Thankyou for your comments. My comments are in the body of the message
below. This post refers to the 'GIEIS' system cueently at version 0.002.
An update to version 0.003 will be carried out in the next few days.
'GIEIS' has an extensive list of systems to be added and they will appear as
soon as the documentation can be written.
The 'GIEIS' system can be viewed here at:
http://homepage.ntlworld.com/giza.necropolis
Please note, heavy sarcasm area, please wear your sense of humor.
Mark McCarron.
Message: 5
From: "Hondin de Goot" <hondin(_dot_)degoot(_at_)programmer(_dot_)net>
To: asrg(_at_)ietf(_dot_)org
Date: Thu, 03 Jul 2003 09:42:31 -0500
Subject: Re: [Asrg] 'GIEIS' - The Fourth Response
Mark McCarron responded:
> > Why not actually join the debate on 'GIEIS' instead of posting
> > subject matters that have nothing to do with this group?
>
> OK:
>
> Mark's Response:
>
> Thankyou.
And - just for you - a final final followup:
> The only reason why "spam" is a TECHNICAL NETWORKING
> problem is because it is almost cost-free to the SENDER.
>
> Mark's Response:
>
> This is not entirely accurate. Spam is the direct result in failures
> of design in the SMTP protocol.
You hope.
Mark's Response:
I know.
It is entirely accurate: spam is FACILITATED by the lack of
adequate financial tracking mechanisms within either the TCP/IP or
SMTP packet/header structures, an omission presumably arising from
the fact that the designers were as remote from an understanding of
economics as it exists in the actual marketplace as you are, but it
is not otherwise causually related to the design of SMTP.
Mark's Response:
No, that is not accurate. The main problem behind spam is the SMTP protocol
and the fact that a server can be set up anywhere to tranmit emails.
'GIEIS' is designed to put in place these tracking measurements and limit
email tranmission points. Also, no matter what was contained in the
packet/header structures, a protocol alone cannot secure data
communications. In reference to your claim about my lack of understanding
of economics let me refer you to this website:
http://www.noie.gov.au/publications/NOIE/spam/final_report/what.htm
This site from the Austrialian government cites a figure of 10 Billion euro
as the cost to global business each year directly due to spam. 'GIEIS'
would bring this figure to virtually zero. Even if 'GIEIS' aborbed $5-$8
Billion (not that it ever would) it will would still make the industry a
profit of $2-$5 Billion per year.
These subjects are not just causually related, they have direct bearing on
each other.
Had usable financial tracking mechanisms existed, both you and the
spammers would - everyday business being what it is - be paying for the
electronic mail you send exactly as you pay for the telephone calls you
make, often over the same packet switched networks (and as was the case
with GTE Telemail, etc, prior to the deployment of Internet technology)
and spam would not be the technical networking problem it is.
Mark's Response:
Nonsense. Business would be saving so much money and generating new
business that costs would infact drop and the end customers would be better
off. Nobody wants to charge the end user for email and because spammers can
exploit the weakness of the SMTP protocol itself, it wouldn't be effective
anyway and only hurt end customers. It is explicitly a technical networking
issue and only a system such as 'GIEIS' can address that.
Telephone marketing is a significant social problem as the recent
takeup of the new optout facility in the USA has demonstrated, but
it is not a technical networking problem because it is regulated
by caller charges.
Mark's Response:
I understand your point, however, it is the fault of the exploitation of the
SMTP protocol nothing else. Anyone can setup a server and transmit email.
The only reason why spam is a technical networking problem is because
it costs asses nothing to relieve themselves.
Mark Response:
True in a sense, however, that is assisted by the structure of SMTP.
> (1) In the short to medium term
>
> Devise a method of reasonably reliably identifying bulk spam,
> UCE or UBE and levying a charge on the senders (via any of their
> upstream carriers, financial pain having the properties that it
> does) which approaches that of any other method of commercial
> or non-private bulk message delivery and most of the TECHNICAL
> NETWORKING problems associated with spam - which are almost
> entirely due intractable volumes of traffic - would rapidly
> disappear.
