sending the message to you and is it possible that they would be sending a message 0:56:29.579,0:56:31.799 claiming to be from my bank 0:56:31.799,0:56:34.420 they were signature base which is where you do 0:56:34.420,0:56:38.599 he's public encryption to do put digital signature on the message 0:56:38.599,0:56:41.380 I mean there are these 0:56:41.380,0:56:46.129 authenticate users a lot of the key domains because of the key management problems 0:56:46.129,0:56:49.950 and both of them can authenticate malicious messages so this 0:56:49.950,0:56:52.549 not perfect 0:56:52.549,0:56:56.200 it did him in 0:56:56.200,0:56:57.970 potentially the cold war 0:56:57.970,0:56:59.869 consistently if we could get 0:56:59.869,0:57:01.319 Bob the entire network 0:57:01.319,0:57:03.449 to never mind your message 0:57:03.449,0:57:09.049 I wish probably can happen in hundred years or so 0:57:09.049,0:57:13.589 I didn't get a talk show on this you know who wants to be the first person sons message 0:57:13.589,0:57:14.389 well 0:57:14.389,0:57:16.969 we expected the recipients would want that 0:57:16.969,0:57:21.100 because they want to protect themselves but it turns out has been descenders like the banks 0:57:21.100,0:57:24.069 they have really really been pushing us 0:57:24.069,0:57:27.529 plus some of the forward looking 0:57:27.529,0:57:28.670 places like Google 0:57:28.670,0:57:34.499 have been using DKIMand of the SP up for some time 0:57:34.499,0:57:35.800 one important thing 0:57:35.800,0:57:37.359 for a transition period 0:57:37.359,0:57:39.169 you have to 0:57:39.169,0:57:41.859 allow unsigned mail to come in 0:57:41.859,0:57:43.790 because that's the way it's always been 0:57:43.790,0:57:46.520 and he can't just bring the world that we've moved in 0:57:46.520,0:57:48.070 we will never have 0:57:48.070,0:57:52.769 another flag day on the internet like that and just can't happen at this point 0:57:52.769,0:57:58.709 so what you'd like is for a the banks and to be able to somehow tell you I signed all 0:57:58.709,0:58:00.939 my message is so if you 0:58:00.939,0:58:05.889 but if you get an unsigned message that claims to be for me it's not for me 0:58:05.889,0:58:10.229 interior up argument signed in Paris is eight the SP 0:58:10.229,0:58:12.890 and this is very controversial and still 0:58:12.890,0:58:16.199 stuck in the working group 0:58:16.199,0:58:19.880 I want to emphasize that 0:58:19.880,0:58:21.799 evacuations is not 0:58:21.799,0:58:24.639 because members can authenticate 0:58:24.639,0:58:30.609 and we can't leave it to humans either because of things like cousin domains 0:58:30.609,0:58:34.989 but he had a Ebay billing was a famous one that was not associate with 0:58:34.989,0:58:36.699 the bay in any way 0:58:36.699,0:58:39.689 and was trying to frighten people 0:58:39.689,0:58:42.299 so let me talk a little bit about the camera 0:58:42.299,0:58:45.149 which is what I've been working on mostly 0:58:45.149,0:58:47.959 I just wanted to specifications 0:58:47.959,0:58:48.980 one is the 0:58:48.980,0:58:54.929 the signature at the base standards which tells how to sign and verified message 0:58:54.929,0:58:56.840 I've heard a lot of work and the other one 0:58:56.840,0:59:02.090 no one is the sign in practices which is how to interpret on science messages on that one 0:59:02.090,0:59:04.989 has gotten laid down in the works 0:59:04.989,0:59:06.529 and at this point on 0:59:06.529,0:59:08.939 I walked away from it because 0:59:08.939,0:59:10.129 that's amazing 0:59:10.129,0:59:13.049 how many hours people can spend arguing about 0:59:13.049,0:59:14.719 the meaning of 0:59:14.719,0:59:19.359 relatively simple words 0:59:19.359,0:59:21.439 the way you can get away with it 0:59:21.439,0:59:28.299 is to use other DMS to destroy your public he's since policies can indeed be public 0:59:28.299,0:59:31.599 you are rich off of this exist in the world war 0:59:31.599,0:59:34.479 distributed database to get the keys out 0:59:34.479,0:59:37.490 this is a little unusual because normally 0:59:37.490,0:59:40.349 you don't have something that is so simple to this 0:59:40.349,0:59:45.430 we do not by the way he serves we don't have a assigning tree or anything like that it's 0:59:45.430,0:59:47.469 just to keep pair 0:59:47.469,0:59:49.119 because if you're asking 0:59:49.119,0:59:53.269 the purported Sendmail to give you the republican or 0:59:53.269,0:59:54.639 reported sender 0:59:54.639,0:59:56.199 to give them 0:59:56.199,1:00:00.109 their home and he give you their publication 1:00:00.109,1:00:01.309 I mean 1:00:01.309,1:00:03.299 presumably contrast that 1:00:03.299,1:00:04.369 presumably 1:00:04.369,1:00:05.809 now there are people who 1:00:05.809,1:00:07.709 would like to put search 1:00:07.709,1:00:11.749 and investigators social security that probably will go through some point 1:00:11.749,1:00:14.339 but it probably won't be necessary 1:00:14.339,1:00:17.729 with the the 1:00:17.729,1:00:18.729 I'm 1:00:18.729,1:00:23.079 possibility of theft of keys is one of the nice ones is 1:00:23.079,1:00:25.799 if you get mail 1:00:25.799,1:00:30.900 they signed from a domain you don't know about how do you know that that's a good omen were 1:00:30.900,1:00:33.940 not while reputation which I've got to 1:00:33.940,1:00:37.079 is the major approach but if you had 1:00:37.079,1:00:42.549 it's signed by someone that has served so the key itself was signed by someone else 1:00:42.549,1:00:45.799 you could ask is that 1:00:45.799,1:00:49.890 and that gives you some of the reputation is called of 1:00:49.890,1:00:52.640 %uh accreditation 1:00:52.640,1:00:56.269 and it sort of gives you the poor man's her accreditation 1:00:56.269,1:00:59.619 %uh they're also of course the places that wants to 1:00:59.619,1:01:04.219 I was moved towards first because they can't make a living so on 1:01:04.219,1:01:07.979 as they think this is a fine idea is building 1:01:07.979,1:01:11.319 what was the 1:01:11.319,1:01:16.079 it really did do it obviously would 1:01:16.079,1:01:19.109 that's that's 1:01:19.109,1:01:21.219 what's the response 1:01:21.219,1:01:23.069 there is nobody there 1:01:23.069,1:01:24.739 yes 1:01:24.739,1:01:27.230 the you have built into your browser 1:01:27.230,1:01:30.910 Obama assures jurors that are prosperous should say 1:01:30.910,1:01:33.779 Sonya forties that are trusted 1:01:33.779,1:01:39.469 it because you believe that they're not going to start really signing one ski 1:01:39.469,1:01:40.640 exactly the same thing 1:01:40.640,1:01:43.479 think for a minute 1:01:43.479,1:01:46.130 the quality the city 1:01:46.130,1:01:49.159 yeah 1:01:49.159,1:01:50.469 the 1:01:50.469,1:01:56.160 you can first of all a matter of places that would actually 1:01:56.160,1:02:00.349 make sure that you are legitimate but you at least have a mailing address that really 1:02:00.349,1:02:01.529 works 1:02:01.529,1:02:06.219 that the people who claimed on the company actually exists 1:02:06.219,1:02:09.799 simple things like that and somebody could make a fair amount of money 1:02:09.799,1:02:13.069 the in certifying agency that 1:02:13.069,1:02:14.429 this is your views 1:02:14.429,1:02:19.169 to sign anything where they had check you out for 1:02:19.169,1:02:22.599 they and there are places that do that for the world as well but you're right some of 1:02:22.599,1:02:23.449 them are 1:02:23.449,1:02:27.459 in a tent lots of course inside turkey 1:02:27.459,1:02:30.619 sometimes it's not that expensive 1:02:30.619,1:02:33.099 %um 1:02:33.099,1:02:37.799 an hour to talk about signing practices unfortunately it's got water down to the point where our 1:02:37.799,1:02:44.039 in my opinion it's not terribly useful in or 1:02:44.039,1:02:49.049 so we're at the station is the usual way you deal with that 1:02:49.049,1:02:50.130 the message too 1:02:50.130,1:02:54.059 I threw it out of the message comes from the bagel in Dakar 1:02:54.059,1:02:59.069 okay because I've gotten their public he is verify is so important step in mathematics 1:02:59.069,1:03:00.370 and cruel 1:03:00.370,1:03:01.709 provable 1:03:01.709,1:03:08.359 Joe I want to talk to he made a one dot com don't believe them go on record on that one 1:03:08.359,1:03:13.869 and the usual approach his reputation what we know about you being the one dot com 1:03:13.869,1:03:15.029 that reputation 1:03:15.029,1:03:17.179 it's been around for a long time 1:03:17.179,1:03:19.689 in the form of Diana's black homeless 1:03:19.689,1:03:26.249 as only negative reputation can say but it remains good of the comoros a that 1:03:26.249,1:03:28.049 and of course 1:03:28.049,1:03:32.639 bad guys are switching around like he addresses all time so 1:03:32.639,1:03:35.429 those lists are always tell 1:03:35.429,1:03:37.959 so in fact 1:03:37.959,1:03:38.599 helpful 1:03:38.599,1:03:42.480 but it's not actually all that great the main event he gives you his 1:03:42.480,1:03:45.109 they a black hole 1:03:45.109,1:03:47.170 huge address bases that are 1:03:47.170,1:03:48.729 %um 1:03:48.729,1:03:51.519 for example dialogue but he 1:03:51.519,1:03:52.459 don't love 1:03:52.459,1:03:56.430 like the address this thing know nobody should ever be sending 1:03:56.430,1:04:00.280 mail from those demands that don't go through their providers mail services and that