@Home Gets the Usenet Death Penalty 697
A reader wrote to us with the news that an UDP has been declared on @Home in news.admin.announce.
You can read it on Deja.com for the full post. Interesting - let's see how long it takes @Home to respond to the UDP. Usually, this gets people attention pretty quickly, and I'll welcome any sort of respite from the spam flood of the last couple months. The penalty is due to begin 17:00 PST, Jan. 18, 2000.
UDP; an example of a self-moderating system (Score:4)
UDP Starts on the 18th, not the 12th. (Score:2)
Re:What does this mean? (Score:4)
That's the faq for the UDP.
ls:
People still use USENET? (Score:2)
The last time I read USENET was gosh..almost 2 years ago. Full of spam, threads that went all over the place, crossposting galore. I have since given up and am using
What would problably work in this day and age would be a WDP (Web Death Penalty). Block port 80 from and to known ISPs that spam. Boy will that get people's attention.
Re:What does this mean? (Score:2)
Re:What does this mean? (Score:5)
This may sound heavy handed, but from my experience (5 years as an anti-spammer now) the anti-spammers involved make every effort to contact the offending ISP and help them secure their news servers, report abusive users to them, etc. In essence, a UDP is something of last resort.
It should also be noted that this isn't some small cabal (TINC) of people trying to censor others, as participation in a UDP is voluntary. All you need to do to not participate is alias NNTP traffic with the "udpcancel" site in the path. Often however, the benefits of a UDP outweigh the disadvantages, and the UDPed site cleans up their act rather quickly.
Hope this helps.
ouch (Score:2)
Yay (Score:4)
I like the idea of people/organizations fending for themselves on the internet. The last thing we need is any government intervening and trying to enforce it. Anarchy may not be suitable for real life, but I think the general concept is perfect for the Internet where the real laws lie in the software. For example, when someone tries to break into your box, you shouldn't call the cops - you should make sure your box is secure and defend yourself. If you're incapable, then buy software to assist you. (note: Please, nobody make analogies comparing this to some crime in real life
Re:What does this mean? (Score:2)
-----------
"You can't shake the Devil's hand and say you're only kidding."
Groaner... (Score:2)
Better Link to the article (Score:5)
I'm glad, and it's my ISP (Score:5)
I'm a disgruntled @home user, or in other words, I've been on the service for more than three months. No one at @home takes proper measures to inforce the acceptable use policy. Instead, they cap bandwidth at 5k a second to make their ISP a less viable 'server', inconveniencing every user.
@home costs $65 a month Canadian, and they cut corners everywhere they can. My personal WAN area has between 32 and 40 people on it, and the packet drops are phenomenal. I have been phoning their tech support for thirteen months in a row, and they have told me it's everything BUT a crowded WAN area. They most recently have told me that 'Internet Access' does not include UDP. They do not support UDP, therefore they have no responsibility to control the quality of Internet gaming, despite advertising gaming on their network on television with fullscreen Quake pictures. I have been keeping track and am wondering about the viability of a lawsuit.
As I hinted above, servers are against the rules with @home. Have you ever played on a Quake server with an IP starting with 24.113 or 24.112? That's @home cable. Expect 5 to 50k/s upstreams.
Ever gone to a mp3 search engine? A ton of the sites are 24.113 or 24.112.
@home has been banned from Dalnet, due to excessive numbers of people spamming the network. The Dalnet ops have tried to contact @home about the problem, but they were ignored. The only way to connect to Dalnet for @home members is through gate.dal.net, which has too much lag. My two year old channel dwindled to zero people within a week.
The bottom line is, do NOT sign up with @home if there are any other alternatives. They will hook you in with a high installation fee, and it goes downhill from there. You're on your own. Everyone who has any sense of right and has power at @home must be ignored internally.
Re:People still use USENET? (Score:5)
You need patience, of course, to wade through junk posts, as well as the self-imposed week or so of lurking before posting rule. You need to find resources in the group, as most good NGs have FAQs about what and what not to ask. And you need to realize that reply times from USENet are much slower than other possible methods (IRC, web boards), but generally are going out to a much wider audience and will have a better chance to be answered correctly.
A newsreader with a killfile in today's USENET is a must. You also would like one with good filters that can rank messages based on subject or author. This helps highlight what you're interested in rather than wading through the rest.
But more importantly than the above is having a strong newsgroup to participate in. It takes a while for a ng to develop it's community, but once it's in place, most are pretty good. Examples that I read include comp.infosystems.www.authoring.html, rec.arts.tv.mst3k.misc, and rec.games.roguelike.nethack/.adom. On the other hand, if there is no clear leadership/common posters, or the like, or the subject matter is of the right type, you get groups that are mostly organized anarchy: alt.html, alt.tv.simpsons, alt.games.half-life, etc.
But in generally, most of the non-alt groups will be good; the regulars are knowledgable and will try to answer a well-worded question to the best of their ability.
Unfortunately, USENET is really only practical for those with T1 connections or shell accounts with their newsreader - most groups get 100+ messages a day, and if you wanted to read all the messages with a standard dialin and newsreader, it could easily take 10 minutes per newsgroup per day to download that information. That's why web discussion boards have gained popularity. However, IMO, it will not replace the quality of help I generally get from USENET.
Re:People still use USENET? (Score:2)
--
As a (pissed off) @home user... (Score:2)
As far as I'm concerned, this is not excusable in any way by @home, and besides, my news server @ work (news.eni.net) doesn't carry some of the ng's that @home's news server does (specifically alt.os.linux.slackware and a few gimp ng's.)
Rest assured that the not-asshole-ish users of @home will be very, very active in making this stop.
Mike
Overmoderation can be a bad thing (Score:2)
-just My 2cents
If someone tries to break into your box ... (Score:5)
However, the right answer to security isn't to "buy software" either. As Bruce Schneier is fond of pointing out, security is not a checklist feature: it's not something that can be slapped onto the side of a fundamentally poorly-designed system.
"Poorly-designed" here refers not only to the software and other instrumentality, but also to your administrative methodology. Administrative methodology has to do with the things you do as routine system upkeep. Do you monitor security-related mailing lists (CERT-CC, BugTraq)? When setting up a new system, do you close unneeded services? Do you make a habit of knowing everything that should be running on your system, and noticing when things that shouldn't be there appear? Do you run security audits against your system? Do you regularly check for security updates to your software and install them?
My new favorite security procedure: Go to a script-kiddie Web site, download some k00l t00lz (cracking tools, DoS utilities, etc.) and wield them against your own system (over your own network)
Security is a way of thinking -- some would say a way of life. It's not something you can just buy a program to install.
Re:ouch (Score:2)
In all honestly, it won't affect me too much though, as I mostly just use USENET for browsing classifieds (and if I REALLY need to post I do could just as easily use Deja, or the NNTP server from work..)
Just remember, as an @home customer, you have the power to fix this.
Re:I'm glad, and it's my ISP (Score:2)
All I can say is @home has to be the most complete and stable home based internet service available.
And in regards to being banned from dalnet, oddly enough i dont have that problem accessing dalnet (then again it is dalnet so who would care?), and admittedly I will accept the fact that yes being an @home user we are k-lined off most irc servers available.
The problems with @home are all along the same equation with gun control in the states
give everybody access to a gun and things go wrong
give everybody access to bandwidth and things go wrong
anyways thats my two cents
Re:I'm glad, and it's my ISP (Score:2)
Re:@Home should sue sites not carrying its news tr (Score:2)
Please note that no one has successfuly sued the Realtime Blackhole List [mail-abuse.org], either.
Re:@Home should sue sites not carrying its news tr (Score:3)
We aren't attempting to destroy @Home, we're simply not carrying their packets on USENET - which we aren't obligated to do anyways. They could only sue us if we had a contract requiring us to carry any and all spam from them.
UUNet thought they were all that with lawyers too, and when they tried, the number of people supporting the UDP nearly doubled in anger.
Re:@Home should sue sites not carrying its news tr (Score:2)
Lawsuit? (Score:4)
Re:Overmoderation can be a bad thing (Score:2)
Have you READ the UDP page? The case for a UDP is not with dissenting opinions. It's about SPAM. The same spam that comes into inbox's on a daily basis. Unauthorized usage of a third party's resources, EXPECIALLY in the case of USENET, is an issue of money. Have you ever run a full scale newsserver? Not running leafnode to pull a few groups.
I attempted to handle a newsfeed from UUNET for our company by subscribing to 10 comp.* groups relating to the business and had to stop all together because the server jsut could NOT keep up. The diskspace was the biggest issue (even after setting messages to expire after 2 days.) Now admittedly this was an exchange server and so the hardware cost/spec was already through the roof considering the kind of groupware stuff we do via exchange, but still the newsfeed was just too damn much.
UDP (Score:3)
Ironic UDP is same acronym for thin layer communication protocol User Datagram Protocol (UDP) which is thinner than TCP/IP.
One UDP connects.
Another UDP disconnects.
I like the irony.
Corrinne Yu
3D Game Engine Programmer
@home other problems (Score:2)
I have road-runner and they check their customers for open wingates, relayable sendmail ports and trojans like BO, netbus etc.. ( I know this because I probed one of the admins boxen after I saw my kernel dropping packets from his IP. He directed me to the security website for road runner which explained everything. http://bofh.rr.com)
Re:I'm glad, and it's my ISP (Score:3)
Yes. With some elbow grease it works under Linux and OpenBSD. Probably works under FreeBSD and NetBSD also. But, it's gonna take a bit of the old RTFM.
Jesus. Get over it, already. (Score:2)
You won't win any friends by "fighting back" like some sort of Che Guevara wannabe of the Internet. But, if it makes you feel any better, you can forge cancels for all of _my_ posts, too.
- A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
Re:UDP; an example of a self-moderating system (Score:2)
The RBL?
Off course, since Murphys law rules, I can't remember the URL to it, and I can't even remember what the letter stand for, but I know it's an email spam blacklist supported by many ISP.
If anyone has any real info on this, enlighten us!
dufke
-
Re:@Home should sue sites not carrying its news tr (Score:2)
10.What about legal issues? Don't you worry about being sued?
As UUnet (and others) have found, there is no legal requirement for other sites to carry or post their messages. Cancel messages are advisory in nature, and the sites which accept them have to have the ability to process them enabled in their software for them to be effective (the vast majority of sites have them enabled). UUnet threatened legal action when they were UDP'ed in August of 1997, but both the US Justice Department and the FBI (and presumably their own legal department after they consulted them) stated that there had been no laws broken and that they refused to investigate or act. Because none of their own equipment or networks were attacked, compromised, or even affected, there was no legitimate Denial Of Service (DOS) complaint that could be filed. What was happening, in effect, was an organized boycott of their messages. Nothing more, nothing less - and there is nothing illegal in all that. There would also be a horrendous negative public relations wave from actually instituting any legal action. When UUnet threatened, even more people came out in support of that UDP, contributions to legal funds were offered by a large number of people, lawyers volunteered to defend those participating in the UDP, and many ISPs promised to alias UUnet permanently (and work to get others to do the same) the moment they actually instituted legal action.
As another example, there was a rogue canceler, nicknamed "the Kikecanceller" [because his racially inspired cancel message paths all had "!kikecancel" (along with "!spiccancel," "!wopcancel," and others) in them], who was active for a short while. This rogue canceler nuked over 25,000 articles for no legitimate reason before his account got canceled. James M. Hawkins, the supervising agent at the FBI's Tulsa office, stated: "We don't have a case. I don't think we're going to be getting involved in the matter." The local United States Attorney's office was contacted about the cancellations and they replied that no law had been broken. (see the NY Times article about the "Kikecanceller". Note: this site requires you to enter a user name and password to access it, although it is free. There have been no reported instances of spam being sent to any test address that was used to enter the site, so it appears as if this data is only used by that site and not released to anyone who might utilize it for a spamlist).
Re:UDP; an example of a self-moderating system (Score:2)
I'll go you one better (because if you're procmailing, the spammer has already wasted your resources) and point you to the MAPS Realtime BlackHole List [vix.com].
Re:@Home should sue sites not carrying its news tr (Score:2)
Uh, this _isn't_ an attempt to destroy a business. There has been a huge rise in spam coming from @home, and even messages sent to @home about it have been ignored. This spam is causing problems for other sites, so the UDP is meant to help the other sites lower their spam intake, and to get @home's attention.
I don't know what you're reading, but nowhere in the message I read did I see anything that said "let's get @home." I do see things like Because of this lack of response to serious, ongoing problems, even when they have been pointed out repeatedly,... Looks to me like @home is at fault for not taking any action.
Re:UDP; an example of a self-moderating system (Score:2)
dufke
-
Re:Well this reeks of elitism. (Score:2)
How is this different from e-mail, HTTP, FTP, Gopher, etc?
Even then it is not 100% likely that you will be able to get that group that you want.
What newsgroups are carried are set by the system administrator for your ISP, and most wellbehaved ones will add ones if you ask for it. (Although you may want to rethink about asking for sex, warez binaries groups, etc.)
There are also some public servs that carry as many groups as possible, or cater to specific areas (binaries, portman, grits, etc.)
What people need to do is to simply delete the spam and just look at what's there. How hard is it to just delete it?
USENET postings cannot be deleted. With USENET, one person posts a message, and that message is then duplicated bit by bit to every server in existence that carries the newsgroup. So:
1) No centralized source to delete it from.
2) It can always be found on some odd server.
3) Same ethical/philosophical reasons that Slashdot doesn't allow moderators to delete postings.
Is it's presence that bad that it actually causes people to react like it was a cockroach or maybe a demon?
The headers must be downloaded when you spam off line; it takes time to download a million spam messages. Much less people like me who have to let my machine grab full text for me to read later.
It's a lot like e-mail spam, except messier and in such huge quantities as to compare CyberPromo (anyone remember Stanford?) to a landfill the size of Texas.
Re:I'm glad, and it's my ISP (Score:2)
Re:What does this mean? (Score:2)
@Home and all clients going through @Home Usenet servers become gagged until the upper echelon management finds out and orders an immediate change of policy on spam.
A UDP requires the participation of other USENET servers, but many, in fact most, servers are set up to automatically honor all UDPs by default.
IP Discrimination! (Score:2)
I do not agree. Just because there are users who abuse the internet and usenet groups the entire domain is black listed. This is the dirtiest part of human nature! Why is it when there are bad apples the entire stereotyped population suffers!
I agree that there is a problem. All the good users should be made aware of the issues at hand. They should be then able to isolate the insolent users and cancel their subscription to @home.
Being an @home user, I will be glad to kick off the assholes that are causing crap. Hell, I would even BOTCOT @home if they do not allow users to self-moderate the system. HELLO? It is a shared network. We are all paying for it. It is about time we all share in the democracy of the system and flush out the bad apples. Make the all go to AOL for all I care! They are cost all other users of @home MONEY, TIME, and STRESS! This is more that enough justification to spend the time and effort to isolate the 10 - 20% who are abusing this service.
All those with me, call @home and complain. We should put up a website saying that there should be a faster turnaround on kick out delinquent users.
On another note: I would like to see where the AOL IPs stand in the UDP priority. I always get spam from them... is it just because it is easier to see people from @home (Ips are generally 24.112... or 24.113... etc....)????
Thanks for you time.
Re:@Home should sue sites not carrying its news tr (Score:3)
@Home should sue any site that refuses to carry its traffic (at least those subject to US courts).
The UDP is a community action. @Home was not a good neighbor, and now they can't borrow the weed whacker. There is no obligation to carry a particular companies usnet articles. There is no obligation to even allow IP packets from @home into their networks (except for their upstream provider who IS under contract).
Besides that, there are very few 'smaller' sites out there. Most ISP's that don't own their own national network outsource their usenet service.
Re:@Home should sue sites not carrying its news tr (Score:2)
You've been taken in by spammer FUD and BS. Net sites are the private property of their respective owner, free to reject traffic according to their own rules (though they may be liable if they selectively enforce the rules in a prejudicial manner).
Especially go after the smaller sites. They'll BUCKLE under the legal pressure as their bosses realize that they cannot afford a long expen$$$ive lawsuit.
@Home presumably hires reputable and competent lawyers, who do not wish to besmirch their recordss with frivolous-lawsuit sanctions. Their spammer customers are welcome to file such lawsuits, if any of them can find an attorney willing to accept chick en bones [deja.com] as a form of currency.
/.
Huh? (Score:2)
YS
Re:People still use USENET? (Score:2)
Re:Well this reeks of elitism. (Score:2)
How is an ISP supposed to "delete" all of the gigabytes of spam (e-mail & news) which they are forced to carry every day, and for which they had to pay big bucks for the bandwidth, servers, hard disk space & administration to be able to support? They can send out cancel messages, but this uses MORE resources and the time lags involved allow spam to slip through. (Plus, _somebody_ has to be paid to identify the messages to cancel & issue the cancel message...)
You seem to have a very limited understanding of the mechanisms which support the Internet, and a debating style consisting mostly of emotional appeals w/very little logical content.
Re:Autocnceling the UDP crowd (Score:2)
All cancels delaing with an active UDP have udpcancel in their path header.
So, the majority of usenet admins are participating simply because they haven't chosen to ignore these cancels.
Even if a site that ignores these cancels passes them on to another site which honors these cancels, the second site will get the cancels and the messages will go away. (It's magic!) The only news servers where the articles originating from @Home will be found are the guys who ignore the udpcancels.
And not to try to impress you, but I do control a major newsfeed. You can also reach me at my deja.com address. I'm their primary news admin.
For those who don't understand the seriousness... (Score:5)
EVERY DAMN ONE OF THEM WAS AN @HOME NEWS SERVER.
The AUP Enforcement department for @Home has had their thumbs stuffed up their asses for long enough. The throw the book at anyone who dares have a web server showing the default Apache page on it, but never do a damn thing about open relays, which are a much bigger threat. The reasoning seems to be that open relays aren't a bandwidth muncher, but a web site that gets twelve hits a month is.
In all honesty, they'll probably ignore this UDP since the summary cancellations will mean they will no longer have to forward so many complaints about Usenet spamming to
Re:What does this mean? (Score:2)
A UDP is not invoked lightly. It is invoked as a last resort against a set of servers that have resisted or ignored all reasonable requests to participate within the USENET community.
If @Home is incapable or unwilling to act as a responsible member of the USENET community, news admins are fully within their rights as owners of their news servers to reject traffic from @Home's users.
Similarly - by aliasing out the "udpcancel" site in the path, news admins who wish not to participate in the UDP are fully within their rights to ignore it.
This isn't about "censorship" or a "Cabal" (TINC). This is about the rights of news administrators to choose for themselves whether or not to accept traffic from a site that has demonstrated a clear inability or unwillingness to clean up its act.
To @Home users: The problem is with the management of the company who (poorly) administers your news servers. The proper course of action is to contact your @Home technical support or customer service reps and tell them that you want @Home's managment to authorize @Home's news administrators to take the actions required to bring @Home out of the UDP. While the rep you speak with on the phone can't help you, the message will eventually be heard by @Home management. While it's regrettable that the situation went as far as it did, the precedent for the UDP is good; UDPd firms generally do clean up their acts, and USENET is the better for it.
Re:I'm glad, and it's my ISP (Score:2)
Why do I get the feeling you work as PR for @home?
Re:What does this mean? (Score:2)
Re:I'm glad, and it's my ISP (Score:3)
YMMV, as I'm on a node which had a total of five users, last time I checked. I've seen downloads of up to 120K/second, which is pretty damned fast. The uploads aren't speedy, but certainly better than dial-up and I'd estimate them at about 20-30K a second in my experience. I haven't tried to run many server apps off of it or anything, but I have no problems with the speed.
---
Re:I'm glad, and it's my ISP (Score:2)
[whois.arin.net]
@Home Network (NETBLK-ATHOME) ATHOME 24.0.0.0 - 24.19.255.255
@Home Network (NETBLK-CORP-RDC-SC-1) CORP-RDC-SC-1 24.0.0.0 - 24.0.0.255
That looks like 19 class B's and a class C. As I recall, @home applied for and was denied a class-A; they were moaning about it semi-publicly.
Re:Not just news, but net in general. Helps pirate (Score:3)
> quality you praise so much also keeps an ample
> supply or w4r3z and kiddie pr0n available to
> anyone on the 'net. Is this what you are
> supporting.
Some, like myself, would argue that neither of
these is imnherently bad. (while I am against
forcing children into sexual situations for
any reason- especially something as base as
capital gain, I see nothing wrong with the
act of transmission of pictures themselves)
Noone is being hurt by these simple transmissions
of data. Noones rights are being abused. I see
no real problem.
Its simply the free exchange of information. Is
that what you are against?
See the MAPS Realtime Black Hole List (Score:5)
Take a look at the Realtime Black Hole List [vix.com]. This is a DNS-based hack that publishes the domain names of sites that allow spammers to send through their mailservers - in a form that lets mail transfer agents do a quick DNS inquiry and dump mail if it is coming from such a site.
Interestingly, it's an example of anarchism in action. Anybody can publish such a list. Anybody can hack their sendmail to use such a list - and pick any such list they chose. (As far as I know there's only one such list at the moment - probably a sign that it's doing a good job.)
The RBH client code is included in current Linux distributions. (I saw it as a {recommended} sendmail configuration option in Red Hat 6.1, for instance.) I've heard estimates that about 60% of the email inboxes in the world are now behind mail transfer agents that subscribe to RBH and thus bounce mail from any site on the list.
Re:IP Discrimination! (Score:5)
I remember when AOL opened its floodgates upon the internet. No only did they put a big POST button in their software and not educate their users what usenet was, they had a little bug in their software. Each post would be duplicated seven times. Putting the entire aol.com domain in my killfile returned the newsgroups back to an enjoyable state. In fact, it would be over a year before I ever saw an intelligent post from the aol.com domain. I wasn't missing much by filtering them out.
Then other ISP's unloaded the masses onto usenet. Newbies are a fact of life, but usenet was then carpetbombed with scams and what was to be known as spam. It was unreadable. Filtering everything with the
I have seen the usenet death penalty used. And it works! It keeps me from having to filter, because it forces responsiblility for those who wish to become part of the usenet community.
Re:What does this mean? (Score:2)
Re:I'm glad, and it's my ISP (Score:2)
I lose connectivity every night. I've lived in two houses since I got on the @home network. One was a cheap rental town house, and the other in a neighborhood with $150,000 houses.
The reason you do not dislike @home is because you have not had the hassle with bartering with their tech support for hours in order to get someone to examine your connection in-depth, because your connection works.
However, unlike you, I am someone else. This resets the odds back to start on every factor that could go wrong.
Don't tell me you wouldn't feel nervous about moving to a new house, and getting cable reinstalled. Don't tell me you wouldn't hope that your access would be high quality.
As for dalnet, they detect your *.home.com status, redirect you to gate.dal.net, which is an alias for hebron.dal.net and another server I can't remember, and sit you in a very croweded, laggy situation.
The point of my original message was that @home does not give two shits about anyone. We are banned from Dalnet and Usenet. An a more personal level, I explained how they do not give two shits about me, personally.
Though, it is good to know that you get fine service. I have no doubt that @home works for SOME people. However, I am demographically challenged.
Re:Do you *think* about the users you hurt? Bonehe (Score:3)
We hurt millions of users for five days to remove billions of crossposted spam from millions of Usenet servers - and also as retaliation for @Home's little alias of abuse@home.com to
Have you ever run a Usenet server? Do you have any idea of the pure amount of GARBAGE from spam and advertisements that will suck up entire T3s 24/7? If you want a better analogy, this is little different than when Iraq invaded Kuwait and didn't respond to demands to stop; most of NATO got together and pounded on them.
Given the choice of massive spamming or blocking cable users from direct Usenet access (they can still use Deja) for a few days, I pick the block. Who knows, @Home might even clean up their act before the UDP goes into effect. Historically UDPs are usually released before the deadline for that very reason.
Re:They have ot be kidding right? (Score:2)
> that a minority of @home users are spammers.
No...they have a bug up their ass that a minority
of @HOME users are spammers AND @HOME
is not doing anything about it.
UDP is invoked AFTER usenet admins have alerted
and really tried to get an ISPs attention and
feel that their complaints have "Fallen on Deaf
Ears".
Re:I'm glad, and it's my ISP (Score:4)
I thought I'd post a more positive perspective on my @home experience.
First off I've had the service for around 2 1/2 years now, I had it when it was still known as 'The Wave' because @home was too busy at the time to handle expansion into Canada. I pay around 40$ a month Canadian with tax. My stream caps are 300k/s down, 50k/s up (Up from 100k/s down and 50k/s up when I initially signed up) and I routinely do transfers at these rates. I live in Metro Toronto and I would estimate I easily have over 100 people on my segment, if I were to guess I would say it is probably higher, more like 200. During prime time I do notice more packet loss, but I guess I just accept this, just as I accept that if I go to work during rush hour I will have to contend with more people on the train and it won't be as easy to get a seat etc. I do play quake, everquest without significant problems.
As to @home's handling of open relays, well @home may be bad but my personal cable company (Rogers) seems to actually be developing a clue. They recently did a scan of machines and notified people running mailservers who failed the spam relay check that they would have a week to fix their relay or their service would be disconnected until they could prove to the abuse people that it was fixed. As a side note Rogers allows small personal servers for mail etc, but don't expect to be running the next slashdot affiliate off it
I don't use IRC so I really can't comment on that.
My bottom line I guess is, all of @home is not created equal. Check around, ask other people who have been on the service in the area what they think, look and see if you have a local @home users group and see how their general attitude is towards their provider.
Re:Overmoderation can be a bad thing (Score:2)
Re:hmmm, well, different problem. (Score:2)
can be blamed for your inability to connect to
the mail server other than the network admins.
Usenet has nothing to do with email.
Re:People still use USENET? (Score:2)
If you really want to nail them to the wall, declare an email death penalty as well. Block any connections to port 25 to and from @Home. The two services used MOST these days are email and web. Shut those down and the customers are paying $65 for nothing.
Re:Well this reeks of elitism. (Score:2)
You've obviously never had anything to do with running a news server. The news spools can get HUGE if you keep articles for any length of time. RAID is an absolute MUST. A spam on usenet takes up resources on every usenet server in the world.
Usenet spam is a lot worse than email spam. I have seen newsgroups that were about 20% actual messages and 80% spam. If s/n isn't enough argument, consider every news server needing an extra 9G U2W SCSI drive for the spam and the extra bandwidth (that costs some real money BTW).
The problem with open proxies is that any spammer anywhere can use them to hide their identity so they don't get their account cancelled. There's nothing eletist about that. I can't think of any ISP that doesn't provide you with usenet as part of the basic service. The only people who really need the proxies are the spammers.
As for Lucifer, at least if you tell him you're not interested, he goes away. Besides that, although his prices are outrageous, he, unlike many spammers, actually delivers the promised goods and services. [/humor].
Re:For those who don't understand the seriousness. (Score:2)
> aren't a bandwidth muncher, but a web site that
> gets twelve hits a month is.
Web sites are also easier to find.
Any moron can write a script that looks around
for web servers. You actually have to know what
a relay is before you can scan for open ones.
Probably just clueless admins.
Re:Who they gona sue? (Score:2)
As a followup, the point has been made that this kind of thing can be done because no contractual obligation exists between usenet nodes (is that the right word?). I wonder how long before big ISPs start trying to get mutual carry agreements with each other?
I just spoke to an @Home rep on the phone.... (Score:5)
All I can do is suggest everyone do the same. The office in PA is (215) 981-8531. You may or may not get someone knowledgable right off the bat, so be polite (but really, you should be polite anyway!). You might want to even check out the Canons of Conduct [linuxdoc.org] from the Linux Advocacy mini-HOWTO for some good pointers.
Good luck!
A junk free dejanews search form (Score:5)
copy this old dejanews search form to your home directory [attaway.org]
and bookmark it from your browser. This search form was saved from my cache when deja ruined their interface. It has none of the voting crap and your search will just yield the facts and what you are looking for.
Re:I'm glad, and it's my ISP (Score:2)
Sympatico's DNS is slow and the way interconnection speeds vary with parts of the internet means that my connection often crawls (I get less than 10K/s over the VPN to work in Denver during the day, but at the same time I can get 85K/s from javasoft.com!) The other problem with Sympatico is that they don't allow more than one email address.
I constantly hear bad things about Roger's cable internet service. I hope you get some more choice in your area sooner than later.
Re:(Slightly OT) Re:People still use USENET? (Score:2)
(And needless to say, HTML is NOT a USENET posting standard - thanks to Netscape for unleashing this travesty to the world, but fortunately, only about 2% of the posters I read use HTML in the first place.)
Frivolous Lawsuits (Score:2)
Something Seems to be Happening at @home (Score:4)
-Jeff
Re:I'm glad, and it's my ISP (Score:2)
That can't be true:
1) I don't use their proxy server at all.
2) A friend of mine in Denver FTPed a CDROM image from my machine at over 30K/s.
*giggle* We've got two cable isp's here (Score:2)
Free installation and first month (from both, I think) due to the shortage of modems at the time. Now I pay $25 total for service & modem. They want an extra $5 if you want a second computer (but it seems you provide your own hub & wiring), and the terms of service explictly prohibit sharing an IP with linux or that dark-side program (but how could they tell?).
I have no idea how to configure it. I put in my two install disks for FreeBSD, and it took care of absolutely everything. Since I wanted to massively rearrange the hard drive, I called and got an ip that I could grab, changed the address in in my old configuration, and stashed about a gig of
Competition in cable is such a wonderful thing.
Oh, and the deciding issue wasn't that it was $5/month cheaper, but that I called both places, and the cfu folks knew what was going on, while the @home folks could barely figure out which out of state tech support might be able to answer questions . . .
Re:Well this reeks of elitism. (Score:2)
telnet nntpserver.domain 119
even in Windoze. I would even say the server's raw interface is user friendly. If you want help, just type help followed by return. Its a beautiful interface and is compatible with almost anything that can display text. With a good terminal and some scripting, it can be the most productive environment for digesting news.
Re:@Home should sue sites not carrying its news tr (Score:2)
If you are a BugTraq subscriber... (Score:4)
OK, not exactly on this topic (if you say "offtopic" they don't mark you offtopic :) but in a related and interesting coincidence:
I just now got a message from BugTraq saying that their mailing list has gotten blocked by ORBS because their ISP blocks ORBS probes. I think (I'm not an expert on this) that ORBS (anti-spam police) is probing to see if above.net's sendmail will allow "open relaying", but above.net blocks the probes. So, ORBS is treating the ISP as if they allow open relaying... does ORBS have "proof" that some machines in that domain are relaying, or is this a "play ball our way or screw off" (you know, kinda like cookies on Slashdot :) move?
Here's the email (I've corrected some errors to make it readable):
My personal response regarding @Home (Score:5)
The following is the text of my e-mail message to them. I would encourage other @Home customers to write letters of their own. Perhaps @Home will get the point and begin acting more responsibly.
-----email follows-----
to: (several addresses, repeated in body of msg.)
from: (Chris Stearns)
--
I would like to know what @Home intends to do about the Usenet UDP that is scheduled to begin on Tues, Jan. 18 at 1700 PST.
Usenet access (reading and posting) is one of the services I pay @Home for. Now, because of @Home's continuing reluctance to address the abuse of its mail servers by spammers, my Usenet postings may be blocked by various sysadmins, who have elected to reject all traffic originating from within the home.com domain.
This would be an unacceptable interruption of service. @Home has an obligation to ensure that the services I subscribe to are available to me.
Futhermore, @Home has an obligation to ensure that its mail servers are not being abused by spammers. The requests for action that have been forwarded to @Home (by myself and others) are apparently being ignored. My own requests have been met with excuses. David Ritz, the originator of the UDP, details largely the same experience when describing his attempts to contact @Home. These responses from @Home - deferral, ignorance - are not good enough.
The remedy to this problem is completely within @Home's ability to to enact. I am a paying customer who wants to know what is being done.
Tell me, what are you going to do to clean up your act? When?
I have attached a copy of the UDP notice, originally posted by David Ritz in news.admin.net-abuse.usenet. This message, as well as the original notice, has been mailed to abuse@home.com, abuse@corp.home.net, news@corp.home.net, noc@corp.home.net, abuse@rogers.home.net, and Internet.Abuse@shaw.ca
A timely response would be appreciated.
Chris Stearns
(email address omitted)
(UDP notice was attached here)
-------end email message------------
Happy writing!
Chris Stearns
Re:Pot. Kettle. Black. Go after SPAMMERS, not site (Score:2)
If you wish to comment on Usenet-related issues, it behooves you to learn a little bit about what Usenet is and how it works.
Broad access BAD (Score:2)
give everybody access to bandwidth and things go wrong
--Quote ends--
As I've said before, it's the issue of broad access that makes many of the big commercial services an incomplete Internet experience. You get so many people who act up that it ruins it for everyone. A friend of mine left AOL because he's an avid IRC person, and aol.com is k-lined on most servers. AOL was convenient, but the stigma ended up being too much and they lost another customer...one who honestly wasn't an AOLamer.
Usenet kill files, IRC server k-lines, Spam filters...all over people lock out entire companies because they're sick of the garbage. You can't really have a complete Net experience with them. The big companies don't take the time to police what's going on, and often don't bother to respond to complaints. It takes something like a UDP to wake them up, and that's only because the UDP usually gets in the news. My advice remains, if you can find a local ISP with good service, stick with them and avoid the corps. The BS you have to put up with because of the other lamers who get on big companies like AOL and @Home isn't worth it.
My opinion, of course.
Re:Before you condemn @HOME^H^H^Hdespammers (Score:2)
>You may want to keep in mind that the spam nazis >are pretty wacko themselves and go to inordinate >lengths to stop spam.
Such as? I've seen LOTS of claims about what these supposedly EEEVIL despammers do, but noone's ever substantiated them.
> They don't even care that innocent companies
> will suffer.
@Home is not an innocent party here. Things have to get really dire before a UDP is considered..
> Think I'm exaggerating? Well consider this, an
> internet site not responsible for *any* spam
> leaving its network may qualify for
> listing on the RBL, IOW being blackholed.
> I know. Been there, done that.
BS. You need to submit traced spam, send it to the RBL folks who contact (by phone) the maintainers of the submitted server and then they MAY enter it in the RBL if there's no hope of the mail server operator getting a clue.
You haven't "been there, done that" at all. You're just pushing spammer FUD.
> Check http://www.mail-abuse.org/ if you have any > doubts.
...and expose you as a clueless tool??
Re:I'm glad, and it's my ISP (Score:2)
Actually, @Home owns the *entire* 24 network.
Actually, they don't. I use RoadRunner (@Home's biggest competitor) and generally see addresses of 24.24.x.x through 24.29.x.x there. RoadRunner certainly wouldn't be giving out @Home's IP addresses.
----
Re:Well this reeks of elitism. (Score:2)
who wants to read pages must obtain a browser. You
must have access to the servers. Even then its not
100% likely that you will be able to find a server
with the information you want.
Ok...now for the sarcasm-impaired.....
Of course you need a "client" what kind of
argument is that? You could just telnet to the
nntp port and speak nttp by hand, but guess what?
that is a pain in the ass.
Find a particular server? How is it any differnt
from email? Should every ISP just automatically
allow anyone, free of charge, to have an email
acount on their server?
The server your ISP has doesn't have all the
groups you want? That is your ISP (or whoeevr
runs the server) fault. Complain to them. I know
that here where I work, we are willing to add
any group to our feed that is requested by a user.
> that @home people are operating "open proxies" I
> assume that this means that they are allowing
> public access from the outside world. Well my
> friend what is wrong with that?
Open Proxies are not open usenet servers. An
open proxie is a proxie server that ANYONE can
connect to. This allows ANYONE on the net to
"Hide" their real adress by connecting to the
proxie and having the proxie connect for them.
The problem here is that A) 99% of the time this
is NOT the intent of the machines owner but a
mis-configuration that others are taking
advantage of. B) This allows spammers to post
spam to email and usenet without ANY audit
trail to track them back to their ISP. This
means that it APEARS like the person with the
relay is sending the spam.
> Is it's presence that bad that it actually
> causes people to react like it was a cockroach
> or maybe a demon? I
You know...if it was JUST the fact that I get an
ocasional email advertisment I wouldn't care.
However, spammers are much worst than that.
Do you know what a spammer can do to an
unsuspecting network? They connect to a mail or
usenet server and start BULK sending thousands of messages. Often in mail with BCC so that they send
one message and the server expands it and sends
thousands.
This can saturate unsupecting networks and bring
useful work to a halt. Not to mention disk
space. If a spammer sends a 2k message here...to
all 10,000 of our users...that means roughly
20 MB of storage space. Maybe thats not terrible,
but if several spammers do it every day or two...
it adds up FAST.
> I think if the mythical Lucifer were to appear > in front of one of these people they would most
> likely get more irritated or enraged at the spam
> than their most hated enemy (for Christians).
Love to nitpick...
since when do ALL christians believe litterally
in a Devil? I know many who don't and would say
any references to one are merely symbolic to
make a point rather than references to an actual
being.
Re:Spammers will always Prevail (Score:3)
If you look at the UDP FAQ (linked to in the email mentioned in the article), you will see that most of the UDPs do not go into effect, and when they, it's generally for a very short period of time. I would say your average, honest internet user doesn't get [too] hurt by this action.
This is hardly old-school draconian society: apparently @Home has been approached regularily about this problem. They have done their customers a disservice by not being a responsible service provider. This isn't a police force in effect: the participants of the UDP are free to make up their own minds and not participate if they desire. It sounds more like a form of democracy within anarchy! If you think that this is draconian, would you mind suggesting another method equally as effective?
Re:@home other problems (Score:2)
I will make that analogy (Score:4)
No, breaking into someone's computer shouldn't be treated like a physical assault. Not even close IMO.
But it SHOULD be treated like a property crime. After all, it is costing the victim money. If something of value is copied or destroyed then the victim is financially hurt. Say what you will about closed source, but it still holds a market value.
Hell it doesn't even have to be source code. People store all kinds of information on computers (credit cards, anyone?). Sure, this stuff should be secured, but there's no denying the fact that harm is done if someone steals it.
Even if nothing is done aside from breaking in the victim still loses. Why? He has to invest time (= money) in resecuring / reinstalling his machine.
Don't try to glorify computer intrusion as a harmless activity. It's not.
For what it's worth, I agree that sysadmins should work together to solve problems as much as possible before involving the authorities. It's generally a faster way to take care of the problem. But, when the abuse warrants it, either through damage, or through repeated activity, I have no problem contacting law enforcement to resolve the issue.
Best regards,
SEAL
Re:Cabal screwing me. Not spammers. Not @home. Cab (Score:2)
OK, so we do know ths ISP. However, the spammer can set the user account to absolutely anything. Therefore... One goes to the ISP, and nicely asks them to check this out. They would have logs of who was on when, and could probably figure out who actually did it (to them, you see, the remote would be the spammers own machine. They know who they gave which IP to, and can figure out the identity of the spammer). If they didn't keep the logs, they could watch for him to resurface (ie keep logs temporarily and deal with it if he does it again). This would almost certainly be acceptable as a response, and would get them off the hook.
If the ISP is uncooperative, then all that can be done (from the next level up) is to blackhole the ISP. Only the ISP can really know who the spammer was, so theu have to deal with it, or ignore it. If they ignore it, I guess the people at the next level have the right to recommend blocking and to block it for themselves. If you read the post, individual news-carrying sites have the choice if a) whether or not to follow UDPs at all or b) to follow them, but exempt this one. How to do so was described. So if you like spam or think this is too extreme (maybe it is, I haven't hear whan @Home's response was or how many warnings they got) find a news-carrier who is not going to follow it. Or run nntpd yourself, and don't follow it.
So it's a lot like the system right here at slashdot. Read at -1 if you want, or don't if you can't stand trolls and spam. Individual choice (except that you do have to be the person running the newsserver and using up the resources to be able to make the choice.
At least, that's my understanding of the setup, but I don't actually run a usenet server, so any innaccuricies are hereby disclaimed. If I'm wrong, would someone reply and say so.
Re:I'm glad, and it's my ISP (Score:2)
I have Mediaone Express and in Chicago we're 24.131.*.*
AOL zaps spammers (Score:2)
That, and not the quantity of spam, is what gets the USENET Death Penalty rolling.
It doesn't help that there are maybe five people in the entire @Home company nationwide who know what the hell they're doing, and your chances of talking to one of those people are about the same as your chances of calling the White House and talking to the President. As with The Phone Company, @Home takes pains to make sure that their precious techies aren't bothered with anything as mundane as helping customers.
Easy way to get hung up on by @Home "technical service"... "Hello, I'm running Linux and ...".
-E
Slashdot's spam logo (Slightly offtopic) (Score:4)
There's a small problem with the picture used to depict "spam", as in junk e-mail and the like. It depicts a can of SPAM luncheon meat [spam.com] , which is a registered trademark of Hormel foods [hormel.com].
Hormel's position on this matter is best expressed by the following quotation from their "Spam and the Internet" page [spam.com]:
This means Hormel don't like pictures of cans of their SPAM luncheon meat used in conjunction with junk e-mail and the like.
I suggest that the logo for "spam" be changed for those legal reasons. Perhaps we could change it to the picture of a pig from O'Reilly's book "Stopping Spam", or some similar porcine picture that's suggestive of "spam".
Re:Pot. Kettle. Black. Go after SPAMMERS, not site (Score:2)
Besides, only @home can really tell who the spammer is. see My other comment [slashdot.org]
Success of UDP's - Does SPAM work? (Score:5)
I really have to ask, does anyone know is SPAM profitable? Are these just un-informed idiots that really don't know that they're wasting their time? Does anyone have information on this?
Furthermore has anyone even _heard_ of someone that bought something because of SPAM?
Are these people just the deranged/hopeful side of the net?
if the UDP has the desired effect, then it's an example of anarchism actually working
the UDP FAQ [stopspam.org] certainly claims a large number of successes, among them:
Erols.com had been a thorn in the side of usenet for a long time. With a change in policy after discussion of a UDP against them, they now have a very high reputation among both the usenet and email community.
Bell Atlantic, near the end of July, 1997, was a major spamhaus. Word got to them that they were being considered for a UDP. Spam dropped dramatically almost instantly, to their credit. No UDP was necessary.
UUnet, which was the largest single spam producer around the beginning of August, 1997, [...]announced and apparently instituted a much tougher AUP against spamming, and nuked a couple of the most persistent spammers that usenet has ever seen. Numbers again have fallen dramatically, and we all hope that UUnet continues with this policy.
October, 1997, Compuserve
In December, 1997, TIAC appeared absolutely unwilling to deal with any of their ongoing spam [...] UDP was announced with the 5 business day waiting period before institution. Although their owner continued to make excuses and argue about their culpability as well as bluster and threaten legal action, by the time the deadline had arrived, they had "cleaned up their act" to the point that the UDP was no longer necessary, and the deadline was extended for another 5 days to watch the numbers. After that additional 5 day period, the stats had stayed low, and the UDP deadline was lifted.
