To be safe, a safe-delete has to have cooperation with the disk-space allocation semantics of the file system and block device driver. Sometimes this means placing kernel-level assist code into the picture.
Probably not dissimilar to the way that the defragmenting software works.
Of course, hard drives are so cheap that one could just scrap them to be really safe. My my recent hard drive purchase was 200GB for $22 after rebate. Heck, the average 40GB drive can be had for about $60 any day and compared to the cost of losing to the RIAA in court, that's not squat. A screwdriver, hammer, torx driver, and some sandpaper will render that drive unreadable.;-)
Then there are always options involving overwriting, deleting, drive formatting, defragmenting, etc. that will pretty much guarantee that the data is not recoverable.
And deleting those files before you hand over your PC is not an option. Think the RIAA cares about a few grand for data recovery here and there?
Do you really think that I don't know how to delete files in such a way as to make them unrecoverable? It's easy and there are already many programs that overwrite deleted files with multiple bit patterns to assure that the files cannot be recovered. You may think that the only tool in the box is the "del" command or the Windows trashcan, but I know better.
I have been waiting to see one of the RIAA lawsuit defendents use WiFi as a defense. If someone runs a WiFi 802.11a/b/g/etc. network and presents a defense in which they claim that the shared files must have been on a neighbor's computer, it would create the reasonable doubt necessary for the jury to find the defendent not guilty.
I believe that it's only a matter of time and when it happens, it will put a real crimp in the RIAA's plans to sue every user of Kazaa.
P.S. Don't waste bandwidth claiming that the defendent is legally responsible for the actions of others over their unsecured WiFi setup. That's not how the law works. If you leave your car unlocked and I steal it, you are not responsible if I smuggle drugs in your stolen vehicle.
Thank you for this discussion. I believe that we simply have a different set of beliefs, priorities, and sense of what is fair. Unfortunately, there is no objective measure of "fairness."
I think that you will agree that there is no purpose in us allowing it to morph from a debate into a contest as to who gets the last word, so I'll allow your previous post to stand unchallenged. Fair enough?
Maybe because -- whether they get paid or not -- these people running the popular blacklists have a RESPONSIBILITY, due to their power. If you can't see this, you are naive.
No, I am not "naive." I simply have a different belief system than you do. If their main focus is preventing spam, why should they care if some careless sysadmin has to wait a few weeks before being removed from the list?
If they are going to be quick to dish out the punishment, they should be quick to respond when the person fixes the problem.
If I was arrested for indecent exposure, I would not expect to be set free the moment I showed the officer that my wiener was covered up again. You do the crime, you serve the time. If it's two weeks (or more) in a blacklist, that's fine by me.
I'm the user of their list. I don't give a damn if they only clean the list once every month or two. I use the list to prevent spam. I'm not Santa Claus and I'm not using the list to decide who's naughty and who's nice. The chances of me getting spam from some random open-relay are far greater than the chances that I will get legitimate e-mail from that server, so I don't care if it's blacklisted for a month after it's been fixed.
I've seen mentioned that the resetting isn't effective if you are behind a firewall. Does that sound like a cookie to you?
Yes, it sounds like a cookie to me in its behavior. Who cares if it's a traditional cookie or a TCP command sent through some high port? The effect is what matters.
Are you sure the mechanism, whatever it is, doesn't have buffer overflow vulnerabilities?
Are you sure that any given router doesn't have overflow vulnerabilities?
They had their innocence until they pulled this stunt. I have no reason to believe they aren't repeat offenders, and the way they are trying to squirm out of it doesn't sound like they have the ethics to *NOT* put something in.
And you had your innocence until you broke the law and turned right on red without stopping. I have no reason to believe that you aren't going to commit a hit-and-run vehicular homicide after the way that you didn't even turn yourself in for running that red light.
You are making a big deal out of nothing. What they did was no big deal. They thought that they had a clever way to get potential customers to see the filtering offer. Any techie with half a brain could have turned off that "feature" and been done with it. It was a friggin' check box in the admin interface. Just how technically clueless do you have to be to not understand that? You act like they went to great pains to hide the feature. They didn't
Like I asked before, do you get pissed off that Microsoft has set up IE to take you to the MSN homepage every time you start it? Does it make your blood boil when you mistype a URL and it takes you to MSN's search engine? Do you go ballistic when you find that Mozilla takes you to their home page after installing the browser? Unlike Belkin, there is no one-time "no thanks" button to disable those unwanted web-site loads. So why are you so much more pissed about Belkin than Microsoft, Opera, Netscape, or Mozilla for taking you to sites that you did not ask to be taken to?