action 1:04:00.280,1:04:02.599 does help a lot 1:04:02.599,1:04:06.380 positive reputation on the other hand is really hard to do 1:04:06.380,1:04:11.149 our because it breaks the world as we know it 1:04:11.149,1:04:16.049 so right now there has been some sense a presumption of innocence 1:04:16.049,1:04:20.239 when you receive email from so that you've never seen it before well it might be would 1:04:20.239,1:04:21.829 you let me go 1:04:21.829,1:04:22.889 Spanish actor 1:04:22.889,1:04:26.159 so for but it might be legitimate 1:04:26.159,1:04:30.729 if you go to a world where you looked out and say well if they have no 1:04:30.729,1:04:32.579 known reputation 1:04:32.579,1:04:36.549 there is probably bad think it's probably a stammer as the jury 1:04:36.549,1:04:37.849 you know thousand 1:04:37.849,1:04:40.359 I can remember what the 1:04:40.359,1:04:42.409 number is ours 1:04:42.409,1:04:44.569 thousands of new domain stumble 1:04:44.569,1:04:46.199 online every day 1:04:46.199,1:04:49.749 first anniversary exists only for a day or so and then they go away 1:04:49.749,1:04:53.369 to send a lot of the middle of the day 1:04:53.369,1:04:54.289 so 1:04:54.289,1:04:58.099 how does does a small player join the club 1:04:58.099,1:05:04.229 without having a positive reputation to begin with the legitimate small player 1:05:04.229,1:05:05.829 this is 1:05:05.829,1:05:08.989 still a months old pro 1:05:08.989,1:05:11.849 we may end up going to a closed society 1:05:11.849,1:05:14.920 if you don't have somebody to introduce to you 1:05:14.920,1:05:15.529 then 1:05:15.529,1:05:17.599 you can't get your mail for 1:05:17.599,1:05:22.619 %uh this is actually been true in human society for a long long time so it's not the end of 1:05:22.619,1:05:26.279 the world but it does have some 1:05:26.279,1:05:28.199 unfortunate 1:05:28.199,1:05:31.480 implications and there's going to have to be exceptions sales tax 1:05:31.480,1:05:38.480 anything that Tom Foley is going to want to reject mail from people that heard of before 1:05:38.749,1:05:42.300 about I will point out challenge responses of a chance to 1:05:42.300,1:05:45.019 this is to create a closed society 1:05:45.019,1:05:46.679 we have 1:05:46.679,1:05:48.519 attacks in their house 1:05:48.519,1:05:52.359 if you will a proven true test to try and see if there's a human being on the other 1:05:52.359,1:05:54.199 end of the line 1:05:54.199,1:05:57.229 as a lot of places that would love to do it credit nation 1:05:57.229,1:05:58.889 which is where they'll say 1:05:58.889,1:06:01.039 how about for you 1:06:01.039,1:06:02.949 for a fee 1:06:02.949,1:06:04.850 even having the base of money 1:06:04.850,1:06:08.339 does have value because they have to give it credit card number 1:06:08.339,1:06:11.270 and it has to go through the crack of service in your 1:06:11.270,1:06:12.339 essentially 1:06:12.339,1:06:13.880 one emerging off the 1:06:13.880,1:06:16.309 credit cards 1:06:16.309,1:06:18.609 companies work on reputation 1:06:18.609,1:06:19.869 well I don't know 1:06:19.869,1:06:21.399 the possibility 1:06:21.399,1:06:23.439 the likelihood of 1:06:23.439,1:06:29.269 stolen credit cards 1:06:29.269,1:06:32.189 what a lot of people say it as well you know we 1:06:32.189,1:06:33.989 why don't we just 1:06:33.989,1:06:37.919 here's another media messages 1:06:37.919,1:06:43.209 yes well as a messenger who doesn't have spent all that's why I did it get 1:06:43.209,1:06:48.619 message is pretty much every day from so and so sexy teenage foxy girls 1:06:48.619,1:06:51.369 morning to get it wrong with me 1:06:51.369,1:06:53.409 Collins then as it's called 1:06:53.409,1:06:56.640 on is has been a problem for a while it is doing that 1:06:56.640,1:06:58.939 yeah 1:06:58.939,1:07:00.280 authentication helps 1:07:00.280,1:07:04.279 but it's just too easy to get 1:07:04.279,1:07:08.169 all social networking storage tank was the problem will just use 1:07:08.169,1:07:09.499 social networking 1:07:09.499,1:07:11.619 and use that for all or up 1:07:11.619,1:07:15.299 e-mail and in so you've got to be a friend of mine 1:07:15.299,1:07:19.829 well it turns out has recently there's been a lot of publicity 1:07:19.829,1:07:22.209 of worms in virus is that going to 1:07:22.209,1:07:24.939 %uh my face and Facebook and 1:07:24.939,1:07:28.609 what not an issue 1:07:28.609,1:07:31.649 you are you will accidentally 1:07:31.649,1:07:33.929 sanders down to your friends 1:07:33.929,1:07:36.599 it would generally come from you 1:07:36.599,1:07:37.529 and so they 1:07:37.529,1:07:41.479 are more likely to trust you so what is actually almost 1:07:41.479,1:07:43.099 works 1:07:43.099,1:07:43.790 them 1:07:43.790,1:07:46.219 the male staffer 1:07:46.219,1:07:48.519 and it's this 1:07:48.519,1:07:51.109 on internet telephony spam spam over internet 1:07:51.109,1:07:52.339 it taught me 1:07:52.339,1:07:55.469 on his was just placed a growth industry 1:07:55.469,1:07:57.919 I wish is going to get 1:07:57.919,1:07:59.139 unbelievably bad 1:07:59.139,1:08:00.449 sometime soon 1:08:00.449,1:08:05.529 so some speculations on the future here that these are speculations my opinion 1:08:05.529,1:08:09.819 I can't justify the runway 1:08:09.819,1:08:11.149 miss first term 1:08:11.149,1:08:12.839 I think we will get 1:08:12.839,1:08:14.739 some authenticated mail out there 1:08:14.739,1:08:18.789 %uh there will be some center reputation and we'll roll 1:08:18.789,1:08:22.079 with time it will grow as quickly as i'd like 1:08:22.079,1:08:23.509 they've done it will 1:08:23.509,1:08:25.439 happen and it will start to grow 1:08:25.439,1:08:27.859 and it will be useful in only 1:08:27.859,1:08:31.710 because when you can get of not people 1:08:31.710,1:08:34.119 authenticated and they have good reputation 1:08:34.119,1:08:39.489 the probability that the other male is then goes us the and actually 1:08:39.489,1:08:41.960 Tarnoff use them filters sensitivity 1:08:41.960,1:08:44.079 so if you will it will be a 1:08:44.079,1:08:46.759 well why didn't he was around 1:08:46.759,1:08:50.770 existence of them soldiers not something that is this by itself 1:08:50.770,1:08:55.000 all we will see movement toward e-mail address internationalization once again is going to 1:08:55.000,1:08:56.529 be relatively slow 1:08:56.529,1:09:01.689 the reason for that is because there's a part of our problem not which is downgrading 1:09:01.689,1:09:02.880 a message for men 1:09:02.880,1:09:04.659 in our national life 1:09:04.659,1:09:05.900 Mel which by the way 1:09:05.900,1:09:08.849 what they're looking at it saying we're going to use you Sheila Tate 1:09:08.849,1:09:12.000 for everything we're talking to declare the characters that we just 1:09:12.000,1:09:13.730 he issued yesterday 1:09:13.730,1:09:16.619 with low vision done years ago 1:09:16.619,1:09:17.819 Bob that 1:09:17.819,1:09:22.809 taking AZT a great message and downgrading them soon ask the message it is 1:09:22.809,1:09:24.420 almost impossible 1:09:24.420,1:09:25.690 and I did 1:09:25.690,1:09:27.099 and that's important 1:09:27.099,1:09:32.889 the daylights tensions in to send them all and release them yet 1:09:32.889,1:09:37.249 try to do the downgrading and finally came to the conclusion that there's certain things 1:09:37.249,1:09:39.139 we just have to guess 1:09:39.139,1:09:41.989 and you might not guess right all the time 1:09:41.989,1:09:43.830 so my inclination to say 1:09:43.830,1:09:47.589 I will not allow downgrading 1:09:47.589,1:09:52.139 the FAA on the message will bounce back me up set down great message to begin with that 1:09:52.139,1:09:56.360 will slow adoption 1:09:56.360,1:10:00.719 the people young people in particular are moving off of us and to keep this now we're 1:10:00.719,1:10:05.199 going into things like playing on people's walls and Facebook 1:10:05.199,1:10:07.250 polymarker warnings investigating 1:10:07.250,1:10:12.659 so forth that is going to continue 1:10:12.659,1:10:15.679 take pot 1:10:15.679,1:10:17.340 a lot of people say 1:10:17.340,1:10:19.250 partially because people them 1:10:19.250,1:10:22.510 moving on to these things that are said to be is that 1:10:22.510,1:10:24.340 but I think that indeed he is dead 1:10:24.340,1:10:26.010 what would that send to AP 1:10:26.010,1:10:28.280 as and he's not going away 1:10:28.280,1:10:30.860 a lot of reasons 1:10:30.860,1:10:34.860 are some things that could be dealt with this one of the big proposals is to switch from 1:10:34.860,1:10:37.059 a portion or all of the-mail where 1:10:37.059,1:10:38.380 the center 1:10:38.380,1:10:39.830 connects to the recipient 1:10:39.830,1:10:41.420 this year's the male take it 1:10:41.420,1:10:43.159 to uphold 1:10:43.159,1:10:47.649 model where the recipient just sends a short message to have male for you here and then 1:10:47.649,1:10:48.789 the 1:10:48.789,1:10:49.880 recipient 1:10:49.880,1:10:51.159 polls back for it 1:10:51.159,1:10:53.219 when it's convenient for them to do so 1:10:53.219,1:10:55.909 that does show that the cost function 1:10:55.909,1:10:57.699 so the %uh 1:10:57.699,1:11:00.020 the center actually has to 1:11:00.020,1:11:01.210 have some of 1:11:01.210,1:11:04.900 infrastructure there they have to be prepared to use the word was mail 1:11:04.900,1:11:09.110 that's not true 1:11:09.110,1:11:12.399 he's still going to be in the essence the structure I think 1:11:12.399,1:11:16.869 the essentially is a sensible and can do almost anything with the exceptions it's going to 1:11:16.869,1:11:17.890 be good enough 1:11:17.890,1:11:19.780 for a long time 1:11:19.780,1:11:20.789 I think 1:11:20.789,1:11:26.360 in the medium term we will succeed in getting the GSA absolutely everywhere 1:11:26.360,1:11:30.689 that's about the only people who have to ask the e-mail will be 1:11:30.689,1:11:34.979 the people who listen to peace are rich and other pressures and they can't go out and 1:11:34.979,1:11:36.620 upgrade the 1:11:36.620,1:11:40.760 of so I I'm pretty optimistic on that 1:11:40.760,1:11:41.920 and 1:11:41.920,1:11:44.900 most e-mail is going to end up being opposed to the providers 1:11:44.900,1:11:48.039 it's gotten so much harder to run in this juror 1:11:48.039,1:11:51.440 now than it was twenty years ago or ten years ago were you 1:11:51.440,1:11:53.760 five years ago for a lot of reasons 1:11:53.760,1:11:56.419 the gallery reasons for example 1:11:56.419,1:12:01.670 there's a lot of new laws that apply to the mail and retention and so forth 1:12:01.670,1:12:06.440 you really don't want to push that off onto somebody else who can worry about it so 1:12:06.440,1:12:09.790 lots of companies for example who used to run the Romanov's jurors 1:12:09.790,1:12:12.089 are moving to Jeanette 1:12:12.089,1:12:13.230 and I think you'll see 1:12:13.230,1:12:15.239 more of that I think you'll see a lot 1:12:15.239,1:12:16.169 more of that 1:12:16.169,1:12:17.989 I don't think we'll get to the 1:12:17.989,1:12:21.489 place where there are three companies in the entire world that 1:12:21.489,1:12:23.400 have-mailboxes 1:12:23.400,1:12:26.920 although there would actually be certain advantages to that 1:12:26.920,1:12:29.270 they won't get any more like that but 1:12:29.270,1:12:32.459 of small companies 1:12:32.459,1:12:37.729 don't want to deal with that 1:12:37.729,1:12:39.639 so some larger thoughts 1:12:39.639,1:12:45.449 %uh casual messaging well and he continued to move away from essence few days now 1:12:45.449,1:12:48.440 you see more and more start going through this book 1:12:48.440,1:12:50.300 %um %um 1:12:50.300,1:12:52.969 more and more self-government arrangements again 1:12:52.969,1:12:55.129 people forty eight 1:12:55.129,1:12:57.189 instant gratification 1:12:57.189,1:13:00.440 and I am give somebody a man told us 1:13:00.440,1:13:03.869 he also sits there with mobile usage and 1:13:03.869,1:13:07.770 is there anyone in this room who is not secure and one of these 1:13:07.770,1:13:12.189 anyone who wants to admit that their letter I didn't think so 1:13:12.189,1:13:15.360 I e-mail is not going to die 1:13:15.360,1:13:16.329 on this 1:13:16.329,1:13:18.610 been predicted that that's just not true 1:13:18.610,1:13:20.420 it's to us into business 1:13:20.420,1:13:24.980 it's to a lawsuit in places where you can really yes and water message 1:13:24.980,1:13:27.760 you have to think about what you're saying 1:13:27.760,1:13:29.149 for the standard 1:13:29.149,1:13:31.949 %uh it's the if you got 1:13:31.949,1:13:34.709 security and regulatory issues up 1:13:34.709,1:13:37.949 there are real problems with instant message in 1:13:37.949,1:13:43.110 one of the things is it totally artificial is that tax to have some us 1:13:43.110,1:13:47.349 I saw a lot of money in a light two cents attacks 1:13:47.349,1:13:49.360 constant so companies as euro 1:13:49.360,1:13:54.329 to do that effectively zero when they put this cost on it and they're making 1:13:54.329,1:13:55.230 fortune 1:13:55.230,1:13:56.400 off of that 1:13:56.400,1:14:00.320 and that will be enough people say I don't want to pay a tenth of a cent for e-mail but 1:14:00.320,1:14:01.549 there will end soon 1:14:01.549,1:14:04.000 the two sides for anathema us 1:14:04.000,1:14:05.820 this is crazy 1:14:05.820,1:14:07.489 I'm hoping that won't go away 1:14:07.489,1:14:11.260 the other thing is that as you get into the business world were more you're dealing with 1:14:11.260,1:14:12.909 people across time zones 1:14:12.909,1:14:14.510 %uh when you're a hacker 1:14:14.510,1:14:16.810 and you're up around the clock ticking away 1:14:16.810,1:14:21.410 that's not such a big deal but when we start to get into the more conventional world actually 1:14:21.410,1:14:22.489 kind of the monarchy 1:14:22.489,1:14:24.190 and you get married you have kids 1:14:24.190,1:14:25.239 he started 1:14:25.239,1:14:28.679 go on to a more conventional schedule 1:14:28.679,1:14:30.079 that distinction 1:14:30.079,1:14:31.370 that's what you know 1:14:31.370,1:14:32.760 he's investigating 1:14:32.760,1:14:38.780 and even voice he's going to be were it's already boring as it were and more than that 1:14:38.780,1:14:41.270 I actually were talking about that 1:14:41.270,1:14:44.019 of little bit in the last one 1:14:44.019,1:14:48.900 and I think there's a lot of very interesting work to be done again the computer human interface 1:14:48.900,1:14:49.949 of the-mail 1:14:49.949,1:14:51.589 right now the-mail 1:14:51.589,1:14:54.479 but e-mails started off as a in box here 1:14:54.479,1:14:56.489 Carol Millhouse you go through them 1:14:56.489,1:15:00.639 it's gotten to the point where it's sort of like it down secretary him to sort out the 1:15:00.639,1:15:01.550 junk mail 1:15:01.550,1:15:02.959 and give you the rest of it 1:15:02.959,1:15:06.670 e-mails should be news of New York should say he messaging 1:15:06.670,1:15:08.380 is there any light eight 1:15:08.380,1:15:10.409 really the executive and then 1:15:10.409,1:15:13.810 who knows what it is you're doing can deal with 1:15:13.810,1:15:18.030 and that is so rotten that stuff that you actually cancer this stuff 1:15:18.030,1:15:18.849 where is not 1:15:18.849,1:15:20.400 a difficult time 1:15:20.400,1:15:24.840 who can sort of the things into an order and say this is the most important thing for you 1:15:24.840,1:15:27.300 to deal with right now 1:15:27.300,1:15:30.880 your mind you know when someone for meeting is coming up 1:15:30.880,1:15:31.980 who will 1:15:31.980,1:15:33.020 you know when 1:15:33.020,1:15:37.319 you call a meeting and people have responded will go off and and 1:15:37.319,1:15:38.340 do you know about it 1:15:38.340,1:15:40.260 etc, etc. 1:15:40.260,1:15:45.389 there's a huge amount of work that can happen here 1:15:45.389,1:15:49.479 what scares me is unified message in almost a month or 1:15:49.479,1:15:52.969 too many messaging services in applications out there 1:15:52.969,1:15:55.919 well I think there's too much 1:15:55.919,1:15:58.330 overlap and there's not enough compatibility 1:15:58.330,1:16:00.989 I want to show you a little chart that I made up 1:16:00.989,1:16:02.560 just lost couple days 1:16:02.560,1:16:09.560 all of the services in applications on the stars are ones by personal use 1:16:10.520,1:16:15.219 just run through this week or two 1:16:15.219,1:16:17.110 we start with Haiti and it 1:16:17.110,1:16:20.599 originally started out as an ally and application 1:16:20.599,1:16:26.719 it does I am really does that somehow some lawyers Roosevelt for Israel 1:16:26.719,1:16:32.040 bosses from the board life where I think also for him or whatever it does have its own address 1:16:32.040,1:16:33.800 book 1:16:33.800,1:16:35.409 the hum 1:16:35.409,1:16:36.729 right 1:16:36.729,1:16:40.110 on or is it was designed originally as a up 1:16:40.110,1:16:41.739 of course acquisitions 1:16:41.739,1:16:43.630 but it's not a all right and wrong headed 1:16:43.630,1:16:45.509 it's kind of a deal now 1:16:45.509,1:16:50.729 it will called for him 1:16:50.729,1:16:52.169 %um 1:16:52.169,1:16:54.489 for additional money 1:16:54.489,1:16:56.460 you can't do that by definition is that 1:16:56.460,1:16:59.199 for additional monies was time for a little 1:16:59.199,1:17:00.540 in the case 1:17:00.540,1:17:02.339 money changes hands 1:17:02.339,1:17:07.219 you know that's a nice for income in or outgoing calls so I am 1:17:07.219,1:17:09.460 outgoing start flying but no in coming 1:17:09.460,1:17:11.840 strike one 1:17:11.840,1:17:17.899 well lawyers which was up from Seoul a couple of days ago was called grand central 1:17:17.899,1:17:21.169 %uh Harris 1:17:21.169,1:17:22.420 mister President 1:17:22.420,1:17:27.710 for its part is not but the no three there is that there are other this who was talk 1:17:27.710,1:17:29.070 as well 1:17:29.070,1:17:33.210 and so in some sense is closely related so that's kind of the US 1:17:33.210,1:17:35.570 because unless the masses those two boys 1:17:35.570,1:17:39.340 it doesn't invade year old yes 1:17:39.340,1:17:40.409 Bobbie 1:17:40.409,1:17:44.269 that's a incoming calls 1:17:44.269,1:17:46.680 in fact that's the whole point 1:17:46.680,1:17:48.999 who was 1:17:48.999,1:17:50.870 you can do and how going 1:17:50.870,1:17:57.239 calls in the US yet to take action if you want to do international outgoing calls 1:17:57.239,1:18:02.139 %um 1:18:02.139,1:18:04.469 he did not have a call for him 1:18:04.469,1:18:09.530 no that's what it was designed to do and recently he can actually called for not just to of 1:18:09.530,1:18:13.089 regular phone number on what's called a PSA and 1:18:13.089,1:18:15.709 up 1:18:15.709,1:18:18.769 public's something telephone network 1:18:18.769,1:18:20.020 %um 1:18:20.020,1:18:22.329 sorry I should know that 1:18:22.329,1:18:24.020 so that's what you have 1:18:24.020,1:18:27.879 that kind of remark you're no longer couldn't find it 1:18:27.879,1:18:32.469 it can also go to Portland numbers in Texas I don't want to count and there's no way to 1:18:32.469,1:18:34.709 call him from a regular telephone 1:18:34.709,1:18:38.040 but in fact when some told him for it to you so 1:18:38.040,1:18:39.119 %uh which is 1:18:39.119,1:18:40.639 what I'm using 1:18:40.639,1:18:42.929 well let me get to 1:18:42.929,1:18:47.960 brought Boris is a service of had for a while it's just the four okay 1:18:47.960,1:18:48.989 sir I was 1:18:48.989,1:18:50.090 I did 1:18:50.090,1:18:51.889 only those boys 1:18:51.889,1:18:56.260 okay does have an incoming calls 1:18:56.260,1:19:00.619 and of course you always get more on that and also I said that number of local number 1:19:00.619,1:19:04.369 in the UK which were inspired Tony Birtley 1:19:04.369,1:19:07.419 on for a very serious sewers some for anything 1:19:07.419,1:19:11.099 you can see there 1:19:11.099,1:19:12.520 and it does 1:19:12.520,1:19:15.090 coming up phone calls 1:19:15.090,1:19:19.900 yes well I just heard plan was recently if they saw 1:19:19.900,1:19:23.190 I'm I have it on this mission here 1:19:23.190,1:19:25.769 it's got I am still has some thoughts 1:19:25.769,1:19:27.239 it's not for us 1:19:27.239,1:19:30.000 but it does have video 1:19:30.000,1:19:33.429 for additional not even to incoming and outgoing calls 1:19:33.429,1:19:36.480 but those are three 1:19:36.480,1:19:39.969 except for incoming board calls 1:19:39.969,1:19:43.789 so that's kind of another thing he can do Cole Porter N 1:19:43.789,1:19:45.599 it does have a voice-mail 1:19:45.599,1:19:49.479 the and why everything here is that it's all a matter of book 1:19:49.479,1:19:54.020 which by the way are in general not integrated with one another so you have to have 1:19:54.020,1:19:56.590 one address 1:19:56.590,1:19:58.849 contacted you want to have happen 1:19:58.849,1:20:01.849 five or six for a and return address book 1:20:01.849,1:20:06.360 and of course I shall I use primarily because then you scream saying 1:20:06.360,1:20:08.280 to know about my mom 1:20:08.280,1:20:12.000 when she has a problem and I don't want to drive up your house 1:20:12.000,1:20:16.300 %uh on by will go into all of these details is the know 1:20:16.300,1:20:19.810 there's almost no immigration on adverse book which is a disaster 1:20:19.810,1:20:22.869 these things overlap in major ways 1:20:22.869,1:20:23.909 I've got it 1:20:23.909,1:20:27.479 a Google voice number now that came forward 1:20:27.479,1:20:31.599 sue my laptop live on the road but it also brings it home 1:20:31.599,1:20:35.299 but I don't have a way to get that UK number 1:20:35.299,1:20:38.269 to follow me around even though I'd like to 1:20:38.269,1:20:41.500 it's like a person getting immigration going 1:20:41.500,1:20:42.719 properly out 1:20:42.719,1:20:44.720 and what you have today is 1:20:44.720,1:20:46.700 in the mind message in 1:20:46.700,1:20:48.229 you have any clothes 1:20:48.229,1:20:49.669 of this 1:20:49.669,1:20:52.889 where they were were around in the day 1:20:52.889,1:20:53.879 don't know 1:20:53.879,1:20:55.250 that's where you know 1:20:55.250,1:20:58.319 Peres would look like that was an original e-mail 1:20:58.319,1:21:00.650 are a real legitimate email address 1:21:00.650,1:21:02.399 yeah 1:21:02.399,1:21:07.110 I didn't forget percent couldn't figure out how to put that in there 1:21:07.110,1:21:08.860 that 1:21:08.860,1:21:10.880 it could be from Texas 1:21:10.880,1:21:14.279 1:21:14.279,1:21:17.330 I I'm going to talk him into it 1:21:17.330,1:21:21.670 some groups who is advertising here if you're interested in the e-mail message in 1:21:21.670,1:21:26.000 the conference on the melody spam is coming up in July and mountain view 1:21:26.000,1:21:29.480 take a look at the web site 1:21:29.480,1:21:36.480 thank you very much and are there any questions 1:21:37.139,1:21:38.820 I answered everything 1:21:38.820,1:21:40.329 a lot of so-called 1:21:40.329,1:21:46.760 you're so long 1:21:46.760,1:21:48.090 okay what is without doubt 1:21:48.090,1:21:51.320 a little early for policy then I will be around 1:21:51.320,1:21:52.599 on the rest of the day 1:21:52.599,1:21:54.960 a few 1:21:54.960,1:22:01.960 what they're asking thing also 1:22:05.650,1:22:06.760 the IRS 1:22:06.760,1:22:11.679 I was not something I was doing I started off with the initial design 1:22:11.679,1:22:12.979 of parents 1:22:12.979,1:22:15.010 how close are slim 1:22:15.010,1:22:16.280 was working on it 1:22:16.280,1:22:18.280 we concluded 1:22:18.280,1:22:19.840 at the company 1:22:19.840,1:22:24.079 that sent a text was not going to be 1:22:24.079,1:22:28.349 significantly better than Postfix and it certainly wasn't going to be ready anytime 1:22:28.349,1:22:29.789 since close as eight 1:22:29.789,1:22:31.520 great voter 1:22:31.520,1:22:33.059 but hes very 1:22:33.059,1:22:35.020 careful 1:22:35.020,1:22:36.219 that means he's not 1:22:36.219,1:22:38.199 really all that clear 1:22:38.199,1:22:41.090 and so we look at it and said 1:22:41.090,1:22:45.840 worth it to us to do this he is remanded 1:22:45.840,1:22:48.300 and there on the line 1:22:48.300,1:22:52.210 I think it's insider and she a one-dot or her 1:22:52.210,1:22:52.980 the 1:22:52.980,1:22:55.820 and ETA one dot org I don't remember 1:22:55.820,1:22:58.610 which and so you can download it but I don't know about 1:22:58.610,1:23:02.510 certainly he's working on that now 1:23:02.510,1:23:06.989 as I just said by the way I'm working on some stuff in Sendmail eight mostly stuff like 1:23:06.989,1:23:11.739 the IRS tensions what I don't know when or if that's going to get released 1:23:11.739,1:23:15.179 why is not a priority for the company right now 1:23:15.179,1:23:16.139 and 1:23:16.139,1:23:20.189 all of them so I'm hoping to do is to a private release outflow 1:23:20.189,1:23:23.230 do not use this under any circumstances 1:23:23.230,1:23:24.869 etc kind of 1:23:24.869,1:23:25.840 release 1:23:25.840,1:23:32.840 but we'll see 1:23:36.409,1:23:43.409 so the question is who owns the market 1:23:54.820,1:23:57.309 that so there's two things there one it is 1:23:57.309,1:23:59.830 don't have any steps on all what 1:23:59.830,1:24:02.109 it's often e-mail servers are using 1:24:02.109,1:24:05.860 that information there used to be some places that 1:24:05.860,1:24:08.079 did and publish it for free 1:24:08.079,1:24:09.460 but they have started 1:24:09.460,1:24:10.320 charging money for it 1:24:10.320,1:24:12.670 a lot of money for 1:24:12.670,1:24:13.650 and I'm so 1:24:13.650,1:24:19.800 so I don't have anything really recent but from what I can determine piecing together 1:24:19.800,1:24:22.750 on Sendmail is still the largest 1:24:22.750,1:24:25.690 and she a in terms of America 1:24:25.690,1:24:28.449 numbers out there are leave of 1:24:28.449,1:24:30.460 Microsoft number two 1:24:30.460,1:24:32.239 what is 1:24:32.239,1:24:33.980 senate although it is a problem 1:24:33.980,1:24:35.210 thirty percent 1:24:35.210,1:24:39.219 something like that in my interest also around 1:24:39.219,1:24:39.720 of 1:24:39.720,1:24:42.739 maybe twenty percent of that everyone else breaks up the 1:24:42.739,1:24:45.029 fifty percent so 1:24:45.029,1:24:47.070 on the other hand but 1:24:47.070,1:24:48.919 I'm afraid that's 1:24:48.919,1:24:52.350 speculative speculation and tribulations 1:24:52.350,1:24:53.350 %um 1:24:53.350,1:24:56.599 the second question is can we use in essence you're doing 1:24:56.599,1:24:59.729 well we're just MTV's to improve the situation 1:24:59.729,1:25:02.709 yes I'd love to do that 1:25:02.709,1:25:07.319 there was a time when that would have been easier for me when 1:25:07.319,1:25:12.029 when really seventy percent of the network according to send mail and they mostly upgraded 1:25:12.029,1:25:13.840 fairly quickly 1:25:13.840,1:25:17.860 I no longer have that kind of leverage 1:25:17.860,1:25:22.530 people have gotten much more reluctant to upgrade the rail sir 1:25:22.530,1:25:26.099 now I can't talk the visa into doing it too 1:25:26.099,1:25:28.380 then we might actually have something 1:25:28.380,1:25:35.380 we were in a state like Utah Microsoft int doing it yeah that's likely 1:25:37.010,1:25:39.489 the window of opportunity could be close 1:25:39.489,1:25:41.889 and once again I would love to do that 1:25:41.889,1:25:44.050 but he is just not 1:25:44.050,1:25:47.739 I I I do work for commercial companies not 1:25:47.739,1:25:51.949 reasonable for them to pay me to do that right now it's not a priority 1:25:51.949,1:25:54.260 and so I can't do it on my own 1:25:54.260,1:25:56.190 that would like 1:25:56.190,1:26:00.500 I am doing some stuff on my own but there are limits to what I can do a very old and 1:26:00.500,1:26:02.709 I was twenty five years ago 1:26:02.709,1:26:05.829 so that and can no longer pull those all nighters 1:26:05.829,1:26:09.109 every night for a week 1:26:09.109,1:26:16.109 any other questions 1:26:16.859,1:26:20.900 silence all right 1:26:20.900,1:26:21.480 thank you very much