Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Cerf complaint - first draft

2 views
Skip to first unread message

X

unread,
Feb 19, 2005, 1:09:57 AM2/19/05
to

Here is my first draft. I could really use the Cerf/Linford quotes if
anyone has them.


We the undersigned are writing to draw the committee's attention to what
we believe meets the definition of ACM's Code of Conduct as 'Gross
Misconduct'. We ask that membership for Vinton G. Cerf be terminated per
that Code. We also ask that the committee share all information
contained herein, and any other relevant information, with the Turing
Award Committee for their review.

Dr. Cerf is Vice President of Technology for MCI and as such wields a
great deal of influence with the company. MCI is currently the worlds
largest producer of spam and is knowingly hosting a company that sells
software that's sole purpose is to spam. This software, and Dr. Cerf's
defense and support of MCI's hosting of it, is the basis for our
complaint.

The software in question is Send-Safe. It is designed to attack Trojan
infected computers and use them to send out millions of unsolicited
commercial emails. This is in violation of The Federal Computer Fraud
and Abuse Act sections 3, 4 and 5 at a minimum. By helping transmit this
software over their network MCI might also be in violation of the same.
Dr. Cerf turns a blind eye, and in fact defends MCI in their actions.

This software also uses forged 'from' email addresses to send its
messages. This is in violation of the Federal Can-Spam Act and Virginia
State law where MCI is headquartered.

It should also be noted that Send-Safe has been selling their illegal
software from MCI's network for close to two years now. This is after
being kicked off no less than four other internet providers for their
activities. Further details of Send-Safe and their relationship with MCI
will be provided upon request.

Dr. Cerf and MCI maintain that Send-Safe is protected by Free Speech.
This is untrue. Free Speech is a government issue, and even then it does
not allow one to break laws. Just as you can not yell fire in a theater
you can not hijack someone else's computer and expect Free Speech
protection. They also maintain that Send-Safe is a customer of a
customer. This is disingenuous at best. The 'customer' is a well know
spam operation and Send-Safe is an integral part of that. Regardless, it
is MCI's network and their responsibility.

We believe that Dr. Cerf is guilty of violating a great many sections of
the ACM Code of Ethics. Below are the sections that he is violating in a
most grievous fashion.

1.2 Avoid harm to others.
"Harm" means injury or negative consequences, such as undesirable loss
of information, loss of property, property damage, or unwanted
environmental impacts. This principle prohibits use of computing
technology in ways that result in harm to any of the following: users,
the general public, employees, employers. Harmful actions include
intentional destruction or modification of files and programs leading to
serious loss of resources or unnecessary expenditure of human resources
such as the time and effort required to purge systems of "computer
viruses.

There is no question that Dr. Cerf's actions and defense of Send-Safe is
an extreme violation of the above. His support of Send-Safe's place on
MCI's network has ensured that countless users are spammed, their
addresses are used as the 'from' and their computers are hijacked to
send this spam. The reference in the above to 'computer viruses' is
most telling. The software that Dr. Cerf defends relies upon the use and
spread of viruses.

2.3 Know and respect existing laws pertaining to professional work.
ACM members must obey existing local, state,province, national, and
international laws unless there is a compelling ethical basis not to do
so.

This is obvious. Dr. Cerf is blatantly supporting the violation of
numerous Federal and Sate laws. State laws where MCI is headquartered.
And there is no compelling ethical basis for helping spammers break the
law.

3.1 Articulate social responsibilities of members of an organizational
unit and encourage full acceptance of those responsibilities.
Because organizations of all kinds have impacts on the public, they must
accept responsibilities to society. Organizational procedures and
attitudes oriented toward quality and the welfare of society will reduce
harm to members of the public, thereby serving public interest and
fulfilling social responsibility. Therefore,organizational leaders must
encourage full participation in meeting social responsibilities as well
as quality performance.

This is Dr. Cerf's most grievous violation of the ACM Code of Ethics. It
is so severe that we believe it alone is cause for immediate
termination. Dr. Cerf is a respected high level executive at MCI. His
defense of MCI and Send-Safe is an extreme violation of the above. He
has demonstrated no concern for the welfare of society. His defense of
Send-Safe and MCI is exactly the opposite, he is aiding and abeting the
harm of society.

As stated earlier, there are a great many violations of the Code of
Ethics in Dr. Cerf's actions. If the committee would please take a
moment and read the Code of Ethics from top to bottom, with the above
facts in mind we believe you will understand how massive the list of
violations is. We are confident that you will reach the same conclusion
that we have; Anyone involved in this situation has no business being a
member of ACM, let alone being honored by that organization.

Should you require any additional information or clarification please
let us know. We thank you for your time and consideration.

Bulent Murtezaoglu

unread,
Feb 19, 2005, 8:55:15 AM2/19/05
to

>>>>> "X" == X <X> writes:
[...]
X> The software in question is Send-Safe. It is designed to attack
X> Trojan infected computers and use them to send out millions of
X> unsolicited commercial emails. This is in violation of The
X> Federal Computer Fraud and Abuse Act sections 3, 4 and 5 at a
X> minimum.

Then, it would seem, rather than circulating libelous usenet petions
proper federal authorities should be contacted.

X> By helping transmit this software over their network
X> MCI might also be in violation of the same. Dr. Cerf turns a
X> blind eye, and in fact defends MCI in their actions.

Do you honestly believe that a company with a sizeable legal department
would be ignorant about federal laws?

X> This software also uses forged 'from' email addresses to send
X> its messages. This is in violation of the Federal Can-Spam Act
X> and Virginia State law where MCI is headquartered.

In that case I don't see why the State and Federal auhorities are not
being contacted about this.

[...]
X> 1.2 Avoid harm to others. "Harm" means injury or negative
X> consequences, such as undesirable loss of information, loss of
X> property, property damage, or unwanted environmental
X> impacts. This principle prohibits use of computing technology
X> in ways that result in harm to any of the following: users, the
X> general public, employees, employers. Harmful actions include
X> intentional destruction or modification of files and programs
X> leading to serious loss of resources or unnecessary expenditure
X> of human resources such as the time and effort required to
X> purge systems of "computer viruses.

X> There is no question that Dr. Cerf's actions and defense of
X> Send-Safe is an extreme violation of the above.

Dr. Cerf is doing none of the above.

X> His support of
X> Send-Safe's place on MCI's network has ensured that countless
X> users are spammed, their addresses are used as the 'from' and
X> their computers are hijacked to send this spam. The reference
X> in the above to 'computer viruses' is most telling. The
X> software that Dr. Cerf defends relies upon the use and spread
X> of viruses.

This is a despicable characterization. Dr. Cerf is not defending this
software, he didn't write it, he is not selling it, he isn't
advertising it. As a matter of fact he has had nothing to do with it.
They have a client who is selling software designed to do bad stuff.
They say their terms of service do not give them grounds for
terminating their business relationship. I don't see how this means
Dr. Cerf supports the bad things that the software does.

X> 2.3 Know and respect existing laws pertaining to professional
X> work. ACM members must obey existing local, state,province,
X> national, and international laws unless there is a compelling
X> ethical basis not to do so.

X> This is obvious. Dr. Cerf is blatantly supporting the violation
X> of numerous Federal and Sate laws. State laws where MCI is
X> headquartered. And there is no compelling ethical basis for
X> helping spammers break the law.

This is another blatant lie. Had his been true, rather than annoying
people on usenet people would be making complaints to legal authorities
and getting results. There is no compelling ethical basis for
mendacity either.

X> 3.1 Articulate social responsibilities of members of an
X> organizational unit and encourage full acceptance of those
X> responsibilities. Because organizations of all kinds have
X> impacts on the public, they must accept responsibilities to
X> society. Organizational procedures and attitudes oriented
X> toward quality and the welfare of society will reduce harm to
X> members of the public, thereby serving public interest and
X> fulfilling social responsibility. Therefore,organizational
X> leaders must encourage full participation in meeting social
X> responsibilities as well as quality performance.

X> This is Dr. Cerf's most grievous violation of the ACM Code of
X> Ethics. It is so severe that we believe it alone is cause for
X> immediate termination. Dr. Cerf is a respected high level
X> executive at MCI. His defense of MCI and Send-Safe is an
X> extreme violation of the above. He has demonstrated no concern
X> for the welfare of society. His defense of Send-Safe and MCI is
X> exactly the opposite, he is aiding and abeting the harm of
X> society.

Quite on the contrary, a reasonable case can be made that he's doing
the responsible thing. Just for a moment suppose that the offensive
software in question was something that had to do with file sharing or
illegal music/movie downloads. With the exception of the computer
highjacking argument, all of your reasoning above would work. Same
goes for questionable 'security' tools in which case even the
highjacking argument would stick. I'll go one step further, a set of
instructions for finding open proxies and showing how they can be used
to send spam would also fit all of the above. As much as I hate spam,
I am glad people like Dr. Cerf people don't lose their minds about it.
We do have a big problem in spam, we don't need a far bigger one by
thoughtlessly setting precedents.

X> As stated earlier, there are a great many violations of the
X> Code of Ethics in Dr. Cerf's actions. If the committee would
X> please take a moment and read the Code of Ethics from top to
X> bottom, with the above facts in mind we believe you will
X> understand how massive the list of violations is. [...]

I am unconvinced. I am getting persuaded that the SPAM problem has
created an atmosphere where obscurantist rancor is replacing sanity
and decency.

BM

X

unread,
Feb 19, 2005, 9:58:35 AM2/19/05
to
Crossposted to news

Bulent Murtezaoglu <b...@acm.org> wrote in
news:877jl4z...@p4.internal:

>
>>>>>> "X" == X <X> writes:
> [...]
> X> The software in question is Send-Safe. It is designed to attack
> X> Trojan infected computers and use them to send out millions of
> X> unsolicited commercial emails. This is in violation of The
> X> Federal Computer Fraud and Abuse Act sections 3, 4 and 5 at a
> X> minimum.
>
> Then, it would seem, rather than circulating libelous usenet petions
> proper federal authorities should be contacted.

first, the petition wont be circulated on usenet. it will be posted on a
webpage. it will then be posted to ACM.

second, it was at the insistance of the USACM Public Policy Committee
Chair that the discussion was moved to usenet. Attempts to discuss the
issue there were rebuffed.

third, I am quite familar with the US libel laws. For something to be
libelous, it has to be untrue. According to Spamhaus, servers selling
send-safe are hosted at 65.203.151.183, 65.203.151.213, 65.203.151.0/24,
and 65.210.168.34 A whois on those IPAs all show them to be downstream
of MCI. True statements trump the libel laws every time.

fourth, what makes you think the authorities haven't received reports,
repeatedly? Do you suppose that the minimum of $200K USD that MCI has
contributed to the DNC and RNC, and uncounted other thousands directly
to candidates might have something to do with the inaction by Virginia
prosecutors?

>
> X> By helping transmit this software over their network
> X> MCI might also be in violation of the same. Dr. Cerf turns a
> X> blind eye, and in fact defends MCI in their actions.
>
> Do you honestly believe that a company with a sizeable legal
department
> would be ignorant about federal laws?

Ignorant of them, or turning a blind eye. $5M USD in spammer money has
that effect on eyesight.

And numerous of the spamhaus listings of MCI space date back to 2003 or
even 2002. Speaking of libel and large legal departments, do you think
those listings would still be there if they were untrue?


>
> X> This software also uses forged 'from' email addresses to send
> X> its messages. This is in violation of the Federal Can-Spam Act
> X> and Virginia State law where MCI is headquartered.
>
> In that case I don't see why the State and Federal auhorities are not
> being contacted about this.

who says they aren't?

>
> [...]
> X> 1.2 Avoid harm to others. "Harm" means injury or negative
> X> consequences, such as undesirable loss of information, loss of
> X> property, property damage, or unwanted environmental
> X> impacts. This principle prohibits use of computing technology
> X> in ways that result in harm to any of the following: users, the
> X> general public, employees, employers. Harmful actions include
> X> intentional destruction or modification of files and programs
> X> leading to serious loss of resources or unnecessary expenditure
> X> of human resources such as the time and effort required to
> X> purge systems of "computer viruses.
>
> X> There is no question that Dr. Cerf's actions and defense of
> X> Send-Safe is an extreme violation of the above.
>
> Dr. Cerf is doing none of the above.

That's odd. Can you post the message you have from him repudiating his
quote, or are you deciding on your own that he's repudiated the quote?
On what basis? Have you asked him why MCI is hosting so many spammers?

>
> X> His support of
> X> Send-Safe's place on MCI's network has ensured that countless
> X> users are spammed, their addresses are used as the 'from' and
> X> their computers are hijacked to send this spam. The reference
> X> in the above to 'computer viruses' is most telling. The
> X> software that Dr. Cerf defends relies upon the use and spread
> X> of viruses.
>
> This is a despicable characterization. Dr. Cerf is not defending this
> software, he didn't write it, he is not selling it, he isn't
> advertising it. As a matter of fact he has had nothing to do with it.
> They have a client who is selling software designed to do bad stuff.
> They say their terms of service do not give them grounds for
> terminating their business relationship. I don't see how this means
> Dr. Cerf supports the bad things that the software does.

