SORBS Identity theft alert
See http://www.iadl.org/sorbs/sorbs-story.html SORBS seems to be collecting a lot of sensitive information to view listings: Name: Preferred Login ID: Password: Confirm Password: Home Phone: Business Phone: Mobile Phone: Email Address: Company: Autonomous Systems Number: Security Question: Security Answer: Skill Level: None, I can play games though. A little, just use them for email. Average, familiar with them, used at home and work. A lot, sysadmin or MCSE etc. My Name is Charles Babbage, or Alan Turing. Address: Address: Town/City: State/County: Zipcode/Postcode: Country: This detailed information could be sold to IT recruiters, used for identity theft, password collection, or used for other mass marketing purposes. Security questions are often used by sensitive sites such as domain registries to authenticate users who have lost their passwords. This is very alarming information collection. -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
On Mon, 11 Apr 2005, Dean Anderson wrote:
And with some clever correlation, googling, and patience, I could do the same for the majority of people posting to this list on a regular basis. In short, what's your point? If you have substantial evidence that information collected by SORBS has been used as such, by all means, come out and accuse them of it. Otherwise, kindly keep your pissing contest to yourself. - billn
BN> Date: Sun, 10 Apr 2005 23:51:54 -0700 (PDT) BN> From: Bill Nash BN> > See http://www.iadl.org/sorbs/sorbs-story.html BN> BN> In short, what's your point? SORBS lists Dean. I suspect this makes him angry. BN> If you have substantial evidence that information collected by SORBS BN> has been used as such, by all means, come out and accuse them of it. BN> BN> Otherwise, kindly keep your pissing contest to yourself. I'd have to dig through StopORBS archives, but the belief that companies can run DNSBLs on their own servers lead to Dean accusing a few people, self included, of being something along the lines of "the Internet's most dangerous criminals". Looks like it's Matt Sullivan's turn. Let's all step back and use Google before launching another long, pointless "I [don't] like your DNSBL" thread. All that can possibly be said probably has been said, many different times, and on many different lists. That said, I shan't post to this hopefully-short-lived thread again. I've heard there are lists for this sort of DNSBL-centric bickering; perhaps someone who cares about their existence can confirm, enumerate, and direct interested parties (if any) that way. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita ________________________________________________________________________ DO NOT send mail to the following addresses: davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter.
On Sun, 10 Apr 2005, Randy Bush wrote:
SORBS lists Dean. I suspect this makes him angry.
who's dean?
the problem with feeding trolls is that they puke it up on the carpet.
Negative reinforcement is better than procmail. The problem with trolls is that they keep coming back if you don't beat them properly. I'm a great example. ;) - billn
On Mon, 11 Apr 2005, Bill Nash wrote:
SORBS lists Dean. I suspect this makes him angry. who's dean? the problem with feeding trolls is that they puke it up on the carpet. Negative reinforcement is better than procmail. The problem with
On Sun, 10 Apr 2005, Randy Bush wrote: trolls is that they keep coming back if you don't beat them properly. I'm a great example. ;)
The other problem with procmail is it doesnt catch people replying to our resident list.kook. I'm going to have to start procmailing everything with "dean" in the body now... :-/ -Dan
On Mon, 2005-04-11 at 02:39 -0400, Dean Anderson wrote:
Having read this diatribe I can only catagorize it as mis-informed and state unequivocably that Brian McWilliams has no clue whatsoever who runs SPEWS. (please see myriad interviews I have down with BMcW). "See more about mailbombing. Mailbombers are spammers. They just aren't in it for the money. Or possibly they are. SORBS asks for donations to get delisted, and also seeks donations from Subscribers. It is very unusual for blacklists to extort money this way." This also is a blatant mischaracterization, the AHBL relies on donations and advertisements on the website to fund it's operational budget, spamhaus charges for commercial supporthttp://www.spamhaus.org/organization/funding.html . MCI reaps 5 million dollars per year on spam related income http://www.emailbattles.com/archive/battles/spam_aajghgebej_c/, spam costs companies billions http://www.washingtonpost.com/ac2/wp-dyn/A17754-2003Mar12, why are we expected to fight it for free? Though we do our best to look out for the good of the internet we are not by any means communists, and we deserve to be compensated for our work. Right now the AHBL barely covers the operational costs of the servers on a month-to-month basis let alone compensating it's volunteers for their time.
SORBS seems to be collecting a lot of sensitive information to view listings:
My site, my rules, or in this case Matthew's site, Matthew's rules. As a non-paying user you always have a choice as to whether or not you provide personal information to a website, should you choose not to, don't. The same goes with useage of the DNSBL or RHSBL. Note that this choice may result in your inability to access some content that that site has to offer.
or used for other mass marketing purposes.
If Matthew Sullivan uses this to send spam, I'll personally eat my MTA. Please take your cart00ney and other senseless accusation-making activities to somewhere where I don't have to see them. Why is it when I google AV8 I get an abit motherboard and not your company? Odd, no website at www.av8.com. Do you sir have a network of any sort? -- Andrew D Kirch | Abusive Hosts Blocking List | www.ahbl.org Security Admin | Summit Open Source Development Group | www.sosdg.org Key At http://www.2mbit.com/~trelane/trelane.asc Key fingerprint = 4106 3338 1F17 1E6F 8FB2 8DFA 1331 7E25 C406 C8D2
Oh. trelane@trelane.net (Andrew D Kirch) wrote:
"See more about mailbombing. Mailbombers are spammers. They just aren't in it for the money. Or possibly they are. SORBS asks for donations to ---------------------------- get delisted, and also seeks donations from Subscribers. It is very
I believe this is a critical thing. There are a lot of sites getting listed through one way or the other (hey, denunciation is common!). Are you (is Matthew) planning to change this? Elmar. -- "Begehe nur nicht den Fehler, Meinung durch Sachverstand zu substituieren." (PLemken, <bu6o7e$e6v0p$2@ID-31.news.uni-berlin.de>) --------------------------------------------------------------[ ELMI-RIPE ]---
On Mon, 11 Apr 2005, Andrew D Kirch wrote:
Why is it when I google AV8 I get an abit motherboard and not your company?
Top of the list when I google av8 is our offices page.
Odd, no website at www.av8.com. Do you sir have a network of any sort?
There's a website. Try www.av8.net. www.av8.com redirects to www.av8.net, but it looks like its been hosed. -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
On Mon, 11 Apr 2005, Andrew D Kirch wrote:
Having read this diatribe I can only catagorize it as mis-informed and state unequivocably that Brian McWilliams has no clue whatsoever who runs SPEWS. (please see myriad interviews I have down with BMcW).
Brian McWilliams makes no claims about who runs SPEWS in the book.
"See more about mailbombing. Mailbombers are spammers. They just aren't in it for the money. Or possibly they are. SORBS asks for donations to get delisted, and also seeks donations from Subscribers. It is very unusual for blacklists to extort money this way."
This also is a blatant mischaracterization, the AHBL relies on donations and advertisements on the website to fund it's operational budget, spamhaus charges for commercial supporthttp://www.spamhaus.org/organization/funding.html .
Not from the victims, I hope.
MCI reaps 5 million dollars per year on spam related income http://www.emailbattles.com/archive/battles/spam_aajghgebej_c/, spam costs companies billions http://www.washingtonpost.com/ac2/wp-dyn/A17754-2003Mar12, why are we expected to fight it for free?
Because Open Relay blacklists have in the past given their databases directly to spammers (or abusers, anyway). This generates abuse, which the blacklist then happilly charges fees to block. We ought not encourage that.
Though we do our best to look out for the good of the internet we are not by any means communists, and we deserve to be compensated for our work. Right now the AHBL barely covers the operational costs of the servers on a month-to-month basis let alone compensating it's volunteers for their time.
This is about SORBS, not AHBL. But speaking of for-profit anti-spam, most people aren't interested. The IETF recently rejected SPF technology due to its patent encumbrances. Anti-spam technology has to be free and pervasive. Your dreams of getting rich on anti-spam are unlikely to be realized.
SORBS seems to be collecting a lot of sensitive information to view listings:
My site, my rules, or in this case Matthew's site, Matthew's rules. As a non-paying user you always have a choice as to whether or not you provide personal information to a website, should you choose not to, don't. The same goes with useage of the DNSBL or RHSBL. Note that this choice may result in your inability to access some content that that site has to offer.
And when you collect an alarming amount of sensitive information unnecessarily, people will be alerted.
or used for other mass marketing purposes.
If Matthew Sullivan uses this to send spam, I'll personally eat my MTA.
ORBS and others were involved in mailbombing. (I conducted tests of this back in the late 1990's.) Sullivan has threatened mailbombing. 3 MAPS employees went to work for a well-known spammer. Doesn't seem like it would be very surprising. It wouldn't the first time. I hope your MTA is bio-degradable. Otherwise, you may have difficulty passing it. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000
On 04/11/05, Andrew D Kirch <trelane@trelane.net> wrote:
"See more about mailbombing. Mailbombers are spammers. They just aren't in it for the money. Or possibly they are. SORBS asks for donations to get delisted, and also seeks donations from Subscribers. It is very unusual for blacklists to extort money this way."
This also is a blatant mischaracterization, the AHBL relies on donations and advertisements on the website to fund it's operational budget, spamhaus charges for commercial supporthttp://www.spamhaus.org/organization/funding.html .
Charging /users/ of a dnsbl is one thing...charging listees is another. Some folks here may remember that I've often been a supporter of *bl operators, but I absolutely cannot support this particular policy of SORBS. I know Matthew has his heart in the right place, but he's making a big mistake there and eventually someone much saner than Dean Anderson will take him to task for it -- probably in the courts -- and that'll set a precedent which harms /all/ *bl operators. As for everything /else/ Dean accuses SORBS of...well, that's all utter bullshit as usual; pay him no mind, for he will be unable to return the favor. -- J.D. Falk As a carpenter bends the seat of a chariot <jdfalk@cybernothing.org> I bend this frenzy round my heart.
Dean Anderson wrote:
See http://www.iadl.org/sorbs/sorbs-story.html
SORBS seems to be collecting a lot of sensitive information to view listings:
All pages on http://www.sorbs.net/ look on the menu for 'Privacy Policy' (unless you have chosen not to view that menu in the preferences). Just in case you have a problem reading here's a hint: http://www.sorbs.net/w3c/privacy.shtml One typo under 'Changes to the Policy' - the doc id is at the bottom not the top as stated, too small to warrant an update at this time of night.
This detailed information could be sold to IT recruiters, used for identity theft, password collection, or used for other mass marketing purposes.
It could be, but it isn't, and it won't be.
Security questions are often used by sensitive sites such as domain registries to authenticate users who have lost their passwords.
Security question and answer box is for the user to choose a backup question and answer, don't tell me you didn't understand a simple concept as that?
This is very alarming information collection.
This is also way off topic, but I don't think that bothers you. *End of thread* / Mat
participants (9)
-
Andrew D Kirch
-
Bill Nash
-
Dan Hollis
-
Dean Anderson
-
Edward B. Dreger
-
Elmar K. Bins
-
J.D. Falk
-
Matthew Sullivan
-
Randy Bush