Liudvikas Bukys

Jon Udell doesn’t like
James Gleick’s article on spam.
He does think that 2003 will be the year of anti-spam initiatives. (I concur.)
Regarding identity guarantees, and new “jump through this hoop
before you can talk to me” systems, don’t forget his previous important statement, “If we rule out spontaneous association then we will not have defeated the spammers.
They will have defeated us.”

AP:
Surplus Computer Had Confidential Info
“A state computer put up for sale as surplus contained confidential files naming thousands of people with AIDS and other sexually transmitted diseases, the state auditor said Thursday.”

James Gleick, New York Times Magazine:
Tangled Up In Spam:

As remote as an effective solution seems, the spam problem might not be so intractable after all. The Telephone Consumer Protection Act of 1991 made it illegal to send unsolicited faxes; that law passed with strong backing from manufacturers of fax machines. It should be extended to include unsolicited bulk e-mail.

For free-speech reasons, any legislation should avoid considering e-mail’s content; trying to define key words like ”commercial” and ”pornographic” only leads to trouble. And it isn’t necessary. For that matter, even short of outlawing spam, two simple measures might be enough to stem the tide:

1. Forging Internet headers should be made illegal. The system depends on accurate information about senders and servers and relays; no one needs a right to falsify this information.
2. Unsolicited bulk mail should carry a mandatory tag. That alone would put consumers back in control; all the complex technological challenge of identifying the spam would vanish.

MPs call for anti-spam rethink. BBC Feb 10 2003 5:40AM ET [Moreover – Tech latest]

Clay Shirky:
Customer-owned Networks:
ZapMail and the Telecommunications Industry
“Two years and hundreds of millions of dollars later, FedEx pulled the plug on ZapMail, allowing it to vanish without a trace. And the story of ZapMail’s collapse holds a crucial lesson for the telephone companies today. …
The creation of the fax network was the first time this happened, but it won’t be the last. WiFi hubs and VoIP adapters allow the users to build out the edges of the network without needing to ask the phone companies for either help or permission. Thanks to the move from analog to digital networks, the telephone companies’ most significant competition is now their customers, because if the customer can buy a simple device that makes wireless connectivity or IP phone calls possible, then anything the phone companies offer by way of competition is nothing more than the latest version of ZapMail.”

SlashDot: Kevin Mitnick:

• “In that same defamatory article, Mr. Markoff falsely claimed that I had wiretapped the FBI (I hadn’t), that I had broken into the computers at NORAD (which aren’t even connected to any network on the outside), and that I was a computer “vandal” despite the fact that I never intentionally damaged any data I’ve ever accessed.”
• “As described below, I was never accused of abusing a position of trust, profiting from any illegal activity, or intentionally destroying information or computer systems.”
• “I believe that former non-malicious (no intent to cause harm) hackers can be extremely valuable in helping businesses identify their weaknesses in technologies and procedures.”

To which I respond:

“A number of systems at the University of Rochester
were compromised during the Shimomura incident.
The compromises included deliberate destruction of
log files. So which is it:

• Deliberate destruction of log files doesn’t count as deliberate destruction according to KM?
• Somebody else did it?
• Oops, caught in a lie?”

Robert Graham on SQL Slammer:

• Internet Infection was instantaneous
• For individuals, it was binary, a square-wave
• Better patch management would not have solved this
• Easy – and obvious – remediation
• The worm attacked everyone, all at once
• Worst attack ever

“ ‘This is a wake up call’
This is what they say every time a worm hits. It’s hard to believe them when their next sentence contains statements that demonstrate that they still don’t get it.”

Plaid up in arms as Commons spam filter bans Welsh.
“Parliamentarians from the Welsh nationalist party, Plaid Cymru, are complaining that bilingual English-and-Welsh emails are been blocked as containing “inappropriate content”, the BBC reports. … Evidence points to Clearswift’s (formerly Content Technologies) MAILSweeper as the package to blame for the debacle. ”
[The Register]

BBC:
E-mail vetting blocks MPs’ sex debate:

A new e-mail vetting system at the House of Commons is stifling debate among MPs over serious parliamentary business such as the Sexual Offences Bill, it is claimed.

The system was introduced last month after MPs complained about getting inundated with pornographic and rude e-mails.
official

More than 900 e-mails were blocked in its first week, and the new system is now proving too restrictive and causing “chaos”, according to one MP.

Shane Harris:
The worm that turned: A new approach to hacker hunting:
About the dissection of the Leaves worm, leading to the arrest of its author.
A bit breathless, but entertaining nonetheless.