On Jun 28, 2004, at 2:43 PM, Dan Hollis wrote:
On Mon, 28 Jun 2004, Patrick W Gilmore wrote:
Unfortunately, I worry that this cure is worse than the disease. Filtering IP addresses are not the right way to attack these sites - the move too quickly and there is too much danger of collateral damage.
I think part of the point of this blacklist is similar to other blacklists. It makes providers remove their head from their ass and actually start cleaning up their networks.
When a provider hosts a phishing site for _weeks on end_ and does _nothing_ despite being notified repeatedly, sometimes a blacklist is the only cluebat strong enough to get through the provider's thick skull.
If the blacklist is only for sites which are weeks, or even a couple days old, that probably would remove most of the objections. (I _think_ - I have not considered all the ramifications, but it sounds like a plausible compromise.) Unfortunately, that type of blacklist wouldn't stop 99% of the phishing scams in operation. -- TTFN, patrick