Slashdot Mirror
@Home Gets the Usenet Death Penalty
A reader wrote to us with the news that an UDP has been declared on @Home in news.admin.announce.
You can read it on Deja.com for the full post. Interesting - let's see how long it takes @Home to respond to the UDP. Usually, this gets people attention pretty quickly, and I'll welcome any sort of respite from the spam flood of the last couple months. The penalty is due to begin 17:00 PST, Jan. 18, 2000.
This is an interesting phenomenon - USENET has no central authority and no control centre, so if the UDP has the desired effect, then it's an example of anarchism actually working (for once; note - I'm not in any way an anarchist). It's also support for what your mother told you about bullies and annoying brothers and sisters - "ignore them and they'll get fed up and stop it". Thanks, mum!
ben_ the technologist and platform agnostic
UDP Faq .sig: File not found.
That's the faq for the UDP.
ls:
ls:
(A)bort, (R)etry, (I)gnore?
This may sound heavy handed, but from my experience (5 years as an anti-spammer now) the anti-spammers involved make every effort to contact the offending ISP and help them secure their news servers, report abusive users to them, etc. In essence, a UDP is something of last resort.
It should also be noted that this isn't some small cabal (TINC) of people trying to censor others, as participation in a UDP is voluntary. All you need to do to not participate is alias NNTP traffic with the "udpcancel" site in the path. Often however, the benefits of a UDP outweigh the disadvantages, and the UDPed site cleans up their act rather quickly.
Hope this helps.
This is the sort of thing I like to see. As someone else stated, it's comparable to anarchy working.
:) It's just not the same in my book).
I like the idea of people/organizations fending for themselves on the internet. The last thing we need is any government intervening and trying to enforce it. Anarchy may not be suitable for real life, but I think the general concept is perfect for the Internet where the real laws lie in the software. For example, when someone tries to break into your box, you shouldn't call the cops - you should make sure your box is secure and defend yourself. If you're incapable, then buy software to assist you. (note: Please, nobody make analogies comparing this to some crime in real life
Here is a better link to the article in question: Keeps from /. 'ing one server.
I'm a disgruntled @home user, or in other words, I've been on the service for more than three months. No one at @home takes proper measures to inforce the acceptable use policy. Instead, they cap bandwidth at 5k a second to make their ISP a less viable 'server', inconveniencing every user.
@home costs $65 a month Canadian, and they cut corners everywhere they can. My personal WAN area has between 32 and 40 people on it, and the packet drops are phenomenal. I have been phoning their tech support for thirteen months in a row, and they have told me it's everything BUT a crowded WAN area. They most recently have told me that 'Internet Access' does not include UDP. They do not support UDP, therefore they have no responsibility to control the quality of Internet gaming, despite advertising gaming on their network on television with fullscreen Quake pictures. I have been keeping track and am wondering about the viability of a lawsuit.
As I hinted above, servers are against the rules with @home. Have you ever played on a Quake server with an IP starting with 24.113 or 24.112? That's @home cable. Expect 5 to 50k/s upstreams.
Ever gone to a mp3 search engine? A ton of the sites are 24.113 or 24.112.
@home has been banned from Dalnet, due to excessive numbers of people spamming the network. The Dalnet ops have tried to contact @home about the problem, but they were ignored. The only way to connect to Dalnet for @home members is through gate.dal.net, which has too much lag. My two year old channel dwindled to zero people within a week.
The bottom line is, do NOT sign up with @home if there are any other alternatives. They will hook you in with a high installation fee, and it goes downhill from there. You're on your own. Everyone who has any sense of right and has power at @home must be ignored internally.
You need patience, of course, to wade through junk posts, as well as the self-imposed week or so of lurking before posting rule. You need to find resources in the group, as most good NGs have FAQs about what and what not to ask. And you need to realize that reply times from USENet are much slower than other possible methods (IRC, web boards), but generally are going out to a much wider audience and will have a better chance to be answered correctly.
