Slashdot Mirror
RoadRunner Co-Opting "Organization" Headers
Dusty Rhodes writes: "AOL-Time Warner cable Internet Provider RoadRunner has begun co-opting the 'Organization' line of Usenet headers, replacing whatever information a user enters with 'Organization: Road Runner - (location).' All RoadRunner customers nationwide, including business customers, have had their organization identity hijacked with no disclosure whatsoever, much less an opt-in or even an opt-out. Nothing in their TOS or AUP. Nada."
My ISP's Usenet Server (NTL in the UK) is set up to add NNTP-Posting-Host: with your IP to every post. So much for Usenet being an anonymous media.
The biggest reason I can see is to help cut down on spam. If people try spamming through RR, the recipient will KNOW it came from a RR server, and know where to complain. (Not sure how that HELPS RR, but it's a theory.)
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
Argosoftis an awesome win32 one.
If they are blocking port 25 outbound, you can do what I used to do when the fuckers at earthlink did that. I setup a qmail/proxy machine at work running on port 5000 something and sent all my mail through that, hell if they are to the point of scanning the packets themselves you could always tunnel in as well. The problem is that the majority of people out there are screwed by this and do not have enough knowledge to take recourse against it.
An Education is the Font of All Liberty
I've noticed this for a long time now. A lot of ISP's are doing that. I don't mind too much since my organization is "Crime" but it is a bit annoying yes. However if you want much better news service at not too much a year, try Newsguy. I used them back when I did a lot of usenet posting and for like $25/year (its gone up a bit since then) I was able to get non-binary access to all my favorite newsgroups. If you want access to binaries you have to pay a bit more, but the service is very customizable to fit your needs. They filtered out 95% of the spam and kept articles for a month, while roadrunner is lucky to keep them a week and seems to have cut corners on spam filtering. So I'd suggest if you are serious about usenet, buy your access (its less then $5/month for basic access) and get higher quality news feed with less spam and full control over those important headers.
--Won't that be grand? Computers and the programs will start thinking and the people will stop. - Dr. Walter Gibbs
Companies aren't there to serve customers.
Companies are there to serve the owners/shareholders. Most of them just want to get the best return on investment they can.
Most people vote for "returns at any cost" with their money, and the companies act accordingly.
When is the last time you've heard people say "oh you can lose a few million this year, just be nice to everyone", until they put a dollar value on satisfied customers, they are going to continue to behave this way because WE make them.
And I don't really care how much RoadRunner screws with their customers, as long as they make money and build my retirement fund for me. Yes it is selfish, but I think that is the way it is.
there's absolutely no "rights" issue here. stop confusing rights with privileges.. you will only dilute this section further.
They are your ISP and you are using THEIR machines, hence they may do as they wish...an ISP has every right (though perhaps not ehtical) to ... do whatever they want to incoming/outgoing data
Are you serious? Given your logic, you seem to think it's alright to replace every other header as well (including the X-Priority, or even the TO and FROM). Why stop there? Why not change the message body as well?
Can I play on the slippery slope after you're done with it?
"They are your ISP and you are using THEIR machines, hence they may do as they wish."
They gave up the right to do whatever they wish with their hardware as soon as they started charging you money to use it. An ISP is bound as much to an agreement as a user (if not more so) because of the exchange of money involved, and they should not be able to unilaterally change the terms of the contract without at least informing the customers.
Let's say I post something to Usenet trolling, blasting Microsoft and making wild accusations against them. However, my "Organization" is "RoadRunner." While it may not mean anything legally, doesn't that at least partially imply that I'm speaking on behalf of RoadRunner, and, thus, making it seem like RoadRunner's official corporate stance is whatever nonsense I just accused Microsoft of?
For example, if you work at IBM (arbitrarily chosen company), and routinely send out mail voicing *your* opinion, you'll likely have something to the effect of "These opinions are my own, and not that IBM," so that people don't twist mail you send to your friend into IBM's official position on the issue.
Again, I don't know if this carries any legal weight, but I think RoadRunner is getting themselves into more than they bargained for. (Picture swarms of angry people blaming RoadRunner for whatever their customers post.)
________________________________________________
suwain_2
Its at best a civil matter not "civil rights". You have no right to send email or usenet postings. Those are privileges that you pay for. If your ISP violates your contract sue the bastard.
Tom
Someday, I'll have a real sig.
Not to pour water on a good conspiracy theory, but are people sure this isn't just a misconfigured nnrpd.conf (or equivalent)? It's pretty easy to do; many nntp sites already add an Organization line if there isn't one present -- all it would take is for some admin to foul up a config line.
Not to downplay the significance of companies doing stuff like this, but this may be unintentional. The article doesn't look like it's double-checked the motive.
Ah, computer dating -- it's like pimping, but you rarely have to use the phrase "upside your head" -- Bender
Correct me if I'm wrong but isn't this a perfectly correct implementation of organization? Whose NNTP server was used? Roadrunner's server. Whose name should be listed under organization, well I can make a strong argument for roadrunner. I fail to see what harm this does to the consumer, and more importantly what "right" is lost. Most clients don't display the header by defualt. It might help someone report spam. The only downside is if you used public usenet to reply to support postings, and wanted to look profesional, and then a private server would be a much more sensible solution(no propagation time, complete control, etc.)
I'd do something interesting, but my server can't handle a slashdotting.
The bottom line here is that, if like the article says, there is nothing in the ToS that guarantees that this wont happen (I start to twitch if I actually read ToS or EULA documents) then I'd say you're at the mercy of the owner of the servers that you use. When I load slashdot, it gives me slashdot content. When I send mail through my ISPs SMTP servers, it adds a header. While the co-opting aspect of this is disturbing, the bottom line is that if you don't like it, run your own NNTP server, or simply use Google Groups or any other alternative news service that delivers what you want, in the way you want it. A lot of people seem to think that Roadrunner is going to get in trouble for this. I just don't see that happenning. I can't even conceive of a way that this could be illegal. But I'm not a lawyer ;)
This too shall pass.
You are exactly correct. This is not really an issue of rights. It's only an issue customer service. A company is failing to provide a service that most paying customers are used to getting. A poor choice on their part, yes, but hardly anything worth marching to the capital steps in Washington over.
In addition to the "Your Rights Online" category, Slashdot really needs a "Big Company Not Treating Their Customers Well" category, because that seems to be what a lot of these stories end up being. Save the YRO banner for DMCA court battles and stuff like that.
Information wants to be anthropomorphized.
Because Yahoo, et. al. are free, they make their money from advertising. I pay my ISP, and if they started requiring me to run programs that displayed banner ads at the bottom of my screen continuously -- in addition to the $45 / mo -- I'd leave ASAP.
I wonder how RoadRunner would feel if some unscrupulous person put Roadrunners email addresses in their reply fields for the spambots to harvest? Gee, I hope no one does that. That would be just awful. Roadrunner receiving tons of unsolicited mail because someone changed some information that they were not asked to. The horror...the horror....
The problem is that it business users (who obviously pay more for their access) have also had their organization fields co-opted by Roadrunner. As you said, it is very difficult to look professional when your postings state that you are from roadrunner.
It isn't that this particular idea is any good, it is quite dumb IMO.
It is that they should continuously be trying to make more, and improve somehow. Advertising is a good idea, and really rewriting a header doesn't take any CPU load compared to everything else.
to put their name on your post. As if they owned it or something.
That's an interesting thought. By doing this are they claiming some sort of ownership to your post and thus become liable for things in the said post?
When is the last time you've heard people say "oh you can lose a few million this year, just be nice to everyone"
Explain how *NOT* swapping the Organization header would lose them money? They are changing something that they didn't do previously - at best, they may speculatively make a bit more money. It certainly cost them something to do this (maybe only $50 to have someone change something on their NNTP software, and maybe another $100,000 in executive salaries to have meetings about it) but it's at best an unknown amount of money they may generate because of this.
I'd have thought it would have made more sense to add an extra X-header, or tack on RoadRunner at the end of the existing X-header info.
X-Organization: Joe's Place (via RoadRunner)
or something similar. To just replace it full stop is strange, to say the least.
My theory is they are doing this because of the way search engines archive news postings has a ranking on what posts contains links to what URLs and names, this will make RoadRunner appear much more 'popular' in services like google and teoma. However, this will also have a detrimental search engine effect on the very customers RR is supposedly serving, and should cause them to leave (at least a few who realize what's going on). Again, if this is the case, is it worth losing a few customers to potentially gain more (short v long term)? Probably.
creation science book
For the last year (probably even longer) I have noticed RR putting Road Runner in the Organization field on the header. I've never seen them put the actual city name however in the header. This is not late breaking news.
