Boing Boing Founder Warns of "Internet AIDS" 154
An anonymous reader writes "Cory Doctorow, founder of Boing Boing, says he doesn't have a problem in principle with the automated network defense systems that guard the Internet against malware, spamigation bots, and other network nasties. However, in his article 'The Future of Internet Immune Systems,' he bemoans the problems caused by 'Internet autoimmune disorder' — where the network defenses designed to block network attacks are automated and instantaneous, but the systems in place to reverse erroneous lockdowns are manual and unresponsive."
This already exists (Score:4, Interesting)
Trigger trippers (Score:2, Interesting)
Yep, almost as bad as trying to get set up with service in the first place.
I guess the way to foil these critters is to try to trip as many as possible. Then again, the intarweb mischief-makers will probably do just that.
Please stay on the line, your call is important to us.
I've had this experience (Score:3, Interesting)
Anyway. It turns out that spammers could blindly use my webproxy to push email to my local port 25 and send mail using it. Damn clever spammers. I figured it out after my email system croaked and I looked at the logs and mailq. (crap, 1000 spam messages in the outbox, originated on my system).
So I'd been a tool, and used, and it was my damn fault. I fixed it (uninstalled the proxy) and started to repair the damage.
One of the items of fallout was that the RBL lists had nailed my IP address as a spammer. Fair enough. But getting them to turn it off was a royal pain in the ass and took days - even though their notes described exactly how the spam was delivered through my system and it was easily verifiable that it was no longer an issue.
It left me pretty peeved, and I've never used an RBL since.
Re:This already exists (Score:3, Interesting)
A black list is a list of domain or IPs the provider of the black list wishes to list. The provider of the list gets to decide who is listed, why they're listed and under what circumstances under which people get removed. They don't even have to give you any way to know you're on their list. Blacklists do not block mail. They're simply a list. It's a list of people that one party doesn't think other parties should accept mail from. It really nothing more than an opinion. There are of course bad lists and good lists. The fact is, the open market is pretty good at selecting the good ones and weeding out the bad ones.
The consumers of these lists, on the other hand, do have choices. One of them is to choose to not accept your mail for whatever reason they deem fit. Those people, whom you call, "vigilantes," the rest of us call Mail Server Administrators. We use tools such as RBLs, content filters and other other technologies to stop the deluge of bullshit into your mailbox. I will say that blocking any given piece of mail just because it shows up in one black list is probably asking to block mail someone wants. The system administrators run the system, they decide what mail comes in and what goes out. They have to work the tickets if it's broken for everyone or just the handful that got a spammy piece of mail blocked this week.
Re:Blacklists (Score:3, Interesting)
I've been in your shoes with large e-mail service providers. One in particular (let's call it Company Y) treated my e-mail in each of the following ways over the course of a year: spam box (slightly tolerable), blackhole (never got delivered), and just plain rejected at the MTA level. I made an effort to contact them about whitelisting my domain (as I was not on any known blacklist), but it seemed to fall on deaf ears. However, just recently, I mistakenly used a person's address at Company Y, and it actually landed in the non-spam inbox.
Maybe a few things (in aggregate with other people) caused the problem to be solved:
1) I contacted Company Y and tried not to be an ass.
2) I started directing my friends and family to use the competitor (let's call it Company G), as I wasn't having any problems there. My friends and family listened to me (or at least considered it) because I gave a reasoned explanation, and I tried not to be an ass.
3) I mentioned my problem to an employee (friend of a friend) at Company Y (although this employee did not work with e-mail), gave a reasoned explanation, and I tried not to be an ass. Who knows if any water cooler talk got to the right person.. but it couldn't hurt to try.
Over the years, I've had my domains hosted on various ISPs, but in each case, I've made sure that I was allowed to have a server. In the few cases I wasn't, I had the server hosted elsewhere. I'm not saying you're running a mail server where you're not supposed to (I have no idea), but e-mail coming from a dynamic IP address that is allocated to a provider that prohibits servers is just asking to be flat-out rejected. I see too many attempts from dial-up and home cable providers with obviously bogus sender envelope information to know that this general categorization holds true. If you have a provider that allows e-mail servers, and you're still having problems with certain ISPs/e-mail service providers, and you're sure you're not on any blacklist (try http://www.dnsstuff.com/ [dnsstuff.com] ), then try contacting the ISP like I mentioned above. If the ISP is not willing to help you, there are other e-mail provider services you could recommend to your friends and relatives.
I could go on and on, but it boils down to trying everything you think is possible before you give up. What are the particulars of your domain?
Re:Credit card lockdown (Score:3, Interesting)
Of course, calling the credit union about it didn't help. They aren't open on the weekends. They can shut your account down kid, but they won't turn it back on again.
You don't call your credit union. You call the credit card company.
I belong to a credit union too, and I have a CC issued by my credit union. I bought an expensive piece of electronics, first major purchase on the card. On a Sunday afternoon, no less. That went through...but 30 minutes later, another transaction was declined. The credit card company acted on the unusual behavior and stopped the card and called me. I missed the call, but saw it when I went to call the 800 number on the back of my card with my cell phone.
Your credit union doesn't do jack shit except issue the card, accept payments if you wish, and show you balance/activity. Everything is outsourced to the holding bank or the credit card company itself. The holding bank's hotline is open 24x7x365...you just have to know the right place to call. After I confirmed I had made the purchase, the rep said "you're all set", and I said "how long until it's active?" "Immediately." I motioned to the cashier, and sure enough, it went through.
If it truly is the case that your card doesn't have a 24x7 800 number, complain to your credit union and see if they do anything. If not- get a CC that does have a 24x7 number. Vote with your wallet, chief.
Re:automation is only one-way (Score:3, Interesting)