A newsreader with a killfile in today's USENET is a must. You also would like one with good filters that can rank messages based on subject or author. This helps highlight what you're interested in rather than wading through the rest.
But more importantly than the above is having a strong newsgroup to participate in. It takes a while for a ng to develop it's community, but once it's in place, most are pretty good. Examples that I read include comp.infosystems.www.authoring.html, rec.arts.tv.mst3k.misc, and rec.games.roguelike.nethack/.adom. On the other hand, if there is no clear leadership/common posters, or the like, or the subject matter is of the right type, you get groups that are mostly organized anarchy: alt.html, alt.tv.simpsons, alt.games.half-life, etc.
But in generally, most of the non-alt groups will be good; the regulars are knowledgable and will try to answer a well-worded question to the best of their ability.
Unfortunately, USENET is really only practical for those with T1 connections or shell accounts with their newsreader - most groups get 100+ messages a day, and if you wanted to read all the messages with a standard dialin and newsreader, it could easily take 10 minutes per newsgroup per day to download that information. That's why web discussion boards have gained popularity. However, IMO, it will not replace the quality of help I generally get from USENET.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
I agree that to "call the cops" is overall a pretty useless thing to do if someone tries to break into your system.
... see what happens. Keep abreast of the newest script-kiddie fads and they won't surprise you.
However, the right answer to security isn't to "buy software" either. As Bruce Schneier is fond of pointing out, security is not a checklist feature: it's not something that can be slapped onto the side of a fundamentally poorly-designed system.
"Poorly-designed" here refers not only to the software and other instrumentality, but also to your administrative methodology. Administrative methodology has to do with the things you do as routine system upkeep. Do you monitor security-related mailing lists (CERT-CC, BugTraq)? When setting up a new system, do you close unneeded services? Do you make a habit of knowing everything that should be running on your system, and noticing when things that shouldn't be there appear? Do you run security audits against your system? Do you regularly check for security updates to your software and install them?
My new favorite security procedure: Go to a script-kiddie Web site, download some k00l t00lz (cracking tools, DoS utilities, etc.) and wield them against your own system (over your own network)
Security is a way of thinking -- some would say a way of life. It's not something you can just buy a program to install.
According to the FAQ that one gentleman posted, UUnet got this in 1997, and threatened legal action. That was stupid, infeasible, and generally clueless, and was laughed out in short order. However, the internet was not really Big Business then, with Big Pockets and Stupid Corporate Lawyers (tm). How stupid is @Home? Might they try a lawsuit? Yes, it would kill them and not work anyway, but stupidity knows few bounds...
Communication is only possible between equals
...you clearly did NOT read the original declaration of an impending UDP. Things were qualified rather carefully, and in particular, a listing of the 100 news servers that were the origin of the most spam to usenet was listed.
/dev/null.
EVERY DAMN ONE OF THEM WAS AN @HOME NEWS SERVER.
The AUP Enforcement department for @Home has had their thumbs stuffed up their asses for long enough. The throw the book at anyone who dares have a web server showing the default Apache page on it, but never do a damn thing about open relays, which are a much bigger threat. The reasoning seems to be that open relays aren't a bandwidth muncher, but a web site that gets twelve hits a month is.
In all honesty, they'll probably ignore this UDP since the summary cancellations will mean they will no longer have to forward so many complaints about Usenet spamming to
It'd be nice to see this extended to other services, I'm not sure how feasable it would be. I suppose a centralized procmail filter database would be feasible.
Take a look at the Realtime Black Hole List. This is a DNS-based hack that publishes the domain names of sites that allow spammers to send through their mailservers - in a form that lets mail transfer agents do a quick DNS inquiry and dump mail if it is coming from such a site.
Interestingly, it's an example of anarchism in action. Anybody can publish such a list. Anybody can hack their sendmail to use such a list - and pick any such list they chose. (As far as I know there's only one such list at the moment - probably a sign that it's doing a good job.)