>
> Mark's Response:
>
> The problem with this suggestion is that spammers are difficult to
> trace and even when traced there lacks the proper legal frameworks
> to do much about it.
Spammers are only difficult to trace because there has been, until
recently, little incentive to trace them and no sanctions placed
on any injection points (which certainly can do most of the
necessary tracing if well configured) for failure to do so.
Mark's Response:
No. The Internet crosses many legal boundries across the planet. With
anonymous connections such as those by proxy (SOCKS, HTTP, etc) and those by
extensive proxy chains, simply back-tracing a tranmission is a legal
nightmare. Imagine attempting to get server logs from 40 or 50 different
countries and then not even being guarenteed that the culprit is still there
at the end of it all. 'GIEIS' would eliminate the need for all of this.
As I was suggesting an industry solution based on current methodology,
why are you rabbitting on about legal frameworks for any other reason
than, because of basic lack of knowledge about the actual operation of
the Internet business, you have not even begun to grasp what I wrote?
Mark's Response:
Legal frameworks are an important aspect behind the fight against spam.
They are not consistant the throughout the globe. That is why 'GIEIS' is
being structured in such a manner as to bring about a unified point of trust
on the web that everyone can refer to. I'll admit it is difficult to
understand your posts, you do tend to wander a bit.
The reason why mixed-ability classes proceed so slowly is because the
speed of understanding is limited by the slowness of the dumbest or
least knowedgeable student. Every detail must be (re)explained.
Shorthand discussion based on prior knowledge from earlier classes
and shared experience is unavailable.
Mark's Response:
Thanks for the info. See what I mean about you wandering at times?
> Spam is a direct result of a basic topology flaw of the internet.
What you refer to as a basic topology flaw is the sole reason why
why have the Internet now and not ISO-OSInet RSN. The Internet has
flourished, and every day continues to maintain connectivity, only
because of its most basic and overarching technical design principle,
one which is so fundamentally undermined by every single aspect of
your ever-expanding solipsism that it is clear you have not grasped
even the shadow of an understanding of it. Your ignorance is profound.
Mark's Response:
Nonsense. In the early stages of Internet development this would have been
true, however, certainly not now that it is established. Terrabytes of junk
and harmful material is tranmitted everyday, 'GIEIS' would eliminate that.
Changing the architecture of the Internet is not a big a task as you may
think. So, over the course of a few years a few computers in each building
are moved and new software installed. Hold on, that's really funny, it
almost sounds exactly like what goes on in any IS/IT department everyday
(note the sarcasm).
> A reformulation of the SMTP protocol and implementation to the market
> place could be completed within 3 years. [...] You practically have
> a step by step guide with 'GIEIS'.
Does the vowel in "GIEIS" rhyme with "fleece" or with "scheisse"? Or
is it a diphthong, combining both?
Mark's Response:
Its pronounced 'guy-is'. So the answer is neither.
> With a sheet of paper, a pen, a postage stamp, an envelope
> and a public mail box it is possible to send an anonymous
> letter, lawful or otherwise, on any subject, to any person,
> institution or business behind a physical mail box. [...]
>
> I think you are forgeting another aspect of email, that is, it can be
> encrypted. Just because they can identfy which account the information
> came from, does not mean they can read its contents.
It is clear that I am remembering a great deal more about the nature of
anonymity than you have ever learned. Just what, however is for me and
many others reading here to know and you to find out.
Mark's Response:
You will still be able to set up anonymous accounts such as Hotmail, Yahoo
and Lycos, etc. You just won't be able to spam from them or send offensive
materials. Not a bad deal.
> This is how current anti-spam systems work and I do not see any mass
> public outcry about it.
What anti-spam systems? When I look around my MTA, I see no anti-spam
systems, and were I to discover that the nice people who handle my MX
when the network here is down were to have instituted any on my behalf,
I would have their guts for a Beethoven sonata.