He is defending it. It is available on the MCI network. Dr Cerf is
sufficently senior in MCI that if he were truly anti spam, the send-safe
software would not be for sale on MCI's network.

>
> X> 2.3 Know and respect existing laws pertaining to professional
> X> work. ACM members must obey existing local, state,province,
> X> national, and international laws unless there is a compelling
> X> ethical basis not to do so.
>
> X> This is obvious. Dr. Cerf is blatantly supporting the violation
> X> of numerous Federal and Sate laws. State laws where MCI is
> X> headquartered. And there is no compelling ethical basis for
> X> helping spammers break the law.
>
> This is another blatant lie. Had his been true, rather than annoying
> people on usenet people would be making complaints to legal
authorities
> and getting results. There is no compelling ethical basis for
> mendacity either.

again, what is your evidence that complaints have not been made to legal
authorities?

Send-safe includes "a set of instructions for finding open proxies and
showing how they can be used to send spam". Check out their web page at
http://www.send-safe.com/scanner.php which reads in part

"Send-Safe Proxy Scanner

Send-Safe Proxy Scanner is a program designed for searching for
HTTPS/SOCKS proxies over the net by scanning IP ranges and checking
existing lists of proxies."

Before saying that software does or doesn't do something, you should
read the specs to see what it does.

The thoughtless precedent that has been set is that because MCI is a
large corporation, they are somehow given a free pass that isn't given
to the little hole in the wall spam operations operating out of the
spammer's mother's basement. http://linx.net and numerous other
standard setting bodies have said that hosting spammers is an
unacceptable breach of the community's trust, and grounds for depeering.
MCI thinks that it is too big for that depeering. That's the
thoughtless precedent that should be avoided.


>
> X> As stated earlier, there are a great many violations of the
> X> Code of Ethics in Dr. Cerf's actions. If the committee would
> X> please take a moment and read the Code of Ethics from top to
> X> bottom, with the above facts in mind we believe you will
> X> understand how massive the list of violations is. [...]
>
> I am unconvinced. I am getting persuaded that the SPAM problem has
> created an atmosphere where obscurantist rancor is replacing sanity
> and decency.
>
> BM
>

SPAM[tm] in capital letters is a registered trademark of Hormel. UBE
version of spam uses small letters.


MCI has 191 entries on Spamhaus last time I checked, more than any other
ISP not just in the US, but in the world. They bury our inboxes in
spam. Half of AOL's mail servers are used to process and block spam.
One of their customers engaged in a DOS attack on my servers when I
blocked them from connecting to me in my access file, hitting me
multiple thousands of times per minute until I blocked them at the
firewall. Complaints to MCI, with accompanying evidence, saw trouble
tickets closed without action or explanation. Then you defend them
without bothering to check the facts. Rancor? Of course there is
rancor. What emotion would be more appropriate when dealing with an ISP
and its senior management that are willful partners to this assault on
our mailboxes? What do they expect for their efforts - flowers?

To protect my machines I have had no choice but to include
mci.blackholes.us in the dnsbl list that I use in sendmail. That is
2100 desktops that can't get mail from servers downstream from MCI. Nor
am I alone. blackholes.us would not have created the zone if there
hadn't been a demand for it.


Bulent Murtezaoglu

unread,
Feb 19, 2005, 11:23:07 AM2/19/05
to

>>>>> "X" == X <X> writes:
[...]
X> third, I am quite familar with the US libel laws. For something
X> to be libelous, it has to be untrue. According to Spamhaus,
X> servers selling send-safe are hosted at 65.203.151.183,
X> 65.203.151.213, 65.203.151.0/24, and 65.210.168.34 A whois on
X> those IPAs all show them to be downstream of MCI. True
X> statements trump the libel laws every time.

It is quite clear they are downstream of MCI. It is also quite clear
what their software does. That's not where the untruth is, and I am
sorry if it wasn't clear I wasn't disputing any of this.

[...]
X> Ignorant of them, or turning a blind eye. $5M USD in spammer
X> money has that effect on eyesight.

Oh that I will not dispute. People host porn for money also. To carry
the analogy further your argument isn't that 'they host porn' it is that
by doing so they turned into people who perform illegal sex acts. It
that jump I am taking issue with.

X> And numerous of the spamhaus listings of MCI space date back to
X> 2003 or even 2002. Speaking of libel and large legal
X> departments, do you think those listings would still be there
X> if they were untrue?

Spamhous lists that I have looked at for this case list them as
providing service to the spam software vendor. That is not in doubt
nor is it disputed. Your assertion is not simply that they do this.

[on contecting teh authorities about the alleged illegality of MCI's
behaviour]

X> who says they aren't?

Then it is in everybodies best interest to let the courts sort this
out. No?

[...]


X> There is no question that Dr. Cerf's actions and defense of
X> Send-Safe is an extreme violation of the above.

BM> Dr. Cerf is doing none of the above.

X> That's odd. Can you post the message you have from him
X> repudiating his quote, or are you deciding on your own that
X> he's repudiated the quote?

His quote? You posted a section from the code ethics 1.2 and accused
him of being in extreme violation. I can see how send-safe can be seen
to be in violation, refusing to be bullied into pulling the plug on
send-safe doesn't fit. Is that not what this is about?

X> On what basis? Have you asked him
X> why MCI is hosting so many spammers?

You can get spammers shut down. You must mean spam-ware vendors, no?

[...]
X> He is defending it. It is available on the MCI network. Dr
X> Cerf is sufficently senior in MCI that if he were truly anti
X> spam, the send-safe software would not be for sale on MCI's
X> network.

NO. This is warped thinking. If I allow my dinner guests to say
horrible things, does that mean I am defending the horrible things
they say? You can question the company I keep, but the jump from
'allowing' to 'defending' is troublesome. I would have no problem
whatsoever with a petition that said "he's senior enough to see to it
that they make a stand by refusing to carry this traffic, he doesn't
and thus doesn't help with the problem" (note there might be
common-carrier type retrictions on them, let's assume that there are
none. IANAL). I probably wouldn't support that petitition but it
wouldn't offend my sense of fairness.

X> This is obvious. Dr. Cerf is blatantly supporting the violation
X> of numerous Federal and Sate laws. State laws where MCI is
X> headquartered. And there is no compelling ethical basis for
X> helping spammers break the law.
>> This is another blatant lie. Had his been true, rather than
>> annoying people on usenet people would be making complaints to
>> legal

X> authorities


>> and getting results. There is no compelling ethical basis for
>> mendacity either.

X> again, what is your evidence that complaints have not been made
X> to legal authorities?

