On June 21, 2003 at 23:45 waltdnes(_at_)waltdnes(_dot_)org (Walter Dnes) wrote:
On Fri, Jun 20, 2003 at 07:33:49PM -0400, Barry Shein wrote
Some of the more notorious black lists actively scanned the net
with software for systems which fit their notion of "open relays"
and would add these to the net as a hazard.
Now, would it be possible to scan similarly for systems infected
with Jeem or one of the other spammer slave bugs?
This would have to be at least partially a legislative solution.
Let's just say that anybody scanning large portions of the net raises
eyebrows, and is reason for termination at many ISPs.
I see, now we've progressed from objection to purely legal solutions
to objection to any technical solution which conceivably could be used
in a way which might be considered illegal?
So, tell me, since I'm describing behavior which has been going on for
years, not hypothetical, exactly how many of those blacklist operators
have been charged with any crime? Convicted?
Ok, we'll make it easier, name one (other than that jerk in New
Zealand who got in legal trouble for blacklisting his phone company in
an attempt to get them to lower his bill.)
Put more constructively: Given a good and effective technical
solution, as the expression goes, the world (the big round one) might
just beat a path to your door. It's too restrictive to begin to
speculate that some technical solution might be considered illegal by
someone, somewhere, consider how many countries there are in the
world!
I counter-propose that shooting down a technical solution based on
purely legal objections is outside the scope of this group's charter.
But more specifically, if someone had a good virus-scanner/detector
that was relatively harmless (other than to spammers) it wouldn't be
hard to imagine (speaking as an ISP) that ISPs might include use of it
in their AUP and companies, universities, etc. might employ it
internally.
So the question is not whether a technical soln might be used
illegally, the question is whether a proposed solution might be used
LEGALLY.
I can pound you with a baseball bat, but that's not a very good
argument for making baseball illegal.
What would we do with that information?
That's probably not necessary to answer, unless someone doubts
anything good could be done. But, for example, inform the owner,
an ISP might quarantine or mail rate-limit a known infected computer
until it's fixed, block it entirely (from mail, from everything), etc.
From postings I've seen on nanae (news.admin.net-abuse.email), when
some large outfits are provided with headers of virus emails day-in,
day-out from certain IP addresses, they don't seem very active in
getting the customer off the net.
They're overwhelmed.
I can tell you, it's a royal pain in the ass here.
Particularly when it's nothing but a $$$ subsidy of Microsoft because
they find it more profitable to ship virus-vulnerable operating
systems.
At this point in time MS is making many millions of dollars off of not
fixing their operating systems, and that millions of dollars is not
coming out of thin air, it's coming out of the pockets of anyone who
has ever had a cost effect from a virus-infected computer, including
now the entire net being deluged with spam.
The technology to make virus infection next to impossible (as
evidenced by readily available OS's which are immune to them) has been
around for decades.
MS has now continued to profit from this problem on their newest OS
releases (e.g., XP is vulnerable to Jeem, sobig.a, Proxy-Guzu, etc.)
Maybe we should also issue an RFC that simply says that the days of
computer, including personal and desktop computer, operating systems
being vulnerable to viruses (within some problem definition) should
have been over years ago via widely distributed and well-known
techniques utilized in highly successful and comparable operating
systems software.
An RFC means nothing if it isn't enforced. You almost need an
"internet driver's licence" or a "Killer-V" to get the problems off the
net.
Wait a minute, there have been over 3000 RFC's issued.
Do you mean to tell us they all mean nothing?
Hmm, why are we here? What do you imagine the product of this group
likely to be?
--
-Barry Shein
Software Tool & Die | bzs(_at_)TheWorld(_dot_)com |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
The World | Public Access Internet | Since 1989 *oo*
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg