This is another bad analogy. In your post the gun manufacture's offer is one that is clearly illegal. While I despise adware what they are offering is not a reward for illegal activity. The solely responsible parties here are the students without question. The adware companies are despicable but they are not offering money for implicitly illegal acts. The hospital has a responsibility to secure their network but they are not at fault for the attack. They could be found at fault for negligence if a patient had been injured as a result of the attack but the simple fact is that there are no laws surrounding securing your networks.
I think a more apropos analogy would be a little old lady whose grandson set up a website for her and installs a contact us page (read: formmail) so she can sell her little crafts on the net. She knows nothing about web design and doesn't update her script at all. Her script of course gets used for spam. Is it the fault of the little old lady? Not even close. In the real world she is in fact punished by having her site shut down but she is not culpable in the situation. Hospital management is not culpable for not securing their network. In fact it is likely they were told by the IT department that is was secure. The hospital, overall, is not staffed with IT folks it is staffed with medical personel. These people are not at fault for the network not being secure.
The only culpable party here is the group of students who knowingly exploited an unsecure network for illegal activity.
The headers allow us and the wronged entity to attempt to get something done about said zombied machines, bad formmails, and so on. Sometimes it leads nowhere but other times we can put a stop to a source of spam. You would be amazed at how many phishing emails come from things like the php-nuke webmail module. We this is the case the offending provider usually takes swift action. Reporting a phishing site should lead to a chain of events and while rarely leads to those phishing it can help to stem the flow of spam over the net to a small degree.
People like you really get under my skin. I have a feeling if anyone would ever dedicate the time and money that we would find people like you were damaged before they started playing D&D, White Wolf, or whatever you blame for yourself being screwed up. What gets me most is Christian groups spreading lies about tabletop games. It gets to me because I am a Christian and these groups spend the majority of time making people like me look bad. There is a line between fantasy and reality. It's not even a small line. If you cannot seperate the two then there is more going on than just playing D&D. I could go on and on about these groups but in the interest of remaining on topic I will simply point out that I, a Christian, have played D&D since I was an early teen and have never ever thought that casting a spell on myself would have any effect on the real world. I have never wanted to go kill monsters with my broadsword. I have had many a night of fun escape from the drudgery of my job, the stress of traffic, and more. I also would like to point out that the best DM/Storyteller I have had the pleasure to play with is currently going to St. Thomas in Houston to be a priest. Tabletop games are no more dangerous than anything else in the world. No matter what you do idiots are going to be idiots. D&D doesn't make them more of an idiot it just gives them an outlet that's easy to publicize.
Reports directly to PayPal and eBay are handled by those companies directly. Our reports, our rather your reports, do make a huge differnce. I say "your reports" because I head the abuse department for a large webhost. We deal directly with eBay, PayPal, AOL, and more directly on abuse issues. Banks tend to outsource if they are US Banks whereas EU banks tend to outsource. Reports that are CC'd to the webhost are acted on very quickly. To properly report a phishing scam the following information, while seemingly common sense, helps greatly:
1. Full headers from the email 2. The IP and hostname of the server
Always CC the the webhost on your reports as we take these reports very seriously. I cannot say what host I work for the usual reasons but we actively check for phishing as well. We run scripts to check for phishing sites, we scan outbound email for URLs containg the names of the most common phished entities.
Here is a list of the companies we have dealt directly with in recent days:
1. AOL 2. PayPal 3. eBay 4. Verisign
There are more but with the security measures we have implemented we generally do not have to deal with a lot of phishing.
Slashdot Mirror
This is another bad analogy. In your post the gun manufacture's offer is one that is clearly illegal. While I despise adware what they are offering is not a reward for illegal activity. The solely responsible parties here are the students without question. The adware companies are despicable but they are not offering money for implicitly illegal acts. The hospital has a responsibility to secure their network but they are not at fault for the attack. They could be found at fault for negligence if a patient had been injured as a result of the attack but the simple fact is that there are no laws surrounding securing your networks. I think a more apropos analogy would be a little old lady whose grandson set up a website for her and installs a contact us page (read: formmail) so she can sell her little crafts on the net. She knows nothing about web design and doesn't update her script at all. Her script of course gets used for spam. Is it the fault of the little old lady? Not even close. In the real world she is in fact punished by having her site shut down but she is not culpable in the situation. Hospital management is not culpable for not securing their network. In fact it is likely they were told by the IT department that is was secure. The hospital, overall, is not staffed with IT folks it is staffed with medical personel. These people are not at fault for the network not being secure. The only culpable party here is the group of students who knowingly exploited an unsecure network for illegal activity.
The headers allow us and the wronged entity to attempt to get something done about said zombied machines, bad formmails, and so on. Sometimes it leads nowhere but other times we can put a stop to a source of spam. You would be amazed at how many phishing emails come from things like the php-nuke webmail module. We this is the case the offending provider usually takes swift action. Reporting a phishing site should lead to a chain of events and while rarely leads to those phishing it can help to stem the flow of spam over the net to a small degree.
People like you really get under my skin. I have a feeling if anyone would ever dedicate the time and money that we would find people like you were damaged before they started playing D&D, White Wolf, or whatever you blame for yourself being screwed up. What gets me most is Christian groups spreading lies about tabletop games. It gets to me because I am a Christian and these groups spend the majority of time making people like me look bad. There is a line between fantasy and reality. It's not even a small line. If you cannot seperate the two then there is more going on than just playing D&D. I could go on and on about these groups but in the interest of remaining on topic I will simply point out that I, a Christian, have played D&D since I was an early teen and have never ever thought that casting a spell on myself would have any effect on the real world. I have never wanted to go kill monsters with my broadsword. I have had many a night of fun escape from the drudgery of my job, the stress of traffic, and more. I also would like to point out that the best DM/Storyteller I have had the pleasure to play with is currently going to St. Thomas in Houston to be a priest. Tabletop games are no more dangerous than anything else in the world. No matter what you do idiots are going to be idiots. D&D doesn't make them more of an idiot it just gives them an outlet that's easy to publicize.
Reports directly to PayPal and eBay are handled by those companies directly. Our reports, our rather your reports, do make a huge differnce. I say "your reports" because I head the abuse department for a large webhost. We deal directly with eBay, PayPal, AOL, and more directly on abuse issues. Banks tend to outsource if they are US Banks whereas EU banks tend to outsource. Reports that are CC'd to the webhost are acted on very quickly. To properly report a phishing scam the following information, while seemingly common sense, helps greatly:
1. Full headers from the email
2. The IP and hostname of the server
Always CC the the webhost on your reports as we take these reports very seriously. I cannot say what host I work for the usual reasons but we actively check for phishing as well. We run scripts to check for phishing sites, we scan outbound email for URLs containg the names of the most common phished entities.
Here is a list of the companies we have dealt directly with in recent days:
1. AOL
2. PayPal
3. eBay
4. Verisign
There are more but with the security measures we have implemented we generally do not have to deal with a lot of phishing.