And I refuse to believe you are dense enough not to see that is not
where the mendacity is. English is not my native tongue, but I think
to any sane reader the suspect sentence is obviously "Dr. Cerf is
blatantly supporting the violation of numerous Federal and Sate
laws."[sic] Besides, note that I have said "and getting results" You
are asserting 'blatant support' of 'violation of Federal and State
laws.' For this to be credible

-- That the violation exists in the first place needs to be established.
A court of law is the proper place for this to happen.

-- That this violation is in fact _supported_ by Dr. Cerf needs to be
established.

None of those seem to have happened. Quite on the contrary. There's
simply an opinion with very questionable reasoning behind it that
spamware vendors violate anti-spam laws and that carrying traffic that
includes spamware is 'blatant support' for this illegal action. (and
that Dr. Cerf is indeed in a position of doing it, which for the sake
of argument, I'll stipulate.)

Is this a fair characterization of your justification for your assertion
that "Dr. Cerf is blatantly supporting the violation of numerous Federal
and Sate laws." ? If so, I stand by my characterization that stating
this as fact is morally equivalent to telling a falsehood.

[...]


>> Quite on the contrary, a reasonable case can be made that he's
>> doing the responsible thing. Just for a moment suppose that
>> the offensive software in question was something that had to do
>> with file sharing or illegal music/movie downloads. With the
>> exception of the computer highjacking argument, all of your
>> reasoning above would work. Same goes for questionable
>> 'security' tools in which case even the highjacking argument
>> would stick. I'll go one step further, a set of instructions
>> for finding open proxies and showing how they can be used to
>> send spam would also fit all of the above. As much as I hate
>> spam, I am glad people like Dr. Cerf people don't lose their
>> minds about it. We do have a big problem in spam, we don't
>> need a far bigger one by thoughtlessly setting precedents.

X> Send-safe includes "a set of instructions for finding open
X> proxies and showing how they can be used to send spam". Check
X> out their web page at http://www.send-safe.com/scanner.php
X> which reads in part

X> "Send-Safe Proxy Scanner

X> Send-Safe Proxy Scanner is a program designed for searching for
X> HTTPS/SOCKS proxies over the net by scanning IP ranges and
X> checking existing lists of proxies."

X> Before saying that software does or doesn't do something, you
X> should read the specs to see what it does.

You misunderstood what I was saying. I don't know how to say it
clearer, sorry. Perhaps, you might try to see that I did not assert
they did not, but that shutting sites down based on content might set a
bad precedent. Since you chose to bring the law into the picture, think
de-CSS, various file-sharing and/or ripping programs. I was merely saying
that your broad brush would include not just a program but a description
also. As far as I can see, it does and you seem fine with it.

X> The thoughtless precedent that has been set is that because MCI
X> is a large corporation, they are somehow given a free pass that
X> isn't given to the little hole in the wall spam operations
X> operating out of the spammer's mother's basement.
X> http://linx.net and numerous other standard setting bodies have
X> said that hosting spammers is an unacceptable breach of the
X> community's trust, and grounds for depeering. MCI thinks that
X> it is too big for that depeering. That's the thoughtless
X> precedent that should be avoided.

Oh, this opinion I have no problems with. It is clear you are using
spammer in the loose sense and it is mainly a wish that the world worked
differently.

[...]
X> SPAM[tm] in capital letters is a registered trademark of
X> Hormel. UBE version of spam uses small letters.

Got it, thanks.

X> MCI has 191 entries on Spamhaus last time I checked, more than
X> any other ISP not just in the US, but in the world. They bury
X> our inboxes in spam. Half of AOL's mail servers are used to
X> process and block spam. One of their customers engaged in a
X> DOS attack on my servers when I blocked them from connecting to
X> me in my access file, hitting me multiple thousands of times
X> per minute until I blocked them at the firewall. Complaints to
X> MCI, with accompanying evidence, saw trouble tickets closed
X> without action or explanation. Then you defend them without
X> bothering to check the facts.

I don't defend MCI, I am just going by the evidence you presented and
the faulty reasoning in your petitition. The assertion, it seemed to me,
was centered on them carrying traffic involving spamware. The in the
above paragraph your are talking about something else entirely.

X> Rancor? Of course there is
X> rancor. What emotion would be more appropriate when dealing
X> with an ISP and its senior management that are willful partners
X> to this assault on our mailboxes? What do they expect for their
X> efforts - flowers?

Then make it clear and fair. Look, not actively trying to stop MCI's
involvement in having clients that sell spamware is a perfectly
legitimate grievance against someone in MCI's management. That's a
fine petition to write and send. Blowing the accusation beyond all
reason and decency is quite something else. The cause of your rancor
might be understandable, that does not justify the action you take by
that motivation nor does it make it acceptable. All IMHO, but keep in
mind people are reading a petitition full of accusations from an X about
someone as accomplished as Dr. Cerf.

cheers,

BM

X

unread,
Feb 19, 2005, 3:04:46 PM2/19/05
to
Bulent Murtezaoglu <b...@acm.org> wrote in
news:87vf8oy...@p4.internal:

>


> Spamhous lists that I have looked at for this case list them as
> providing service to the spam software vendor. That is not in doubt
> nor is it disputed. Your assertion is not simply that they do this.
>

That's true. there are 190 or so listings on Spamhaus, of which send-
safe is about 5 or so of them. Some of the rest are probably spamware
vendors as well (also violating Virginia law). However, the
overwhelming bulk of them are spammers.


> [on contecting teh authorities about the alleged illegality of MCI's
> behaviour]
>
> X> who says they aren't?
>
> Then it is in everybodies best interest to let the courts sort this
> out. No?
>

Some of the spammers hosted by MCI have been hosted by MCI since 2002.
What do you feel is a reasonable amount of time to let the courts to
sort this out? We missed an opportunity when one of the most prolific
spammers hosted by MCI pleaded guilty to felony charges. Had I heard
about it soon enough, I would have been at the sentencing hearing urging
that he be barred from the Internet during his period of probation a la
Mitnick.

Right now, we are blocking all MCI space on our servers because of the
rampant spam coming from their servers. The blocking includes port 80
so that when the spammer spams from stolen resources elsewhere and
points to MCI space to close the sale, gullible users who might visit
the phish site or whatever it is that MCI is hosting can't reach th
spamvertised site.

> [...]
> X> There is no question that Dr. Cerf's actions and defense of
> X> Send-Safe is an extreme violation of the above.
> BM> Dr. Cerf is doing none of the above.
>
> X> That's odd. Can you post the message you have from him
> X> repudiating his quote, or are you deciding on your own that
> X> he's repudiated the quote?
>
> His quote? You posted a section from the code ethics 1.2 and accused
> him of being in extreme violation. I can see how send-safe can be
> seen to be in violation, refusing to be bullied into pulling the plug
> on send-safe doesn't fit. Is that not what this is about?

I believe the original post included his quote. If it didn't, quoting
Steve Linford in his quote of Dr Cerf:

"I reminded Vint Cerf of his "spam is bad for the net" quote displayed
on the CAUCE site, and asked for his help in getting the MCI spamware
issue solved. He said he'd look into it, but got back to me saying the
1st Amendment made MCI not terminate spamware vendors no matter how
illegal... so I gave him a link to the LINX BCP document and quoted the
LINX text to him, he replied that the LINX BCP document was "probably
illegal" in the USA (and hence MCI was ignoring it). Basically, MCI is
trying every excuse under the sun to keep Send Safe and the many spam
gangs they're servicing."

We want MCI to enforce its terms of service. The fact that you agree
that it can't be done without "bullying them into pulling the plug" is a
powerful indictment of them, and supports our argument. An ethical ISP,
with an ethical senior VP of technology, wouldn't need to be bullied
into doing the right thing. MCI has 192 listings on Spamhaus. Only two
others have over 100. Only 10 ISPs, worldwide, have 52 listings or
more. Why are there so few ISPs who are unable to shut down the
spammers infesting their networks? This isn't a legal problem. It isnt
a technical capabilities problem. It's a problem of being ethically
challenged. We have a Code of Ethics. It is appropriate to suggest that
our members, including famous members, abide by it

>
> X> On what basis? Have you asked him
> X> why MCI is hosting so many spammers?
>
> You can get spammers shut down. You must mean spam-ware vendors, no?

I mean both. I want the 191 listings on spamhaus to be shut down.
We'll allow for the odd spammer sneaking in every now and then, but
listings more than 2 weeks old are a sign of lack of attention.
Listings from 2002 are a sign of complicacy.

>
> [...]
> X> He is defending it. It is available on the MCI network. Dr
> X> Cerf is sufficently senior in MCI that if he were truly anti
> X> spam, the send-safe software would not be for sale on MCI's
> X> network.
>
> NO. This is warped thinking. If I allow my dinner guests to say
> horrible things, does that mean I am defending the horrible things
> they say?

If you allow your dinner guests to go into the room where everyone's
coats are laying on the bed, and let them rifle the pockets of the other
guests' coats, meanwhile ignoring the complaints of the guests whose
pockets are being rifled, then yes, I'd say that you're complicit in it.

>You can question the company I keep, but the jump from
> 'allowing' to 'defending' is troublesome.

Why? even 4 chinese ISPs, supposedly bullet-proof pro spam ISPs, had no
trouble shutting it down. MCI could have this down in minutes if they
were so inclined.

I would have no problem
> whatsoever with a petition that said "he's senior enough to see to it
> that they make a stand by refusing to carry this traffic, he doesn't
> and thus doesn't help with the problem" (note there might be
> common-carrier type retrictions on them, let's assume that there are
> none. IANAL). I probably wouldn't support that petitition but it
> wouldn't offend my sense of fairness.

common carrier status doesnt apply to MCI's internet services. IANAL
either, but that debate has been put to rest. Every telco that has
common carrier status for some of their services basically functions as
two companies.

>
> -- That the violation exists in the first place needs to be
> established. A court of law is the proper place for this to happen.
>

You can shut sites down for contract violation without resorting to
court.


> -- That this violation is in fact _supported_ by Dr. Cerf needs to be
> established.
>

It has, to my satisfaction



> None of those seem to have happened. Quite on the contrary. There's
> simply an opinion with very questionable reasoning behind it that
> spamware vendors violate anti-spam laws and that carrying traffic that
> includes spamware is 'blatant support' for this illegal action. (and
> that Dr. Cerf is indeed in a position of doing it, which for the sake
> of argument, I'll stipulate.)
>
> Is this a fair characterization of your justification for your
> assertion that "Dr. Cerf is blatantly supporting the violation of
> numerous Federal and Sate laws." ? If so, I stand by my
> characterization that stating this as fact is morally equivalent to
> telling a falsehood.

nope. I stand by it. Steve Linford from Spamhaus made a direct appeal
to him to use his influence within MCI to do the right thing. He
declined to do so

While I wasn't wild about de-CSS being shut down, it did establish the
precedent that distributing illegal software is valid grounds for
shutting down a web site. The precedent has already been set. We can
use that precedent for the overall good of the Internet. If MCI (and
kornet, SBC, and all the others) continue to host spammers and those who
facilitate spamming through the distribution of spamware, hosting of
spamvertised sites, processing of credit cards for sales through spam,
or anything else, they will be presiding over the destruction of the
Internet as the Commons founded on the notion of consensual
communications.

The basic premise consists of two things:

1) Vint Cerf is in a position to influence the MCI position on spam
2) MCI is a significant contributing factor to the spam problem on the
internet today because of Vint Cerf's failure to be an effective
advocate for section 3.1 of the ACM Code of Ethics.

He has been a major contributor to the original development of the
Internet. It is dismaying that he would collaborate in the destruction
of what he developed.


>
> X> The thoughtless precedent that has been set is that because MCI
> X> is a large corporation, they are somehow given a free pass that
> X> isn't given to the little hole in the wall spam operations
> X> operating out of the spammer's mother's basement.
> X> http://linx.net and numerous other standard setting bodies have
> X> said that hosting spammers is an unacceptable breach of the
> X> community's trust, and grounds for depeering. MCI thinks that
> X> it is too big for that depeering. That's the thoughtless
> X> precedent that should be avoided.
>
> Oh, this opinion I have no problems with. It is clear you are using
> spammer in the loose sense and it is mainly a wish that the world
> worked differently.

I lump spam facilitators with spammers. I do so deliberately. If no
one hosted their web sites, credit card processing, etc, the spamming
would be meaningless and the spam would cease.

I think the ACM position on facilitation of spamming is significantly
weaker than it ought to be. I'll probably propose amendments. Meanwhile,
because of the Turing Award, Dr Cerf is in the trade news. At the same
time, his company is in the news harboring people engaged in criminal
activity. It's the equivalent of harboring a fugitive in your house and
telling the police at the door that you've never heard of the guy.

The LINX position, as one example, is quite clear. MCI is violating the
LINX policy by hosting the web sites of spamware vendors and spammers,
and is subject to de-peering. The existence of the mci.blackholes.us
dnsbl indicates that some have already started that depeering process.
What surprised me was the limited number of complaints I got when we
implemented that depeering by dnsbl on our systems. One complaint, and
on that one all we had to do was show the sending party how to switch
their outbound mail to us to a different IPA going out via a different
backbone provider.


> X> MCI has 191 entries on Spamhaus last time I checked, more than
> X> any other ISP not just in the US, but in the world. They bury
> X> our inboxes in spam. Half of AOL's mail servers are used to
> X> process and block spam. One of their customers engaged in a
> X> DOS attack on my servers when I blocked them from connecting to
> X> me in my access file, hitting me multiple thousands of times
> X> per minute until I blocked them at the firewall. Complaints to
> X> MCI, with accompanying evidence, saw trouble tickets closed
> X> without action or explanation. Then you defend them without
> X> bothering to check the facts.
>
> I don't defend MCI, I am just going by the evidence you presented and
> the faulty reasoning in your petitition. The assertion, it seemed to
> me, was centered on them carrying traffic involving spamware. The in
> the above paragraph your are talking about something else entirely.

To some, the hosting of send-safe is in and of itself grounds for the
complaint. I look at the 191 listings as a whole. Dropping the 4 or so
send-safe IP blocks will not be sufficient to satisfy me, or cause me to
lift the de-peering decision at our installation.

>
> X> Rancor? Of course there is
> X> rancor. What emotion would be more appropriate when dealing
> X> with an ISP and its senior management that are willful partners
> X> to this assault on our mailboxes? What do they expect for their
> X> efforts - flowers?
>
> Then make it clear and fair. Look, not actively trying to stop MCI's
> involvement in having clients that sell spamware is a perfectly
> legitimate grievance against someone in MCI's management. That's a
> fine petition to write and send. Blowing the accusation beyond all
> reason and decency is quite something else. The cause of your rancor
> might be understandable, that does not justify the action you take by
> that motivation nor does it make it acceptable. All IMHO, but keep in
> mind people are reading a petitition full of accusations from an X
> about someone as accomplished as Dr. Cerf.


The petition when it is filed with the ACM ethics committee will have
real names of real people on it. Some of the signers will be 20 year
ACM members. Others will have never heard of ACM before this came up
(and what an introduction to the organization it's proven to be).

People understand not to put real names and addresses on usenet posts to
avoid spammer harvesting. I just shut down my most recent real usenet
address because the harvesting has started, and I haven't gotten around
to setting up the new one on yahoo yet. I'll have a real address up
soon, probably in the next 24 hours. Be assured that on SPAM-L, where
the petition originated, real names are in use and we all know who is
saying what. Personally, I would have preferred that the discussion of
this be carried on through an internal ACM list. However, the powers
that be on the US ACM Policy Committee felt that it was more
appropriately something to be handled on a public forum. While I
disagree with that decision, I will live with it.

--
8 out of 10 spammers agree, a heart was not the tin man's organ
enhancement of choice. --adapted from a valentines card

Bulent Murtezaoglu

unread,
Feb 19, 2005, 3:37:31 PM2/19/05
to
>>>>> "X" == X <X> writes:
[...]

>> -- That the violation exists in the first place needs to be


>> established. A court of law is the proper place for this to
>> happen.
>>

X> You can shut sites down for contract violation without
X> resorting to court. [...]

The 'violation' there referred to to your accusation that "Dr. Cerf is


blatantly supporting the violation of numerous Federal and Sate

laws." I tried to explain why I thought that was a falsehood. This
is neither a proper response nor proper quoting of the question.

I have read the rest of your posting, I understand your position. I also
think your zeal might be getting the better of you. Unless someone else
wants to pick this up, perhaps it is best we drop it at this time.
Maybe your group will tone down the language and limit themselves
to defensible assertions when the final revision of the petition. That
ceratinly will be good for everyone.

cheers,

BM


Rex Karz

unread,
Feb 19, 2005, 4:03:19 PM2/19/05
to
Bulent Murtezaoglu wrote:

and WTF are you?


--
The name, "Rex Karz" is a pseudonym. The From: email address
is a spam trap. Messages sent to that address may cause the
sender's IP-address to be listed in one or more DNSBls.

m...@privacy.net

unread,
Feb 19, 2005, 7:04:57 PM2/19/05
to
Bulent Murtezaoglu <b...@acm.org> wrote in
news:87r7jcx...@p4.internal:


>
> I have read the rest of your posting, I understand your position. I
> also think your zeal might be getting the better of you.
>

It's simple. My servers, and the servers of my clients, are being attacked
daily by spammers that are being sheltered by MCI. Open proxies created by
virus and trojan attacks are being scanned for and found to deliver that
spam through theft of service, using software being sold over MCI's
network.

The ACM Code of Ethics dictates my response. I do not believe that Code of
Ethics to be overly zealous. This is where we get to find out whether ACM
stands behind its own Code or not.


Carl Byington

unread,
Feb 19, 2005, 7:29:53 PM2/19/05
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 20 Feb 2005 00:04:57 +0000, m wrote:

[snip]

> The ACM Code of Ethics dictates my response. I do not believe that Code
> of
> Ethics to be overly zealous. This is where we get to find out whether
> ACM
> stands behind its own Code or not.

The ACM itself have sent spam in the past. Back in the days of the MAPS
RBL, I submitted what I believed to be a valid nomination for some of the
ACM mail servers. They basically added 81K ACM members to a new mailing
list without any permission at all. And they seemed to be pleased with
the response to their spam run. So I don't believe that the ACM will have
any problems with Dr. Cerf helping (in any small or large way) the MCI
spammers and send-safe in particular. Granted, this was 5 years ago, but I
have seen no evidence of a change of policy on the part of the ACM.

<http://www.five-ten-sg.com/blackhole.php?ip=199.222.69.7>


- ---- acm response ----

Hello, and thank you for your message. First of all, I have instructed our
technical staff to look into and correct the problem of not pruning
undeliverable addresses. Please accept my apologies for that.

I understand your concern about spamming. Yes, ACM took a calculated risk
with this Technews service. We went ahead and sent this out to our 81,000
members. We did feel that the value this service provided was worth the
risk; this feeling was based on ACM member surveys and focus groups that
indicated an overwhelming need for broad-based news summaries in the
technical/business/management areas of information technology.

As of today, approximately 3,000 ACM members have unsubscribe,
approximately 90 messages have been received complaining about ACM adopting
an opt-out service rather than an opt-in, and approximately 500 messages
have been received consisting of various levels of praise.

So, while we feel this is a major success, we also respect and appreciate
the concerns you expressed.

