Slashdot Mirror
Boing Boing Founder Warns of "Internet AIDS"
An anonymous reader writes "Cory Doctorow, founder of Boing Boing, says he doesn't have a problem in principle with the automated network defense systems that guard the Internet against malware, spamigation bots, and other network nasties. However, in his article 'The Future of Internet Immune Systems,' he bemoans the problems caused by 'Internet autoimmune disorder' — where the network defenses designed to block network attacks are automated and instantaneous, but the systems in place to reverse erroneous lockdowns are manual and unresponsive."
All that sex it has sure would give it AIDS
We still need humans on the other end to fix automation's bugs; algorithms cannot bypass themselves.
proud caffeine whore
When my company moved we had to get new IP addresses. This meant changing MX records and all of that fun. Anyways, the problem came with sending email out. It turns out that like a billion spam catched had caught email from the IP range and so it was not blocked. These various Spam Blocking Lists (or SBLs) are almost all automated. A few of them let you push a button and get removed. However some of them require manually emailing an explanation and still others try to extort money from you to speed up the unblocking process. We didn't even send any spam. The previous owners of the IP did.
Yep, almost as bad as trying to get set up with service in the first place.
I guess the way to foil these critters is to try to trip as many as possible. Then again, the intarweb mischief-makers will probably do just that.
Please stay on the line, your call is important to us.
A feeling of having made the same mistake before: Deja Foobar
For a lot of autonomic systems, you need the blocking, but a little automatic forgiveness goes a long way.
EG, in a scan detector, forgive 1 scan per minute/hour and eventually release the block. This saves a call to tech support, and papers over a lot of sins when building an automatic system.
Test your net with Netalyzr
p2p applications use peergaurdian or other ip filters by bluetack that increase in size, but getting removed form such a ip blocklist is hard.
The summary title is stupid.
AIDS is not auto-immune; it is immuno-deficient. The FA doesn't mention AIDS. Try this.
I will wager a bunch of cash that he is selling a product that will fix whatever he says is broke.
So basically, -1 troll/offtopic is really slashdots way of saying "I hate that you thought of something before me."
AIDS is not an auto immune disease. He talks about when the immune system attacks normal, healthy cells, not when the immune system fails completely
Stupid slashdot editors.
Maybe I'm just not seeing it, but this article doesn't mention any comparison to "AIDS." This is good, because AIDS isn't an autoimmune disease. The article's comparison of evolving security responses to an autoimmune reaction is apt, but a comparison to AIDS/HIV wouldn't be.
It wouldn't be internet AIDS. Wouldn't that be Internet Lupus?
the systems in place to reverse erroneous lockdowns are manual and unresponsive
Anyone who is married knows how much of a dilemma this presents...
"If you think you have things under control, you're not going fast enough." --Mario Andretti
Guess we'll have to line the tubes with latex.
Those who believe the Internet is private,
find their privates are on the Internet.
but if all that could be done successfully, wouldn't it already exist as a set of ruby on rails scripts?
Seriously, I believe that until processors/hardware works with the OS to sandbox applications correctly, there is no really effective way to sanitize the Internet, and there are some really good reasons for not doing so.
At least some malware uses the OS features to hide itself, and propagate itself. Much of the rest of it relies on users to initialize it locally. Tell me how that will automatically be removed from the internet. Try to eliminate all threats is the same whack-a-mole game as trying to stop file sharing outright. Sure, might theoretically be a good idea, but in practice there are some gaping huge holes in the process.
No matter how smart you make the software, the routers, or the Internet in general, there will be some finance guy that thinks he knows IT in a small company that allows his servers to get owned. Thanks to the 1000s like him, the rest of the internet will have to continue fighting the 'malware' forever. False positives aside, the task of eliminating security risks from an Internet where Win95 is still running is a bit more than daunting.
Support NYCountryLawyer RIAA vs People
You mean: 'in principle'.
It's Lupus.
--
Stay tuned for some shock and awe coming right up after this messages!
I had a bad encounter with an RBL a few years back (late 90's, I think). I had installed some web proxy on my machine and opened it up so I could use it from outside my firewall. I never considered that it cold proxy to my machine itself. These were the bad middle days when packages could get away with shipping in not-quite-idiot-proof configuration. I later argued with the package maintainer that the proxy should disable local referrals by default. They didn't agree, and it wasn't my package.
