[Dshield] new Netsky.b virus - quick analysis (incl. hexdump)

Tony Earnshaw tonye at billy.demon.nl
Fri Feb 20 18:43:58 GMT 2004

fre, 20.02.2004 kl. 17.36 skrev John Sage:

> I usually avoid these philosophical digressions at all costs, but
> fools rush in...

No, no - go on :)

> > > We desparately need *smart* and *fast* solutions for SMTP
> > > problems.  I've not seen a single useful solution that cannot be
> > > bypassed, and at the same time will not render legitimate use of
> > > SMTP problematic, if not totally impossible (the ultimate solution
> > > may not exist).
> /* snip */
> > Surely it's not beyond the bounds of human intelligence (though
> > probably above mine) to configure routers that are already trained
> > to filter, to recognize aggressive content? Even dynamically?
> This is no solution whatsoever, and in fact is a capitulation of
> responsibility to some anonymous "higher authority".


> Exactly *who* are you willing to give the authority to define and
> delete "aggressive content" out at the big pipe, router/switch level?

Many users (at least, here in God's little "old" Europe - getting on for
350 million people?) have delegated the banning of spam and virus to
their ISP. With my own ISP, that's entirely voluntary and free of
charge. With my daughter's (in another European country) she has to pay.
My ISP uses Brightmail, goodness know why, on a server/on servers. The
same technology could be stuffed into routers. *I've* heard no-one
complain yet. I do my own scanning, but that's my choice. It's all

> What if your nation is ruled by a right-wing, evangelical, christian
> government that dislikes homosexuality (as one example), or racial
> diversity (as another example) and is able to compel its Office of
> Fatherland Security to legally mandate filtering of that sort of
> content, too?

It ain't. That's why I chose to live here, in this nation (I wasn't born
here and had to learn to speak and write their lingo absolutely
correctly to survive, etc. Moreover, this is the second European country
in which I've chosen to do that). There are massive laws against your
surmise of dictatorship, as there now are in most of Europe.

> What if a nation, so ruled, mandated that other such "aggresive
> content" (read: disapproved content) be dropped in transit as the
> offending packets enter the political boundaries of that right-wing
> government?

Dunno if you've ever heard the word "democracy"? They stuff it up your
behind here, to the extent that we have to vote governments in and vote
them out again.

> How would you know this was happening? What sort of checks and
> balances would there be?

People get to be able to read what is happening around them. They have
access to government papers and the media. They can even read the docs
that the police, their doctor, local council etc. have about them.

> Where does midstream filtering stop, once started?

That's valid, and something else. I've heard that the Chinese national
government already practices that to a certain extent, and any
non-democratic government so-minded could implement it tomorrow, perhaps
some do. But strangely enough, few seem to. I'm still refusing 15-30% of
all mail offered to me. So I rather wish someone would make a start on
what you suggest they could do. I've heard/read that within 50 years (I
shall be dead by then) the Chinese will rule the world - economically,
of course. Perhaps that might be a good thing.

> Who shall monitor the "guardians" and keep them honest?

What is, in fact, the present "evil" content of the Internet
(cannibalistic Germans, child pornographers, snuffings, exhortations to
become suicide martyr bombers, new Nazis, heh - bonzai kittens) and who
is doing anything, lifting a finger, to police it? Don't we need



mail: billy - at - billy.demon.nl

More information about the list mailing list