Mark's Response:
The main internet backbone is crawling with anti-spam filter software. All
of it is based on heuristics. Heuristics is just an automated set of rules
that will identify potential targets based on given criteria. Also, for
those who handle your MX, I really don't think they would care about your
opinion unless you wanted to pay the bill for the extra traffic.
> Also, as I have pointed out before, governments across the world
> have super-computers dedicated to surveillance.
Governments we have to live with. Many ego-driven simpletons,
eminently corruptible in their arrogance, we are still able to avoid.
Mark's Response:
Still haven't seen any demonstration of how to break the system...
> It is worth addressing. A port scan only tests for basic security and
> access to a system. It is hardly a physical assault, also, coming from
> a trusted domain everyone would be quite aware it was not a breach
> attempt on their systems. Since these scans would be sent clear text
> across the web
^^^
Uh huh.
Marks Response:
Uh huh.
> Although Usenet is now largely (but, even yet, by any means
/
Sorry, missed a "not" -----------------------------
> entirely) transported via NNTP, it is no part of the remit
of a TECHNICAL NETWORKING group, only loosely associated with
only one of its transmission protocols, to attempt to control
its content in any way other than from within Usenet's own
already well-established and effective control structures.
> It is part of this remit. The remit of this group relates to spam, not
> specific protocols. Spam is an issue that affects the NNTP protocol s
> well. NNTP has the same flaws in security as SMTP.
You seem to have a difficulty, perhaps dyslexic in nature, with the
differences between the SMTP and NNTP protocols. Let me give you a
clue: it is signalled in the first two letters of each acronym. But,
admittedly, that is only a detail given that you clearly have no idea
of the far more fundamental difference between Usenet and NNTP.
Mark's Response:
No I don't. Both protocols are to be replaced with a single common
protocol. Other protocols may be absorbed too.
> Newsgroups are flooded with spam, Usenet's current procedures have
> proved ineffective.
If newsgroups are flooded with spam then that indicates only a
lack of interest in using its well-established and effective
control structures to prevent such.
Mark's Response:
Nonsense again. They are unable to filter the spam. If they could they
would. 'GIEIS' would stop spam to all forms of newgroups on a global basis.
> 'GIEIS' would only assist with companies establsihing credibility
> on the internet. All companys would have to be 'GIEIS' registered
> and that requires being a legitimate registered company. 'GIEIS'
> under the 'CAA' system (details will be released in the next few
> days) would be able to retrieve company information, past complaints,
> and a complaints procedure system. Another feature of the system, is
> that it would be able to confirm emails were sent by employees from
> any company.
>
> 'CAA' will be part of the 'Internet Better Business Guild' that will
> be lead by 'GIEIS'. All companies that pass 'GIEIS' checks will be
> awarded a reference number. This will also take the form of a link
> that will appear in a small graphic on their website. This will lead
> directly to 'GIEIS' online reporting system and list extensive details
> on the company including previous complaints and resolutions with
> customers.
>
> This would virtually eliminate fraudulent business on the Internet.
On the one hand, you really are full of crap, but on the other, I have
to admit that you have an impressive knowledge of how to pile it high.
Mark's Response:
Then please post your method of how to bypass 'GIEIS'.
> Now, where's that unsubscribe button? Ah, here i
>
Mark's Response:
Must be broken :)
>
> Mark's Response:
>
> That is one way of putting it, but I don't see anything here that
> demonstrates that you are able to bypass my system.
>
> Mark McCarron.
>
> _________________________________________________________________
> On the move? Get Hotmail on your mobile phone
Sorry, I don't have a mobile phone. Now let's try that button aga
Mark's Response:
See you avoided the big question. No mobile, is that because 'they' are
tracking you?
Mark McCarron.
_________________________________________________________________
Tired of 56k? Get a FREE BT Broadband connection
http://www.msn.co.uk/specials/btbroadband
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg