[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] T-Online abuse address ignoring complaints

Getting OT, but I guess I'll add to the noise once.. hopefully more signal
than noise. Human factors argument follows.

At 12:57 PM 6/5/04, Ralph Seichter wrote:
>If you could convice your bosses to do so, I'd very much doubt their

Why? How much business do they do with the people using those addresses?

>Why not block China or the USA aswell? Why not live on
>an IT island?

As a matter of fact, and I'm in the USA, but I have noticed that I do block
significant parts of certain countries (no, not Germany AFAIK) at my own
firewall; it's a simple expedient, and I suppose it reduces the amount of
e-mail problems as a side effect. I also block certain companies which
provide certain "services" (and in the current climate, what is the
distinction?). Do you really want to see my firewall logs? Come on, look at
where your problem traffic originates and tell me there isn't some
coherence. (I also run a 'bot motel on one web server.) Furthermore yes
there is a certain block of addresses belonging to a German ISP which
doesn't get access to our FTP server at my day job; I've also been
authorized once to call up an ISP and tell them we were no longer going to
accept traffic from their block if they could not identify the party using
a certain range within it (does it matter for our purposes here whether we
blocked the ISP or they divulged the party?).

This is simply another cost-benefit equation: how much legitimate interest
do I get from these people, versus grief? If anybody from one of these
blocks was denied access and wrote me saying "hey, I'm one of the good
guys" and could support it (no list trolls, won't work; you have to find me
through the usual channels to make a case), I'll punch a hole for them.

My point is that yes, in spite of the clouded vision produced when one's
head is in the clouds of idealism, the Internet is Balkanized. In fact, is
it not as Balkanized (at least in the USA) as when DARPA and the US
educational backbone provided significant (free) bandwidth.

Most of us do live on "IT islands" as a practical matter: we visit a
limited number of web sites, we exchange e-mail with a limited number of
people or entities, we share certain interests and goals which inform our
exchanges of information. We deploy technology to facilitate such exchanges
at our convenience, not to make it easy for random parties to exercise a
misconstructed form of "free speech".

In addition to the islands of common interest, you can also look at this as
a "web of trust". People want to declare technological solutions to these
"problems" but, as with electronic voting, it's a solution in search of a

In either of these paradigms, there is no great harm to selective blocking;
"island hopping" is often possible and of course when you visit some other
island you may very well encounter a visitor from yet another island
somewhere and decide that a closer affiliation is in order. This is
technology reflecting the human limitations on the dissemination and
absorption of knowledge.

On a day to day basis, my life is a whole lot simpler and less worrisome if
I restrict access when traffic analysis indicates there is a locus of
annoying activity (by the way there are automated tools such as snort which
can be set up to do just this); I don't need PGP keys, for instance, as an
excuse to exercise reasonable human judgement. In fact, trusting technology
is no substitute for human judgement (it can only be an adjunct unless you
truly want a Balkanized internet).

I agree that people should be "liberal in what they accept, conservative in
what they send" which is an underlying precept echoed in numerous RFCs. But
at the end of the day, my IT island is mine, and you're a visitor on it and
you're expected to act like one; and when I visit someone else's IT island
I respect it as theirs and try to comport myself, as a visitor, in such a
fashion as is likely to allow me to visit again in the future... provided I
want to be able to visit again in the future. This includes not filling
their logs or inboxes with garbage (it's not a perfect world, I do send
some autoreplies to e-mail for instance), not poking around on weird ports,
trying to maintain some relevance in my contributions (difficult at times),
and so forth.

It's not a perfect world of course, and I try to forgive people's
trespasses as I wish them to forgive mine; but when there's nothing coming
from somewhere but noise... I just don't have a problem with people
electing to block or restrict access, in fact I completely understand.



Fred Morris, speaking for Fred Morris Consulting, not InWa.net (they're
just my ISP)
fredm3047@xxxxxxxx (I-ACK)

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here