This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] Spam FAQs need revision, was 2011-06 New Policy

Previous message (by thread): [anti-abuse-wg] Spam FAQs need revision, was 2011-06 New Policy
Next message (by thread): [anti-abuse-wg] Spam FAQs need revision, was 2011-06 New Policy

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

russ at consumer.net russ at consumer.net
Mon Dec 19 10:00:52 CET 2011

 >The risk of being able to identify an individual starting with an IP 
address listed in a black list is very small, and the impact very small,
 >but the benefits from publishing them should be very clear.

Your discussion and the associated paper implies that the list 
operator/security personnel are always right because they are protecting 
the Internet.  It implies their mission is more important than any other 
issue that someone may have.   "It should be very clear" implies that if 
you have another opinion then there must be something wrong with you.  
This is the attitude many of those involved in abuse have and I am 
trying to point out that there are problems with such a position.  It 
gives people involved in abuse the idea that they don't have to answer 
to anyone or abide by the same rules as everyone else.

If the list is run poorly the impact can be tremendous.  Both Cisco and 
Microsoft both currently run blacklists that generate all sorts of 
complaints.  They often won't tell people why they were put on the 
lists.   Even when they remove someone people report the staff is 
arrogant and accusatory.  They assume anyone on the list is guilty and 
it up to them to prove otherwise.  the complaints say sometimes they 
don't remove false alarms for months.  Another guy in Australia running 
a blacklist used to demand "donations" to get removed and if he got into 
an argument with someone he would add them to the list.  (On top of that 
he used to register for free DNS services and crash them by uploading 
his blacklist).  Many in abuse do not think twice about advising ISP's 
to do deep packet inspection to find abuse and malware without ever 
considering the ISP's marketing department will use the system for other 
purposes.  The people involved in privacy are the same way.   They often 
don't consider the security implications of keeping everything private.

No, I do not agree that ignoring or minimizing the privacy issues is 
justified because of the benefits.  The blacklists of today are much 
like the early days of credit reporting when there were no clear rules 
and people could not get mistakes fixes.  The blacklist operators should 
promote these protections to improve their products rather than looking 
for excuses to avoid them.

Thank You

Previous message (by thread): [anti-abuse-wg] Spam FAQs need revision, was 2011-06 New Policy
Next message (by thread): [anti-abuse-wg] Spam FAQs need revision, was 2011-06 New Policy

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]