So let me get this straight - a website on the WAN side of your router can change router configurations. And this doesn't bother you?
No, it doesn't. It's a clearly defined interface that can do the equivalent of accept a cookie. Why would I get upset about that? Should I be afraid that some other website might also try to turn off the every-8-hour routing behavior?
Prove it. You have the source code?
I don't have videotape of what you were doing last night, so I'll just assume that you were molesting children. Ever heard of "innocent until proven guilty"?
Seriously, Belkin's response to this has been utterly abysmal.
You people are absolutely amazing. News of this hit the net on November 4. By Nov. 8, Belkin had already said that they would release new firmware and apologized.
First they tried to justify it, only now that it's blowing up in their face do they try to remedy it.
I guess it never occurred to you that they thought what they were doing was okay and then, after seeing the public response, changed their minds. Did you bitch like this about the fact that Internet Explorer's home page is MSN and remains that way unless you manually change it? Did you carp and whine about the fact that mistyped URL's in IE take you to Microsoft's MSN search site?
They've lost a great deal of trust that they will never regain.
Oh please! Stop with the melodramatic, somber proclamations.
When I first saw this story sensationalized on Slashdot, I was pretty damned pissed off. Then I read the real story. All that it took to stop the undesired behavior was clicking the button labelled "No thanks" and it would never happen again. Alternatively, should you be averse to pushing a "No thanks" button, a single checkbox in the web-based configuration would disable it.
I'm not saying that I like what they did, but it's hardly like they installed sypware in the router.
Let's try to address your selective memory disorder problem:
I wrote:
"Major ISPs that previously wrote pink contracts to spammers have stopped doing so for fear of being put on RBLs."
You replied: "Yeah...you keep believing that."
I supplied the excerpt from the Washington Post article that proved my point.
I noticed that you completely ignored the rest of my paragraph. I'll say it once more: If RBL's really became effective then they would be their own worst enemy. Like it or not if you start blocking large amounts of IP space people will find it impossible to use the Internet for sending mail and they'll backlash against the RBL's.
I didn't ignore it. I was confused by it. You have a strange definition of "effective." To me, a spam measure which is effective is one that significantly reduces spam, not one which is "blocking large amounts of IP space." In this case, for example, the RBL properly listed the IP address of the misconfigured server and that pressured the person responsible to correct the configuration. They then removed him. That's how RBLs should, and usually do, work.
The backlash is primarily against the ISPs and that's the idea -- to make ISPs responsive to spam complaints. Most customers are sick and tired of seeing their inboxes filled with spam for penis enlarging pills, herbal viagra, MLM schemes, online porn, and get-out-of-debt scams. If they learn that their ISP has been blacklisted for allowing that type of mail to be sent through their network, they will be mad at the ISP, not the RBL (assuming that they are rational). That's why ISPs are taking steps like blocking outbound port 25 on residential connections. It's why many of them have a zero-tolerance policy for spam (as opposed to the multiple warnings that were prevalent a few years ago).
I can block the SMTP port on my firewall and claim that I've found an effective way to block spam. But that ignores the fact that legitimate e-mail is being rejected too.
Almost never. Again, I have the logs to prove it. Almost all of the blocked mail is from forged sender addresses often sending to non-existent recipient addresses. If the messages were not blocked, then they would go to the "catchall" address that's forwarded to me. I can assure you that were I blocking legitimate e-mail, I would know about it -- and I would not tolerate it.
So.. somebody who isn't using blacklists should pay all the blacklists to make sure he gets off them in a timely manner? Gee, that seems an awful lot like paying 'protection' money.
No, the "protection" money analogy would fit if the people running the blacklists would put you on said lists if you did not pay. In this case, people who screwed up and ended up on those lists are bitching about how long it takes before they get removed. You want expedited service? Then pay for it.
I can't envision a better or more fair way to fund such lists. The lists exist largely because clueless sysadmins foul up their e-mail server configurations and spam spews forth.
I doubt that people placed on these RBL lists accidently chose to be placed on them in the first place. Thus your reasoning is flawed.
No, it is not flawed. The good samaritans are those running the RBLs. The "accident victimes" are analogous to the people who end up on the RBLs because they misconfigure their mail servers.
It didn't seem like the OP wasn't willing to accept the consequences of his actions. It appeared to me that he felt the consequences were unreasonable.
Actually, he said that the consequences were reasonable:
"That said, I do agree that two weeks isn't an irrational amount of time for this."
His argument seemed to be that the persons running the RBLs, primarily on a volunteer basis, had a "responsibility" to hop to it and keep them accurate and up to date. I disagree. By and large, they are being good samaritans on the Internet and we should be thankful for their efforts.
Unfortunately many implementations make them unreasonable to use...except to certain fanatics.
I have seen a few that fit that description, but it's the fanatics that make life hell for spammers and the ISPs that provide services to them. Were it not for the fanatics, I can only shudder to think what it would be like.
I'll do better than believe it. I'll bitch-slap you with the following excerpt:
A Spammer Speaks Out By Jonathan Krim Washington Post Staff Writer Thursday, May 22, 2003; Page A01
{snip} Scelson also testified about how some Internet access providers signed little-known agreements, called "pink contracts," with known spammers to allow them to send mail in bulk, at prices higher than other commercial clients were charged.
Although the contracts mandated that bulk e-mailers abide by all state laws, Scelson said it did not matter if the e-mailers followed the rules. Most of the providers rip up the contracts and kick spammers off their systems after being threatened by anti-spam organizations that track mass e-mailers and put them on blacklists.
Still feeling frisky?
The simple fact that during the five plus years that RBL's have existed SPAM has increased significantly.
This is so damned exaperating having to explain basic logic to you. Correlation is not causation. Compared to the 1980s, condom usage is up and so is the incidence of AIDS. That doesn't mean that condoms are ineffective at preventing the spread of AIDS. Like AIDS, spam is an epidemic. It's growing despite all efforts to stop it, but it doesn't mean that those efforts are ineffective.
Yeah and sugar pills cure sea sickness.
Don't be a dick. I'm not basing my claims on imagination. Unlike you, I don't just make unsubstantiated claims. I have the log files to prove that RBLs are responsible for blocking over 90% of the spam to my domain and that what they block exceeds the amount of legitimate e-mail received.
Care to provide anything to support your position that it would be worse?
Yes. Major ISPs that previously wrote pink contracts to spammers have stopped doing so for fear of being put on RBLs.
Oh I'm sure the RBL's have reduced the amount of SPAM somewhat.
Okay, I'll use that statement to support my position, too.
But evidence suggests that they are almost useless at slowing the tide of SPAM
What evidence? What evidence do you have that shows that they are "almost useless"? How do you know what we would be facing now if it were not for RBLs? If RBLs were so useless, then they wouldn't be used, would they?
they've probably caused more problems then they've solved.
My domain gets hit by more spam than legitimate mail, but thanks to RBLs, hardly any of the spam is accepted by my mail server. RBLs have not caused me problems -- they have helped to solve them.
My guess is that you get your e-mail through an ISP-run mail server. That ISP probably uses DNS-based blacklisting like what you are reeling against here and you probably don't even know it. But I bet you would if they turned it off.
...that you're perfect, and have never done anything ill-informed, spiteful, purely accidental, or just plain stupid.
I've screwed up in my life, but unlike you, I'm not a whiny littly pussy who's unwilling to accept the consequences of his actions.
The rest of us, sadly, aren't interested in trying hard enough, especially if it results in as much difficulty as you seem to have in extracting your cranium from the depths of your large intestine.
I'd tell you to go squat-thrust a fire hydrant, but you'd probably have your ass-cheeks on the sidewalk and still be asking if it was in yet.
At some point, if you volunteer to undertake a project, and then in the course of doing so you dick someone over in an easily-prevented manner, you are acting unethically.
If I block your e-mail because I chose to use some RBL, I'm responsible for it -- not some volunteer who maintains the RBL. He didn't block your e-mail. He didn't force me to use his list. He probably didn't even vouch for the accuracy or timeliness of the list. For all you know, he might be settling the estate of his dead parent, child, or spouse and have more important things on his mind that making sure that your e-mail goes through.
I know, I know, I'm the anti-libertarian, right? Saying that we actually have some sort of obligations not to actively screw over our fellow man?
You want an RBL that has obligations to you? Then pay them for their service. Make a contract, specify what you want them to do and at what price. Until then, quit trying to burden people who are volunteering their time, equipment, and/or money to do a good deed. It's people like you that made it necessary to pass "good samaritan laws" to protect good samaritans from lawsuits when they voluntarily stop to help others.
They've been in use for over five years now and spam is more prevalent than ever. They're ineffective and should be put to rest.
And AIDS drugs are in widespread use and AIDS is far more prevalent than it was in the 1970s. Did it ever occur to you that the spam problem would be worse without RBLs and other anti-spam activism? Your lack of logic is astounding.
However, the more important question is whether the university is public or private.
No, the important question is whether the university provides e-mail accounts to the general public. Their private e-mail that they provide to students and faculty is no a public forum.
I don't like NAMBLA either and an argument to censor based upon obscenity could reasonably be made
So you believe that censoring something that you don't like could be reasonable? Interesting.
but what about censoring the NRA or Greenpeace or the Earth Liberation Front?
As to the NRA, Greenpeace, any other group, the University has a right to limit what what traffic they carry on their mail server. If they don't want to accept e-mail from the KKK, the Sierra Club, the American Nazi Party, or the Girls Gone Wild film crew, that's their call.
To the contrary it these people willingly choose to take on the responsibility of running an RBL then they take on the responsibility of properly maintaining the list.
What "responsibility"? They have no obligation to anyone to define a process, adhere to it, or anything else. They publish the lists and they can do with them as they please. Don't like how long it takes to get off of the list? Then don't fuck up and get on it in the first place.
For instance, my university quarantines all messages that are likely spam and sends me a daily report. I quickly scan the report to make sure the software didn't snag a legitimate piece of e-mail.
So you bury your head in the sand and if you can't see the spam, you assume that it didn't cost you or your university anything for the bandwidth or storage. You're what I refer to as a spam ostrich.
If the sender had been blacklisted, it would have been equivalent to political censorship.
Even assuming that the university chose to blacklist the sender because of his political views, it would not be censorship. The university owns the computers. They pay for the network infrastructure, bandwidth, mail servers, and storage. The sender has a right to say whatever he wants, but the university is under no obligation to receive, store, and forward those messages. If the University wants to blacklist e-mail from NAMBLA, they have every right to.
It frustrates me that their site is so unresponsive to removal requests, and that they fail much of their process. They were supposed to send email at several stages, which they did not do. The email they did send was badly formatted (broken urls, urs that weren't relevent).
Almost all of the RBLs are run by private individuals who make no money for their efforts. Why do you believe that they owed you anything? All that you did was make work for them by your misconfiguration of your mail server. They don't owe you nicely formatted e-mails, prompt responses, or open lines of communication.
Yeah, I know - pot kettle black. But I'm not supplying a service to thousands of users.
No, but you may have been supplying spam to that many -- easily.
Hmm, the company spent months ( at least ) on developing the product and planning its marketing. They knew what they were doing.
Yes, they did. They knew that it would take you to a web site where you would click one thing and never be taken there again. Or, if clicking the one thing was too upsetting to you, they provided a don't-do-that setting in the firmware.
The purpose of a web browser is to take you to sites that you choose. Have you decided to never use Mozilla because they take you to their home page after you install? Will you never use a browser that is set to initially pop up a warning window when you leave an encrypted web page? You didn't ask to to pop up that warning, so I guess that means that it's "unreliable" to you.
Otherwise, it really isn't a working router and is also not reliable.
How is it "not reliable" when you its behavior is completely predictable (and adjustable via it's firmware)?
So yes, they are on my blacklist and will probably stay there...well...forever.
Then I hope that the next time you use poor judgement at work that they fire you and encourage everyone who reads Slashdot to never hire you again.
If a company makes a mistake, or even a major blunder, but owns up to it and fixes it, that tells me they really DO care about their customers. This is a far cry from a company that tries to excuse their behaviour and wants US to live with the consequences.
I had one problem with a previous Belkin product (a parallel to SCSI converter). I was initially quite angry with the rude, less-than-informed tech support person with whom I dealt. His answer was, basically, "buy an accessory power supply from Belkin and that "might" solve the problem." He wouldn't even tell me what the specs were on the supply so that I could see if I had a suitable replacement already.
I wrote to him, smacked him down hard, and copied Belkin's sales department. I got a very polite apology from a higher-up at Belkin, prompt replacement of the defective SCSI converter, and they threw in several other items, including a $35 surge-suppressing power strip, as a way of making good with me.
It obviously had the desired effect, because I am left with a positive view of Belkin. While I don't think of them first for networking hardware, I do think that they are a reputable firm which is not out to screw the public.
Do you upgrade ? I do. But does John or Jane Everydayuser-who-doesn't-know-anything-about-upgra ding ? In other words: isn't it already too late and shouldn't they instead call back their products ? Or will only the people who know how to upgrade profit from this decision ?
My guess is that they rolled this firmware out in their routers as the new standard install. Like many companies, they also make their latest firmware available for download, but that was probably not expected to be a major way to get it into the hands of the general public.
