On Fri, 26 May 2006, Rick Wesson wrote:
I am saying I am reading the OARC comments and this is sort of what it fees like. As much as Gadi seems to appropriate others credit, Randy Vaugh and him have been doing this work for some time and deserves some credit so I'd say "have you spoken to them about how to make their report better" yet instead of "create more".
Yes, we have worked with Gati and Randy Vaugh; infact randy helped me out today; thanks randy!
There is a difference in how Randy/Gati collect data and how we collect data. The stuff we publish are from numerous dns based realtime blacklists and spam traps we run. Other folks black-hole botnets and capture data.
We both come up with a dataset that overlaps but we don't yet know by how much. So our data is another view using a different methodology and isn't supposed to be "better" but confirming of where the problem is and estimates of its magnitude.
The more we know, the better. I believe the time for action has come and gone, but I was not born a pessimist. :) If the first step is to de-"classify" what's public so that people are aware of what's going on, I say bring it on. Great work, Rick. Beer is on me this defcon. Gadi.
-rick