Re: Hold on to your news servers
Sheesh. I'm getting tired of increasingly large logs of cancels and reposts. I think we should start treating all cancels that are sent out by someone who is not a moderator or the original poster as an abuse. Anyone who cancels someone elses post who is not a moderator or the original poster should lose their account/job at ISP/etc. So lets start sending in complaints... --Dean At 02:20 PM 11/13/1998 -0500, Jeff Garzik wrote:
Hey guys, this is a heads-up about Karl Denninger's new clean-news system. I haven't seen any posts on this list about it. His message describing the implementation is attached below, posted "publicly" on chi.internet. (skip the quoted stuff)
Karl is about to send out cancel messages, cancelling _every_ Usenet binary that is not PGP-signed by someone registered with his system. He says that these cancels will only go out to people he explicitly peers with, and not Usenet at large. He then adds that what these peers do with the cancel msgs is their own business.
Folks, the goal is good, but the implementation is bad.
These cancel msgs will leak out to Usenet at large. History proves this; leaking of net.*, bofh.*, clari.*, etc. occurs all the time despite admins' best efforts.
And when these cancels leak, every news server on Usenet will * suddenly be receiving _thousands_ of additional cancels, and * 99.9999% of the binaries out there will disappear from your servers.
I do not want to be handling the support calls when this occurs.
If you are interested in this issue, there is a discussion on news.admin.net-abuse.usenet, thread "Karl Denninger loses his marbles..."
Or ask me, I'm more than happy to outline the technical ramifications of this, and why it's a bad idea, in more detail. I'll cut and paste from my e-mails to Karl. :)
Jeff (news admin/consultant)
P.S. Had mailer problems. Apologies if you are seeing this twice.
Path:
news.teleport.com!uunet!in3.uu.net!nntp.ntr.net!news.maxwell.syr.edu!news-xf er.newsread.com!netaxs.com!newsread.com!news.mcs.net!ddsw1!news.mcs.net!not- for-mail
From: karl@Denninger.Net (Karl Denninger) Newsgroups: chi.internet Subject: Re: MegsInet Newsgroup server Date: 12 Nov 1998 03:59:06 GMT Organization: Karls Sushi and Packet Smashers Message-ID: <72dmea$stt$1@Nntp1.mcs.net> References: <3647E943.3A3@spambusters.ml.org> <72dgku$jo6@enews4.newsguy.com> NNTP-Posting-Host: kdhome-2.pr.mcs.net X-Newsreader: trn 4.0-test69 (20 September 1998) Xref: news.teleport.com chi.internet:17477
In article <72dgku$jo6@enews4.newsguy.com>, Tommy the Terrorist <mayday@newsguy.com> wrote:
In article <3647E943.3A3@spambusters.ml.org> Clifton T. Sharp Jr., agent150@spambusters.ml.org writes:
There were some problems of late. One notable thing from the statistics is that we weren't getting our usual hundreds of thousands of articles from the MCI feed. Since C&W bought MCI's internet stuff, it seems like anything associated with the former MCI has gone straight to hell. It looks to me that as of now the problems are fixed; the newsgroups I follow have suddenly found hundreds of articles apiece.
Who's kidding who? I presume you guys have heard of a certain asshole in New York government (what a redundancy!) named Vacco? Presumably the problem is the collective flushing of digital toilets now that ISP's have become the new hunting ground for Evil Substances, etc.
The problem with this particular war is that nothing short of a total victory for the people, to keep anything and everything on ISP's, can possibly prevent the state aggressors from eating away at free forums of communications as fast as they can have their pet narks post child pornography (with impunity) to anywhere they want the police to "legitimately" attack and destroy. And if that happens, then the last permitted forum of free speech in America, or damn near anywhere else, is dead, and the only hope of humanity for political progress will be in violence so unrestrained and universal that the smallest and weakest of people have an equal power of destruction because it is unlimited for all. And that is what inevitably will happen, unless something worse happens.
Read this. It solves the problem.
And yes, this system WILL be going online. The software is already working.
The "Clean-News" System =======================
ABSTRACT:
"Clean-News" is a means to identify the poster of binary data on Usenet, remove most illegal content, and create a presumption of accountability.
IMPLEMENTATION - USER SIDE:
The "Clean-News" servers will have a key-ring of PGP keys. Anyone wanting to post "unmolested" binaries does the following:
1. Creates a PGP key for either 2.6.2 or 5.0 of the PGP software.
2. Obtains, from the www.clean-news.org web site, a list of authorized signers of their PGP key.
3. Contacts one of those signers, follows their procedures (which may include the payment of a fee), produces appropriate identification demanded by that signer, and gets their public key *signed* by that organization or individual. That is, the signer *vouches* for the authenticity of the key; that it belongs to the person who claims to be represented, that the email address associated with it is valid, and creates and maintains appropriate records to back up that assertion.
4. Submits the SIGNED key to the clean-news.org system.
This database (of signed keys) is PUBLIC. Anyone can query it given an article which is signed by said key and obtain the name, email address, AND SIGNER of the key in question.
The person with the private key associated with the signed, public key is then free to post binaries on Usenet, and clean-news will not molest them.
IMPLEMENTATION - SERVER SIDE:
The "clean-news" system obtains a feed from major backbone sites. It accepts all articles sent to it and maintains no database. It speaks both the older "ihave" protocol as well as the "check/takethis" newer NNTP protocol.
Upon receipt of an article, the software checks to see if the posting contains binary data. It looks for common encoding formats - UUENCODE and MIME image data, primarily.
Textual messages are ignored.
Binary messages are run through the PGP software, and the output of the PGP verification process is read back. This process returns one of several results:
1. No signature on the file at all.
2. A signature is on the file, but the key ID is not known.
3. A signature is on the file, and the key is known, but it is not certified as "trusted".
4. A signature is on the file, is valid, and the key is both known and has a level of trust associated with it.
In cases 1 - 3, the clean-news system emits a cancel message for the article in question immediately upon receipt. It does this by following the convention established for NOCEMs and other "spam cancels"; that is, it prepends "cancel." to the Message ID, and emits the cancel with this synthetic message Id. It also returns the posting with the system identification "clean-news" in the PATH line to permit aliasing out of the clean-news feed by those site admins who do not want the cancels.
In case 4, the binary is ignored, as textual messages are.
IMPLICATIONS - USENET SITE ADMINS READ THIS:
1. If you DO NOT want the "Clean-News" cancels, you should alias out the site "clean-news" from your Usenet software. Note that doing this will REMOVE any presumption that you would otherwise gain by ACCEPTING this feed.
2. If you DO want the "Clean-News" cancels, then do nothing, and further, contact your upstream News peers and insure that THEY are not aliasing out the feed.
3. If you CANNOT obtain these cancels (because all your upstreams are aliasing them out), or if you want the BEST possible feed, contact feedme@clean-news.org by email. You will receive in response an automated email detailing how to obtain a direct feed of the clean-news cancels.
Note that this feed is rather low in volume - while it emits MANY cancels, they are small articles. You MUST BE able to keep up with this feed - the feed software will NOT keep articles for more than a few hours before it "junks" them. The feed will come to you via a Diablo feed system and is UNIDIRECTIONAL. Attempting to connect back to the Diablo machine will fail.
4. If you want to pass these cancels on to your PEERS, be advised that some of them may consider this service to be a "bad thing". I recommend, but obviously cannot enforce, that such is noticed to your peers so they may alias out the feed if they do not want it.
WHAT DOES THIS MEAN TO POSTERS:
1. The use of a valid key creates a *presumption*, but not proof, that the poster really is who they said they are. That is, enough to get a search warrant. If Kiddie Porn shows up with a signature, the TRUSTED SIGNER of the key is determinable. That signer must, to be considered a trusted signer, keep records suitable for interrogation based on a published policy (ie: "serve us with a subpoena", etc).
The LEO in question then asks the signer for the data, and complies with the policy they have set (which may include obtaining a warrant and/or subpoena). They then get a search warrant for the alleged perpetrator of the transmission, and see if in fact the material in question is being emitted there using standard forensic techniques.
2. LEGITIMATE binary posters have nothing to fear. Anonymous binaries get cancelled instantly, as do any which are unauthenticated. Those which ARE authenticated are free to be posted, but your identity is known, its undeniably yours (since it WAS your private key used to sign the article) and if you post something "naughty" the LEOs have all they need to come after you.
WHAT ARE MY RESPONSIBILITIES AS A USER OF THIS SYSTEM WHO SUBMITS A KEY?
Your primary responsibility is to PROTECT YOUR PRIVATE KEY. It is *STRONGLY* recommended that you keep this key on a protected, safe, removable device (such as a floppy with write-protect enabled) and NOT let it out of your personal control.
If your PRIVATE key is COMPROMISED (ie: you lose the disk, you have reason to believe someone has stolen a copy of the key file, etc) you should IMMEDIATELY contact the introducer (the organization or person you had sign the key) *AND* the clean-news system at "revoke@clean-news.org" by email. When you contact the clean-news system, SIGN YOUR REVOCATION REQUEST. DO NOT send anything other than a revocation request to the above address. NOTE THAT REVOCATION OF A KEY IS PERMANENT AND CANNOT BE REVERSED. You should ALSO immediately revoke the key from any other key rings that you may have registered this key with.
Note that ANY message signed with your key will be PRESUMED to be issued by you *PERSONALLY*. For this reason you should take EXTREME care with your private key. If it is stolen and used for illicit purposes those transactions will be traced to *YOU*, and you could find yourself under investigation by either civil or criminal authorities for something you have not done.
HOW DO YOU REVOKE A KEY IF IT IS COMPROMISED?
Keys may be revoked by:
1. The person who owns it at any time (ie; "I lost my key disk").
2. Any LEO who provides an affidavit that said key was used to post copyrighted or otherwise illegal material.
3. Any LEO who provides an affidavit that a trusted introducer is not in fact trusted (ie: cannot produce the records, or produces false records, regarding a key they signed).
4. A trusted introducer may revoke their signature of any person's key that they have signed, in the event they discover that the key does not in fact belong to the person claimed or identification was falsified.
When a key is invalidated the owner of the key is notified by email that their key was removed, and why (which of the above categories "happened").
A cancelled or revoked key is removed from the key ring, and is treated exactly as if it was never submitted to the system.
To revoke a key as the owner of the key, send a PGP-signed request to "revoke@clean-news.org". IF THE REQUEST IS NOT SIGNED OR THE SIGNATURE IS INVALID IT WILL BE IGNORED. Assuming that the signature is good, you will be notified by return email when the revocation is processed.
IS THERE A COST FOR THIS?
1. Individuals do not pay to list keys. However, INTRODUCERS may charge for signing a key (at their discretion) and maintaining the records necessary to comply with identification requests.
2. Systems desiring a *direct* feed may be assessed a small charge to cover the operating expenses of the systems involved. NO CHARGE FOR THE FEED ITSELF IS MADE, NOR FOR THE PROCESSING - ONLY THE TRANSPORT. If you receive a feed of the cancels you are encouraged to propagate it to others on mutually-agreeable terms to others who are also willing to receive it.
WHAT ABOUT PRIVACY ISSUES?
1. The records of the clean-news system are EXPLICITLY public. Ergo, submitting a public key to the system constitutes publication of that key, and the fact that it is signed by one or more organizations and individuals. HOWEVER, that, alone, is worthless to an interloper. The email address on the key does NOT have to be valid, nor does the name - it must only map to a unique person at the SIGNER'S location which can be disclosed through their policies. As such, there is no privacy issue on the keyring used by the clean-news system ITSELF.
2. Customers and users who have their keys signed by an introducer should make themselves aware of the privacy policies of the signer. IF YOU ARE NOT COMFORTABLE WITH THEIR PROCEDURES AND ASSURANCES, YOU SHOULD USE A DIFFERENT KEY SIGNER!
-- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Yeah, since Karl's not "the boss" at MCS anymore, it would be kinda amusing to have MCS get flooded with complaints that one of their users (Karl) was abusing the network. :) Wonder if that would be an appropriate use of the RBL? :) On Fri, 13 Nov 1998, Dean Anderson wrote:
Sheesh. I'm getting tired of increasingly large logs of cancels and reposts. I think we should start treating all cancels that are sent out by someone who is not a moderator or the original poster as an abuse.
Anyone who cancels someone elses post who is not a moderator or the original poster should lose their account/job at ISP/etc.
So lets start sending in complaints...
--Dean
At 02:20 PM 11/13/1998 -0500, Jeff Garzik wrote:
Hey guys, this is a heads-up about Karl Denninger's new clean-news system. I haven't seen any posts on this list about it. His message describing the implementation is attached below, posted "publicly" on chi.internet. (skip the quoted stuff)
Karl is about to send out cancel messages, cancelling _every_ Usenet binary that is not PGP-signed by someone registered with his system. He says that these cancels will only go out to people he explicitly peers with, and not Usenet at large. He then adds that what these peers do with the cancel msgs is their own business.
Folks, the goal is good, but the implementation is bad.
These cancel msgs will leak out to Usenet at large. History proves this; leaking of net.*, bofh.*, clari.*, etc. occurs all the time despite admins' best efforts.
And when these cancels leak, every news server on Usenet will * suddenly be receiving _thousands_ of additional cancels, and * 99.9999% of the binaries out there will disappear from your servers.
I do not want to be handling the support calls when this occurs.
If you are interested in this issue, there is a discussion on news.admin.net-abuse.usenet, thread "Karl Denninger loses his marbles..."
Or ask me, I'm more than happy to outline the technical ramifications of this, and why it's a bad idea, in more detail. I'll cut and paste from my e-mails to Karl. :)
Jeff (news admin/consultant)
P.S. Had mailer problems. Apologies if you are seeing this twice.
Path:
news.teleport.com!uunet!in3.uu.net!nntp.ntr.net!news.maxwell.syr.edu!news-xf er.newsread.com!netaxs.com!newsread.com!news.mcs.net!ddsw1!news.mcs.net!not- for-mail
From: karl@Denninger.Net (Karl Denninger) Newsgroups: chi.internet Subject: Re: MegsInet Newsgroup server Date: 12 Nov 1998 03:59:06 GMT Organization: Karls Sushi and Packet Smashers Message-ID: <72dmea$stt$1@Nntp1.mcs.net> References: <3647E943.3A3@spambusters.ml.org> <72dgku$jo6@enews4.newsguy.com> NNTP-Posting-Host: kdhome-2.pr.mcs.net X-Newsreader: trn 4.0-test69 (20 September 1998) Xref: news.teleport.com chi.internet:17477
In article <72dgku$jo6@enews4.newsguy.com>, Tommy the Terrorist <mayday@newsguy.com> wrote:
In article <3647E943.3A3@spambusters.ml.org> Clifton T. Sharp Jr., agent150@spambusters.ml.org writes:
There were some problems of late. One notable thing from the statistics is that we weren't getting our usual hundreds of thousands of articles from the MCI feed. Since C&W bought MCI's internet stuff, it seems like anything associated with the former MCI has gone straight to hell. It looks to me that as of now the problems are fixed; the newsgroups I follow have suddenly found hundreds of articles apiece.
Who's kidding who? I presume you guys have heard of a certain asshole in New York government (what a redundancy!) named Vacco? Presumably the problem is the collective flushing of digital toilets now that ISP's have become the new hunting ground for Evil Substances, etc.
The problem with this particular war is that nothing short of a total victory for the people, to keep anything and everything on ISP's, can possibly prevent the state aggressors from eating away at free forums of communications as fast as they can have their pet narks post child pornography (with impunity) to anywhere they want the police to "legitimately" attack and destroy. And if that happens, then the last permitted forum of free speech in America, or damn near anywhere else, is dead, and the only hope of humanity for political progress will be in violence so unrestrained and universal that the smallest and weakest of people have an equal power of destruction because it is unlimited for all. And that is what inevitably will happen, unless something worse happens.
Read this. It solves the problem.
And yes, this system WILL be going online. The software is already working.
The "Clean-News" System =======================
ABSTRACT:
"Clean-News" is a means to identify the poster of binary data on Usenet, remove most illegal content, and create a presumption of accountability.
IMPLEMENTATION - USER SIDE:
The "Clean-News" servers will have a key-ring of PGP keys. Anyone wanting to post "unmolested" binaries does the following:
1. Creates a PGP key for either 2.6.2 or 5.0 of the PGP software.
2. Obtains, from the www.clean-news.org web site, a list of authorized signers of their PGP key.
3. Contacts one of those signers, follows their procedures (which may include the payment of a fee), produces appropriate identification demanded by that signer, and gets their public key *signed* by that organization or individual. That is, the signer *vouches* for the authenticity of the key; that it belongs to the person who claims to be represented, that the email address associated with it is valid, and creates and maintains appropriate records to back up that assertion.
4. Submits the SIGNED key to the clean-news.org system.
This database (of signed keys) is PUBLIC. Anyone can query it given an article which is signed by said key and obtain the name, email address, AND SIGNER of the key in question.
The person with the private key associated with the signed, public key is then free to post binaries on Usenet, and clean-news will not molest them.
IMPLEMENTATION - SERVER SIDE:
The "clean-news" system obtains a feed from major backbone sites. It accepts all articles sent to it and maintains no database. It speaks both the older "ihave" protocol as well as the "check/takethis" newer NNTP protocol.
Upon receipt of an article, the software checks to see if the posting contains binary data. It looks for common encoding formats - UUENCODE and MIME image data, primarily.
Textual messages are ignored.
Binary messages are run through the PGP software, and the output of the PGP verification process is read back. This process returns one of several results:
1. No signature on the file at all.
2. A signature is on the file, but the key ID is not known.
3. A signature is on the file, and the key is known, but it is not certified as "trusted".
4. A signature is on the file, is valid, and the key is both known and has a level of trust associated with it.
In cases 1 - 3, the clean-news system emits a cancel message for the article in question immediately upon receipt. It does this by following the convention established for NOCEMs and other "spam cancels"; that is, it prepends "cancel." to the Message ID, and emits the cancel with this synthetic message Id. It also returns the posting with the system identification "clean-news" in the PATH line to permit aliasing out of the clean-news feed by those site admins who do not want the cancels.
In case 4, the binary is ignored, as textual messages are.
IMPLICATIONS - USENET SITE ADMINS READ THIS:
1. If you DO NOT want the "Clean-News" cancels, you should alias out the site "clean-news" from your Usenet software. Note that doing this will REMOVE any presumption that you would otherwise gain by ACCEPTING this feed.
2. If you DO want the "Clean-News" cancels, then do nothing, and further, contact your upstream News peers and insure that THEY are not aliasing out the feed.
3. If you CANNOT obtain these cancels (because all your upstreams are aliasing them out), or if you want the BEST possible feed, contact feedme@clean-news.org by email. You will receive in response an automated email detailing how to obtain a direct feed of the clean-news cancels.
Note that this feed is rather low in volume - while it emits MANY cancels, they are small articles. You MUST BE able to keep up with this feed - the feed software will NOT keep articles for more than a few hours before it "junks" them. The feed will come to you via a Diablo feed system and is UNIDIRECTIONAL. Attempting to connect back to the Diablo machine will fail.
4. If you want to pass these cancels on to your PEERS, be advised that some of them may consider this service to be a "bad thing". I recommend, but obviously cannot enforce, that such is noticed to your peers so they may alias out the feed if they do not want it.
WHAT DOES THIS MEAN TO POSTERS:
1. The use of a valid key creates a *presumption*, but not proof, that the poster really is who they said they are. That is, enough to get a search warrant. If Kiddie Porn shows up with a signature, the TRUSTED SIGNER of the key is determinable. That signer must, to be considered a trusted signer, keep records suitable for interrogation based on a published policy (ie: "serve us with a subpoena", etc).
The LEO in question then asks the signer for the data, and complies with the policy they have set (which may include obtaining a warrant and/or subpoena). They then get a search warrant for the alleged perpetrator of the transmission, and see if in fact the material in question is being emitted there using standard forensic techniques.
2. LEGITIMATE binary posters have nothing to fear. Anonymous binaries get cancelled instantly, as do any which are unauthenticated. Those which ARE authenticated are free to be posted, but your identity is known, its undeniably yours (since it WAS your private key used to sign the article) and if you post something "naughty" the LEOs have all they need to come after you.
WHAT ARE MY RESPONSIBILITIES AS A USER OF THIS SYSTEM WHO SUBMITS A KEY?
Your primary responsibility is to PROTECT YOUR PRIVATE KEY. It is *STRONGLY* recommended that you keep this key on a protected, safe, removable device (such as a floppy with write-protect enabled) and NOT let it out of your personal control.
If your PRIVATE key is COMPROMISED (ie: you lose the disk, you have reason to believe someone has stolen a copy of the key file, etc) you should IMMEDIATELY contact the introducer (the organization or person you had sign the key) *AND* the clean-news system at "revoke@clean-news.org" by email. When you contact the clean-news system, SIGN YOUR REVOCATION REQUEST. DO NOT send anything other than a revocation request to the above address. NOTE THAT REVOCATION OF A KEY IS PERMANENT AND CANNOT BE REVERSED. You should ALSO immediately revoke the key from any other key rings that you may have registered this key with.
Note that ANY message signed with your key will be PRESUMED to be issued by you *PERSONALLY*. For this reason you should take EXTREME care with your private key. If it is stolen and used for illicit purposes those transactions will be traced to *YOU*, and you could find yourself under investigation by either civil or criminal authorities for something you have not done.
HOW DO YOU REVOKE A KEY IF IT IS COMPROMISED?
Keys may be revoked by:
1. The person who owns it at any time (ie; "I lost my key disk").
2. Any LEO who provides an affidavit that said key was used to post copyrighted or otherwise illegal material.
3. Any LEO who provides an affidavit that a trusted introducer is not in fact trusted (ie: cannot produce the records, or produces false records, regarding a key they signed).
4. A trusted introducer may revoke their signature of any person's key that they have signed, in the event they discover that the key does not in fact belong to the person claimed or identification was falsified.
When a key is invalidated the owner of the key is notified by email that their key was removed, and why (which of the above categories "happened").
A cancelled or revoked key is removed from the key ring, and is treated exactly as if it was never submitted to the system.
To revoke a key as the owner of the key, send a PGP-signed request to "revoke@clean-news.org". IF THE REQUEST IS NOT SIGNED OR THE SIGNATURE IS INVALID IT WILL BE IGNORED. Assuming that the signature is good, you will be notified by return email when the revocation is processed.
IS THERE A COST FOR THIS?
1. Individuals do not pay to list keys. However, INTRODUCERS may charge for signing a key (at their discretion) and maintaining the records necessary to comply with identification requests.
2. Systems desiring a *direct* feed may be assessed a small charge to cover the operating expenses of the systems involved. NO CHARGE FOR THE FEED ITSELF IS MADE, NOR FOR THE PROCESSING - ONLY THE TRANSPORT. If you receive a feed of the cancels you are encouraged to propagate it to others on mutually-agreeable terms to others who are also willing to receive it.
WHAT ABOUT PRIVACY ISSUES?
1. The records of the clean-news system are EXPLICITLY public. Ergo, submitting a public key to the system constitutes publication of that key, and the fact that it is signed by one or more organizations and individuals. HOWEVER, that, alone, is worthless to an interloper. The email address on the key does NOT have to be valid, nor does the name - it must only map to a unique person at the SIGNER'S location which can be disclosed through their policies. As such, there is no privacy issue on the keyring used by the clean-news system ITSELF.
2. Customers and users who have their keys signed by an introducer should make themselves aware of the privacy policies of the signer. IF YOU ARE NOT COMFORTABLE WITH THEIR PROCEDURES AND ASSURANCES, YOU SHOULD USE A DIFFERENT KEY SIGNER!
-- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
====================================================================== Derek J. Balling | "Bill Gates is a monocle and a white dredd@megacity.org | fluffy cat from being a villain in the http://www.megacity.org/ | next Bond film." - Dennis Miller ======================================================================
It would be even more amusing given that it would be false (hint: I've had colocation offers from a number of places across the country). Since I know the people who own MCSNet, and further know that they can be just as much of a prick as I can, I suspect such complaints would get round-filed - especially given that they would be false. -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization. On Fri, Nov 13, 1998 at 04:11:01PM -0800, Derek Balling wrote:
Yeah, since Karl's not "the boss" at MCS anymore, it would be kinda amusing to have MCS get flooded with complaints that one of their users (Karl) was abusing the network. :)
Wonder if that would be an appropriate use of the RBL? :)
On Fri, 13 Nov 1998, Dean Anderson wrote:
Sheesh. I'm getting tired of increasingly large logs of cancels and reposts. I think we should start treating all cancels that are sent out by someone who is not a moderator or the original poster as an abuse.
Anyone who cancels someone elses post who is not a moderator or the original poster should lose their account/job at ISP/etc.
So lets start sending in complaints...
--Dean
At 02:20 PM 11/13/1998 -0500, Jeff Garzik wrote:
Hey guys, this is a heads-up about Karl Denninger's new clean-news system. I haven't seen any posts on this list about it. His message describing the implementation is attached below, posted "publicly" on chi.internet. (skip the quoted stuff)
Karl is about to send out cancel messages, cancelling _every_ Usenet binary that is not PGP-signed by someone registered with his system. He says that these cancels will only go out to people he explicitly peers with, and not Usenet at large. He then adds that what these peers do with the cancel msgs is their own business.
Folks, the goal is good, but the implementation is bad.
These cancel msgs will leak out to Usenet at large. History proves this; leaking of net.*, bofh.*, clari.*, etc. occurs all the time despite admins' best efforts.
And when these cancels leak, every news server on Usenet will * suddenly be receiving _thousands_ of additional cancels, and * 99.9999% of the binaries out there will disappear from your servers.
I do not want to be handling the support calls when this occurs.
If you are interested in this issue, there is a discussion on news.admin.net-abuse.usenet, thread "Karl Denninger loses his marbles..."
Or ask me, I'm more than happy to outline the technical ramifications of this, and why it's a bad idea, in more detail. I'll cut and paste from my e-mails to Karl. :)
Jeff (news admin/consultant)
P.S. Had mailer problems. Apologies if you are seeing this twice.
Path:
news.teleport.com!uunet!in3.uu.net!nntp.ntr.net!news.maxwell.syr.edu!news-xf er.newsread.com!netaxs.com!newsread.com!news.mcs.net!ddsw1!news.mcs.net!not- for-mail
From: karl@Denninger.Net (Karl Denninger) Newsgroups: chi.internet Subject: Re: MegsInet Newsgroup server Date: 12 Nov 1998 03:59:06 GMT Organization: Karls Sushi and Packet Smashers Message-ID: <72dmea$stt$1@Nntp1.mcs.net> References: <3647E943.3A3@spambusters.ml.org> <72dgku$jo6@enews4.newsguy.com> NNTP-Posting-Host: kdhome-2.pr.mcs.net X-Newsreader: trn 4.0-test69 (20 September 1998) Xref: news.teleport.com chi.internet:17477
In article <72dgku$jo6@enews4.newsguy.com>, Tommy the Terrorist <mayday@newsguy.com> wrote:
In article <3647E943.3A3@spambusters.ml.org> Clifton T. Sharp Jr., agent150@spambusters.ml.org writes:
There were some problems of late. One notable thing from the statistics is that we weren't getting our usual hundreds of thousands of articles from the MCI feed. Since C&W bought MCI's internet stuff, it seems like anything associated with the former MCI has gone straight to hell. It looks to me that as of now the problems are fixed; the newsgroups I follow have suddenly found hundreds of articles apiece.
Who's kidding who? I presume you guys have heard of a certain asshole in New York government (what a redundancy!) named Vacco? Presumably the problem is the collective flushing of digital toilets now that ISP's have become the new hunting ground for Evil Substances, etc.
The problem with this particular war is that nothing short of a total victory for the people, to keep anything and everything on ISP's, can possibly prevent the state aggressors from eating away at free forums of communications as fast as they can have their pet narks post child pornography (with impunity) to anywhere they want the police to "legitimately" attack and destroy. And if that happens, then the last permitted forum of free speech in America, or damn near anywhere else, is dead, and the only hope of humanity for political progress will be in violence so unrestrained and universal that the smallest and weakest of people have an equal power of destruction because it is unlimited for all. And that is what inevitably will happen, unless something worse happens.
Read this. It solves the problem.
And yes, this system WILL be going online. The software is already working.
The "Clean-News" System =======================
ABSTRACT:
"Clean-News" is a means to identify the poster of binary data on Usenet, remove most illegal content, and create a presumption of accountability.
IMPLEMENTATION - USER SIDE:
The "Clean-News" servers will have a key-ring of PGP keys. Anyone wanting to post "unmolested" binaries does the following:
1. Creates a PGP key for either 2.6.2 or 5.0 of the PGP software.
2. Obtains, from the www.clean-news.org web site, a list of authorized signers of their PGP key.
3. Contacts one of those signers, follows their procedures (which may include the payment of a fee), produces appropriate identification demanded by that signer, and gets their public key *signed* by that organization or individual. That is, the signer *vouches* for the authenticity of the key; that it belongs to the person who claims to be represented, that the email address associated with it is valid, and creates and maintains appropriate records to back up that assertion.
4. Submits the SIGNED key to the clean-news.org system.
This database (of signed keys) is PUBLIC. Anyone can query it given an article which is signed by said key and obtain the name, email address, AND SIGNER of the key in question.
The person with the private key associated with the signed, public key is then free to post binaries on Usenet, and clean-news will not molest them.
IMPLEMENTATION - SERVER SIDE:
The "clean-news" system obtains a feed from major backbone sites. It accepts all articles sent to it and maintains no database. It speaks both the older "ihave" protocol as well as the "check/takethis" newer NNTP protocol.
Upon receipt of an article, the software checks to see if the posting contains binary data. It looks for common encoding formats - UUENCODE and MIME image data, primarily.
Textual messages are ignored.
Binary messages are run through the PGP software, and the output of the PGP verification process is read back. This process returns one of several results:
1. No signature on the file at all.
2. A signature is on the file, but the key ID is not known.
3. A signature is on the file, and the key is known, but it is not certified as "trusted".
4. A signature is on the file, is valid, and the key is both known and has a level of trust associated with it.
In cases 1 - 3, the clean-news system emits a cancel message for the article in question immediately upon receipt. It does this by following the convention established for NOCEMs and other "spam cancels"; that is, it prepends "cancel." to the Message ID, and emits the cancel with this synthetic message Id. It also returns the posting with the system identification "clean-news" in the PATH line to permit aliasing out of the clean-news feed by those site admins who do not want the cancels.
In case 4, the binary is ignored, as textual messages are.
IMPLICATIONS - USENET SITE ADMINS READ THIS:
1. If you DO NOT want the "Clean-News" cancels, you should alias out the site "clean-news" from your Usenet software. Note that doing this will REMOVE any presumption that you would otherwise gain by ACCEPTING this feed.
2. If you DO want the "Clean-News" cancels, then do nothing, and further, contact your upstream News peers and insure that THEY are not aliasing out the feed.
3. If you CANNOT obtain these cancels (because all your upstreams are aliasing them out), or if you want the BEST possible feed, contact feedme@clean-news.org by email. You will receive in response an automated email detailing how to obtain a direct feed of the clean-news cancels.
Note that this feed is rather low in volume - while it emits MANY cancels, they are small articles. You MUST BE able to keep up with this feed - the feed software will NOT keep articles for more than a few hours before it "junks" them. The feed will come to you via a Diablo feed system and is UNIDIRECTIONAL. Attempting to connect back to the Diablo machine will fail.
4. If you want to pass these cancels on to your PEERS, be advised that some of them may consider this service to be a "bad thing". I recommend, but obviously cannot enforce, that such is noticed to your peers so they may alias out the feed if they do not want it.
WHAT DOES THIS MEAN TO POSTERS:
1. The use of a valid key creates a *presumption*, but not proof, that the poster really is who they said they are. That is, enough to get a search warrant. If Kiddie Porn shows up with a signature, the TRUSTED SIGNER of the key is determinable. That signer must, to be considered a trusted signer, keep records suitable for interrogation based on a published policy (ie: "serve us with a subpoena", etc).
The LEO in question then asks the signer for the data, and complies with the policy they have set (which may include obtaining a warrant and/or subpoena). They then get a search warrant for the alleged perpetrator of the transmission, and see if in fact the material in question is being emitted there using standard forensic techniques.
2. LEGITIMATE binary posters have nothing to fear. Anonymous binaries get cancelled instantly, as do any which are unauthenticated. Those which ARE authenticated are free to be posted, but your identity is known, its undeniably yours (since it WAS your private key used to sign the article) and if you post something "naughty" the LEOs have all they need to come after you.
WHAT ARE MY RESPONSIBILITIES AS A USER OF THIS SYSTEM WHO SUBMITS A KEY?
Your primary responsibility is to PROTECT YOUR PRIVATE KEY. It is *STRONGLY* recommended that you keep this key on a protected, safe, removable device (such as a floppy with write-protect enabled) and NOT let it out of your personal control.
If your PRIVATE key is COMPROMISED (ie: you lose the disk, you have reason to believe someone has stolen a copy of the key file, etc) you should IMMEDIATELY contact the introducer (the organization or person you had sign the key) *AND* the clean-news system at "revoke@clean-news.org" by email. When you contact the clean-news system, SIGN YOUR REVOCATION REQUEST. DO NOT send anything other than a revocation request to the above address. NOTE THAT REVOCATION OF A KEY IS PERMANENT AND CANNOT BE REVERSED. You should ALSO immediately revoke the key from any other key rings that you may have registered this key with.
Note that ANY message signed with your key will be PRESUMED to be issued by you *PERSONALLY*. For this reason you should take EXTREME care with your private key. If it is stolen and used for illicit purposes those transactions will be traced to *YOU*, and you could find yourself under investigation by either civil or criminal authorities for something you have not done.
HOW DO YOU REVOKE A KEY IF IT IS COMPROMISED?
Keys may be revoked by:
1. The person who owns it at any time (ie; "I lost my key disk").
2. Any LEO who provides an affidavit that said key was used to post copyrighted or otherwise illegal material.
3. Any LEO who provides an affidavit that a trusted introducer is not in fact trusted (ie: cannot produce the records, or produces false records, regarding a key they signed).
4. A trusted introducer may revoke their signature of any person's key that they have signed, in the event they discover that the key does not in fact belong to the person claimed or identification was falsified.
When a key is invalidated the owner of the key is notified by email that their key was removed, and why (which of the above categories "happened").
A cancelled or revoked key is removed from the key ring, and is treated exactly as if it was never submitted to the system.
To revoke a key as the owner of the key, send a PGP-signed request to "revoke@clean-news.org". IF THE REQUEST IS NOT SIGNED OR THE SIGNATURE IS INVALID IT WILL BE IGNORED. Assuming that the signature is good, you will be notified by return email when the revocation is processed.
IS THERE A COST FOR THIS?
1. Individuals do not pay to list keys. However, INTRODUCERS may charge for signing a key (at their discretion) and maintaining the records necessary to comply with identification requests.
2. Systems desiring a *direct* feed may be assessed a small charge to cover the operating expenses of the systems involved. NO CHARGE FOR THE FEED ITSELF IS MADE, NOR FOR THE PROCESSING - ONLY THE TRANSPORT. If you receive a feed of the cancels you are encouraged to propagate it to others on mutually-agreeable terms to others who are also willing to receive it.
WHAT ABOUT PRIVACY ISSUES?
1. The records of the clean-news system are EXPLICITLY public. Ergo, submitting a public key to the system constitutes publication of that key, and the fact that it is signed by one or more organizations and individuals. HOWEVER, that, alone, is worthless to an interloper. The email address on the key does NOT have to be valid, nor does the name - it must only map to a unique person at the SIGNER'S location which can be disclosed through their policies. As such, there is no privacy issue on the keyring used by the clean-news system ITSELF.
2. Customers and users who have their keys signed by an introducer should make themselves aware of the privacy policies of the signer. IF YOU ARE NOT COMFORTABLE WITH THEIR PROCEDURES AND ASSURANCES, YOU SHOULD USE A DIFFERENT KEY SIGNER!
-- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
====================================================================== Derek J. Balling | "Bill Gates is a monocle and a white dredd@megacity.org | fluffy cat from being a villain in the http://www.megacity.org/ | next Bond film." - Dennis Miller ======================================================================
On Fri, Nov 13, 1998 at 09:27:24PM -0600, Karl Denninger wrote:
It would be even more amusing given that it would be false (hint: I've had colocation offers from a number of places across the country).
Since I know the people who own MCSNet, and further know that they can be just as much of a prick as I can, I suspect such complaints would get round-filed - especially given that they would be false.
Not when all of your USENET peers start droppin yer ass. -- jamie rishaw (efnet:gavroche) American Information Systems, Inc. Don't anthropomorphise computers. They don't like it. "Did they just ask Don King to come to the lobby?!" - davidr
On Sat, Nov 14, 1998 at 10:39:08PM -0600, James Rishaw wrote:
On Fri, Nov 13, 1998 at 09:27:24PM -0600, Karl Denninger wrote:
It would be even more amusing given that it would be false (hint: I've had colocation offers from a number of places across the country).
Since I know the people who own MCSNet, and further know that they can be just as much of a prick as I can, I suspect such complaints would get round-filed - especially given that they would be false.
Not when all of your USENET peers start droppin yer ass.
What Usenet peers (and what server) would those/that be Jamie? Second, precisely how are you going to figure out where the clean-news system is getting its feeds from, given that it does not emit any messages that it receives, and thus, you have no means to trace those feeds? -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
On Sat, Nov 14, 1998 at 10:58:16PM -0600, Karl Denninger wrote:
Second, precisely how are you going to figure out where the clean-news system is getting its feeds from, given that it does not emit any messages that it receives, and thus, you have no means to trace those feeds?
Wait. Are you just talking about issuing cancels *locally* on *your* news server? If so, I doubt that any of us have anything at all to complain about. If not, then, as we know, the typical way to issue a cancel is to send out a control message. Am I missing something here? -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Spotted on a bumper sticker: "Possum. The other white meat."
On Sun, Nov 15, 1998 at 01:29:41AM -0500, Steven J. Sobol wrote:
On Sat, Nov 14, 1998 at 10:58:16PM -0600, Karl Denninger wrote:
Second, precisely how are you going to figure out where the clean-news system is getting its feeds from, given that it does not emit any messages that it receives, and thus, you have no means to trace those feeds?
Wait. Are you just talking about issuing cancels *locally* on *your* news server? If so, I doubt that any of us have anything at all to complain about.
If not, then, as we know, the typical way to issue a cancel is to send out a control message. Am I missing something here?
Yes. The only messages this server will emit will be cancels, and it will emit them only to those who DELIBERATELY peer with it. -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
Yes.
The only messages this server will emit will be cancels, and it will emit them only to those who DELIBERATELY peer with it.
Okay for the $20,000 question, is anyone peering with it now who doesn't know that they are? In other words are you planning on migrating an existing system for this purpose or are you planning to provide a *new* service in which people could peer with?
On Sun, Nov 15, 1998 at 09:32:43AM -0600, Doug Davis wrote:
Yes.
The only messages this server will emit will be cancels, and it will emit them only to those who DELIBERATELY peer with it.
Okay for the $20,000 question, is anyone peering with it now who doesn't know that they are? In other words are you planning on migrating an existing system for this purpose or are you planning to provide a *new* service in which people could peer with?
I neither own or control ANY *CURRENT* news servers. This is a NEW service, operating on hardware which will be purchased specifically for this purpose by a non-profit organization set up explicitly to do this and other public-interest Internet-related things. -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
This is a NEW service, operating on hardware which will be purchased specifically for this purpose by a non-profit organization set up explicitly to do this and other public-interest Internet-related things.
How is making you the Lord High Executioner of Errant Binary Posts in the public interest?
On Sun, Nov 15, 1998 at 08:14:57AM -0800, Derek Balling wrote:
This is a NEW service, operating on hardware which will be purchased specifically for this purpose by a non-profit organization set up explicitly to do this and other public-interest Internet-related things.
How is making you the Lord High Executioner of Errant Binary Posts in the public interest?
It is in the public interest to get both the copyright violations and the kiddie porn off Usenet. -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
True but acting unilaterally is unacceptable and your mechanism for solving the problem is too easily defeated. On Sun, Nov 15, 1998 at 10:33:33AM -0600, Karl Denninger wrote:
It is in the public interest to get both the copyright violations and the kiddie porn off Usenet.
I cannot act unilaterally. Only in concert with those who believe as I do will these cancels propagate ANYWHERE. If I did not already have people who wanted this feed, there would be no purpose in setting it up. You do not have the right to determine for others what is and is not acceptable - nor do you have the right to tell others they cannot obtain and process such a cancel feed. -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization. On Sun, Nov 15, 1998 at 11:42:57AM -0500, Len Rose wrote:
True but acting unilaterally is unacceptable and your mechanism for solving the problem is too easily defeated.
On Sun, Nov 15, 1998 at 10:33:33AM -0600, Karl Denninger wrote:
It is in the public interest to get both the copyright violations and the kiddie porn off Usenet.
On Sun, Nov 15, 1998 at 08:14:57AM -0800, Derek Balling wrote:
This is a NEW service, operating on hardware which will be purchased specifically for this purpose by a non-profit organization set up explicitly to do this and other public-interest Internet-related things.
How is making you the Lord High Executioner of Errant Binary Posts in the public interest?
It is in the public interest to get both the copyright violations and the kiddie porn off Usenet.
Have you found a way to identify such things electronicly?
At 10:33 AM 11/15/98 -0600, Karl Denninger wrote:
On Sun, Nov 15, 1998 at 08:14:57AM -0800, Derek Balling wrote:
This is a NEW service, operating on hardware which will be purchased specifically for this purpose by a non-profit organization set up explicitly to do this and other public-interest Internet-related things.
How is making you the Lord High Executioner of Errant Binary Posts in the public interest?
It is in the public interest to get both the copyright violations and the kiddie porn off Usenet.
So in YOUR opinion, it is in the public interest to enforce American laws - or your interpretation of them - in countries that could give a damn about our copyright issues and such? And you're going to do that by violating the very fundamental tenet of the first amendment - by making you register before you speak (or in this case post). What you're saying is that if two people in country X (X being some nameless country who either cares nothing about copyright laws, of which there are many, or cares nothing about child pornography laws, of which there are very few) are sending binaries back and forth to each other, then if the news server they're on happens to be indirectly connected through however many hops to YOUR news server, you're going to tell them they can't do what their country's laws allow? And yes, this is where you mention that "the ONLY people who see the cancel messages are those who explicitly ask for them, yada yada yada" and this is where, given that statement, I offer to sell you a moderately sized bridge in the NYC area, because leaks happen. Leaks in Usenet are like the dinosaurs in Jurassic Park - they happen, despite all your best efforts not to. Just make sure to remind anyone who peers with you who is either a government entity or recieves government funds, that if they peer with you they can kiss their federal money goodbye the day the ACLU gets wind of it. The first amendment doesn't stop you from muzzling whoever you want, but people who get government money CAN'T be engaged in that sort of thing. :) (Prior restraint and such). This is my last post on the topic, I'm officially giving up on you taking a ride on the Clue Bus. You have a god-given right to be a moron if you choose, please feel free to exercise it. Maybe we can all derive a collective chuckle from watching you fall on your face. Still trying to develop the Personal RBL, Derek
At 10:33 AM 11/15/98 -0600, Karl Denninger wrote:
On Sun, Nov 15, 1998 at 08:14:57AM -0800, Derek Balling wrote:
This is a NEW service, operating on hardware which will be purchased specifically for this purpose by a non-profit organization set up explicitly to do this and other public-interest Internet-related things.
How is making you the Lord High Executioner of Errant Binary Posts in the public interest?
It is in the public interest to get both the copyright violations and the kiddie porn off Usenet.
Hello Karl, I'll say up front that this is off-topic for NANOG, in so far as UseNet content is concerned. However it is seriously on-topic as far as UseNet connectivity is concerned, IMHO. Most of this is our opinion only. We do not preach it, nor do we expect converts. Please direct flames to /dev/null. At MHSC, the suits instituted a UseNet ban, as policy, about four years ago. This is because some InterNet terrorists nearly caused us some serious business loss (cjames@cec-service.com and others) at a critical time for MHSC. In addition, CoS cancel wars were beating our servers to death. I submit that the major problems wrt UseNet are NOT kiddie porn and copyright violations. In fact, I submit that the major problems are the cancel messages themselves and spammers (it is valuable to note that within 1 year of dropping out of UseNet our spammed rate also dropped to very low levels). The other problem can not be remedied with any sort of cancellation system (abstinance makes the heart grow fonder <grin>). Over the years UseNet has devolved from anarchy into chaos. IMHO, it can not evolve back. Your service, although laudable in intent, is doomed because of this. But, YMMV. In fact, it is our belief that you may only help to accelerate the demise of UseNet as a usable medium. To us, it doesn't matter because we feel UseNet is already heading there on its own. It's a train-wreck in-process. Those currently on the UseNet train do not yet know that the locomotive has already jumped the tracks, IMHO. Our feeling is to let the lusers have UseNet, as a sacrificial ploy, and carry on real business using mailer-lists, like this one. At least, they can be managed independently of each other. For many reasons, and they are all off-topic here, we believe that UseNet architecture has proven it self to be non-scaleable due to lack of management capability. Yes, we realize that this is also its chief attraction, for many. MHSC does not have a solution, other than abstinance. UseNet needs re-architecting and that will not happen due to the resounding lack of interest in doing so. FYI, a back-burner project, here at MHSC, is to build something along the lines of the FidoNet EchoMail back-bone systems. This was a news/conference system based on mailer-lists. The intent is to fill the need for UseNet with something a bit more managable. We may, or maynot, ever complete that project. ___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer@mhsc.com>rmeyer@mhsc.com Internet phone: hawk.mhsc.com Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com/ ___________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand
On Sun, 15 Nov 1998, Roeland M.J. Meyer wrote:
Over the years UseNet has devolved from anarchy into chaos. IMHO, it can not evolve back.
Death of Usenet predicted. Film at 11. I don't see things this way at all. There's one piece missing from Usenet: accountability. While Karl's proposal addresses this (with binaries only, unfortunately), it goes too far, and damages the right to privacy that people expect, as well as presents far too many opportunities for leakage to those who didn't ask for his cancels. (Karl, while you might think that cancels are only advisory, they're not for most people; many news admins simply set up INN out of the box, with cancels enabled, and never change the defaults. This means that when your cancels leak, and they will, administrators have to opt-out. Saying this is the fault of their peers is merely petty buck-passing; it's the fault of -YOUR- peers.) This is why I don't support Karl's proposal. Not because it is a fundamentally bad idea or because I have a problem with him personally (the latter of which has been seen far too much), but because it fails to address the basic need for personal privacy in a public forum, and because it fails to operate as a strictly opt-out mechanism. Address that, while still making it possible for law enforcement (with proper authorization) to perform an investigation, and you'll have me aboard in a heartbeat. Aside from the lack of authentication, as a medium, Usenet is alive and well. The big 8 are managed in a clear, coherent manner (by a well-defined voting procedure and authenticated mechanism for creation and retirement of groups). What you seem to have a problem with is "alt", and other hierarchies without any kind of growth control. But, so as to avoid the "ok, what's your better idea, then" posts, here's my suggestion. Instead of Karl's system, which places the burden of signing on the customer, and eliminates their posting privacy, why not a system like this: - The system signs the message going out, not the individual. Thus, we know where the message came from (unlike with path headers, which can be forged), and it's much easier to get buy-in from server administrators than it is from the end-user. Especially when a system like this starts reaching critical mass; for a legitimate business providing Usenet service, buy-in is a no-brainer. - Require DH/DSS keys instead of RSA, so that admins can use something like GPG instead of PGP so they aren't saddled with the cost of a server license on PGP, taking some burden off of the administrator, and makes sure that the central authority doesn't ever get nailed with needing to purchace the server licence. All modern versions of PGP support DH/DSS, so this restriction isn't a problem. - Sign every local post, not just binaries. Why should we treat one post differently than others? Just as a binary post could be child porn, a text post could be slander or a copyright infringement. - Issue batches of NoCeMs instead of cancels (using DH/DSS keys instead of RSA). This: - gives us a verification mechanism that the sender of the message really is the central signature-checking authority, and not someone trying to be annoying. - makes it possible to process them more efficiently (in batches as opposed to individually) - ensures that the system really is opt-in, instead of abusing the fact that many administrators leave cancels enabled by default, and making it a pseudo opt-out system. - allows the average person to take part in this, even if their news administrator doesn't, by using NoCeM for what it was originally designed for (as a personal filter). With this, law enforcement knows where the message came from. Now, it's up to the Usenet source to maintain some means of correllating a post to a physical human being (ala NNTP authentication, or NNTP-Posting-Host with a timestamp and login record). Any Usenet source with an abuse department needs this infrastructure in place anyway. If you don't maintain this correllating data, guess who's liable for the content posted? I see this as a much better solution; it preserves the customer's privacy, keeps the legal liability where it belongs (the originating system, and the poster), and takes the burden off of the end user. To them, this is completely invisible. Comments welcome. Feel free to forward this to more appropriate forums if you like the idea, and think others might. -- Edward S. Marshall <emarshal@logic.net> /> Who would have thought that we -o) http://www.logic.net/~emarshal/ // would be freed from the Gates of /\\ Linux Weenie, Open-Source Advocate </ hell by a penguin named "Tux"? _\_v
On Sun, Nov 15, 1998 at 02:29:11PM -0600, Edward S. Marshall wrote:
simply set up INN out of the box, with cancels enabled, and never change the defaults. This means that when your cancels leak, and they will, administrators have to opt-out. Saying this is the fault of their peers is merely petty buck-passing; it's the fault of -YOUR- peers.)