Regards,


Mark Mandelbaum
ACM Director of Publications

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFCF9nDL6j7milTFsERAq1SAJ9EWoa09+8XFXX3oaWDhRc4NjUL6QCfeIlW
B0xHx9PATLTD54qaO/zXd5o=
=CSbP
-----END PGP SIGNATURE-----


David Cary Hart

unread,
Feb 19, 2005, 7:40:21 PM2/19/05
to
X wrote:
> Crossposted to news
>
> Bulent Murtezaoglu <b...@acm.org> wrote in
> news:877jl4z...@p4.internal:
>
>
>>>>>>>"X" == X <X> writes:
>>
>>[...]
>> X> The software in question is Send-Safe. It is designed to attack
>> X> Trojan infected computers and use them to send out millions of
>> X> unsolicited commercial emails. This is in violation of The
>> X> Federal Computer Fraud and Abuse Act sections 3, 4 and 5 at a
>> X> minimum.
>>

I'm not defending them but this is hyperbole. Send-Safe is NOT
illegal in any way nor is its sale in violation of any section of
the CFA. The user of the product bears legal responsibility to the
extent that there is any.

While I haven't read the Act is some time, IIRC it protects
financial institution and government computers from security
violations.

It's a good argument for keeping MCI in SPEWS hell but lacks any
civil or criminal enforcement teeth.

Use the appropriate RBLs and you won't receive any of the crap that
originates from MCI. Whack them at the firewall (which is what I do
with Savvis plus a TARPIT) if it makes you feel better. Life is way
too short and fragile.

--

Total Quality Management - A Commitment to Excellence
NOTE: Displayed address is a SPAM TRAP
Fight Spam: http://www.tqmcube.com/rbldnsd.htm
Daily Updates: http://www.tqmcube.com/spam_trap.htm

m...@privacy.net

unread,
Feb 19, 2005, 7:49:06 PM2/19/05
to
David Cary Hart <ExMa...@TQMcube.com> wrote in news:V%QRd.38439$uc.22724
@trnddc03:

> I'm not defending them but this is hyperbole. Send-Safe is NOT
> illegal in any way nor is its sale in violation of any section of
> the CFA. The user of the product bears legal responsibility to the
> extent that there is any.

I'm not sure what the CFA is, but Send-Safe sure violates Can-Spam.

Read this page carefully:

http://www.send-safe.com/scanner.php

Note especially "Send-Safe Proxy Scanner is shareware. Unregistered version
is fully functional, but it sends any proxy found or checked with it to
Send-Safe for our own use".

Finding and abusing open proxies is a direct, criminal violation of Can-
Spam.

David Cary Hart

unread,
Feb 19, 2005, 8:40:23 PM2/19/05
to
m...@privacy.net wrote:
> David Cary Hart <ExMa...@TQMcube.com> wrote in news:V%QRd.38439$uc.22724
> @trnddc03:
>
>
>>I'm not defending them but this is hyperbole. Send-Safe is NOT
>>illegal in any way nor is its sale in violation of any section of
>>the CFA. The user of the product bears legal responsibility to the
>>extent that there is any.
>
>
> I'm not sure what the CFA is, but Send-Safe sure violates Can-Spam.
>
> Read this page carefully:
>
> http://www.send-safe.com/scanner.php
>
> Note especially "Send-Safe Proxy Scanner is shareware. Unregistered version
> is fully functional, but it sends any proxy found or checked with it to
> Send-Safe for our own use".
>
> Finding and abusing open proxies is a direct, criminal violation of Can-
> Spam.
>
USING send-safe is different from compiling and selling it. The
product itself is perfectly legal. Just to be clear, I'm not
defending them, I just find that hyperbole does more harm than good.

Robert Braver

unread,
Feb 19, 2005, 9:54:14 PM2/19/05
to
On Sun, 20 Feb 2005 01:40:23 GMT, David Cary Hart
<ExMa...@TQMcube.com> wrote:

>USING send-safe is different from compiling and selling it. The
>product itself is perfectly legal. Just to be clear, I'm not
>defending them, I just find that hyperbole does more harm than good.

I respectfully disagree on this point. Under many state laws, it is
indeed a criminal offense. This excerpt from the Oklahjoma Fraudulent
Use of Electronic Mail statute became effective in 1999:

Title 15, Oklahoma Statutes, Sec. 776.1(E):

E. It shall be unlawful for any person to sell, give, or otherwise
distribute or possess with the intent to sell, give or distribute
software which:

1. Is primarily designed or produced for the purpose of facilitating
or enabling the falsification of electronic mail transmission
information or other routing information;

2. Has only limited commercially significant purpose or use other
than to facilitate or enable the falsification of electronic mail
transmission information or other routing information; or

3. Is marketed by that person or another acting in concert with that
person and with that person's knowledge for use in facilitating or
enabling the falsification of electronic mail transmission
information or other routing information.

A first offense is a misdemeanor punishable by a fine of up to $1K and
one year in jail; a second offense is a felony punishable by a fine of
up to $10K and 10 years in the state penitentiary. 15 O.S. งง
776.1(C), 761.1(E), and 762(B).

A number of other states have very similar if not identical language
in their fraudulent email statutes. (The Okla. state senate staff
attorney who worked on this legislation informed me that the
legislation was modeled after language that Microsoft shopped around
to the various states in the late 90s.)


--
Robert Braver
rbr...@ohww.norman.ok.us

spamme...@pandora.orbl.org

unread,
Feb 19, 2005, 11:20:20 PM2/19/05
to
David Cary Hart <ExMa...@TQMcube.com> wrote:

>m...@privacy.net wrote:
>> David Cary Hart <ExMa...@TQMcube.com> wrote in news:V%QRd.38439$uc.22724
>> @trnddc03:
>>
>>
>>>I'm not defending them but this is hyperbole. Send-Safe is NOT
>>>illegal in any way nor is its sale in violation of any section of
>>>the CFA. The user of the product bears legal responsibility to the
>>>extent that there is any.
>>
>>
>> I'm not sure what the CFA is, but Send-Safe sure violates Can-Spam.
>>
>> Read this page carefully:
>>
>> http://www.send-safe.com/scanner.php
>>
>> Note especially "Send-Safe Proxy Scanner is shareware. Unregistered version
>> is fully functional, but it sends any proxy found or checked with it to
>> Send-Safe for our own use".
>>
>> Finding and abusing open proxies is a direct, criminal violation of Can-
>> Spam.
>>
>USING send-safe is different from compiling and selling it. The
>product itself is perfectly legal. Just to be clear, I'm not
>defending them, I just find that hyperbole does more harm than good.

And I was beginning to think you had a clue.

