Security Incidents mailing list archives
RE: A question for the list...
From: ktabic <lists () ktabic co uk>
Date: 29 May 2003 09:31:00 +0000
On Wed, 2003-05-28 at 00:54, Jonathan A. Zdziarski wrote:
I have isolate the item above since it contains the gist of your question. My personal feeling is that sooner or later the owners of the mis-managed devices in question will be held to the legal definition of negligence which covers the "failure to take safe guards used by a reasonable and prudent individual".The problem here is that spam cannot be looked at in the realms of network management any more than hackers can. Spammers are nomads who travel from network to network to perform their actions, making their money and then leaving their equipment. Hacking is illegal, but it still happens. Outlawing spam will #1 only affect people inside the US, and #2 while it may put a few irresponsible individuals in jail, will ultimately will have the same effect as anti-hacker laws have on hackers. There are a number of different ways to combat spam, with the most ineffective functioning at the network layer and the most effective at the presentation and application layer. IMHO the only real way to combat spam is by the content iself, and there are a few very effective tools that work on this level.
Well, the single biggest spammer is in America, so it will apply to him. Now bearing in mind, the vast majority of spam is sent from about 20 people, you don't need to stop that many to stop the flood. There is already anti-spam laws in the EU, so if the US also creates an anti-spam law, it means that: a) EU and the US can work together to stop the flow of spam from both the EU and the US. b) Other countries can introduce anti-spam laws that and can also then work with the EU and the US, in applying a legal response to a problem that affects everyone on the 'Net. The lawyers and the judges can't stop this themselves, and neither can the network/system admins. The two parts have to work together on this problem, since it is not purely a legal problem or purely a technical problem. The real question about an anti-spam law is can it be used againist an American or European who is operating from (US/EU) but is using servers in outer Mongolia to distribute spam. ktabic -- Woot! (It's early) ---------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: A question for the list..., (continued)
- Re: A question for the list... Kevin Reardon (May 22)
- Re: A question for the list... Brian Finn (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Brian Finn (May 22)
- RE: A question for the list... King, Brian (May 22)
- Re: A question for the list... Kevin Reardon (May 23)
- Re: A question for the list... Stephen P. Berry (May 23)
- Re: A question for the list... Jimi Thompson (May 23)
- Re: A question for the list... Chip Mefford (May 26)
- Re: A question for the list... Ray Stirbei (May 27)
- RE: A question for the list... Jonathan A. Zdziarski (May 28)
- RE: A question for the list... ktabic (May 29)
- RE: A question for the list... Rob Shein (May 29)
- RE: A question for the list... Russell Harding (May 30)
- RE: A question for the list... Russell Harding (May 30)
- Re: A question for the list... Chip Mefford (May 26)
- Re: A question for the list... Kevin Reardon (May 22)
- Re: A question for the list... Jeff (May 29)
- RE: A question for the list... Jonathan A. Zdziarski (May 29)