Important message from Belkin: We at Belkin apologize for the recent trouble our customers have experienced with the wireless router/browser redirect issue. We will be offering firmware fixes available for download early next week. We do not have exact details yet but we can tell you now that each router's firmware that incorporates Parental Control as an option will be changed.
Please expect more detailed information to follow early next week. Thank you.
They screwed up, they apologized, and now they are fixing it. That sounds pretty reputable to me.
Was it part of some evil plot? Probably not. They were probably doing just what they said: Making it easy for home users to sign up for the filtering service. It was done in a clumsy and ill-conceived manner, but I do believe that we should give them another chance given their swift response to the complaints that only surfaced a few days ago.
Slashdot Mirror
To be safe, a safe-delete has to have cooperation with the disk-space allocation semantics of the file system and block device driver. Sometimes this means placing kernel-level assist code into the picture.
;-)
Probably not dissimilar to the way that the defragmenting software works.
Of course, hard drives are so cheap that one could just scrap them to be really safe. My my recent hard drive purchase was 200GB for $22 after rebate. Heck, the average 40GB drive can be had for about $60 any day and compared to the cost of losing to the RIAA in court, that's not squat. A screwdriver, hammer, torx driver, and some sandpaper will render that drive unreadable.
Then there are always options involving overwriting, deleting, drive formatting, defragmenting, etc. that will pretty much guarantee that the data is not recoverable.
And deleting those files before you hand over your PC is not an option. Think the RIAA cares about a few grand for data recovery here and there?
Do you really think that I don't know how to delete files in such a way as to make them unrecoverable? It's easy and there are already many programs that overwrite deleted files with multiple bit patterns to assure that the files cannot be recovered. You may think that the only tool in the box is the "del" command or the Windows trashcan, but I know better.
I have been waiting to see one of the RIAA lawsuit defendents use WiFi as a defense. If someone runs a WiFi 802.11a/b/g/etc. network and presents a defense in which they claim that the shared files must have been on a neighbor's computer, it would create the reasonable doubt necessary for the jury to find the defendent not guilty.
I believe that it's only a matter of time and when it happens, it will put a real crimp in the RIAA's plans to sue every user of Kazaa.
P.S. Don't waste bandwidth claiming that the defendent is legally responsible for the actions of others over their unsecured WiFi setup. That's not how the law works. If you leave your car unlocked and I steal it, you are not responsible if I smuggle drugs in your stolen vehicle.
So you're saying I won?
Yes. Slashdot is like the Special Olympics for geeks. Each person who plays gets to claim that he/she is a winner.
Thank you for this discussion. I believe that we simply have a different set of beliefs, priorities, and sense of what is fair. Unfortunately, there is no objective measure of "fairness."
I think that you will agree that there is no purpose in us allowing it to morph from a debate into a contest as to who gets the last word, so I'll allow your previous post to stand unchallenged. Fair enough?
Maybe because -- whether they get paid or not -- these people running the popular blacklists have a RESPONSIBILITY, due to their power. If you can't see this, you are naive.
No, I am not "naive." I simply have a different belief system than you do. If their main focus is preventing spam, why should they care if some careless sysadmin has to wait a few weeks before being removed from the list?
If they are going to be quick to dish out the punishment, they should be quick to respond when the person fixes the problem.
If I was arrested for indecent exposure, I would not expect to be set free the moment I showed the officer that my wiener was covered up again. You do the crime, you serve the time. If it's two weeks (or more) in a blacklist, that's fine by me.
I'm the user of their list. I don't give a damn if they only clean the list once every month or two. I use the list to prevent spam. I'm not Santa Claus and I'm not using the list to decide who's naughty and who's nice. The chances of me getting spam from some random open-relay are far greater than the chances that I will get legitimate e-mail from that server, so I don't care if it's blacklisted for a month after it's been fixed.
I've seen mentioned that the resetting isn't effective if you are behind a firewall. Does that sound like a cookie to you?
Yes, it sounds like a cookie to me in its behavior. Who cares if it's a traditional cookie or a TCP command sent through some high port? The effect is what matters.
Are you sure the mechanism, whatever it is, doesn't have buffer overflow vulnerabilities?
Are you sure that any given router doesn't have overflow vulnerabilities?
They had their innocence until they pulled this stunt. I have no reason to believe they aren't repeat offenders, and the way they are trying to squirm out of it doesn't sound like they have the ethics to *NOT* put something in.
And you had your innocence until you broke the law and turned right on red without stopping. I have no reason to believe that you aren't going to commit a hit-and-run vehicular homicide after the way that you didn't even turn yourself in for running that red light.
You are making a big deal out of nothing. What they did was no big deal. They thought that they had a clever way to get potential customers to see the filtering offer. Any techie with half a brain could have turned off that "feature" and been done with it. It was a friggin' check box in the admin interface. Just how technically clueless do you have to be to not understand that? You act like they went to great pains to hide the feature. They didn't
Like I asked before, do you get pissed off that Microsoft has set up IE to take you to the MSN homepage every time you start it? Does it make your blood boil when you mistype a URL and it takes you to MSN's search engine? Do you go ballistic when you find that Mozilla takes you to their home page after installing the browser? Unlike Belkin, there is no one-time "no thanks" button to disable those unwanted web-site loads. So why are you so much more pissed about Belkin than Microsoft, Opera, Netscape, or Mozilla for taking you to sites that you did not ask to be taken to?
So let me get this straight - a website on the WAN side of your router can change router configurations. And this doesn't bother you?
No, it doesn't. It's a clearly defined interface that can do the equivalent of accept a cookie. Why would I get upset about that? Should I be afraid that some other website might also try to turn off the every-8-hour routing behavior?
Prove it. You have the source code?
I don't have videotape of what you were doing last night, so I'll just assume that you were molesting children. Ever heard of "innocent until proven guilty"?
Seriously, Belkin's response to this has been utterly abysmal.
You people are absolutely amazing. News of this hit the net on November 4. By Nov. 8, Belkin had already said that they would release new firmware and apologized.
First they tried to justify it, only now that it's blowing up in their face do they try to remedy it.
I guess it never occurred to you that they thought what they were doing was okay and then, after seeing the public response, changed their minds. Did you bitch like this about the fact that Internet Explorer's home page is MSN and remains that way unless you manually change it? Did you carp and whine about the fact that mistyped URL's in IE take you to Microsoft's MSN search site?
They've lost a great deal of trust that they will never regain.
Oh please! Stop with the melodramatic, somber proclamations.
When I first saw this story sensationalized on Slashdot, I was pretty damned pissed off. Then I read the real story. All that it took to stop the undesired behavior was clicking the button labelled "No thanks" and it would never happen again. Alternatively, should you be averse to pushing a "No thanks" button, a single checkbox in the web-based configuration would disable it.
I'm not saying that I like what they did, but it's hardly like they installed sypware in the router.
Let's try to address your selective memory disorder problem:I supplied the excerpt from the Washington Post article that proved my point.
I noticed that you completely ignored the rest of my paragraph. I'll say it once more: If RBL's really became effective then they would be their own worst enemy. Like it or not if you start blocking large amounts of IP space people will find it impossible to use the Internet for sending mail and they'll backlash against the RBL's.
I didn't ignore it. I was confused by it. You have a strange definition of "effective." To me, a spam measure which is effective is one that significantly reduces spam, not one which is "blocking large amounts of IP space." In this case, for example, the RBL properly listed the IP address of the misconfigured server and that pressured the person responsible to correct the configuration. They then removed him. That's how RBLs should, and usually do, work.
The backlash is primarily against the ISPs and that's the idea -- to make ISPs responsive to spam complaints. Most customers are sick and tired of seeing their inboxes filled with spam for penis enlarging pills, herbal viagra, MLM schemes, online porn, and get-out-of-debt scams. If they learn that their ISP has been blacklisted for allowing that type of mail to be sent through their network, they will be mad at the ISP, not the RBL (assuming that they are rational). That's why ISPs are taking steps like blocking outbound port 25 on residential connections. It's why many of them have a zero-tolerance policy for spam (as opposed to the multiple warnings that were prevalent a few years ago).
I can block the SMTP port on my firewall and claim that I've found an effective way to block spam. But that ignores the fact that legitimate e-mail is being rejected too.
Almost never. Again, I have the logs to prove it. Almost all of the blocked mail is from forged sender addresses often sending to non-existent recipient addresses. If the messages were not blocked, then they would go to the "catchall" address that's forwarded to me. I can assure you that were I blocking legitimate e-mail, I would know about it -- and I would not tolerate it.
So.. somebody who isn't using blacklists should pay all the blacklists to make sure he gets off them in a timely manner? Gee, that seems an awful lot like paying 'protection' money.
No, the "protection" money analogy would fit if the people running the blacklists would put you on said lists if you did not pay. In this case, people who screwed up and ended up on those lists are bitching about how long it takes before they get removed. You want expedited service? Then pay for it.
I can't envision a better or more fair way to fund such lists. The lists exist largely because clueless sysadmins foul up their e-mail server configurations and spam spews forth.
