funsec mailing list archives

Re: Renesys on 'Internet Vigilantism'

From: Rich Kulawiec <rsk () gsp org>
Date: Sat, 27 Sep 2008 15:58:22 -0400

On Thu, Sep 25, 2008 at 03:43:21PM +1200, Nick FitzGerald wrote:

I'm not so sure why (some) folks are upset by the idea of "regulating" 
the Internet via "vigilantism".


Because either (a) they don't their history or (b) they're concerned
that they're going to be next.

Back in the day, one of the reasons we didn't have these problems (much)
was that everyone was well aware that bad actors would not be tolerated
for long.  We've gotten far too tolerant, far too accepting of flimsy
excuses and transparent lies.  We spend way too much time and money
trying to craft ever-more-complex defenses to ever-more-ingenious forms
of abuse when the simple, correct answer is staring us in the face: cut
off the abusers, permanently.  (As I've pointed out elsewhere, there are
thus far zero recorded cases in human history of ex-spammers.  There is
therefore no reason to give any known spammer/spammer organization a
second chance.)

So we've had a reasonably workable solution to the spam situation in our
hands for decades.  The problem is that we're (for the most part) not willing
to use it.   (Yes, I _know_ it's not a perfect solution, but I'll settle
for "reasonable workable" and taking a big bite out of the problem,
thereby reducing the scope of what's left.  I'll also argue that had we
generously applied it a long time ago, the problem today would be merely
a minor annoyance rather than a serious issue.)


Now, in re the term "vigilante": I'll assert that it's impossible for
any defensive measure to be any kind of "vigilantism".  If I refuse
email, or packets, that's not vigilantism -- it's merely self-defense,
or to put it another way, the end of active cooperation with abuse and
the beginning of passive resistance.

We need to smack down -- hard -- anyone using this term in re actions
like the recent cutoff of Atrivo.  Nobody did anything *to* them, it's
just that folks stopped doing things *for* them. 

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Renesys on 'Internet Vigilantism' Paul Ferguson (Sep 24)
- Re: Renesys on 'Internet Vigilantism' Rich Kulawiec (Sep 24)
  - Re: Renesys on 'Internet Vigilantism' Paul Ferguson (Sep 24)
    - Re: Renesys on 'Internet Vigilantism' Gadi Evron (Sep 24)
    - Re: Renesys on 'Internet Vigilantism' Larry Seltzer (Sep 24)
    - Re: Renesys on 'Internet Vigilantism' Nick FitzGerald (Sep 24)
    - Re: Renesys on 'Internet Vigilantism' Rich Kulawiec (Sep 27)
    - Re: Renesys on 'Internet Vigilantism' Nick FitzGerald (Sep 27)
    - Re: Renesys on 'Internet Vigilantism' Paul Ferguson (Sep 24)
    - Re: Renesys on 'Internet Vigilantism' John C. A. Bambenek, GCIH, CISSP (Sep 25)
  - Re: Renesys on 'Internet Vigilantism' Gadi Evron (Sep 24)