The RBH client code is included in current Linux distributions. (I saw it as a {recommended} sendmail configuration option in Red Hat 6.1, for instance.) I've heard estimates that about 60% of the email inboxes in the world are now behind mail transfer agents that subscribe to RBH and thus bounce mail from any site on the list.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
do not agree. Just because there are users who abuse the internet and usenet groups the entire domain is black listed
.com domain helped, but that removed some good posts too. It worked for a while and made the groups readable.
I remember when AOL opened its floodgates upon the internet. No only did they put a big POST button in their software and not educate their users what usenet was, they had a little bug in their software. Each post would be duplicated seven times. Putting the entire aol.com domain in my killfile returned the newsgroups back to an enjoyable state. In fact, it would be over a year before I ever saw an intelligent post from the aol.com domain. I wasn't missing much by filtering them out.
Then other ISP's unloaded the masses onto usenet. Newbies are a fact of life, but usenet was then carpetbombed with scams and what was to be known as spam. It was unreadable. Filtering everything with the
I have seen the usenet death penalty used. And it works! It keeps me from having to filter, because it forces responsiblility for those who wish to become part of the usenet community.
All I can do is suggest everyone do the same. The office in PA is (215) 981-8531. You may or may not get someone knowledgable right off the bat, so be polite (but really, you should be polite anyway!). You might want to even check out the Canons of Conduct from the Linux Advocacy mini-HOWTO for some good pointers.
Good luck!
If you want a good dejanews interface that's free of the crap and all the advertisements,
copy this old dejanews search form to your home directory
and bookmark it from your browser. This search form was saved from my cache when deja ruined their interface. It has none of the voting crap and your search will just yield the facts and what you are looking for.
I just called my friendly @home customer service rep (she actually *was* friendly!) and asked her about the UDP problem. She was not aware of it, but she escalated the call and found out that the issue has been elevated to the corporate level and it is hoped things will be addressed before the UDP goes into effect. It seems they have started taking a lot of calls over this.
-Jeff
-Vercingetorix
"Necessitas non habet legem." -St. Augustine
OK, not exactly on this topic (if you say "offtopic" they don't mark you offtopic :) but in a related and interesting coincidence:
I just now got a message from BugTraq saying that their mailing list has gotten blocked by ORBS because their ISP blocks ORBS probes. I think (I'm not an expert on this) that ORBS (anti-spam police) is probing to see if above.net's sendmail will allow "open relaying", but above.net blocks the probes. So, ORBS is treating the ISP as if they allow open relaying... does ORBS have "proof" that some machines in that domain are relaying, or is this a "play ball our way or screw off" (you know, kinda like cookies on Slashdot :) move?
Here's the email (I've corrected some errors to make it readable):
After a (somewhat funny) conversation with a bewildered @Home help desk lackey, I was told that noone in _entire office_ (including his supervisor) knew what I was even talking about. I was directed to e-mail abuse@home.com.
The following is the text of my e-mail message to them. I would encourage other @Home customers to write letters of their own. Perhaps @Home will get the point and begin acting more responsibly.
-----email follows-----
to: (several addresses, repeated in body of msg.)
from: (Chris Stearns)
--
I would like to know what @Home intends to do about the Usenet UDP that is scheduled to begin on Tues, Jan. 18 at 1700 PST.
Usenet access (reading and posting) is one of the services I pay @Home for. Now, because of @Home's continuing reluctance to address the abuse of its mail servers by spammers, my Usenet postings may be blocked by various sysadmins, who have elected to reject all traffic originating from within the home.com domain.
This would be an unacceptable interruption of service. @Home has an obligation to ensure that the services I subscribe to are available to me.
Futhermore, @Home has an obligation to ensure that its mail servers are not being abused by spammers. The requests for action that have been forwarded to @Home (by myself and others) are apparently being ignored. My own requests have been met with excuses. David Ritz, the originator of the UDP, details largely the same experience when describing his attempts to contact @Home. These responses from @Home - deferral, ignorance - are not good enough.
