<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: Another sad proof of why the industry can't handle the UCE issue


> e.g.1: As an academic ISP, I insist on having contact emails for my
> customers; I insist on being allowed to contact them individually or
> en masse with serious network issues.

Customers expect this and give certain email addresses for this purpose. 
Its your responsibility as an ISP (vendor) to create the right channels to
disemminate information to the right people.  If I would allow our product
managers to throw marketing stuff about new services on our security
contacts mailinglists I think we would get some pretty nasty responses ;). 
But: our customers are all here in Holland, so a call is easily made.  All
the angry responses of customers would only result to something because we
do care what customers say.  Companies like microsoft are to big to actually
care about one customer more or less.

> e.g.2: A while ago an important FTP server was hacked (can't remember
> which) and in the day or so it was compromised several dozen people
the tue distribiton site of tcpwrapper?

> downloaded a backdoored version of the software there. The maintainer
> contacted the people who left their email addresses to let them know
> what happened - and, unbelievably, got spam complaints.

Hmm.  That's a tough one.  Only: they did not say: opt out.  That makes a
difference.

 
> I like things the way they are now, for this issue at least. Each company
> should be allowed to use its discretion on what constitutes a serious
> customer matter. If they abuse that, or if marketingspeak is allowed creep
> into their "important security announcements", they'll be RBLed in no
> time flat.

I think I need to rethink my position for a while.

Jan

-- 
alive=true




<<< Chronological >>> Author    Subject <<< Threads >>>