It’s gonna be interesting to see how well they’re gonna do indeed. Because it can go both ways, sometimes too much data can also be a negative thing.
I’m curious how they’re gonna catch false positives in reality, if they expect people to report them, or will allow some kind of feedback mechanism. Which, we know from Hotmail/gmail etc sometimes cause legitimate emails to end up in spam because people have a very.. interesting idea on what’s spam and what isn’t ????
And yeah trust is a big one.. So is FISA702.
From: Jared Hall <firstname.lastname@example.org>
Date: Monday, 27 September 2021 at 21.32
To: "email@example.com" <firstname.lastname@example.org>
Subject: Re: Cloudflare Is Taking a Shot at Email Security
On 9/27/2021 12:24 PM, Brent Clark wrote:
Good day Guy
I came across this (via slashdot). https://www.wired.com/story/cloudflare-taking-a-shot-at-email-security/
What I did like the most was the statement:
“We think of customer data as a toxic asset. We don’t have a business around advertising, we don’t sell customer data,” he says. “We have privacy certifications and do external audits of our systems. But, yeah, we have to earn our customers' trust everyday."
Data IS a toxic asset. It makes the job harder, but it is sage advice.
Even Cloudflare can only go so far with signature detection. They do have the advantage of scale. Others, like many here, have the advantage of responsiveness.
-- Jared Hall