Re: [Mimedefang] Re: Lycos Screen saver that attacks Spammers, Ah more off topic...
> From: Randy Hammock <[EMAIL PROTECTED]> > Subject: Re: [Mimedefang] Re: Lycos Screen saver that attacks > Spammers, Ah more off topic... > > Lycos Screen Saver / Legal Zombies? Just wait until someone figures out > how to hack all those Lycos zombies out there to perform DDoS's. What > makes one zombie legal and another illegal? > Legal = Volunteerily downloaded with full understanding of circumstances and consequences, and no packet spoofing or RFC violations. Illegal = Covertly installed allowing remote control of a system, modifying of packets to hide source IP address, ignoring RFC rules to cause a denial of service through exhaustion of resource (SYN flood, exhausting sessions), attempting active exploits against sources to gain unauthorized access, spreading itself in a virus like manner, etc... How is their screensaver any different than running a local Google server, (other than the fact the requests are much more targetted) or having the site Slashdotted? (which BTW, all the targets have been) Heck it was even nice of them to build in traffic throttling, although I for one am curious to know how that worked seeing as the clients don't know about each other... hmm... Now, while they supposedly built their screensaver to "play nice" so as to avoid criminal prosecution, it doesn't keep them from being sued on a civil basis. And according to one of the sites they marked for death, I think they'll be seeing some Cease and Desist letters here shortly. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Re: Lycos Screen saver that attacks Spammers, Ah more off topic...
On Fri, 2004-12-03 at 05:05, Ian Mitchell wrote: > Lycos is right in what they are choosing to do, they are not hacking into > other services, they are simply utilizing publicly accessible services on > a voluntary basis. The morality of what Lycos is doing is very similar to > the morality of P2P networks. Both are brilliantly conceived solutions to > dilemmas presented by the Internet as a whole. However, they both have > dark side consequences that make people think... Lycos Screen Saver / Legal Zombies? Just wait until someone figures out how to hack all those Lycos zombies out there to perform DDoS's. What makes one zombie legal and another illegal? -- Randy Hammock KC6HUR http://equiblog.kc6hur.net - Equestrian Issues Blog http://irlp.kc6hur.net - IRLP/EchoIRLP Information IRLP Node: 4494EchoLink Node: 120688 (KC6HUR-L) ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Re: Lycos Screen saver that attacks Spammers, Ah more off topic...
On Fri, Dec 03, 2004 at 07:05:32AM -0600, Ian Mitchell wrote: > >> Democracy is three wolves and a sheep voting on what to have for dinner. > >> Guess who gets eaten. Sounds more like revolution to me. But I don't blame you for not recognising democracy, living in a dictatorship :) > I don't think what Lycos is doing is illegal IANAL, but this sure is illegal according to our AUP, and most ISP's AUPs on this planet. Lycos is orchestrating a DDoS. The fact that they are not bringing the servers down is a red herring, it causes slowdown and excess traffic, that's enough. It can easily hit innocent bystanders (Spammers are already hosting spamvertised sites and even nameservers on 0wn3d boxen, thanks to registrars that are happy to modify NS records instantly with just an XMLRPC call). > extradite someone from Bangladesh because they sent > someone an email that the recipient didn't ask for. Can you see the state > department for China now? "You wanna what? ummm... No." Umm... probably because the Chinese don't want to hack through the Indian armies before reaching the border of Bangladesh, and then invade that country too? (If you want someone from Bangladesh, take a submarine and navigate to their front door, or what's left of it after the floods. No need to even surface, given the "right" weather conditions). It would be just as rediculous as asking the US to capture and extradite some random Manuel from Panama (oh, wait...) (List-mom: you can probably kill this thread any time now) -- #!perl -wpl # mmfppfmpmmpp mmpffm <[EMAIL PROTECTED]> $p=3-2*/[^\W\dmpf_]/i;s.[a-z]{$p}.vec($f=join('',$p-1?chr(sub{$_[0]*9+$_[1]*3+ $_[2]}->(map{/p|f/i+/f/i}split//,$&)+97):qw(m p f)[map{((ord$&)%32-1)/$_%3}(9, 3,1)]),5,1)='`'lt$&;$f.eig;# Jan-Pieter Cornet ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Re: Lycos Screen saver that attacks Spammers, Ah more off topic...
Ian Mitchell wrote: Honestly though, what can legislation do to prevent spamming? Ohio passed a nice little bill that provides prison time if you spam someone in Ohio. Oh hell, I guess this email can be considered Spam since it's off topic, and there's likely someone who lives in Ohio reading this now... Well, I guess I'll just have to live with the warrant. Virginia has anti-spam laws too. And there have been some long-time sentences already: http://www.computerweekly.com/articles/article.asp?liArticleID=134815&liArticleTypeID=1&liCategoryID=2&liChannelID=28&liFlavourID=1&sSearch=&nPage=1 I don't know about Ohio, but in Virginia the address needs to be forged, so you are on the safe side of the law at least in Virginia ;-) Honestly, I don't see Ohio having the ability to extradite someone from Bangladesh because they sent someone an email that the recipient didn't ask for. Can you see the state department for China now? "You wanna what? ummm... No." Me neither. But at least extradiction works inside US (between states), which is better than nothing. Also, braking laws "remotely" isn't something to take easilly. As soon as you leave your contry of origin, you must be carefull where you go. Your government might not be willing to extradite you (and many countries have laws that prevent extradiction of its own citizens, US included). But a foreign one couldn't care less. Vacation in that nice tropical paradise? Maybe not, too risky, they have extradiction agreement ;-) -- Aleksandar Milivojevic <[EMAIL PROTECTED]>Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Re: Lycos Screen saver that attacks Spammers, Ah more off topic...
> Date: Thu, 02 Dec 2004 14:50:18 -0800 > From: Kenneth Porter <[EMAIL PROTECTED]> > Subject: Re: [Mimedefang] Lycos Screensaver that attacks Spammers > >> Democracy is three wolves and a sheep voting on what to have for dinner. >> Guess who gets eaten. > > I've always loved that quote. I'm going to remember that one... Sometimes as a consumer, I definitely feel like the sheep! >> No, we're not vigilantes when we filter spam. Perhaps not vigilantes toward other organizations, but it would be arguable that doing things like removing and modifying attachments, and restricting inbound/outbound content because it doesn't meet a huge set of rules isn't in some form vigilantism toward the members who use your server. > Again, it's what Lycos is doing (arguably illegal), not the fact that it's > Lycos doing it, that's the problem. I don't think what Lycos is doing is illegal. Allowing the RIAA and MPAA to hack into your computer when you run a P2P is illegal (Thank goodness that bill died), making web requests to a public web server is in no way illegal. The only time that this could remotely be argued as illegal is when its done with crafted packets to spoof sources and corrupt TCP stacks, for example DDoS's. But a legitimate packet asking for information from a public web server isn't and should never be illegal. Think about it, if you made a rule that would ban automated systems from requesting information via a public web server, you may stop Lycos, but you'd also stop Google. All Lycos is doing is making a whole lot of legitimate web requests for information that gets tunneled to /dev/null. The worst it will do besides clog up the web servers of companies that arguably deserve it, is that it will skew the statistics for companies that use things like web bugs to build profiles. Frankly, if I start getting banner ads for home mortgages and the V word instead of computer related stuff, I'll likely ignore them just the same. The only other issue I see besides the morality one is that if everyone on a consumer network (DSL/Cable Modem) decided to participate, then the overall bandwidth consumed by the company may start to raise overhead cost which translate into higher monthly bills again. Honestly though, what can legislation do to prevent spamming? Ohio passed a nice little bill that provides prison time if you spam someone in Ohio. Oh hell, I guess this email can be considered Spam since it's off topic, and there's likely someone who lives in Ohio reading this now... Well, I guess I'll just have to live with the warrant. Honestly, I don't see Ohio having the ability to extradite someone from Bangladesh because they sent someone an email that the recipient didn't ask for. Can you see the state department for China now? "You wanna what? ummm... No." Lycos is right in what they are choosing to do, they are not hacking into other services, they are simply utilizing publicly accessible services on a voluntary basis. The morality of what Lycos is doing is very similar to the morality of P2P networks. Both are brilliantly conceived solutions to dilemmas presented by the Internet as a whole. However, they both have dark side consequences that make people think... ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang