Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Recovering the Slums of the Internet?

timothy posted more than 4 years ago | from the english-monopoly-names dept.

The Internet 218

turtleshadow writes "Brian Krebs of the Security Fix Blog analyzes the McColo Spamming one year later and asks an interesting question: 'How does one renovate and recoup the lost trust to the slums of the Internet and reclaim back all the domains and IPs that have been blacklisted?' Indeed, the economic benefits abound when a huge swath of illegal and annoying activity ceases — but given the basic design of the Internet, what happens over the long run to IP space and DNS when hosting companies come and go and vary in their trustworthiness? So too, now Geocities is dead [as a business], but does that still live in your filter list? It still appears in OpenDNS under several policy categories. How, in a few years, will I tell if some Hosting/Colo sold me Whitechapel Road/Ventura Avenue for Mayfair/Boardwalk prices, and no one is going to accept my mail from a former slum? When do you, if ever, roll back the blacklists and filters for 'dead' threats and spammers?"

cancel ×

218 comments

Sorry! There are no comments related to the filter you selected.

I like the Ras Al Gul approach (1, Funny)

Anonymous Coward | more than 4 years ago | (#30080792)

Burn them to the ground.

Re:I like the Ras Al Gul approach (1)

xmorg (718633) | more than 4 years ago | (#30080884)

Agreed. Once a spammer always a spammer. BURN!

Re:I like the Ras Al Gul approach (5, Interesting)

AnEducatedNegro (1372687) | more than 4 years ago | (#30081764)

My problem with that is when you get reassigned IP space from a spammer. My host aquired a block from ARIN, which used to host russian servers. Well these russian servers were apparently spambots because I just recently found out yahoo does not accept mail from any of my servers. This is a major problem and jumping ship to another host does not guarantee this problem will go away. I had no clue who to contact and ended up requesting new ip space from my provider... but that caused a world of pain for my customers.

I used to think my old boss was crazy when he said he never wanted our antispam solution to rely on any blacklist provider and it didn't really sink in until I was on the opposite end of the spectrum. Blacklists are bad.

aEN

Re:I like the Ras Al Gul approach (0, Troll)

peragrin (659227) | more than 4 years ago | (#30081820)

hey wanna by a formerly popular domain? hear geocities is available.

Solution (2, Informative)

blakelarson (1486631) | more than 4 years ago | (#30080800)

IPv6!

Re:Solution (2, Interesting)

Tubal-Cain (1289912) | more than 4 years ago | (#30080888)

That will prevent us from running out of unblocked IP addresses, but it does nothing to aviod being bitten by filtering rules based on a previously bad domain name (like geocities.com).

Re:Solution (4, Funny)

stephanruby (542433) | more than 4 years ago | (#30081102)

Simple. Do not call your web site goatse, or geocities. If someone registers that domain name, because he's too young to remember, or whatever... He'll figure out pretty quickly that things don't work for him, so he'll pick a different domain name, like goatsrus, geotowns, geomegacities, or whatever.

Frankly, I think that there are more pressing problems to think about.

Re:Solution (3, Funny)

Anonymous Coward | more than 4 years ago | (#30081310)

Simple. Do not call your web site goatse, or geocities. If someone registers that domain name, because he's too young to remember, or whatever... He'll figure out pretty quickly that things don't work for him, so he'll pick a different domain name, like goatsrus, geotowns, geomegacities, or whatever.

I'm going to start a free hosting service for shock sites called Goatsecities...

Re:Solution (1)

Ragzouken (943900) | more than 4 years ago | (#30081430)

And God knows we can't even consider solving a problem properly when more pressing problems exist.

Re:Solution (0)

Anonymous Coward | more than 4 years ago | (#30081604)

I think this would be a pretty good idea for someone with the resources to create an online filter list that can be updated perio... oh wait.

Using static filter lists is bad. :(
People should be contacted to make them consider changing over to a dynamic list.
Websites get flagged, then if the owner of the site changes, the filter is put on probation for a period.
If after a certain time (decided on how severe the site in question was) passes and nothing bad has been happening, it is removed.

Or it could be on permanent probation since the owners could have just changed the names, waited for the probation period to be up and go crazy again.
This would be more ideal than say, having to check out the new owner via some detective work.

Personally i would prefer the entire system to be completely changed since there is so much abuse.

Re:Solution (1)

commodore64_love (1445365) | more than 4 years ago | (#30081644)

I don't understand why geocities old IP addresses would be a bad location? Why was geocities.com filtered?

Re:Solution (2, Funny)

sentientbeing (688713) | more than 4 years ago | (#30081800)

It was condemned due to an infestation of Noobs.

OMG WTF PONNIES!!! (2, Funny)

Anonymous Coward | more than 4 years ago | (#30080810)

OMG WTF PONNIES!!!

FP (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#30080812)

First Post

who's on first? (1)

pilgrim23 (716938) | more than 4 years ago | (#30080822)

did not Godaddy get its start registering pr0n sites?

Re:who's on first? (2, Funny)

tacarat (696339) | more than 4 years ago | (#30080964)

So did everybody else, no? I'm happy for URLs. Back when you could only connect by knowing the correct IP, 69.69.69.69 was pretty much the only porn site on the web... well, strand.

Re:who's on first? (4, Funny)

tubeguy (141431) | more than 4 years ago | (#30081810)

It's still the coolest IP on the net.

Re:who's on first? (1)

bragr (1612015) | more than 4 years ago | (#30081894)

69.69.69.69 isn't really that interesting. Embarq owns 69.68.0.0/15 so the "coolest" thing that you could do would be to ping someone's DSL modem off of the face of the earth.

Re:who's on first? (5, Informative)

secolactico (519805) | more than 4 years ago | (#30082348)

nslookup -q=ptr 69.69.69.69.in-addr.arpa

Non-authoritative answer:
69.69.69.69.in-addr.arpa name = the-coolest-ip-on-the-net.com

Well, I'll be... I honestly didn't expect that. Duh...

Re:who's on first? (2, Interesting)

bipbop (1144919) | more than 4 years ago | (#30082408)

My favorite IP is 4.8. I often ping it, just for the joy of, well, pinging 4.8! I can't really describe it. You'll just have to try it to see what I mean.

Re:who's on first? (1)

John Hasler (414242) | more than 4 years ago | (#30081552)

> did not Godaddy get its start registering pr0n sites?

So what?

What slums? (2, Funny)

Dunbal (464142) | more than 4 years ago | (#30080852)

I thought they'd switched off geocities already?

Re:What slums? (3, Informative)

Tubal-Cain (1289912) | more than 4 years ago | (#30080940)

Yes, but if someone tries to create a new Biosphere and call the project "GeoCity", a website about the project will find itself needlessly blocked by filter rules set years ago and were never removed.

Re:What slums? (2, Funny)

Arancaytar (966377) | more than 4 years ago | (#30081692)

What filter rules? I mean, okay, that light on dark text and background midi and blinking marquees were annoying, but still, you could just not visit...

Re:What slums? (0)

Anonymous Coward | more than 4 years ago | (#30082324)

I can still access geocities.com pages.

And GeoCity will not match a geocities filtering rule, unless the rule is for geocit*

Re:What slums? (1)

socsoc (1116769) | more than 4 years ago | (#30082506)

Yep, cause the last Biosphere project worked out so well with their pseudo-science...

Easy solution: (3, Informative)

eln (21727) | more than 4 years ago | (#30080876)

Stop relying on blacklists as your primarily (or only!) filtering mechanism. There are far more sophisticated filtering solutions out there these days. Filtering based solely on blacklists is antiquated, ineffective, and vulnerable to massive issues with false positives. If you only use blacklisting as a very small part of your overall filter scoring, you won't have problems when the IPs in question get turned over to non-spammers. Sure, they'll still end up with a non-zero "spam" score, but not a high enough one to be blocked.

And, of course, you should regularly be looking at your entire setup, including filtering, on a regular basis to make sure the solution you have is still the best one for your situation. Technology, and the Internet, changes too rapidly to take a "set and forget" attitude toward anything, especially filtering.

Re:Easy solution: (1, Funny)

Anonymous Coward | more than 4 years ago | (#30081092)

Stop relying on blacklists as your primarily (or only!) filtering mechanism. There are far more sophisticated filtering solutions out there these days. Filtering based solely on blacklists is antiquated, ineffective, and vulnerable to massive issues with false positives. If you only use blacklisting as a very small part of your overall filter scoring, you won't have problems when the IPs in question get turned over to non-spammers. Sure, they'll still end up with a non-zero "spam" score, but not a high enough one to be blocked.

And, of course, you should regularly be looking at your entire setup, including filtering, on a regular basis to make sure the solution you have is still the best one for your situation. Technology, and the Internet, changes too rapidly to take a "set and forget" attitude toward anything, especially filtering.

Ok, thanks mom. I will do that from now on.

Re:Easy solution: (0)

Anonymous Coward | more than 4 years ago | (#30082290)

You ask your mom for technology advice? You'll probably have better luck asking your or your neighbour's grade school child.

Re:Easy solution: (1)

whoever57 (658626) | more than 4 years ago | (#30081138)

Stop relying on blacklists as your primarily (or only!) filtering mechanism

The people with the problem (the new owners of the IP address space) are not the people who can make the problem go away by your suggestion. Yes, it might be nice if everyone did make this change, but it is also highly unlikely.

I have seen even worse use of blacklists -- for example I came across one company that was rejecting email if a blacklist was matched anyhere in the "Received" lines, and their set of blacklists included lists of dynamic addresses so you could not send them an email from most residential IP addresses, even if it was relayed by a normal non-spammy source (for example an ISP's outgoing mail relay)

Re:Easy solution: (1)

PopeRatzo (965947) | more than 4 years ago | (#30081524)

What if our operating systems were more secure, or if virtualization became universally used? Wouldn't that make it less necessary to use blacklists? I mean, if there's no danger from malware, then I don't have to worry so much if I open an attachment from an email that looks like it's coming from a friend. Worst thing it can do is blow up my virtual machine and I can just close a window and keep on going. It would also make hackers look for other ways to do evil besides attacking our desktops.

Is virtualization as secure as I think it is? I admit I don't know a lot about internet security beyond just being careful and using protection, so I'd like to hear what those of you who have expertise think.

Re:Easy solution: (2, Interesting)

genner (694963) | more than 4 years ago | (#30081652)

What if our operating systems were more secure, or if virtualization became universally used? Wouldn't that make it less necessary to use blacklists? I mean, if there's no danger from malware, then I don't have to worry so much if I open an attachment from an email that looks like it's coming from a friend. Worst thing it can do is blow up my virtual machine and I can just close a window and keep on going. It would also make hackers look for other ways to do evil besides attacking our desktops.

Is virtualization as secure as I think it is? I admit I don't know a lot about internet security beyond just being careful and using protection, so I'd like to hear what those of you who have expertise think.

It's not a about viruses it's the shear volume of spam hitting mail servers that makes blacklisting necessary.
If you remove it your essentially allowing yourself to be DOS'd.

Re:Easy solution: (2, Funny)

AnEducatedNegro (1372687) | more than 4 years ago | (#30081782)

not my fault you have small pipes.

aEN

Re:Easy solution: (1)

PopeRatzo (965947) | more than 4 years ago | (#30082086)

It's not a about viruses it's the shear volume of spam hitting mail servers that makes blacklisting necessary.

Makes sense. Thanks for the explanation.

I saw "hackers" mentioned above and I thought the problem with the large number of blacklisted IPs was malware.

Re:Easy solution: (1)

value_added (719364) | more than 4 years ago | (#30081388)

Stop relying on blacklists as your primarily (or only!) filtering mechanism. There are far more sophisticated filtering solutions out there these days. Filtering based solely on blacklists is antiquated, ineffective, and vulnerable to massive issues with false positives.

Avoiding a primary reliance on blacklists is generally good advice, but let's not overstate things.

In a SOHO environment, for example, it could be considered perfectly acceptable, and offers a surprisingly effective and simple setup with none of the problems you cite.

On the other hand, if you work for a large corporation that has business dealings in China, the inappopriate use of a blacklist will, among other things, cost you your job. The same could be said of grey listing. Oddly enough, people are as insistent that grey-listing works as you are that blacklists don't.

Re:Easy solution: (1)

socsoc (1116769) | more than 4 years ago | (#30082524)

Why doesn't grey listing work? Many people that I regularly correspond with have grey listing setup and aside from the annoyances in my MTA logs, it works fine. A legit e-mail server will try again later.

Re:Easy solution: (2, Interesting)

EdIII (1114411) | more than 4 years ago | (#30081698)

You didn't provide him a solution at all. Not really. Don't get me wrong, you are entirely correct in your advice.

However, how are you supposed to get that advice to , or even communicate reliably, with stubborn and/or stupid mail server admins? The problem most often is on the *other* side.

The mail server admins at Craigslist.org deserve to be shot (they really do, at least with rubber bullets). I have run into problems getting email to a mail server in which I am apparently blocked by five-ten-sg.com. Of course, you cannot communicate with five-ten-sg.com *at all*. I did perform an audit of our system to see if we were indeed compromised before accusing them and everything was fine. You just can't communicate with the other side when there is a legitimate problem.

Ostensibly, mail server admins should be checking the postmaster and abuse accounts *every single day*. I bet most have not checked in 6 months. How else do mail server admins work things out amongst themselves?

I think the solution is a polite, but strongly worded email to the customer of the offending mail server (sent from someplace else like gmail) informing them of the problem and the fact their mail server is being run by a monkey. In more polite and diplomatic language of course, but informing them that the reason they can't get email from the other person is that the hosting company does not have their mail server's being run correctly.

Throw the ball back into their court. If you write the letter nicely enough with some informative links to what you basically outlined in your post you might even turn a mail server admin from the stupid-side of the force.

I have to hope that problems receiving email due to such behavior are not isolated and that eventually the mail servers being run unwisely will just lose their customers.

haha funny (1)

CHRONOSS2008 (1226498) | more than 4 years ago | (#30080896)

lets start by saying this:
more people actually trust some hackers then you realize and if you htink your corporate propoganda will help you um change that go play in your sandboxes cause its getting worse for your TRUST not better and watch the next set of elections as voter turnout really plummets

Re:haha funny (2, Informative)

Anonymous Coward | more than 4 years ago | (#30080968)

Read this [wikipedia.org] before you post again.

Re:haha funny (1)

donaggie03 (769758) | more than 4 years ago | (#30082266)

What's the problem? That was a completely correct use of the colon!

How does one renovate and recoup the lost trust t (3, Insightful)

DeadDecoy (877617) | more than 4 years ago | (#30080902)

You don't. The Internet never forgets, never forgives.

Re:How does one renovate and recoup the lost trust (0)

Anonymous Coward | more than 4 years ago | (#30080938)

Amen, brother.

Re:How does one renovate and recoup the lost trust (5, Funny)

proxy318 (944196) | more than 4 years ago | (#30081218)

You don't. The Internet never forgets, never forgives.

Never sleeps either. The internet waits.

Re:How does one renovate and recoup the lost trust (1)

DeadDecoy (877617) | more than 4 years ago | (#30081946)

And surfs for porn in the interim.

Re:How does one renovate and recoup the lost trust (1, Insightful)

countertrolling (1585477) | more than 4 years ago | (#30082126)

... never lies, and is always right

this is a SERIOUS problem (1)

pele (151312) | more than 4 years ago | (#30080906)

that SORBS bastard wanted to charge me $50 to take my new block of IPs off his/her/its list!

hah, good luck SORBS is out of business now!

Re:this is a SERIOUS problem (1)

gmack (197796) | more than 4 years ago | (#30081376)

There are worst things out there than SORBS. There is a certain mail trust tool that blocks any auto blocks any ip with a negative spam to real percentage until the score returns to positive. Whatever genius thought that auto kill system up forgot that you can't detect when the spam to real email percentage improves if you never accept email from the sender.

What slums trust who now? (1)

Quiet_Desperation (858215) | more than 4 years ago | (#30080908)

I think I've gone aphasic. The summary/quote didn't make an ounce of sense to me.

Re:What slums trust who now? (1)

idontgno (624372) | more than 4 years ago | (#30081052)

Yeah, no joke.

Hosting/Colo sold me Whitechapel Road/Ventura Avenue for Mayfair/Boardwalk prices

Even for Slashdot, that's a lot of slashes. I sprained my Wernicke's Area [wikipedia.org] trying to parse that.

Re:What slums trust who now? (1)

reverseengineer (580922) | more than 4 years ago | (#30081336)

The Monopoly reference doesn't even make sense. I understand that Mayfair is the UK Monopoly equivalent of Boardwalk, but there isn't a Ventura Ave. on either the US or UK boards, at least. The corresponding property to Whitechapel Road in the US game is Baltic Ave.

Re:What slums trust who now? (1)

Chyeld (713439) | more than 4 years ago | (#30081656)

Ventura Ave is a common mis-reading of Ventnor Ave, a yellow property next to the water works.

Re:What slums trust who now? (0)

Anonymous Coward | more than 4 years ago | (#30081646)

I sprained my Wernicke's Area [wikipedia.org] trying to parse that.

Is that near Shatner's Bassoon?

Usually never (3, Insightful)

Todd Knarr (15451) | more than 4 years ago | (#30080916)

When do I clean addresses and domains out of my filters? Usually never. It's just too much trouble to keep tabs on all of them and actively look for them being cleaned up. Once they're in the filters, there they stay until something happens to make me take a look at them. Usually that something'll be someone I know getting caught by the e-mail filters and contacting me out-of-band to find out why I'm not responding to their mail. Or it might be me trying to go to a site I added to the filters ages ago and being blocked when I know it should be clean now, and I go and find it and remove it. But generally, unless something like that motivates me, I've got better things to do with my time than keeping track of all the bad guys I've run across over the years and whether they've mended their ways or not.

Why you're not responding? (1)

XanC (644172) | more than 4 years ago | (#30081356)

Surely you reject mail at SMTP time, allowing the sending server to notify the sender that the mail didn't get through, right?

Re:Why you're not responding? (1)

Todd Knarr (15451) | more than 4 years ago | (#30081508)

SMTP protocol? Hello, why am I wasting my CPU cycles and bandwidth on reading and rejecting a spammer's SMTP exchange? Their IP ranges go into my firewall and their packets get dropped long before they get anywhere near the SMTP server. If they get through that and get caught by the SMTP server's checks then yes they'll get an appropriate error code back, but that's a last-ditch check because Rule #1: you can't trust anything a spammer sends you, this includes their HELO/EHLO command.

Re:Why you're not responding? (1)

XanC (644172) | more than 4 years ago | (#30082018)

So why are people's emails going into a blackhole, rather than them getting a bounce from their server?

Or maybe I misread your original sentence about people contacting you out-of-band; I interpreted that to mean they had no clue why you weren't answering, but it could easily be as a result of an undeliverable notification. My bad.

Re:Why you're not responding? (1)

RollingThunder (88952) | more than 4 years ago | (#30082542)

If he firewalls, they will get a "message undeliverable" from their own mailserver, since it can't connect to his mailserver to hand the message off. The message won't dissappear from their local mail queue just because he's bit-bucketing the packets that are trying to establish connection.

Re:Usually never (1)

schon (31600) | more than 4 years ago | (#30082080)

Like you, I blacklist at my firewall... I also send reports to the block's owner... unlike you (apparently :) I go through my blacklist every few months, and if there haven't been any hits from that block, I'll remove it. I figure that will prevent the list from eventually becoming 0.0.0.0/0. :)

Where are the cops? (3, Interesting)

NoYob (1630681) | more than 4 years ago | (#30080932)

In addition, at least one fraud expert who works with a number of big name retailers said online retail fraud rates fell from around $250,000 per day to zero for a short time following McColo's takedow

Why aren't the cops there getting customers lists from McColo and going after the fraudsters?

As far as the toxic waste is concerned, have the Government take those toxic address and have the Government turn their current addresses back into the pool. That will detox those addresses quick.

Re:Where are the cops? (2, Interesting)

ShaunC (203807) | more than 4 years ago | (#30081004)

Why aren't the cops there getting customers lists from McColo and going after the fraudsters?

In the case of McColo (and RBN), many of the fraudsters probably are cops, or at least have cops on the payroll.

Re:Where are the cops? (3, Insightful)

Dunbal (464142) | more than 4 years ago | (#30081090)

Why aren't the cops there getting customers lists from McColo and going after the fraudsters?

      Because the police are far too busy going after the real [lockergnome.com] criminals [cnn.com] to waste time with legitimate fraudsters.

Easy (3, Interesting)

Jazz-Masta (240659) | more than 4 years ago | (#30080966)

Before you order a co-lo, agree that it has to pass certain checks, such as a blacklist check.

http://www.mxtoolbox.com/blacklists.aspx

As for decreasing IP space, IPv6 (real or tunneling) is available at most large co-lo places, so that won't be a problem.

You Don't. That's the point. (5, Insightful)

Tackhead (54550) | more than 4 years ago | (#30080984)

How, in a few years, will I tell if some Hosting/Colo sold me Whitechapel Road/Ventura Avenue for Mayfair/Boardwalk prices, and no one is going to accept my mail from a former slum?

As the purchaser, you probably can't. But what you can do is demand that your provider move you to a better IP neighborhood, or renegotiate (read: "tear up") the contract.

Blocklists aren't about playing whack-a-mole with spammers, they're about disincentivizing spam-friendly providers.

If you're an ISP or hosting provider, and you harbor spammers and botnets, the IP ranges you hold are permanently devalued. That means it's harder for you to get customers, more expensive to support your legitimate customers, and your business, when you decide to sell it, is worth less than if you'd booted the goddamn spammers off your network when you had the chance.

Car Analogy: If you're doing your own oil changes, and instead of hauling the waste oil to a recycler, you dump it into your backyard, don't complain when you try and sell your house and the highest bid still leaves you $100,000 underwater on your mortgage, or requires you to spend $150,000 remediating it. Your property is worth less than it could have been, had you only been a better steward of it.

Re:You Don't. That's the point. (0)

Anonymous Coward | more than 4 years ago | (#30081274)

$SPAMLIST is an ill-maintained and disreputable, even renegade, rbl that is nearly defunct and we are not aware of many legitimate mail domains that would use it for any purpose. However, if this listing is causing you actual problems then you are probably a spammer. . . .

"incentivize" (1)

XanC (644172) | more than 4 years ago | (#30081384)

The word is "incite".

Re:"incentivize" (1)

Omnifarious (11933) | more than 4 years ago | (#30081938)

It is irritating to see the birth of yet another corporate-speak word. Unfortunately I don't think incite is going to ever be a good replacement. Incite has the strong connotation of encouraging someone to do something bad instead of something good.

Unfortunately, given its origins, "incentivize" is likely to acquire the same connotation over time.

Re:You Don't. That's the point. (1)

davidjohnburrowes (884536) | more than 4 years ago | (#30081432)

This sounds reasonable. How do I go about making sure my ISP/hosting provider is not harboring spammers/botnets? Is there a reputable site somewhere where this kinda info is tracked?

Re:You Don't. That's the point. (0)

Anonymous Coward | more than 4 years ago | (#30081628)

The problem with this is when ARIN takes back IP space and then hands it back out to another ISP. Such is the case at my company where one of our new /18's apparently had some /24s in it that were listed on blacklists PRIOR to our having ever had this IP space. It was obviously space ARIN got back from some other company and then assigned it to us when we requested more IPs.

Re:You Don't. That's the point. (1)

ermon (845186) | more than 4 years ago | (#30082372)

If you're an ISP or hosting provider, and you harbor spammers and botnets, the IP ranges you hold are permanently devalued. That means it's harder for you to get customers, more expensive to support your legitimate customers, and your business, when you decide to sell it, is worth less than if you'd booted the goddamn spammers off your network when you had the chance.

While this is good policy on it's face, it has a severe problem - the ISP itself is not permanent. What if the spam-friendly ISP goes out of business and it's IP range is reassigned to a spam-hostile provider?

The parent seems to conflate an IP address assignment with an ISP. IP assignment is not permanent - IP addresses and ranges can and have been reassigned from one provider to another.

Based on the type of permanent blacklisting argued for by the parent, the spam-hostile provider is still blocked simply because they reside in the a range previously owned by spammers. Over time, spammers move around and contaminate an ever growing portion of the IP space. If this IP space cannot be reclaimed the number of useful IP addresses will shrink over time.

In some sense, IPv6 is the solution - but until that blessed day arrives, IPv4 addresses are in short supply. As a result, some method of reclaiming "bad" IP addresses once their owners reform must be made available.

That is precisely the question under discussion here.

Eminent Domain (0)

Anonymous Coward | more than 4 years ago | (#30081024)

Followed by handing over the domains to a rich developer to build an on-line sports stadium.

Obligatory grammar nazi (0, Offtopic)

BenoitRen (998927) | more than 4 years ago | (#30081044)

all the domains and IP's

You do not use the apostrophe to pluralise.

Re:Obligatory grammar nazi (4, Funny)

ledow (319597) | more than 4 years ago | (#30081194)

I once passed a shop offering "Sandwich boxe's". I call it hedge-your-bets punctuation...

Re:Obligatory grammar nazi (1)

JohnFen (1641097) | more than 4 years ago | (#30081490)

Don't you mean 'hedge-you'r-bet's"?

Re:Obligatory grammar nazi (1)

smellsofbikes (890263) | more than 4 years ago | (#30082480)

I once passed a shop offering "Sandwich boxe's". I call it hedge-your-bets punctuation...

Dude. I was in a Safeway that claimed to be selling "Mrs Whites pie's". I cried. Three words, three mistakes: HOW?

Then I pulled out a Sharpie and fixed it, which is why my friends used to call me Conan The Grammarian. Bad grammar modded for free!

the first rule (-1, Troll)

Anonymous Coward | more than 4 years ago | (#30081086)

want to improve your neighborhood? get rid of the niggers, fags and spics.

90 percent of blacklists are crap... (4, Funny)

bmo (77928) | more than 4 years ago | (#30081100)

...because 90 percent of everything is crap.

> So too, now Geocities is dead [as a business], but does that still live in your filter list? It still appears in OpenDNS under several policy categories.

If you filter via OpenDNS, then you get what you deserve.

If you've done *any* metamoderating of OpenDNS website classifications, you will soon decide that poo flinging chimpanzees are more accurate.

I came, I saw, I ran away screaming.

--
BMO

Slums? I'm a gangsta! My epic will bust a cap (1)

mseidl (828824) | more than 4 years ago | (#30081152)

I'm straight up gangsta from south central Ironforge...

Re:Slums? I'm a gangsta! My epic will bust a cap (1)

whychevron (1230194) | more than 4 years ago | (#30081616)

well I'm from south central Orgrimmar we will bust a spell in yours

4chan (5, Insightful)

meow27 (1526173) | more than 4 years ago | (#30081180)

isnt THAT the slum of the internet?

Re:4chan (2, Funny)

Fry-kun (619632) | more than 4 years ago | (#30081316)

/b/ is the fist thing that came to my mind as well

Re:4chan (1)

jaxtherat (1165473) | more than 4 years ago | (#30081434)

It is a wrenched hive of scum and villainy.

Re:4chan (3, Insightful)

petrus4 (213815) | more than 4 years ago | (#30081866)

Mod parent +5,000, Insightful.

Seriously; if maintaining your level of faith in the compassion, empathy, and fundamental decency of the human species is something you care about, don't ever visit 4chan.

That site is very little more than a showcase of the very worst, morally, psychologically, and emotionally, that humanity is capable of.

Re:4chan (5, Funny)

foo1752 (555890) | more than 4 years ago | (#30082310)

Mod parent +5,000, Insightful.

You missed your chance, dude. You should have said: Mod parent over 9000, Insightful.

1 year (4, Insightful)

scorp1us (235526) | more than 4 years ago | (#30081198)

Everything should expire after a year.

I also would suggest this in government. That all laws get renewed to automatically expire after 10 years. That way we can keep the law makers busy keeping the good laws while letting the old ones die, as well as keeping them from making crappy new ones that won't survive a 10 year renewal.

Re:1 year (1)

Anonymous Coward | more than 4 years ago | (#30081358)

I too often come up with juvenile ideas which I post on slashdot because nobody in the real world listens to me.

Re:1 year (0)

Anonymous Coward | more than 4 years ago | (#30081446)

sunset clauses are in many bad laws. its not a bad idea.

Exactly!! (1, Insightful)

XanC (644172) | more than 4 years ago | (#30081400)

They're desperate to show that they're doing something. Make it so they have to do something to maintain the status quo and everybody's happy.

Re:Exactly!! (0)

Anonymous Coward | more than 4 years ago | (#30082112)

Might lead to some complexities in law such as remembering when all the laws lapse and their replacements take affect. However this will likely be in the more advanced concerns such as the laws affecting your line of business and hence it would be your job to keep up on these laws. Another problem may occur when the laws sunset and their replacement can't be negotiated due to one party stonewalling maybe for harsher punishment/less harsh etc but again this would likely be kept in check due to laws such as say again the murder case having an extra sense of urgency to keep a lapse period from occurring and the damage that would occur. It would help keep the laws and their punishments current and really how many laws can you write without micro managing the whole country, I don't see it so much as the politicians showboating for the sake of showboating but you outlaw murder, kidnapping etc how much do you really want to be involved in peoples daily lives. Many will probably say "its all they think about," but would defiantly warrant further consideration.

Re:1 year (2, Insightful)

zippthorne (748122) | more than 4 years ago | (#30082114)

Agreed. Also, all laws must be read into the record. That'll put an upper bound on the sheer magnitude of legislation and guaranteed that the aforementioned laws have been read at least once.

Re:1 year (3, Insightful)

QuoteMstr (55051) | more than 4 years ago | (#30082400)

Reading every law? What about the building code? What about trade duty schedules? What about the tax law (a lot of the complexity of which is actually necessary)? I'm sure you can find many more examples [cornell.edu] . It's as if you're asking for every computer program to be dictated by telephone. Your request reflects a very naive view, namely that complex societies like ours can be governed by simple laws.

If we actually tried what you suggest, what we'd see is simple legislation. Because these laws would have simple, they couldn't address subtleties and special cases, and as a result, these laws would cause a lot of injustice. Is this the world you'd really like to live in?

I never understood how people like you can see all law as universally bad, and how you actually hope for a "gridlock". Bad government is bad, yes, but good government is also good. You'd argue that all government is bad government, but if you look around, any reasonable person will see that argument is nonsense. Only ideologues maintain that government is always the problem.

"illegal activity" is another person's "freedom" (1)

plasmacutter (901737) | more than 4 years ago | (#30081302)

Indeed, the economic benefits abound when a huge swath of illegal and annoying activity ceases

Translated from corporatocracy-ese to english:

"once we've quashed the disruptive technological utopia people created on the web, the economic opportunity to carve it up and sell it back to only those who can pay abounds!"

Re:"illegal activity" is another person's "freedom (0)

Anonymous Coward | more than 4 years ago | (#30081754)

I think another example would be many of the morality crimes as well.

Slums? (0)

Anonymous Coward | more than 4 years ago | (#30081532)

Yes, spammers and the IPs they use, and areas that the poorest of the poor live in is a really good analogy.

Re:Slums? (1)

Sulphur (1548251) | more than 4 years ago | (#30081724)

Village of the Spammed?

Downbelow finally explained (1)

earlymon (1116185) | more than 4 years ago | (#30081618)

I always wondered how Downbelow really could really happen in an enlightened, spacefaring society.

See - http://en.wikipedia.org/wiki/Babylon_5_(space_station) [wikipedia.org]

Substitute "IP slums" for "Downbelow" and "information-based" for "spacefaring."

See - http://en.wikipedia.org/wiki/Geocities#Neighborhoods [wikipedia.org]

Re:Downbelow finally explained (1)

Dynedain (141758) | more than 4 years ago | (#30082252)

I think they explained that pretty well in the series, and even discussed the social conditions that lead to it.

1) Lots of people on speculative journeys (think gold-rush mentality) that had a tough time and can't afford the return trip home.
2) Refugees from war, political and religious persecution, etc.

Throw in some compassion on the administration's part (eg, not just going to throw them out an airlock), but not full-fledged socialism, and voila, a slum.

Does Krebs mentions slums? (0)

Anonymous Coward | more than 4 years ago | (#30081836)

@turtleshadow: Is 'slum' the best analogy you can come up with? As though slums everywhere are singularly about criminality? Do you live in Palm Beach or something? Monaco? What a thoughtless way to caricature people all round the world, and miss the point you want to make about criminality on the internet. See, in real life, slums are where people live when they've trying to make ends meet but just don't have the resources or infrastructure they need. You won't find spam kings working from Kibeira.

"Slums" (0)

Anonymous Coward | more than 4 years ago | (#30081922)

I wouldn't call it the slums of the internet. While it may be true that with the poor we have a lot of criminal activity it can be said that with the rich we have the most destructive type of criminal activity. And for the internet the blacklisted IPs represent the places with criminal activity, nothing more and nothing less.

be careful (1)

socsoc (1116769) | more than 4 years ago | (#30082490)

How about you don't accept the IP addresses of the slums and ask your provider for clean ones?

Good question (1)

buss_error (142273) | more than 4 years ago | (#30082522)

Aside from calling the IP allocations formerly used by criminals "slums", this is actually a very important question. All of McColo's space is still in my edge routers as "drop". I only checked because of the connection with this story. Does it make sense to drop those blocks now? I'm not entirely sure, and since no one is complaining (as yet), why WOULD I remove them?

Should we look to some authority to publish a list, something like the SpamHaus DROP list?
Should we start looking to ICANN to more strongly enforce removing bad actors? What rules, which guide lines? Is sending spam ok, but not being known to host fraud sites? Why? Who decides?

I think it highly ironic that SAVVIS commented upon IP allocations that are "poison" for email. Perhaps it's a case of "the burned hand teaches best." Those that deal with more than a modicum of email will know the back story to that vis-a-vi SAVVIS networks.

I may not be smart enough to have the answers, but I think I'm smart enough to know when someone asks a pretty drun good question. I think this is one.

Part of the answer may be for a system of distributed log inspection. Obviously, some of the information will need to be sanitized before being sent to third parties. Just as obviously, some way to keep the system from being abused by governments needs to be considered. How to do that without giving repressive governments a very powerful tool is something I've been thinking about for over five years. To date, I don't know that it can be done. I do think that if it cannot be closely kept to identifying command and control or infected hosts, it should NOT be done.

I want to shut down and stop criminals - not stifle those that protest against their governments.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>