[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200403242035.04626.fulldisc@ultratux.org>
From: fulldisc at ultratux.org (Maarten)
Subject: viruses being sent to this list
On Wednesday 24 March 2004 13:34, Gadi Evron wrote:
> As I got a response from the managers, I am happy. And I took it off-list.
I left this thread alone for a long time, partly since what I felt was already
being said by others, and also partly because I consider myself new here so I
mostly lurk 'n learn. ...However, I now want to contribute a bit.
> The samples below could have been detected by any AV using signatures
> alone. Thus, without any heuristics, not risking false positives or
> requiring more time spent on moderation.
Albeit a valid point, I still consider it irrelevant. It will _cost_ the
listmaintainers/listowners, no matter how you turn it. It may be time spent
in setting up and configuring, it maybe be cost incurred in browsing through
logs. It may be extra CPU load due to scanning, it may be dealing with
malcontent listusers or faults that -inevitably- will occur. God forbid, we
may even one day get a witty worm variant that exploits a vulnerability in
the virusscanner this list uses... at this point, nothing surprises me.
And for what? I can see NO valid reason whatsoever that anyone can demand that
a list take care of what they deliver through it. Here below are my reasons.
For starters, any filtering on the content can open you up for lawsuits. For
that same reason even ISPs are (well, were...) reluctant to install any
filtering (be it mail, or on IP level). Once you do that, you prove that you
have control over your content and the first RIAA or DMCA subpoena is in the
mail already. Retaining any "common carrier" status is quite important.
Especially for a list dealing with such [legally] delicate stuff as this one.
This reason above, I feel, should be enough to seal the case in and by itself.
However, I have another one: I think it is unreasonable to expect that anyone
else than you yourself should be the gatekeeper of your own front door.
If you fear viruses, you run a mailscanner. Your security, your burden. Not
ours. I run a full non-windows environment since 1997 and I think it is
unreasonable that we all make an effort just because some people choose to
use "a somewhat less secure" environment. Yes, it IS your free choice.
To follow the analogy, it is not normal for one to ask the mailman to bring a
ladder with him, just because you have your mailbox mounted at the second
floor. If you fear that pranksters might fsck up your mailbox, get a better
protected mailbox. But don't burden the mailman (or the sender) with your own
issues. If you dislike the ads that come a magazine you subscribed to,
unsubscribe. It's that simple, really.
Three parties can influence what gets through to your mailbox. The government
(by passing a law that forces everybody to abide by it), yourself (of course)
and your ISP (it is the only party you pay; thus the only one that you have
(or can claim) any leverage with.
And third, this is not your average list or forum, it really isn't called
full-disclosure for nothing. Stuff _will_ be delivered here that you surely
do not want to run in an uncontrolled environment. We all know this. Most of
us walk on their toes here; if they didn't already read their mail in
ascii-only mode -just because of the paranoia that often comes with this job-
they may change their minds when they subscribe to FD.
You know the sign... "Ye who enter here... yada yada yada". ;-)
Well... this subject has been beaten to death, and I even helped a bit.
I will now crawl back to the little internet-corner whence I came I guess :-)
Maarten
Powered by blists - more mailing lists