Full Disclosure mailing list archives
Re: viruses being sent to this list
From: Maarten <fulldisc () ultratux org>
Date: Wed, 24 Mar 2004 20:35:04 +0100
On Wednesday 24 March 2004 13:34, Gadi Evron wrote:
As I got a response from the managers, I am happy. And I took it off-list.
I left this thread alone for a long time, partly since what I felt was already being said by others, and also partly because I consider myself new here so I mostly lurk 'n learn. ...However, I now want to contribute a bit.
The samples below could have been detected by any AV using signatures alone. Thus, without any heuristics, not risking false positives or requiring more time spent on moderation.
Albeit a valid point, I still consider it irrelevant. It will _cost_ the listmaintainers/listowners, no matter how you turn it. It may be time spent in setting up and configuring, it maybe be cost incurred in browsing through logs. It may be extra CPU load due to scanning, it may be dealing with malcontent listusers or faults that -inevitably- will occur. God forbid, we may even one day get a witty worm variant that exploits a vulnerability in the virusscanner this list uses... at this point, nothing surprises me. And for what? I can see NO valid reason whatsoever that anyone can demand that a list take care of what they deliver through it. Here below are my reasons. For starters, any filtering on the content can open you up for lawsuits. For that same reason even ISPs are (well, were...) reluctant to install any filtering (be it mail, or on IP level). Once you do that, you prove that you have control over your content and the first RIAA or DMCA subpoena is in the mail already. Retaining any "common carrier" status is quite important. Especially for a list dealing with such [legally] delicate stuff as this one. This reason above, I feel, should be enough to seal the case in and by itself. However, I have another one: I think it is unreasonable to expect that anyone else than you yourself should be the gatekeeper of your own front door. If you fear viruses, you run a mailscanner. Your security, your burden. Not ours. I run a full non-windows environment since 1997 and I think it is unreasonable that we all make an effort just because some people choose to use "a somewhat less secure" environment. Yes, it IS your free choice. To follow the analogy, it is not normal for one to ask the mailman to bring a ladder with him, just because you have your mailbox mounted at the second floor. If you fear that pranksters might fsck up your mailbox, get a better protected mailbox. But don't burden the mailman (or the sender) with your own issues. If you dislike the ads that come a magazine you subscribed to, unsubscribe. It's that simple, really. Three parties can influence what gets through to your mailbox. The government (by passing a law that forces everybody to abide by it), yourself (of course) and your ISP (it is the only party you pay; thus the only one that you have (or can claim) any leverage with. And third, this is not your average list or forum, it really isn't called full-disclosure for nothing. Stuff _will_ be delivered here that you surely do not want to run in an uncontrolled environment. We all know this. Most of us walk on their toes here; if they didn't already read their mail in ascii-only mode -just because of the paranoia that often comes with this job- they may change their minds when they subscribe to FD. You know the sign... "Ye who enter here... yada yada yada". ;-) Well... this subject has been beaten to death, and I even helped a bit. I will now crawl back to the little internet-corner whence I came I guess :-) Maarten _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: viruses being sent to this list, (continued)
- Re: viruses being sent to this list Valdis . Kletnieks (Mar 23)
- Re: viruses being sent to this list Michael Cecil (Mar 23)
- Re: viruses being sent to this list Aschwin Wesselius (Mar 24)
- Re: viruses being sent to this list Dave Horsfall (Mar 23)
- Re: viruses being sent to this list John Sage (Mar 23)
- Re: viruses being sent to this list Byron Copeland (Mar 23)
- Re: viruses being sent to this list Gadi Evron (Mar 24)
- Re: viruses being sent to this list John Sage (Mar 24)
- Re: viruses being sent to this list Adam (Mar 24)
- Re: viruses being sent to this list Gadi Evron (Mar 24)
- Re: viruses being sent to this list Maarten (Mar 24)
- One more Wack at the dead equine WAS: viruses being sent to this list Marc Rassbach (Mar 25)
- Re: One more Wack at the dead equine WAS: viruses being sent to this list Gadi Evron (Mar 25)
- Re: One more *plonk* John Sage (Mar 25)
- Re: viruses being sent to this list Paul Schmehl (Mar 24)
- Re: viruses being sent to this list Valdis . Kletnieks (Mar 24)
- Re: viruses being sent to this list Gadi Evron (Mar 22)
- Re: viruses being sent to this list Gadi Evron (Mar 22)