Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Comcast's "Evil Bot" Scanning Project (Lauren Weinstein)

From: Dave Farber <dave () farber net>
Date: Sat, 10 Oct 2009 16:27:41 -0400




Begin forwarded message:


From: Doug Humphrey <doug () joss com>
Date: October 10, 2009 14:50:23 EDT
To: dave () farber net
Cc: ip <ip () v2 listbox com>
Subject: Re: [IP] Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) 





It might be optimal if they would lay out "policy" in two
statements, one technical and one for the "masses"

Of course, there would be the danger that the two would
not match - the lawyers would point that out - one of the
reasons that lawyers point out for "plain language contracts"
not being a good idea (in their view)

The "non-tech" statement is for them people who want to
know how this might effect them, but are not technical and
do not really have concerns on how it is implemented - they
would not understand those details anyway,  remember, the
average Comcast customer is not on this list - and then the
"tech" statement would be as much about how they would
go about it as what they were trying to accomplish, so that
tech savvy people could look to see if there are any side
effects that they are not going to like, etc.

As a former founder/owner/runner of an ISP (Digex) I can
assure you that I understand both sides of this argument!

doug



On Oct 10, 2009, at 2:03 PM, Dave Farber wrote:






Begin forwarded message:


From: John Levine <johnl () iecc com>
Date: October 10, 2009 13:33:21 EDT
To: dave () farber net
Cc: "David P. Reed" <dpreed () reed com>, lauren () vortex com
Subject: Re: [IP] Re: Comcast's "Evil Bot" Scanning Project (Lauren Weinstein) 




I don't see where Comcast is being transparent about *how* they do
this, or giving customers a chance to opt-in or -out.


Right.  Do you suppose there's a reason they'd rather not publish
instructions to tell bot writers how to circumvent their defenses?

If you're wondering how their sandbox works, look at the I-D they
sent in last week.
If I send a lot of email, why does that make me a "bot"? Maybe I just 
send a lot of email.
It doesn't. As others have noted, it's not hard to tell bot behavior 
from heavy user behavior.


But to be honest, in most markets, Comcast is the only real choice,
and imposing their "features" on me might not be what I want, ...


Ah yes, "ISPs musn't deal with dangerous software installed on their
networks by criminals because it might, hypothetically, inconvenience 
me."  Get real.  This is not a few script kiddies.  This is
sophisticated criminal malware that does things like rewriting online 
bank transcations in real time to steal money from users' accounts,
and DDoS ecommerce sites in extortion schemes.  It would be
irresponsible for large ISPs like Comcast NOT to use whatever tools
they have to deal with it.

R's,
John


Archives        






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: