TELECOM Digest OnLine - Sorted: Re: Ethics of Deterrence

Re: Ethics of Deterrence

Bob Vaughan (
Mon, 25 Jul 2005 18:47:07 UTC

In article <>,

> [TELECOM Digest Editor's Note: I wonder if anyone besides me has
> noticed how this whole thing has deteriorated from evil nasty spammers
> as the _true_ villians to evil nasty netizens trying to harm a good
> and pure web site; for how many ever years, when filtering was thought
> to be the answer to everything, so many netters would say 'ho hum,
> lets crank up the filter a little more' to desparately try to
> eliminate them. Now that we are close to the hundred percent
> saturation point with spam (as some of us predicted long ago) and
> filtering has been shown to be a dismal failure, at least among
> netizens who have to shovel it out by the truck load each day, and
> thought has been given to taking a more agressive deterence posture,
> these same guys who were so, well, almost _casual_ about installing
> more and more filtering are now getting desparate in their paranoia
> as they defend the spammers and their (spammers) 'right of free
> speech' as it were.

> Tell me this John, is there some sort of 'Spammers Legal Defense Fund'
> you guys sponsor or contribute to?

No, we are not in favor of spam, but we are against collateral damage
to innocent parties in the name of fighting spam.

> When spammers (ever so rarely) get sued by a government agency do
> you guys hire lawyers to help defend them?

No, see above.

> Why did ICANN (and its cheering squad on the net) fight so
> vigorously against the federal government's CAN-SPAM proposed
> legislation; making up all sorts of mumbo-jumbo about 'how it will not
> work, so do not waste your time on it'?

The fight against CAN-SPAM was based on several major problems with
the legislation:

1. It explicity permits spam, unless the recipient requests to be
removed (opt-out), instead of prohibiting spam, unless the
recipient requests it (opt-in).

2. It prohibits individual or class-action lawsuits against spammers by
email recipients, but allows enforcement by the FTC, state attorneys
general, ISP's, and other federal agencies for special categories of
spam (banks).

2. It supercedes state laws, except for laws pertaining to fraud. Most of
the state laws that were superceded were of the opt-in variety,
which did not restrict the rights of the spam recipient to bring suit.

In other words, CAN-SPAM is worse than no legislation at all, in that
it restricts the rights of individuals to sue spammers, and restricts
the rights of states to enact real legislation with penalties, while
making spam into a legitimate business.

Would you rather have your house protected by a trained attack dog
under your direct control, or would you rather have congress tell you
that you can't own your own attack dog, but that they will provide a
few toothless poodles instead, but they will be kept in Washington.

> Why does ICANN interject itself, with its so-called 'expert
> testimony' in all these cases where legislation is pending, when
> instead of giving expert testimony they merely want to hawk their
> own agenda? It all really amazes me. Why do you guys object so
> vigorously when netizens try self help? If our ideas are such a
> damn fool waste of time, then please, __let us find it out for
> ourselves__; quit trying to save us from ourselves. Obviously your
> passive filtering solutions have not worked; why can't we try our
> way instead? What is your _real objection_ anyway? PAT]

The real objections are to the potential for serious collateral damage
to innocent parties, and to the potential for these anti-spam tools to
be used as the mechanism for DDoS attacks against innocent parties.

Filtering does not affect innocent parties, unless they try to send
you email, and are blocked from doing so.

DDoS attacks do affect innocent parties, and are illegal.

A DDoS attack by proxy is still a DDoS attack.

Coordination with others for the purpose of initiating a DDoS attack
is conspiracy to commit a crime, which is itself a crime.

-- Welcome My Son, Welcome To The Machine --
Bob Vaughan | techie @ |
| P.O. Box 19792, Stanford, Ca 94309 |
-- I am Me, I am only Me, And no one else is Me, What could be simpler? --

[TELECOM Digest Editor's Note: So if an airplane crashes into a
building in New York City and everyone jumps on their telephone at one
time to chat with everyone else about it and 90 percent of the
residents cannot get a dial tone or connection, that is a Denial of
Service is it not? Whose fault is it? Or a new very popular web site
starts up and everyone tries to look at it at one time, and quite a
few callers get turned away as a result. Whose fault is that? When is
it ever my fault if I attempt to use a communications link somewhere
and a million other folks are trying to do the same and I get turned
away. Is congestion on the telephone network or a computer network
ever of concern to me (as in to be blamed for same)? Maybe the phone
company needs more circuits or the ISP or the web page owner need more
resources? If each person who sees a piece of spam objects to the
piece of spam (and the owner of same having been positively identified)
chooses to complain to the owner is it really _my concern_ if the
computer links (or phone lines or other communication system) is too

Anyone who had something other than the WTC situation to talk about on
9-11-01 was one of your innocent parties which got injured, were they
not since the phones were all screwed up that day. And if a person
that wanted to place an order for some merchandise they could not get
through on the phone, could they? And if X number of people were on
their computer complaining with someone about unwanted email they had
recieved and another person came along who did in fact want some of
that merchandise then they would not be able to get through either,
would they? If you send out several million spams, I have to assume
you expect to get at least a few thousand orders for your product,
with the requisite customer service correspondence to go along with
it. AOL, Yahoo, MSN and Google are all anticipating _lots_ of traffic,
so they prepare accordingly with plenty of circuits and equipment.
If for some reason, they get more responses than they expected, things
will get very hectic on the computer. Should I get the blame for all
that as well?

You know, Bob, your claims that it is a 'crime' for some people to
respond in a negative way to a product on the computer is really
stretching things pretty thin. If it makes you feel better to refer
to those concerted complaints as a 'crime' in order to twist things
around and make out the spammers to be 'poor innocent business people'
who have been 'victimized' by a relative handful of netizens filing
complaints, then please go ahead and do so. But no matter what you
say, it is _not_ a crime when someone's network resources run low
because of a huge response (pro or con) to a message the person sent
out. Nor is it a crime when a group of people get very excited about
some situation and begin chatting with others about it. So call it
whatever you want, it is _not_ DDOS when a million (or any number of
users) respond -- even all at once -- when they are asked something.

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Jeremy Pelofsky: "US Telecom Overhaul Chances This Year Seen Slim"
Go to Previous message: "Re: An Unsettling Surprise: Victimized by ID Theft"
May be in reply to: Eren Reshef: "Ethics of Deterrence"
Next in thread: John Levine: "Re: Ethics of Deterrence"
TELECOM Digest: Home Page