This is why I don't support Karl's proposal. Not because it is a fundamentally bad idea or because I have a problem with him personally (the latter of which has been seen far too much), but because it fails to address the basic need for personal privacy in a public forum, and because it fails to operate as a strictly opt-out mechanism.
Ditto that. And really, it CAN'T operate strictly as an opt-out mechanism. While I'm sure Karl is quite competent enough to be able to configure a server and a newsfeed, he is only human, and mistakes *do* happen. -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Spotted on a bumper sticker: "Possum. The other white meat."
On Fri, Nov 13, 1998 at 09:27:24PM -0600, Karl Denninger wrote:
It would be even more amusing given that it would be false (hint: I've had colocation offers from a number of places across the country).
Since I know the people who own MCSNet, and further know that they can be just as much of a prick as I can, I suspect such complaints would get round-filed - especially given that they would be false.
Karl, I find your solution rather distasteful, but I must note that any cancel message issued on Usenet is, by nature, an advisory and can be ignored if the news server admin chooses to do so. That having been said, I still don't like the idea. -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Spotted on a bumper sticker: "Possum. The other white meat."
This is just a perfect example of what i am begining to get annoyed by. Please list, i think everybody is pretty dead set on their opinions at this point, and talking about it isnt going to help much. It's obvious that karl is set in doing what he's doing, and it's obvious that pretty much the rest of the list is set against what he's doing. I for one, am willing to see how it works out. IF and WHEN karl gets everything up and running will be the only way for sure to know. If his system works out, some of the posters are going to feel pretty foolish. If his system doesnt work out, then i'm sure we will get spammed again on the list with a bunch of "told ya so's" etc. So please let's just drop this thread and await the outcome. On Fri, 13 Nov 1998, Derek Balling wrote:
Yeah, since Karl's not "the boss" at MCS anymore, it would be kinda amusing to have MCS get flooded with complaints that one of their users (Karl) was abusing the network. :)
Wonder if that would be an appropriate use of the RBL? :)
_ __ _____ __ _________ ______________ /_______ ___ ____ /______ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [---------------------------------------------[system info]-----------] 9:05pm up 34 days, 34 min, 4 users, load average: 0.11, 0.08, 0.03
At 06:57 PM 11/13/98 -0500, Dean Anderson wrote:
Sheesh. I'm getting tired of increasingly large logs of cancels and reposts. I think we should start treating all cancels that are sent out by someone who is not a moderator or the original poster as an abuse.
Anyone who cancels someone elses post who is not a moderator or the original poster should lose their account/job at ISP/etc.
So lets start sending in complaints...
This is why we dropped our UseNet feed three years ago, during the CoS cancel-bunny wars. We saw, even then, Windows programs that would allow an end-luser to generate cancels. When I saw three of them offered at shareware.com I knew UseNet was in trouble. When I started to see the cancel rate go *way* up, I dropped the feed. ___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer@mhsc.com>rmeyer@mhsc.com Internet phone: hawk.mhsc.com Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com/ ___________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand
On Fri, 13 Nov 1998, Dean Anderson wrote:
Anyone who cancels someone elses post who is not a moderator or the original poster should lose their account/job at ISP/etc.
So lets start sending in complaints...
And you'd complain to...who? Karl's an independant entity now. -- Edward S. Marshall <emarshal@logic.net> /> Who would have thought that we -o) http://www.logic.net/~emarshal/ // would be freed from the Gates of /\\ Linux Weenie, Open-Source Advocate </ hell by a penguin named "Tux"? _\_v
On Fri, Nov 13, 1998 at 09:42:41PM -0600, Edward S. Marshall wrote:
On Fri, 13 Nov 1998, Dean Anderson wrote:
Anyone who cancels someone elses post who is not a moderator or the original poster should lose their account/job at ISP/etc.
So lets start sending in complaints...
And you'd complain to...who? Karl's an independant entity now.
Correct :-) What's even more fun is that since the system doesn't EMIT any articles it consumes (it emits only cancels, sourced there) you can't figure out where it gets its feeds from.... good luck getting the system's feeds cut off under those circumstances :-) -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.
At 10:13 PM 11/13/98 -0600, Karl Denninger wrote:
Correct :-)
What's even more fun is that since the system doesn't EMIT any articles it consumes (it emits only cancels, sourced there) you can't figure out where it gets its feeds from.... good luck getting the system's feeds cut off under those circumstances :-)
When I was a customer of Karl's, I thought that despite his shortcomings, he had a soul that had some qualities worthy of redemption, sort of like Darth Vader of the Internet. The instant I ceased being his customer (when he sold out without telling his customers they were sold out) I thought it was possible the power of the Dark Side was too great for him. Its posts like this one that prove to me inconclusively that unlike the wizened old man in the big black suit, Karl has a fair market value of $6.57 for his chemical composition and that's it. I firmly and truly believe now that Karl sits back on a daily basis a wonders "Gosh, what segment of the net haven't I pissed off today. I wonder how I could get THEM mad, too?" I wish there was an RBL for _PEOPLE_ so that the dips in the clue-field caused by the likes of Karl could just be put in a list somewhere and completely negated everywhere else in the net. *sigh*
participants (10)
-
Dean Anderson
-
Derek Balling
-
dougd@mail.airmail.net
-
Edward S. Marshall
-
James Rishaw
-
John Gonzalez/netMDC admin
-
Karl Denninger
-
Len Rose
-
Roeland M.J. Meyer
-
Steven J. Sobol