I can't beleive this made the front page on slashdot. First of all the story is false (at least in the upstate New York RR service) second, what's the big deal? For me, I use my full name when posting to newsgroups. Plus with RR you get a fairly static IP address (mine hasn't changed in the last year), how can you be anonymous with that?
Or in Yahoo's case continue to lose money despite the advertising (or have they quietly broken even without telling anyone)? This isn't about banner ads anyway - but the question is would you be willing to pay more /month just for the privelege of being able to set the Organization line when posting to Usenet to whatever you want (which you can do anyway through Deja)?
Video Game cheats, hints a
Doesn't this make it harder for RR "customers" to send out Usenet spam with totally forged headers and remain undetected?
Isn't this a Good Thing for everyone?
In particular it's a Good Thing for all RR customers who don't spam, as it means that other ISPs won't be denying connectivity to RR because of spam.
What have I misunderstood here?
The guys who run RoadRunner mail hosts seem to be a bit out of it when it comes to how "the Internet" works. Sure, they can figure out some of the stuff, but they get clueless really fast.
For example: They used to have the "From:" header screwed up. When you sent some mail, it said that the sender was "username at the machine that handled all of the mail for the area," not "username at the real address." So for six months or so, when some folks tried to reply to my RR address, their replies bounced. I had to add a "Reply-to" line just to get mail back.
In the case of someone like Hotmail or Yahoo, they clearly state in their TOS that they have the right to add their text to your message. In this case, there was no notification whatsoever. That makes for quite a difference.
One could argue that all of the text of your message (including the headers that your computer put on it) are copyrighted by you. If they change it without authority, they have infringed your copyright. If their TOS mentioned something about it, then by using their service you would give them authority (or a license) to do so. Without that, they should have no right.
The bottom line is that from the Internet's point of view, your ISP and network provider is RoadRunner, so it makes perfect sense to label you as being part of that "organization" in this context. It is both within the letter and spirit of NNTP. To allow you to use your own vanity Organization header would only add confusion and defeats the spirit of the header.
So stop using them. And sue them. Problem solved.
Correct me if I'm wrong but isn't this a perfectly correct implementation of organization? Whose NNTP server was used?
This header predates NNTP
Ok, I'm a RoadRunner customer. I read this and immediately went out to check my posts. Nope, didn't see the text added in any of them. Even posted a new post and still no text.
So, either it's not happening in all areas are this yet another bogus "It was posted on the web so it has to be true" story.
"Since when has RoadRunner allowed you to run servers?"
An NNTP server does not have to be accessible from outside your network. Lots of people run servers such as leafnode (I use cnews) for convenient off-line news reading. RR cannot tell whether an article is being posted by a server or a client. They will still overwrite the "Organization" line, though.
As another poster suggested, sign up with Newsguy.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
The biggest reason I can see is to help cut down on spam. If people try spamming through RR, the recipient will KNOW it came from a RR server, and know where to complain.
But they could just as easily add something like "X-Complaints-To:" or "X-ISP:", etc. Rather than deciding that RFC 850 dosn't quite apply to them. The header is for identification of the poster's organisation. Rather than whatever ISP their employer may use...
Or post a Harlan Ellison book.
I don't work for RR but from what I understand as far as Cable ISPs go email/news/webspace is a FREE service that comes along w/your cable Internet.
They don't give credit for downtime on these and they don't consider them mission critical.
If you are so hepped up about your email/news/webspace do it yourself. They are under no obligation to give it to you.
I use RR. My webpage is not rr.com, my email address is not rr.com. I use rr.com to read news (on the few occasions I decide to) only b/c it is fast as shit.
"Since "machine" isn't defined within the RFC, I think there's some latitude to allow Roadrunners practice."
"Machine" refers to the machine on which the article originated. Usenet is a store and forward system that use a flooding algorithm for distribution. RR's server is merely one of the servers in the path from your machine to that of any particular reader. Altering the headers to imply that your article originated on their machine is misleading. The can add 'X' headers for spam tracking.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
If I had a RoadRunner connection for free, then yeah, maybe I could deal with them wanting to plug themselves in my e-mails and news postings.
However, since RoadRunner is a pay-to-use service, aren't they getting money already? Why, yes, they are. And what if part of your organization is required to post to certain newsgroups, and all of a sudden, with no warning, instead of being from BlahCo, it says it's from RoadRunner? Wouldn't you be a touch upset about that?
They can fix it by making it opt out.
Kierthos
Mr. Hu is not a ninja.
If this were happening to me, I'd change my netnews .sigfile to read
--
If the Organization line on this post says 'RoadRunner', then the opinions expressed here are the official opinions of 'RoadRunner'. They put their name on them, they must approve.
But think about it logically. You may read USENET postings from anywhere on the Net, but you are posting from their server. In this sense, the tagging of the Organization line with their information seems quite proper. Maybe to qualify for your own Organization tag, you need to run your own qualified NNTP server.
And then there is a really damn good reason for doing this. Putting their information on that header also correctly indicates the source of the posting, so it is a valuable tool for tracing a culprit of USENET spam, a task for which I would gladly grant the ISP's the use of that silly header.
Since I added a Perl script to remove Yahoo crap from email to my .procmailrc I haven't seen them again. Still wastes my bandwidth, but no disk space at least
Think about it stupid. A credit card can easily be verified by a computer like they do at Amazon and hundreds of other sites. With photo ID you need paid employees to verify it. Kind of hard running a free services and needing to hire an army of people for monkey work. How are you going to pay them?
Businesses can. That's why they pay more. I get free business class DSL from my employer and can run servers and have a public IP.
A good sized business will run their own NNTP server anyway and have a real business ISP. But how many small businesses actually use nntp? For what except spamming newsgroups with penile enlargememt ads?
It would be nice if I could the article. The page comes up blank here under Nutscrape 4.79.
You're right, it doesn't render in Netscape 4. However, I just tried it in nine other browsers and it renders just fine in all of them. Netscape 4 pretty much sucks.
(If you're wondering: MSIE 4.1.4, Mozilla 1.0 RC2, OmniWeb 4.1b6, iCab 2.7.1 and Opera 5.0.498 on Mac OS X; Konqueror 2.1.1, Galeon 0.11.0, Lynx 2.8.3rel.1 and Links 0.9.6 on Linux. To be fair it should be noted that Lynx doesn't really render the table like the others, but the text comes out fine.)
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Simple, set a limit on how many messages can be sent from an account.
But if you can just bypass Earthlink's SMTP servers, then how can they enforce anything like that?
Require the person to sign an agreement that states clearly that they can now use the system for spam, at a price of 500 dollars per email.
I really like this idea.
For every message have the smtp server look for typical spam related signs like forged headers, javascript, etc and flag them for human inspection. Charge accordingly.
Again, firewalling port 25 like they do is what makes this possible.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Comment removed based on user account deletion
Make your silly case when the topic/s are the headers: NNTP-Posting-Host, X-Trace, X-Complaints-To.
All concerned RoadRunner customers should change their organization name to "is a sh*tty ISP."
What most people here want is an "(Internet Service) Provider"...someone who gives them a pipe with some IP addresses, and possibly provides DNS, SMTP, POP/IMAP, and NNTP servers, and maybe throws in some web space, and then pretty much gets out of the way.
I think it's real sporting of them. By identifying themselves as the organization responsible for the messages (not mereley the source of the messages), do they not open themselves to legal action? Shielding their customers, who are small-fry (anything other than AOL/TW, including most countries) by definition.
Seriously, this has all the hallmarks of (rather clever) disgruntled employee sabotage. How much attention do you think the higher-ups at rr even pay to their UseNET service? How closely do you think it is monitered? I'm betting very little and not-at-all. It could be weeks before they really notice/understand, even now.
If I still had UseNET flamewars^H^H^H^H^H^H^H^H^Hdiscussions, I'd be really pissed; I have roadrunner.
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.
This is correct.. you follow my logic very well. You pay them. You use their service. What you pay them is "rent" if you will for their servers and bandwidth. They may do whatever they want to. You're free to go to another service. It's like if yo urent a house, you're paying the landlord for the right to live there, but he's free to sll the house, or say you can't have animals there, etc.
Does this apply only to the RR usenet servers? Or does this apply to ANY usenet server that a RR customer is using?
Big difference. IF RR owns the server and provides it as part of a package, yes it might suck, but its their server and if they want to alter information, I suppose its their right to do so. You don't HAVE to use it. In fact, most ISP based newsservers suck anyways. It wouldn't be a great loss.