Anyway. It turns out that spammers could blindly use my webproxy to push email to my local port 25 and send mail using it. Damn clever spammers. I figured it out after my email system croaked and I looked at the logs and mailq. (crap, 1000 spam messages in the outbox, originated on my system).
So I'd been a tool, and used, and it was my damn fault. I fixed it (uninstalled the proxy) and started to repair the damage.
One of the items of fallout was that the RBL lists had nailed my IP address as a spammer. Fair enough. But getting them to turn it off was a royal pain in the ass and took days - even though their notes described exactly how the spam was delivered through my system and it was easily verifiable that it was no longer an issue.
It left me pretty peeved, and I've never used an RBL since.
Due to AIDS!
The solution to the complex access problems is, as usual, distributed social trust networks. But we're still so primitive that I can't even find a whitelist/blacklist plugin for my Evolution.
There probably is one, but it's hidden behind an opaque trust network of people who know about it, but who I don't know, though we have that SW relationship (need/have) in common. Let's see if the manual broadcast still works.
--
make install -not war
anywhere near an appropriate analogy.
Click here for the cure.
"Lust, Caution" prompts virus, medical warnings
although this was quite the amusing bit:
ok, now i HAVE to see this movie
and if you'll excuse me, i have to go wash my hands. because i touched my keyboard. who knows what i will catch
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I don't know how many times I've heard Doctorow say in interviews that he is not a founder of BoingBoing. Fraunfelder is the only founder still involved with BoingBoing (I think he is also the only current contributor who was around when BoingBoing was in print before it went electronic).
Boing Boing was founded by Mark Frauenfelder and Carla Sinclair. Small detail, but hey, who needs accuracy in a headline?
My wife and I drove over three hours to a different state to buy furniture. On the way, we stopped at a gas station and bought gas. Apparently, our credit union doesn't believe in such things as traveling from state to state, and flagged this is a suspicious transaction. Nevermind that we go to this neighboring state regularly and their "system" has never seen this as unusual. Of course, the card was silently suspended. This has happened a few times in the past, but we'd always received a phone call within minutes of it happening. No such call, so we remained oblivious and continued on.
Proceeded to drive to our destination, spent a few MORE hours picking out furniture, went to pay, and... Whoops. Luckily I managed to dig out a credit card from the depths of my wallet that I'd forgotten about, and which still worked, luckily. But it easily could have been a completely wasted day.
Of course, calling the credit union about it didn't help. They aren't open on the weekends. They can shut your account down kid, but they won't turn it back on again.
Imagine that. People occasionally drive into a neighboring state and... buy gas on the way! If that's not suspicious, what the hell is, right?
He mentions having his debit card cut off every time he leaves the country; the same thing happened to me.
Ater specifically notifying B of A I was going to France, and asking them to raise the limit, because I would be withdrawing a lot of cash, my card was suspended.
Suspiciously, someone was withdrawing a lot of cash. In France.
This is basically the price we pay for weak law enforcement. There are laws against spam, and phishing, but no money to prosecute, so we end up with flawed automated systems.
There are laws against credit card fraud, but it's too expensive to really stop, especially abroad, so we end up with flawed automated systems.
There were all kinds of HUGE clues before the Sept. 11 attacks, but actually reforming the bureaucracy to catch those kinds of clues is too hard, so we have No Fly lists that trap innocent people. Basically a flawed, automated system.
And now it's just assumed that law enforcement will be weak and collectively incompetent, so there's this groundswell of acceptance for racial profiling, as though focusing on arabs (or blacks, latinos and whatnot, depending on the context and crime you're trying to stop) will make us safer -- rather than less safe, since while you're looking for the [arab/black/latino] guy on suspicion of [terrorism/theft/illegal immigration], someone who doesn't fit the stereotype walks right under your nose.
Sigh, neither Doctorow's article nor the bizarre summary offer much hope. He is right on some points though.
More and more it is left to the end user or consumer to battle their way though e-mail and voice systems to undo the damage inflicted by automated systems. To add insult to injury it seems that the blame for these problems is always placed on the customer, not on bad system design. I guess that this is all part of the "Leave you bag at the door" attitude that assumes that every customer is a shoplifter.
I'd say that the bigger threat is the likely collapse of the whole e-mail system. When will things just stop working? When spam accounts for 95% of e-mail? 99.9%? I'd like to hear about people that are developing a replacement for e-mail technology that just doesn't work any more.
Three Squirrels
It should be a simple rule, really: Do not automatically disable anything that can't be automatically re-enabled. Two way street.
I'll simply get my HERF gun and this time things will not end badly!
(If you think this is OT, you need to read more Doctorow)I read the script, and I think it would help my character's motivation if he was on fire. -Bender
...he is not *the founder* of Boing Boing. That title goes to Mark Frauenfelder. Cory is a co-editor.
Anybody want a peanut?
...due to AIDS.
I just found a new sig.
Please stop. It's annoying and redundant and somehow not rated as such (?).
$ make available
It's now a pool- and it's closed.
"malware, spamigation bots, and other network nasties"
:P
WTF are these terms you are referring to? I run Linux and Unix and I'm unfamiliar with "malware" and "spamigation bots". Are these Windows applications?
Just asking
"I bow to no man" - Riddick
Since when is Family Guy "off-topic"?
Oh, wait, that's the entire premise behind most of their humor, isn't it?
DATABASE WOW WOW
There is no such thing as an "evil IP address" any more than there is an "evil house." These systems are technically, logically, as well as ethically flawed. Anybody who buys into blacklist-based technology is a reactionary and a bigot.
And you're a poopy-head!
If you're getting hammered with DoS attacks, spam, interweb herpaids or whatever TFA is about, you block the source. Blocking an IP address has nothing to do with some irrational fear of 32-bit numbers - it blocks the person using that number from destroying your network.
I hope you don't use a firewall or have a router, you bigot.
DATABASE WOW WOW
It's not even real AIDS, it's a shitty open source knockoff. There isn't even a memorial quilt if you die of OpenAIDS, just a diaper.
The founder of Boing Boing is Mark Frauenfelder, with Cory as a co-editor.
I think it's silly to force a biological metaphor but if you have to:
Allergic reactions are where your body identifies foreign or even native substances as harmful and treats them with hostillity (like by making your eyes water and your nose run to flush them out) This is an immune over-reaction, which is what the article is talking about.
AIDS would be more like the many many viruses that seek to shut down common anti-virus programs. But of course, AIDS is more scary and sensational than histamine
I fail to see how anyone could take that rant seriously. I fail to see how anyone could take seriously any technical argument from Cory, who is well known to be a high-school dropout who never produced a line of code in his life.
Cory's specialty is making mountains out of molehills. He whines that he got kicked off his hotel network after playing an online game that taxed their shared resources, and from that he makes sweeping generalizations about overall Internet security. Excuse me if I completely disregard his political tirade, and only consider technical arguments by network security professionals.
stop the impending pandemic
no more windows, no more ie
If this isn't a strong argument that blacklisting systems are unethical, I don't know what is. Imagine being targeted by vigilantes because you bought a house which was previously occupied by a sex offender and so the addreess is listed on the local sex offender registry. That's essentially what's happening here.
Yeah, they're unethical and sleazy, and yeah, I held out for as long as I could, but I'm only one person. I'm part of a small group of like-minded business people, and when we got fed up with "hosting providers," we arranged to share the cost of a "semi managed" Linux/Apache Web server. For my past sins (which involved a lot of servers, none of them running Linux) and for a bit of extra cash, I get to manage the damned thing. I watched in despair as more and more resources, and more and more time, became allocated to processing the mail. Peoples' mailboxes filled up so regularly that it was taking me more human-time to deal with the mess than was worth it to me. Yes, I had qualms, and yes, I gave it some thought. But on the morning when the previous night's backups didn't run til 9:30 a.m., I went in and changed my rules
The result has been six weeks (so far) of relative peace and quiet. The torrent has slowed to a trickle, easily and quickly managed. All those mundane little necessities like the backups are now proceeding when I set them up to proceed. The mail queue is always caught up. The untrained among us are now better able to deal with their own mailboxes. Best of all, the server has plenty of horsepower for now and the foreseeable future. I actually thought we might have to upgrade it. Think of that: Having to upgrade one's server so that it can cope with more and more unwanted, unrequested junk. I'm not willing to pay for that, and I doubt anybody else is, either.
"Here's what's happening. You're starting to drive like your Dad..." - Red Green
Only if we get to call a tiered internet "Internet racism."
Spam is email that forces itself upon me -- that can be "Internet rape."
What Comcast is doing to bittorrent traffic: "Internet genocide."
And the projected brownouts as described by that other article on the front page right now: "Internet Alzheimer's."
These attention-grabbing headlines are so accurate and informative!
AIDS = ACQUIRED Immune Deficiency Syndrome. That is the immune system gets knackered by the virus and packs in.
Auto-immune means that the body's immune system starts to attack itself, a condition which is largely incompatible with the one mentioned. AIDS deals with the destruction of the immune system by outside causes (whatever they may be). Autoimmune diseases cover the body's own immune system going haywire and destroying the body.
Analogy: AIDS is a demolition crew, Auto-immune is "Extreme Makover: Home Improvement" where the jacuzzi ends up cooking the family.
Python coder | PyQt Applications | Writer
Why are you blogging in my slashdot window?
Autoimmune diseases arise from an overactive immune response of the body against substances and tissues normally present in the body. while AIDS destroys the immune system. it's a wrong analogy.
The software is pymilter.
We have to keep the AIDS out of the tubes that are the internet
No sympathy here. Cory, you should be yelling and screaming at the fuckwit of a video-game programmer that programmed the video-game to run a port-scan of the local network. How is the admin supposed to tell an "evil port scan" apart from a "benign port scan"? Btw, don't walk into a bank wearing a mask. A teller will push the button that silently alerts the local police station, and you'll spend the next 24 hours trying to raise bail.
If it quacks like a duck
and it flies like a duck
it's damn well going to be shot at each time it flies past a duck hunter.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
"Boing Boing" with out a "proper protection" with random "internet friends" could snag you a nice case of the clam, clap, or HIV/AIDS.
This guy must have not been paying attention in sex ed class if he is just now realizing this.
Hey there -- I wrote the FA, and for the record:
/. front door!
* I didn't found Boing Boing -- I co-edit it with Mark Frauenfelder (who *did* found it, along with Carla Sinclair), Xeni Jardin and David Pescovitz
* I didn't use the word AIDS in the article, and I don't think that this is comparable to AIDS; I used "autoimmune disorder," as in "allergy" or even "lupus" -- that is, any time when the systems that are supposed to protect you end up attacking you
Otherwise, many w00ts for this making it to the
Well, one of the less nice properties (and then I'm making an understatement) is that it is euh, viral and contagious.
So this analogy is a bit overdone I guess.
All of a sudden my internet herpes isn't looking so bad. I just have to remember that I'm not just visiting Slashdot, I'm visiting anyone who's visited Slashdot... and anyone THEY'VE visited...
Didn't happen to me, I was just a witness. I was at a police station to sign a statement regarding an attempted burglary the night before, they asked me to wait as they had to deal with a woman who was a bit upset. Privacy? Not when you are so loud you are overpowering my iPod.
Her story? Money had been withdrawn from her debit account (Postbank for dutch readers) and she wanted to report it, she had already contacted the bank and been told the money had been widthdrawn from spain, this was in the summer and spain is a popular destination, and she was told she had to report it to start the process.
The real problem? The cop made the mistake of informing her that while she would most likely get her money back, it would take weeks to sort it out, she didn't have weeks, that money was the money she had to pay the bills with and buy food. It was the only money she had.
If only the bank had looked at the transaction a little more closely, a person on a low income suddenly going to spain and withdrawing all their money. If that is not suspicious, what the hell is.
Just ask yourselve what your reaction would have been if it had been a thief who made that transaction. Would you then have been glad the bank blocked it OR would you have enjoyed trying to prove that it wasn't you.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
seems to me the more appropriate analogy would be internet diabetes.
'Internet autoimmune disorder' -- where the network defenses designed to block network attacks are automated and instantaneous, but the systems in place to reverse erroneous lockdowns are manual and unresponsive.
also an autoimmune disorder, where the network defenses designed to block network attacks are either manipulated so they won't work or in a more severe condition they are abused to do the exact opposite.
Trojan.com has announced it is entering the software market with their new product e-prophylactics. The marketing slogan is: "Protecting your tool in and out of the pool." Evolve Today!
Yeah, I would've compared it to an allergy, in which the immune system starts fighting off an otherwise harmless substance as if it were a foreign invader... and the response ends up being worse than the "attack" would have been.
AIDS is the wrong metaphor to use here. AIDS attacks the immune system and makes it vulnerable to opportunistic infections, more like a worm that shuts down your anti-virus and anti-malware applications. Doctorow is talking about a hyperaggressive autoimmune response that attacks and bogs down the organism it's supposed to protect. Ergo, the title should reference a disorder like MS or Lupus erythmatosus.
For the love of god will slashdot please stop volunteering to be a cock-holster for cory doctorows psuedo-intellectual penis?
He's a sometimes amusing blogger and half-cocked sci fi writer.
I'll listen to what he has to say on this when he's actually written some code.