I doubt that people placed on these RBL lists accidently chose to be placed on them in the first place. Thus your reasoning is flawed.
No, it is not flawed. The good samaritans are those running the RBLs. The "accident victimes" are analogous to the people who end up on the RBLs because they misconfigure their mail servers.
Actually, he said that the consequences were reasonable:His argument seemed to be that the persons running the RBLs, primarily on a volunteer basis, had a "responsibility" to hop to it and keep them accurate and up to date. I disagree. By and large, they are being good samaritans on the Internet and we should be thankful for their efforts.
Unfortunately many implementations make them unreasonable to use...except to certain fanatics.
I have seen a few that fit that description, but it's the fanatics that make life hell for spammers and the ISPs that provide services to them. Were it not for the fanatics, I can only shudder to think what it would be like.
I'll do better than believe it. I'll bitch-slap you with the following excerpt:
Still feeling frisky?
The simple fact that during the five plus years that RBL's have existed SPAM has increased significantly.
This is so damned exaperating having to explain basic logic to you. Correlation is not causation. Compared to the 1980s, condom usage is up and so is the incidence of AIDS. That doesn't mean that condoms are ineffective at preventing the spread of AIDS. Like AIDS, spam is an epidemic. It's growing despite all efforts to stop it, but it doesn't mean that those efforts are ineffective.
Yeah and sugar pills cure sea sickness.
Don't be a dick. I'm not basing my claims on imagination. Unlike you, I don't just make unsubstantiated claims. I have the log files to prove that RBLs are responsible for blocking over 90% of the spam to my domain and that what they block exceeds the amount of legitimate e-mail received.
Care to provide anything to support your position that it would be worse?
Yes. Major ISPs that previously wrote pink contracts to spammers have stopped doing so for fear of being put on RBLs.
Oh I'm sure the RBL's have reduced the amount of SPAM somewhat.
Okay, I'll use that statement to support my position, too.
But evidence suggests that they are almost useless at slowing the tide of SPAM
What evidence? What evidence do you have that shows that they are "almost useless"? How do you know what we would be facing now if it were not for RBLs? If RBLs were so useless, then they wouldn't be used, would they?
they've probably caused more problems then they've solved.
My domain gets hit by more spam than legitimate mail, but thanks to RBLs, hardly any of the spam is accepted by my mail server. RBLs have not caused me problems -- they have helped to solve them.
My guess is that you get your e-mail through an ISP-run mail server. That ISP probably uses DNS-based blacklisting like what you are reeling against here and you probably don't even know it. But I bet you would if they turned it off.
...that you're perfect, and have never done anything ill-informed, spiteful, purely accidental, or just plain stupid.
I've screwed up in my life, but unlike you, I'm not a whiny littly pussy who's unwilling to accept the consequences of his actions.
The rest of us, sadly, aren't interested in trying hard enough, especially if it results in as much difficulty as you seem to have in extracting your cranium from the depths of your large intestine.
I'd tell you to go squat-thrust a fire hydrant, but you'd probably have your ass-cheeks on the sidewalk and still be asking if it was in yet.
At some point, if you volunteer to undertake a project, and then in the course of doing so you dick someone over in an easily-prevented manner, you are acting unethically.
If I block your e-mail because I chose to use some RBL, I'm responsible for it -- not some volunteer who maintains the RBL. He didn't block your e-mail. He didn't force me to use his list. He probably didn't even vouch for the accuracy or timeliness of the list. For all you know, he might be settling the estate of his dead parent, child, or spouse and have more important things on his mind that making sure that your e-mail goes through.
I know, I know, I'm the anti-libertarian, right? Saying that we actually have some sort of obligations not to actively screw over our fellow man?
You want an RBL that has obligations to you? Then pay them for their service. Make a contract, specify what you want them to do and at what price. Until then, quit trying to burden people who are volunteering their time, equipment, and/or money to do a good deed. It's people like you that made it necessary to pass "good samaritan laws" to protect good samaritans from lawsuits when they voluntarily stop to help others.
They've been in use for over five years now and spam is more prevalent than ever. They're ineffective and should be put to rest.
And AIDS drugs are in widespread use and AIDS is far more prevalent than it was in the 1970s. Did it ever occur to you that the spam problem would be worse without RBLs and other anti-spam activism? Your lack of logic is astounding.
However, the more important question is whether the university is public or private.
No, the important question is whether the university provides e-mail accounts to the general public. Their private e-mail that they provide to students and faculty is no a public forum.
I don't like NAMBLA either and an argument to censor based upon obscenity could reasonably be made
So you believe that censoring something that you don't like could be reasonable? Interesting.
but what about censoring the NRA or Greenpeace or the Earth Liberation Front?
