Is A Denial Of Service Attack Ethical Because The Company That Does Them Says So
from the seems-a-bit-questionable dept
We saw all the stories yesterday about the “new” anti-spam system that would launch a denial of service attack on spammers and figured it wasn’t really worth mentioning, because we’d already covered this topic back when much more recognizable companies Lycos and IBM experimented with similar offerings. So, while it was amusing to see trade publications call this late-to-the-game effort “dumb as a bag of hammers,” it didn’t seem all that interesting. This morning, however, it was amusing to see someone named Rob submit a link to an article that seems to have believed every marketing statement coming out of the company, and crowned it as “a do-not-spam registry that might work.” However, the part that caught my attention was the claim in the article that, despite the concerns of just about everyone else who commented on this plan, the system of vigilante attacks on spammers was “ethical.” Why? Because the company’s CEO told them so. The problem, of course, with any of these systems is that there is no recourse for a site that gets knocked out by this system. So, any smart spammer will simply start spamvertising sites of people he doesn’t like — leading them all to get a denial of service attack from this so-called “ethical” system. The CEO says that won’t happen because his company’s staff monitors what sites are being hit — but that just makes them the private, unaccountable judge, jury and executioner of sites they don’t like.
Comments on “Is A Denial Of Service Attack Ethical Because The Company That Does Them Says So”
You’re absolutely right. This kind of “payback” goes on all the time.
For the last week I’ve been subject to a Joe Job assault from Michael Lindsay/imedia, one of the nation’s top spammers.
He has been using my e-mail address and the IP address of my Web site in his spam e-mails, selling Cialis and other “male enhancement” prescription drugs illegally, without a prescription.
All the e-mails go to the same site, whose URL changes daily.
These guys are hiding in plain site. Aggressive law enforcement would put them behind bars. Yet nothing happens, and stupid vigilantism is actually seen as reasonable.
No, the solution is a real anti-spam law, and real enforcement by the federal government. If that takes a new Congress and a new President, so be it.
Sorry to hear about this – it’s a real hassle and processing the bounces can be a problem.
1) You’re probably already using SPF, but if not see SPF Overview.
2) If you’re a big emailer, contact AOL, Hotmail and other big ISPs, with details of your mail-server. Ask them block fake emails from other IPs. AOL Whitelisting
3) If you’ve time to waste, keep records of the attack and report this to the police. If more people complain, maybe they will act.
No Subject Given
Thanks for the cbronline.com link, Mike. Some thoughts on your commentary…
The difference between a reporter and a blogger is that reporters report stuff whether they happen to agree with it or not.
I addressed ethics directly in two sentences: “Blue chief executive Eran Reshef told ComputerWire that the system is ethical” and “Reshef said he believes the system to be ethical.”
I didn’t report “The system is ethical” or “The system is unethical”. I’ll leave that kind of opinion stuff to bloggers like yourself, Mike.
As for the headline “A do-not-spam registry that might work”, I stand by it. Previous ideas, such as the ones investigated by the FTC, would not work.
This one *might*. As opposed to *will*, which seems to be your reading of it.
No Subject Given
Incidentally, the InformationWeek blogger who made the “dumb as a bag of hammers” comment seems to think that the Blue Security software sends email complaints to the spammers, which shows a lack of research. The “easily spoofed” email headers he blogs about are utterly irrelevant to the Blue offering.
Denial of SA
This has happened to my companies website. Of course there is an ethical problem. This is the kind of thing that ruins compaines.