About 10 others between these dates.
In December of 1999, a simultaneous UDP of VSNL and SILNET, the two main carriers in India, was instituted for their failure to even begin to control the usenet terrorist who calls himself "HipCrime" and who forges, cancels, floods, and supercedes thousands of articles on a nearly daily basis in an attempt to blackmail the entire world into doing things his way - his way being a usenet without spam cancels. Currently, VNSL and SILET have enabled port 119 (news)blocks on all outgoing connections from their services with the exception of their own servers.
So, it looks like there is good evidence that this will work, given the past history of success.
My Mum told me to hit them!
@Home Abuse, as seen from an ex-@Home employee (Score:5)
As for the spam problem, the people at blame are the corporate types. This is a management issue, not a technical issue. This problem could be fixed by blocking inbound packets to customer IPs on port 119/TCP. Unfortunately, port blocking is more involved than just making changes to routers. Policies have to be re-written which, when you are @Home, necessitates lawyers, meetings, and the like. @Home has bigger fish to fry. Like what, you say? Customers who crack government machines, e-mail spammers (who generate a larger backlash than usenet spam), smurfers, script kiddies, irc abuse, customer-to-customer abuse, people who host commercial sites on their cable modems, people who put porn sites on members.home.net (their homepage server), etc., etc. It's only to be expected that USENET complaints are near their bottom of their abuse priority list. If you could only see the volume of mail that abuse@corp.home.net generates, you'd understand.
Chris
A lesson from FidoNet (Score:3)
One of the things I've always liked about FidoNet over UseNet was that people were held accountable.
If you broke an echo's rules (an echo is like a newsgroup), the moderator of that echo could ban you from the echo. (Fido moderators are more like IRC channel operators then UseNet moderators).
If you got banned enough times, most system operators would simply ban you from the echos entirely.
But it got better. If a system's operator was unresponsive, or a system was a continual source of twits, the FidoNet feed to that system could be cut.
If other systems in the area kept refeeding him any, that entire network (local geographical area) would be cut.
Seems a little heavy-handed if you are used to Internet anarchy. But I think UseNet's system of waiting until things have deteriorated to the point of uselessness doesn't work, and a system that doesn't work isn't a good system. FidoNet preemptively cut off the garbage-makers. It was all run by the lose organization of system operators, was very grass-roots, and generally operated on concenus. It worked pretty well.
In a way, FidoNet has a cabal, and was better for it, IMNSHO.
Of course, the big-time (the Internet) has pretty much killed it off these days, so we'll never know how it would have scaled compared to Usenet.
Why cable should not be a monopoly (Score:3)
Re:@Home Abuse, as seen from an ex-@Home employee (Score:3)
Re:Already Done.. ;) (Score:3)
My box doesn not relay outside mail. I get probe attacks, and the wanna-be spammers go away.
ORBS has 17 different spam attempts, keeps trying for 14 days (as per their web site) and then re-tests.
Being mentioned in ORBS has increased the number of outside probe attacks. (In fact they WANT this behavior)
They are unwilling to provide the e-mail message that prompts them to think you are a spam site, and if you complain about them, they add you to the ORBS list as a manual entry.
In fact BUGTRAQ@SECURITYFOCUS.COM has now been hit with ORBS. (seems above.net doesn't like the probes and rejects them. So ORBS has them 'on the list')
In short, ORBS is no better than the spammers.
Promoting ORBS is irresponsible.
(OT on killfiles) (Score:3)
Perhaps as an extension to NNTP, an FAQ, Killfile, and other info links would be available in the info for the group (as meta fields), allowing people to not have to wait for the FAQ to be posted, etc.
---
It's over (Score:3)
Of course, they forge-approved it to two newsgroups that I moderate, and my 'bots cancelled it.
Aah, well, I reposted it in news.admin.net-abuse.policy. Enjoy, folks.
- Tim Skirvin (tskirvin@killfile.org)
Official response from @Home Network (Score:4)
Official Response from @Home (Score:5)
Many of you have been posting your questions and concerns
in reference to the proposed Usenet Death Penalty (UDP) which
would block the @Home Network from posting to USENET. I have attached
our official response to the Usenet community and the press here but
wanted to bring attention to a couple of points that are raised here:
- This afternoon we began a network wide scan targeting open proxy
servers.
- If an open server is identified, the customer associated will be
blocked from posting to Usenet until such time we are assured that
the proxy software is secured.
------------------------------
To the USENET community:
In response to the recent UDP call for @Home Network to be removed
from interacting on the USENET, we are submitting an official
response
with a proposal of short term and long term news spam prevention
initiatives. Excite@Home is very committed to participating
respectfully on the Internet, and we have taken previous requests for
action seriously.
We have found that the primary source of our excessive USENET posting
history comes from subscribers who have installed proxy software
incorrectly. Unbeknownst to the customer, this mis-configuration has
allowed outside access to the @Home news servers, and has resulted in
our subscribers becoming spam relays. Because these various IP
addresses create holes in our network, spammers have taken advantage
of this mis-configuration, and have posted thousands of newsgroup
messages through our news machines.
As of today, we are stepping up our involvement and taking more
aggressive action by performing frequent network wide scans of our
customer base to target proxy servers. Once these customers are
identified, we are suspending their news service immediately.
Re-enabling will not occur until we are assured that their machines
are secure. We feel that this proactive effort will dramatically
decrease the amount of extraneous news traffic originating from
home.com.
We are committed to promoting better Excite@Home participation on
the
USENET, and we are in the process of modifying our current news
product and news architecture. We are also implementing more user
education as a parallel initiative.
With these new tactics in place, we are asking for an extension to
our
USENET access beyond the 18th of January and we are confident that
the
USENET community will see positive news statistics coming in the next
few days.
David Jackson
Manager, Network Policy Management
Excite@Home
Carol
Newsgroup Policy Specialist
Excite@Home
Re:@Home Abuse, as seen from an ex-@Home employee (Score:3)
If they ever decide that USENET is important enough for them to clean up their house, then they can be allowed to play again. Until then, I guess they won't.