A lot of companies do things behind the scenes without putting into their terms of service. A great many isps will run httpd traffic through a cacheing proxy to either save on upstream bandwidth or to record information. One of these schemes makes perfect sense, the other is slimy.
Ok, so they're changing your organization field. Whether this matters or not, you know about it now. If its a problem, use a different news server. However, if they're hijacking nttp packets and "fixing" that information, then you have a BIG problem. At NO point should ANY information I send out be modified. If they want to play games to save bandwidth, fine. But I better get the exact data I request, and the other end better get the same data I send, with no
modifications. THAT would be entering into the realm of arbitrary censorship without permission.
They might STILL be within their rights to do that, but if I were a customer of theirs, I would start shopping around.
-Restil
Play with my webcams and lights here
What's the big deal? Come on, lots of companies do stuff like this. Viral marketing works a lot better than full blown ad campaign. Look at Yahoo and Hotmail's mail service. At the bottom of every email they have a "Get your free email account at Yahoo.com" or "Get your free email account at Hotmail.com" Why don't people make a big deal about that? You use their service, you have to deal with those types of things. They could easily not provide a free nntp service to you, but they do as part of your service plan. If you want to use another service, there are plenty on the net.
_______________________________
"I'm not Conceited...I'm just a realist..."
you are one of the people that just doesn't understand how much cable costs.
I am on cable. I pay $49.95/mo. I get a steady 3mbit connection. No peak hours, no crap. Just steady bandwith. That's nearly 2 fucking T1's.
You tell me that two T1s to your house costs $49.95? Woah. You own.
You're paying for bandwith. Not the fucking email or news. Believe me.
I've been fired for having an oganization header define as above
You were fired over a usenet post with an incorrect organization header? Come on! Maybe it was because you can't spell?
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Assuming that they are a publicly traded company, which may not be the case, one of the items on their balance sheet is "Customer Good Will".
I think you need a class in accounting. I defy you to show me one balance sheet with such an entry. Note that "Goodwill" is something totally different.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
I don't see the problem here. The Organization: field gets set by the NNTP server that carried the message onto the 'net. This is great, it provides quite a bit more authenticity for messages.
I'm building a little groupware server that supports SMTP/POP/IMAP (among other things) and I do something even more heinous, to prevent open relaying: if you're not using authenticated SMTP, you can't deliver a message that claims to be from one of the server's own domains -- and if you are using authenticated SMTP, it rewrites the From: header line, forcing the message to appear authored by the user you logged in as.
Internet tradition and even some RFC's say that it's a sin to alter the message content, but in an era where people on the 'net just can't be trusted anymore, I think that's an obsolete concept.
Tired of FB/Google censorship? Visit UNCENSORED!
X-Roadrunner-Status: It Sucks today and probably more tommorrow
or if you want your own organization use:
X-Organization: [Your company name]
Bad boys rape our young girls but Violet gives willingly.
That's all newsguy and the other binariez hostz are for, gets warez. Don't LIE! dumass
All the action packed multimedia you will ever need:
alt.binaries.pictures.motorcycles.sportbike
Zero budget films shot locally rule. All else is warez and pr0n for the PFY's.
Comment removed based on user account deletion
Updated Newsguy pricing can be found here: (http://newsguy.com/overview.htm). Executive summary:
Basic newsgroup access (10MB/day download cap): $40/year
Add a couple of email addresses and website/storage: $5.95/month (i.e. $72/year)
Up the daily download cap to 500MB/day: 12.95/month (or pay per year for $80/year)
As far as I can tell, all accounts seem to have access to the binaries groups, but 10MB/day will be frustrating if you want to actually use those newsgroups.
No, I'm not affiliated with Newsguy. Never used their service, so I don't know how good they are (or aren't).
----
Open mind, insert foot.
Looked into WideOpenWest yet? They just began offering cable Internet service in Columbus in the past month at very competitive prices. Better yet, they offer tiered services, so you can pay a little less if you don't need the fattest cable pipe they offer.
The problem with this method of thinking is that unlike an apartment or rented house, ISP's (broadband in particular) are harder to come by in some places. Here, where I live, the only broadband provider is adelphia. There are others, but at a couple hundred bucks for an installation, and then a few hundred a month after, I can't afford that.
Expounding upon that, I'm not about to go back to dial-up.
01101001 01100001 01101101 01101110 01101111 01110100 01100001 01101100 01100001 01110111 01111001 01100101 01110010