The remedy to this problem is completely within @Home's ability to to enact. I am a paying customer who wants to know what is being done.
Tell me, what are you going to do to clean up your act? When?
I have attached a copy of the UDP notice, originally posted by David Ritz in news.admin.net-abuse.usenet. This message, as well as the original notice, has been mailed to abuse@home.com, abuse@corp.home.net, news@corp.home.net, noc@corp.home.net, abuse@rogers.home.net, and Internet.Abuse@shaw.ca
A timely response would be appreciated.
Chris Stearns
(email address omitted)
(UDP notice was attached here)
-------end email message------------
Happy writing!
Chris Stearns
No, breaking into someone's computer shouldn't be treated like a physical assault. Not even close IMO.
But it SHOULD be treated like a property crime. After all, it is costing the victim money. If something of value is copied or destroyed then the victim is financially hurt. Say what you will about closed source, but it still holds a market value.
Hell it doesn't even have to be source code. People store all kinds of information on computers (credit cards, anyone?). Sure, this stuff should be secured, but there's no denying the fact that harm is done if someone steals it.
Even if nothing is done aside from breaking in the victim still loses. Why? He has to invest time (= money) in resecuring / reinstalling his machine.
Don't try to glorify computer intrusion as a harmless activity. It's not.
For what it's worth, I agree that sysadmins should work together to solve problems as much as possible before involving the authorities. It's generally a faster way to take care of the problem. But, when the abuse warrants it, either through damage, or through repeated activity, I have no problem contacting law enforcement to resolve the issue.
Best regards,
SEAL
There's a small problem with the picture used to depict "spam", as in junk e-mail and the like. It depicts a can of SPAM luncheon meat , which is a registered trademark of Hormel foods.
Hormel's position on this matter is best expressed by the following quotation from their "Spam and the Internet" page:
This means Hormel don't like pictures of cans of their SPAM luncheon meat used in conjunction with junk e-mail and the like.
I suggest that the logo for "spam" be changed for those legal reasons. Perhaps we could change it to the picture of a pig from O'Reilly's book "Stopping Spam", or some similar porcine picture that's suggestive of "spam".
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
I really have to ask, does anyone know is SPAM profitable? Are these just un-informed idiots that really don't know that they're wasting their time? Does anyone have information on this?
Furthermore has anyone even _heard_ of someone that bought something because of SPAM?
Are these people just the deranged/hopeful side of the net?
if the UDP has the desired effect, then it's an example of anarchism actually working
the UDP FAQ certainly claims a large number of successes, among them:
Erols.com had been a thorn in the side of usenet for a long time. With a change in policy after discussion of a UDP against them, they now have a very high reputation among both the usenet and email community.
Bell Atlantic, near the end of July, 1997, was a major spamhaus. Word got to them that they were being considered for a UDP. Spam dropped dramatically almost instantly, to their credit. No UDP was necessary.
UUnet, which was the largest single spam producer around the beginning of August, 1997, [...]announced and apparently instituted a much tougher AUP against spamming, and nuked a couple of the most persistent spammers that usenet has ever seen. Numbers again have fallen dramatically, and we all hope that UUnet continues with this policy.
October, 1997, Compuserve
In December, 1997, TIAC appeared absolutely unwilling to deal with any of their ongoing spam [...] UDP was announced with the 5 business day waiting period before institution. Although their owner continued to make excuses and argue about their culpability as well as bluster and threaten legal action, by the time the deadline had arrived, they had "cleaned up their act" to the point that the UDP was no longer necessary, and the deadline was extended for another 5 days to watch the numbers. After that additional 5 day period, the stats had stayed low, and the UDP deadline was lifted.
About 10 others between these dates.