As to the NRA, Greenpeace, any other group, the University has a right to limit what what traffic they carry on their mail server. If they don't want to accept e-mail from the KKK, the Sierra Club, the American Nazi Party, or the Girls Gone Wild film crew, that's their call.
To the contrary it these people willingly choose to take on the responsibility of running an RBL then they take on the responsibility of properly maintaining the list.
What "responsibility"? They have no obligation to anyone to define a process, adhere to it, or anything else. They publish the lists and they can do with them as they please. Don't like how long it takes to get off of the list? Then don't fuck up and get on it in the first place.
For instance, my university quarantines all messages that are likely spam and sends me a daily report. I quickly scan the report to make sure the software didn't snag a legitimate piece of e-mail.
So you bury your head in the sand and if you can't see the spam, you assume that it didn't cost you or your university anything for the bandwidth or storage. You're what I refer to as a spam ostrich.
If the sender had been blacklisted, it would have been equivalent to political censorship.
Even assuming that the university chose to blacklist the sender because of his political views, it would not be censorship. The university owns the computers. They pay for the network infrastructure, bandwidth, mail servers, and storage. The sender has a right to say whatever he wants, but the university is under no obligation to receive, store, and forward those messages. If the University wants to blacklist e-mail from NAMBLA, they have every right to.
It frustrates me that their site is so unresponsive to removal requests, and that they fail much of their process. They were supposed to send email at several stages, which they did not do. The email they did send was badly formatted (broken urls, urs that weren't relevent).
Almost all of the RBLs are run by private individuals who make no money for their efforts. Why do you believe that they owed you anything? All that you did was make work for them by your misconfiguration of your mail server. They don't owe you nicely formatted e-mails, prompt responses, or open lines of communication.
Yeah, I know - pot kettle black. But I'm not supplying a service to thousands of users.
No, but you may have been supplying spam to that many -- easily.
Hmm, the company spent months ( at least ) on developing the product and planning its marketing. They knew what they were doing.
Yes, they did. They knew that it would take you to a web site where you would click one thing and never be taken there again. Or, if clicking the one thing was too upsetting to you, they provided a don't-do-that setting in the firmware.
The purpose of a web browser is to take you to sites that you choose. Have you decided to never use Mozilla because they take you to their home page after you install? Will you never use a browser that is set to initially pop up a warning window when you leave an encrypted web page? You didn't ask to to pop up that warning, so I guess that means that it's "unreliable" to you.
Otherwise, it really isn't a working router and is also not reliable.
How is it "not reliable" when you its behavior is completely predictable (and adjustable via it's firmware)?
So yes, they are on my blacklist and will probably stay there...well...forever.
Then I hope that the next time you use poor judgement at work that they fire you and encourage everyone who reads Slashdot to never hire you again.
If a company makes a mistake, or even a major blunder, but owns up to it and fixes it, that tells me they really DO care about their customers. This is a far cry from a company that tries to excuse their behaviour and wants US to live with the consequences.
I had one problem with a previous Belkin product (a parallel to SCSI converter). I was initially quite angry with the rude, less-than-informed tech support person with whom I dealt. His answer was, basically, "buy an accessory power supply from Belkin and that "might" solve the problem." He wouldn't even tell me what the specs were on the supply so that I could see if I had a suitable replacement already.
I wrote to him, smacked him down hard, and copied Belkin's sales department. I got a very polite apology from a higher-up at Belkin, prompt replacement of the defective SCSI converter, and they threw in several other items, including a $35 surge-suppressing power strip, as a way of making good with me.
It obviously had the desired effect, because I am left with a positive view of Belkin. While I don't think of them first for networking hardware, I do think that they are a reputable firm which is not out to screw the public.
Do you upgrade ? I do. But does John or Jane Everydayuser-who-doesn't-know-anything-about-upgra ding ?
In other words: isn't it already too late and shouldn't they instead call back their products ? Or will only the people who know how to upgrade profit from this decision ?
My guess is that they rolled this firmware out in their routers as the new standard install. Like many companies, they also make their latest firmware available for download, but that was probably not expected to be a major way to get it into the hands of the general public.
They screwed up, they apologized, and now they are fixing it. That sounds pretty reputable to me.
Was it part of some evil plot? Probably not. They were probably doing just what they said: Making it easy for home users to sign up for the filtering service. It was done in a clumsy and ill-conceived manner, but I do believe that we should give them another chance given their swift response to the complaints that only surfaced a few days ago.