If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#91
|
|||
|
|||
On Thu, 03 Mar 2005 11:47:25 +1100, Lionel wrote:
Kibo informs me that Big Bill stated that: On Wed, 02 Mar 2005 23:06:46 +1100, Lionel wrote: Blocking open proxies wouldn't impact Googles legitimate users in the slightest, unless they were one of the idiots who owned one of the poorly secured proxies, in which case lack of Usenet posting access via Google would be the least of their problems. That blocked ISP has no legitimate users? We're talking about single machines, not entire ISPs. I was under the impression that we were discussing Google blocking an ISP that was being used as an open proxie. No? -- Bill Funk Change "g" to "a" |
#92
|
|||
|
|||
On Thu, 03 Mar 2005 11:52:22 +1100, Lionel wrote:
Kibo informs me that Big Bill stated that: On Wed, 02 Mar 2005 22:59:16 +1100, Lionel wrote: Kibo informs me that Big Bill stated that: So how is Google preventing victims from finding the perp? Other than anonymous news gateways, (which don't permit their users to impersonate others), Google is the only news provider I know of that permits totally anonymous, non-authenticated posting privileges via open proxies, with a unenforced AUP/TOS, & as many free accounts (& identities) as a person can find time to create. This combination of 'features' makes Google a nirvana for spammers & psychos. Which in no way answers my question. I'll rephrase: Other than anonymous remailer/gateways, news providers have some way of tracking illegal activities back to the culprit - Google doesn't. Ah, then you're saying that Google has somehow lost or never gained the same capabilities that other providers have. Is this something secret that Google doesn't have the secret handshake for? Or do the others just block entire ISPs, along with legitimate users? (Actually, I know the answer; they do indeed block entire ISps, along with their legitimate users. All you need do is say that.) -- Bill Funk Change "g" to "a" |
#93
|
|||
|
|||
Kibo informs me that Big Bill stated that:
On Thu, 03 Mar 2005 11:47:25 +1100, Lionel wrote: Kibo informs me that Big Bill stated that: On Wed, 02 Mar 2005 23:06:46 +1100, Lionel wrote: Blocking open proxies wouldn't impact Googles legitimate users in the slightest, unless they were one of the idiots who owned one of the poorly secured proxies, in which case lack of Usenet posting access via Google would be the least of their problems. That blocked ISP has no legitimate users? We're talking about single machines, not entire ISPs. I was under the impression that we were discussing Google blocking an ISP that was being used as an open proxie. No? No. Just single machines that are so poorly secured that their proxy services are open to the general public, rather than being restricted to the intended users. Most commonly, this is due to carelessness or cluelessness by the owner/operator of the machine. -- W . | ,. w , "Some people are alive only because \|/ \|/ it is illegal to kill them." Perna condita delenda est ---^----^--------------------------------------------------------------- |
#94
|
|||
|
|||
Kibo informs me that Big Bill stated that:
On Thu, 03 Mar 2005 11:52:22 +1100, Lionel wrote: [...] I'll rephrase: Other than anonymous remailer/gateways, news providers have some way of tracking illegal activities back to the culprit - Google doesn't. Ah, then you're saying that Google has somehow lost or never gained the same capabilities that other providers have. At a guess; 'Never gained'. The thing that makes Google different to normal news providers is their web-based posting interface. In theory, a person could use a proxy to conceal their IP address, etc, when posting from a regular Usenet service, but standard news-servers operate over a different protocol (NNTP - port 119) to web-based systems like Google, which use the HTTP protocol (port 80). In practice, open proxies on HTTP are quite common, but proxies supporting NNTP are very rare, & open NNTP proxies are pretty much non-existant. Consequently, open proxies are not a security issue for conventional news providers, but are a major weak spot for web-based services like Google. (This is also a major security issue for blogging sites or web-fora that permit the general public to post comments without authentication, BTW.) Is this something secret that Google doesn't have the secret handshake for? Or do the others just block entire ISPs, along with legitimate users? (Actually, I know the answer; they do indeed block entire ISps, along with their legitimate users. All you need do is say that.) I can't say that, because I have no idea whether or not it's true. -- W . | ,. w , "Some people are alive only because \|/ \|/ it is illegal to kill them." Perna condita delenda est ---^----^--------------------------------------------------------------- |
#95
|
|||
|
|||
Kibo informs me that Big Bill stated that:
On Thu, 03 Mar 2005 11:52:22 +1100, Lionel wrote: [...] I'll rephrase: Other than anonymous remailer/gateways, news providers have some way of tracking illegal activities back to the culprit - Google doesn't. Ah, then you're saying that Google has somehow lost or never gained the same capabilities that other providers have. At a guess; 'Never gained'. The thing that makes Google different to normal news providers is their web-based posting interface. In theory, a person could use a proxy to conceal their IP address, etc, when posting from a regular Usenet service, but standard news-servers operate over a different protocol (NNTP - port 119) to web-based systems like Google, which use the HTTP protocol (port 80). In practice, open proxies on HTTP are quite common, but proxies supporting NNTP are very rare, & open NNTP proxies are pretty much non-existant. Consequently, open proxies are not a security issue for conventional news providers, but are a major weak spot for web-based services like Google. (This is also a major security issue for blogging sites or web-fora that permit the general public to post comments without authentication, BTW.) Is this something secret that Google doesn't have the secret handshake for? Or do the others just block entire ISPs, along with legitimate users? (Actually, I know the answer; they do indeed block entire ISps, along with their legitimate users. All you need do is say that.) I can't say that, because I have no idea whether or not it's true. -- W . | ,. w , "Some people are alive only because \|/ \|/ it is illegal to kill them." Perna condita delenda est ---^----^--------------------------------------------------------------- |
#96
|
|||
|
|||
Lionel writes:
Once you've got the logs, it's easy to track down an 'anonymous' person who's been abusing the proxy. In that case, there's no reason to forbid open proxies. -- Transpose hotmail and mxsmanic in my e-mail address to reach me directly. |
#97
|
|||
|
|||
In news.groups, Lionel writes:
What support job? If you're talking about Google, Google provides a free posting service to the general public & can deny Groups/Usenet *posting* access for any reason they please. All they have to do is add "We do not permit posting from open proxies" to their TOS/AUP, & continue to ignore email to their groups-support address, just as they do now. They don't ignore mail to that address. They do deal with user support requests. I realize they can deny posting access for any reason they please, and I don't even think I disagree with you about where the best tradeoff might lie, but it is actually a tradeoff, not a trivial decision. Russ Allbery said: There's also the little problem that some of the blacklist operators, er, lie. Or make, er, strategic alterations for personal reasons. Sure, there are blacklists that *don't* do this, but I swear, it's getting to the point where trying to figure out who you can listen to and who you can't is a full-time job, since it keeps changing. And then people stop running blacklists by setting the blacklist to reject everyone. Didn't each of those incidents only ever happen once? (ORBS, IIRC.) Unfortunately, no. At least three or four different major blacklists (never mind all the little ones) have done spite listings at one point or another, as I recall. I don't remember the details well enough (not using any blacklists myself) to be able to tell you exactly which ones without a substantial fear of accusing the wrong person, but I watched a lot of the discussion go by. There are a lot of really good reasons to be distrustful of blacklists, even without the additional worries of making one's client access dependant on a third party with whom one does not have a contract. -- Russ Allbery ) http://www.eyrie.org/~eagle/ |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Beware of Troll Alert! | Lewis Lang | Digital Photography | 6 | February 10th 05 12:04 AM |
CASH REWARD by camera merchant - $500 | [email protected] | 35mm Photo Equipment | 2 | August 11th 04 06:44 PM |
CASH REWARD by camera retailer - $500 | [email protected] | Medium Format Photography Equipment | 0 | August 11th 04 04:27 PM |
CASH REWARD by photo retailer - $500 | [email protected] | In The Darkroom | 0 | August 11th 04 04:24 PM |