funsec mailing list archives

Re: How's this for fun?

From: "Dr. Neal Krawetz" <hf () hackerfactor com>
Date: Wed, 26 Oct 2005 13:50:53 -0600 (MDT)

On Wed Oct 26 09:42:29 2005, Paul Vixie wrote:


# Spam generated by zombie PCs seems like a form of Internet pollution to me.

spam, period, is a form of internet pollution.  we made this point, and in
particular michael rathbun wrote a great piece about the "chemical polluter
business model" which fell on deaf ears.


I'm going to have to disagree here, on many levels.

First, spam is a symptom of a bigger problem: email has no security.
Then again, SMTP was never designed for security, so this isn't a "flaw".
(Flaws, like bugs, require a foundation.  This is an intentional oversight
since there is no foundation -- and the RFC even said so.)

Email has grown into many uses that it was never intended for.  Spam is
just one example of how email is used beyond the original design.
As such, there is nothing wrong with spam -- the fault lies in your
intended usage of email.  Your use model should match the model that
was used for SMTP, not the other way around.

Second, and more importantly: Without spam, where would I get my viagra?
And I'd never meet people like Mary B., who gave me a great stock tip,
and Rev. Nigel Toma from Nigeria (we're working on a secret deal but don't
tell anyone!).

# What's unreasonable about ISPs stopping pollution going out their pipes?

collateral damage is considered immoral where access to a utility is involved.
i don't like it but that's how it is generally seen.


I agree here -- causing intentional damage is offensive.
But immoral?  Not necessarily.
I have Comcast (don't hate me) and had to accept their terms and conditions
which includes their ability to protect me from the evil Internet.

Then again, I didn't notice the outage.  I don't know anyone that uses
AOL or MSN.

Finally, who says that this was intentional?
Comcast uses a SBL.  The blockage could have come from a vigilante SBL
rather than Comcast.  Or it could have been a routing error (they do
optimize their routing tables -- one wrong byte can really screw things up).

                                        -Neal
--
Neal "I read all my spam" Krawetz, Ph.D.
Hacker Factor Solutions
http://www.hackerfactor.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

How's this for fun? Fergie (Oct 25)
- <Possible follow-ups>
- RE: How's this for fun? Blanchard_Michael (Oct 26)
  - RE: How's this for fun? Richard M. Smith (Oct 26)
    - Re: How's this for fun? Paul Vixie (Oct 26)
    - Re: How's this for fun? Dr. Neal Krawetz (Oct 26)
- RE: How's this for fun? Discini, Sonny (Oct 26)
- RE: How's this for fun? Fergie (Oct 26)
  - RE: How's this for fun? Larry Seltzer (Oct 26)
    - Re: How's this for fun? John Payne (Oct 27)
    - RE: How's this for fun? Larry Seltzer (Oct 27)
    - Re: How's this for fun? John Payne (Oct 27)
  - RE: How's this for fun? Richard M. Smith (Oct 26)
    - RE: How's this for fun? Aditya Deshmukh (Oct 27)
    - RE: How's this for fun? Larry Seltzer (Oct 27)
- RE: How's this for fun? Fergie (Oct 26)

(Thread continues...)