Since the RBL is used against those who write
or distribute programs designed to send mass
e-mail, I should fully expect places like
PacketStorm
(a fine
archive of security-related tools and scripts)
to be placed on the RBL. They knowingly
host code that sends mass mail:
http://packetstorm.securify.com/Exploit_Code_Archi ve/mailbomb.c
Why then is PacketStorm not on the RBL?
Or any of the other hosts that have similar
tools?
I use the RBL hooks in Postfix, and I find
them very useful. This is a bit much, though.
While I have enormous respect for Vix & co.,
I think this is way over the line.
How is software that is designed to send bulk
email any "worse" than software that is designed
explictly for the purpose of, say
sniffing user passwords
or performing
denial-of-service attacks?
Indeed, why aren't we, as the Internet community,
tracking down those people
arrogant enough to write these tools -- tools
that are clearly used to commit all manner of
subversion havoc -- and blackholing them?
It's because (most) technical people understand
that tools are just tools. Somebody who writes
a password grinder is "just" a programmer.
The Unix admin who downloads it and
runs it against her password file is just
doing her job.
The peeved help-desk guy who uses the password
grinder to get
the VP of Finance's Unix password and then
uses it to access the nifty Oracle financial
system is acting-- in the words of AUPs
everywhere-- in excess of his authority,
and if caught, will be squashed by the Law.
It's not valid to want it both ways,
to want software that you think is "bad for
the net" blackholed out of existence,
yet allow other software -- arguably more damaging -- to exist unchallenged.
If this was, say,
WIPO
vs.
nmap, would
those of you in favour of MAPS' stance take offense?
Software is speech. Censor it and contribute to
the decline of your freedom to write it.
I'm sure the brains behind WIPO are very interested
in seeing how this plays out; if an.org which
essentially controls access to and from the large
nationwide ISPs can succesfully censor software
without question, then certainly WIPO can.
And finally: simply because MAPS says "These are our
guidelines, and we are following them" doesn't mean
the guidelines have merit.
Slashdot Mirror
I use the RBL hooks in Postfix, and I find them very useful. This is a bit much, though. While I have enormous respect for Vix & co., I think this is way over the line.
How is software that is designed to send bulk email any "worse" than software that is designed explictly for the purpose of, say sniffing user passwords or performing denial-of-service attacks? Indeed, why aren't we, as the Internet community, tracking down those people arrogant enough to write these tools -- tools that are clearly used to commit all manner of subversion havoc -- and blackholing them?
It's because (most) technical people understand that tools are just tools. Somebody who writes a password grinder is "just" a programmer. The Unix admin who downloads it and runs it against her password file is just doing her job. The peeved help-desk guy who uses the password grinder to get the VP of Finance's Unix password and then uses it to access the nifty Oracle financial system is acting-- in the words of AUPs everywhere-- in excess of his authority, and if caught, will be squashed by the Law.
It's not valid to want it both ways, to want software that you think is "bad for the net" blackholed out of existence, yet allow other software -- arguably more damaging -- to exist unchallenged. If this was, say, WIPO vs. nmap, would those of you in favour of MAPS' stance take offense? Software is speech. Censor it and contribute to the decline of your freedom to write it. I'm sure the brains behind WIPO are very interested in seeing how this plays out; if an .org which
essentially controls access to and from the large
nationwide ISPs can succesfully censor software
without question, then certainly WIPO can.
And finally: simply because MAPS says "These are our guidelines, and we are following them" doesn't mean the guidelines have merit.