Battle Creek, Michigan Settles Dispute with ORBZ
Peter Sachs, Esq. writes: "According to a press release that now appears on its official website, the City of Battle Creek, Michigan has 'settled"' its dispute with ORBZ.ORG. The City concluded that ORBZ.ORG had no criminal intent to cause the City harm by testing the 'open relay' status its server. In fact, the Assistant to the City Manager said, '...we recognize that [ORBZ.ORG] has done us a service. We are going to be taking a close look at our policies regarding Lotus security updates and how we can avoid the issue in general'"
The good news: For once, a government entity came to communicate with someone who wasn't really doing it harm, but actually good, and managed to realize that.
The bad news: They still haven't quite understood the situation yet, based on the article taken from the City of Battle Creek page:
Spam refers to a computer prank that causes multiple duplicate emails, sometimes several hundred at once, to clog up the recipient's mail server.
They are getting better, though.
"What's so random about flipping a coin? Ever heard of the I Ching?"
ORBZ was scanning for open relays.
One of the known exploits for spammers to use open relays also happens to overlap with an old flaw in Lotus Notes, causing it to go into an infinite loop.
Battlecreek got whammied by ORBZ, unintentionally, and filed criminal charges.
No, I think this is still scary. They launched an investigation because *someone sent an email that locked up their server*. Not flooded the server, not spammed ... just sent an email.
They should be investigating the marklars at lotus who apparently are not great programmers. No email should *ever* be able to bring down an e-mail server.
Religion is a gateway psychosis. -- Dave Foley
I told Ian, time and time again, that he shouldn't be testing innocent servers. Test servers that have sent spam, yes, by all means. But you can't go around invading innocent servers.
-russ
Don't piss off The Angry Economist
Note to Battle Creek city managers: hire competent IT professionals, and this won't happen.
Second, this all could have been avoided if Ian Gulliver hadn't freaked when he got the order. If he'd waited a bleeding 24 hours this would have been resolved and ORBZ could have gone on its merry way.
I'm going to resist drawing any parallels between your hysterical and incorrect assessment of the situation and Ian's similar reaction, except to say: pay attention. Life is hard enough without going off half-cocked on incomplete information.
This isn't as much "normalization" as it is "don't take so many drugs when you're designing tables."
Ahh, these are both perfect examples of why reasoning by analogy is the exclusive preserve of imbeciles. ORBZ tested mail servers. He did not distribute crack to children and he did not shoot anyone.
I'm not into reasoning by analogy but if you feel the need in future here are some alternatives you might try, at the very least they betray your disgusting attempts to impugn ORBZ:
ORBZ is squeezing the fruit in the supermarket to see if it's ripe.
Another:
ORBZ is playing a tune to see if they approve of the melody.
Now go scurry under your rock and stop implying that what ORBZ did is anything other than a public service, or worse; equating it to selling coke to kids. These things are not morally equivalent you dolt.
It was just an investigation.
Uh, there is no such thing as "just an investigation."
I worked for a government agency. It was absurd because all of the policies would go through these weird legal distortions. If they wanted a simple policy, say changing from a 15 to 20 minute break, they would pass a law, and it would be illegal to take an 15 minute break. They lost the ability for people to communicate with people as people.
ORBZ may have been a bit cavalier in its testing of security holes in servers, but was altruistically trying to perform a service. Instead of trying to communicate, however, the legal system immediately jumps into litigation confrontation and threats. It is really a screwed up system.
The "you are a prick" part caught me off guard. If Mr. Darga needs some help, he is NEVER going to get it with that kind of attitude (even from his co-workers and underlings).
I think that Mr. Darge needs a vacation, a good course in stress management and another course in dealing with the public.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
So why didn't you send this information to the local newspaper? Seems to me the voters would love to see what a foul-mouth guy this "Jeff Darga" allegedly is.
Nah. The local paper needs a copy of the letter. It does wonders for political careers when the paper has to note that it cannot include the entire letter sent from a school board member to a citizen because "he wrote things that can't be printed in a family newspaper" . .
hawk
The rules/regulations that agencies make have the force of law, however. That is, you can be imprisoned for not following them, with the full force of the US government behind them.