In December of 1999, a simultaneous UDP of VSNL and SILNET, the two main carriers in India, was instituted for their failure to even begin to control the usenet terrorist who calls himself "HipCrime" and who forges, cancels, floods, and supercedes thousands of articles on a nearly daily basis in an attempt to blackmail the entire world into doing things his way - his way being a usenet without spam cancels. Currently, VNSL and SILET have enabled port 119 (news)blocks on all outgoing connections from their services with the exception of their own servers.
So, it looks like there is good evidence that this will work, given the past history of success.
My Mum told me to hit them!
I used to work for @Home. One of my duties was reading mail sent to news@home.com and handling requests/complaints/whatnot. Anyone who proclaims that @Home is being *lazy* about fixing their problems is _just plain wrong_. @Home employees work their asses off to deal with the problems associated with being a large ISP. Unfortunately, there are just not enough @Home employees. When I worked there, every UNIX admin was spread thin. We all wore a million different "hats" and there never was enough time to deal with everything. @Home is a magnitude larger than it was when I was there and I'm pretty sure things have not improved.
:-)
As for the spam problem, the people at blame are the corporate types. This is a management issue, not a technical issue. This problem could be fixed by blocking inbound packets to customer IPs on port 119/TCP. Unfortunately, port blocking is more involved than just making changes to routers. Policies have to be re-written which, when you are @Home, necessitates lawyers, meetings, and the like. @Home has bigger fish to fry. Like what, you say? Customers who crack government machines, e-mail spammers (who generate a larger backlash than usenet spam), smurfers, script kiddies, irc abuse, customer-to-customer abuse, people who host commercial sites on their cable modems, people who put porn sites on members.home.net (their homepage server), etc., etc. It's only to be expected that USENET complaints are near their bottom of their abuse priority list. If you could only see the volume of mail that abuse@corp.home.net generates, you'd understand.
Chris
Its not in deja.com yet, and I didn't want to reproduce it here to avoid possible copyright issues, so here is a link to it.
As seen on athome.announce:
Many of you have been posting your questions and concerns
in reference to the proposed Usenet Death Penalty (UDP) which
would block the @Home Network from posting to USENET. I have attached
our official response to the Usenet community and the press here but
wanted to bring attention to a couple of points that are raised here:
- This afternoon we began a network wide scan targeting open proxy
servers.
- If an open server is identified, the customer associated will be
blocked from posting to Usenet until such time we are assured that
the proxy software is secured.
------------------------------
To the USENET community:
In response to the recent UDP call for @Home Network to be removed
from interacting on the USENET, we are submitting an official
response
with a proposal of short term and long term news spam prevention
initiatives. Excite@Home is very committed to participating
respectfully on the Internet, and we have taken previous requests for
action seriously.
We have found that the primary source of our excessive USENET posting
history comes from subscribers who have installed proxy software
incorrectly. Unbeknownst to the customer, this mis-configuration has
allowed outside access to the @Home news servers, and has resulted in
our subscribers becoming spam relays. Because these various IP
addresses create holes in our network, spammers have taken advantage
of this mis-configuration, and have posted thousands of newsgroup
messages through our news machines.
As of today, we are stepping up our involvement and taking more
aggressive action by performing frequent network wide scans of our
customer base to target proxy servers. Once these customers are
identified, we are suspending their news service immediately.
Re-enabling will not occur until we are assured that their machines
are secure. We feel that this proactive effort will dramatically
decrease the amount of extraneous news traffic originating from
home.com.
We are committed to promoting better Excite@Home participation on
the
USENET, and we are in the process of modifying our current news
product and news architecture. We are also implementing more user
education as a parallel initiative.
With these new tactics in place, we are asking for an extension to
our
USENET access beyond the 18th of January and we are confident that
the
USENET community will see positive news statistics coming in the next
few days.
David Jackson
Manager, Network Policy Management
Excite@Home
Carol
Newsgroup Policy Specialist
Excite@Home