Robert Moir

unread,
Feb 20, 2005, 4:43:28 AM2/20/05
to
Bulent Murtezaoglu wrote:

> NO. This is warped thinking. If I allow my dinner guests to say
> horrible things, does that mean I am defending the horrible things
> they say?

Yes. If I attended a dinner party and one guest made a racist remark, for
example, I would expect the host to call them on it. If the host didn't do
such a thing, I would assume their silence suggested a certain amount of
sympathy.


Robert Moir

unread,
Feb 20, 2005, 4:46:08 AM2/20/05
to
David Cary Hart wrote:

> USING send-safe is different from compiling and selling it. The
> product itself is perfectly legal. Just to be clear, I'm not
> defending them, I just find that hyperbole does more harm than good.

What a funny way to say "I stand corrected".


Jim Seymour

unread,
Feb 20, 2005, 6:24:26 AM2/20/05
to
In article <87vf8oy...@p4.internal>,

Bulent Murtezaoglu <b...@acm.org> writes:
>
>>>>>> "X" == X <X> writes:
[snip]

> X> He is defending it. It is available on the MCI network. Dr
> X> Cerf is sufficently senior in MCI that if he were truly anti
> X> spam, the send-safe software would not be for sale on MCI's
> X> network.
>
> NO. This is warped thinking. If I allow my dinner guests to say
> horrible things, does that mean I am defending the horrible things
> they say? You can question the company I keep, but the jump from
> 'allowing' to 'defending' is troublesome.
[snip]

There's a difference between merely associating with somebody that
says horrible things (tho I'm a strong believer in "you're known by
the company you keep") and aiding and abetting them in saying them.
An ISP that provides services to a spammer or other network-abuser is
clearly aiding and abetting. Furthermore: I would do one of two
things about a guest behaving in a manner I find unacceptable in my
home. I would either: 1. Never invite them again or 2. Ask them to
leave and possibly never invite them again. In fact, I once
suggested to a family member they reign-in one of their friends, or I
would ask them to leave, when I over-heard racist comments at a party
at our house.

--
Jim Seymour | "Some of the lies are so strange it
WARNING: The "From:" address is a | makes you wonder about the spammer's
spam trap. DON'T USE IT! Use: | sanity."
jsey...@LinxNet.com | - Ed Foster, "The Gripe Line" 6/24/02

Bulent Murtezaoglu

unread,
Feb 20, 2005, 8:55:15 AM2/20/05
to
>>>>> "JS" == Jim Seymour <ru...@LinxNet.com> writes:
[...]

>> NO. This is warped thinking. If I allow my dinner guests to
>> say horrible things, does that mean I am defending the horrible
>> things they say? You can question the company I keep, but the
>> jump from 'allowing' to 'defending' is troublesome.
JS> [snip]

JS> There's a difference between merely associating with somebody
JS> that says horrible things (tho I'm a strong believer in
JS> "you're known by the company you keep") and aiding and
JS> abetting them in saying them.

I'd be serving them dinner presumably and giving them a platform if
there are other guests. So aiding and abetting could probably be made
to fit by that reasoning. But let us go back to the jump from
allow to defend (which was what I responded to). If merely serving
dinner and not kicking them out is 'defending what they say' then what
would you call also being an active participant and saying 'the
<horrible things> being advocated by my guest are not that bad,
because of <blah>?' That is, if "selling spamware is not against our
terms of service" is 'defend'ing, what is "selling spamware is not that
bad"? I think that captures the background behind my offering that
example (you are reading this from nanae, I assume. I imagine it
looks like pointless hair splitting from there. Sorry about that, but
the thread started in comp.org.acm).

JS> An ISP that provides services
JS> to a spammer or other network-abuser is clearly aiding and
JS> abetting.

I understand this is the position behind the petition also. MCI and
Dr. Cerf, in defense of their lack of action, seem to be taking the
position that tool vendors don't violate their terms of service and
they won't pick and choose who they'll do business with based on the
content of their web site. Had the tool in question been something
like back orifice, would that position not get them at least the
benefit of a doubt?

JS> ... In fact, I once
JS> suggested to a family member they reign-in one of their
JS> friends, or I would ask them to leave, when I over-heard
JS> racist comments at a party at our house. [...]

This is an example another poster also used. It is cultural, I think.
Racist speech and and even non-violent racially-motivated choice are
seen as horrible enough in your culture (US, I am assuming) that I
understand there are laws that enable/(require?) businesses and even the
government to fire such individuals. All this looks somewhat odd from
the outside. Much like the European central bank's fear of
hyper-inflation and the US Fed's fear of recession are implicitly
there because of their respective histories, blurring the
speech/choice/action distiction in a society blessed with your bill of
rights seems palatable whereas the reaction is quite the opposite in
societies where much suffering was casued by the _lack_ of such
distinctions. Not that this has anything to do with spam, but I
should perhaps note that there'd probably be a crowd to crucify me in
the highly unlikely event that someone wants to give me an award in
the US because the google archive will reveal that it is possible that
I don't think certain kinds of speech are universally horrible.
(therefore I _must_ think that that speech is OK, therefore I _must_
be supporting what is being said, therefore I _must_ be doing it,
therefore I ought to be quartered). In any event, in your story
above, would you have turned into a defender of racism had you _not_
made the suggestion to your family member?

cheers,

BM

Bulent Murtezaoglu

unread,
Feb 20, 2005, 12:15:53 PM2/20/05
to
>>>>> "JS" == Jim Seymour <ru...@LinxNet.com> writes:
[...]

JS> How 'bout if your guest was out on your front lawn,
JS> using it for Hyde Park? How 'bout if your guest was regularly
JS> excusing himself from your affair to burgle your neighbours'
JS> homes?

But neither of these fit the 'defending the spammer' assertion, IMHO.
One can use the burglar idea though. Perhaps renting your property to
a locksmith that caters to burglars is a more appropriate analogy.
The issue is whether or not refusing to break the guy's lease to evict
him can be fairly construed as 'defense of burglary.' (let us assume
the law doesn't force landlords to, as it apparently has not. The OK
law someone kindly posted would make these tools illegal to sell, for
example. In which case the landlord would be out of the loop anyway.
I understand that in MCI's case, the lease is a sublet, but the
analogy works the same nonetheless.)

[...]


>> In any event, in your story above, would you have turned into a
>> defender of racism had you _not_ made the suggestion to your
>> family member?

JS> Certainly. Inaction by choice is a choice. [...]

Of course, but with all due respect, that doesn't address the issue.
The issue, it seems to me, is whether you have become a _defender_ of
racism by making that choice. If the answer is yes, then there's no
end to nasty things we are guilty of defending. I could have very
easily and perhaps wisely made the choice not to respond to the draft
petition when I saw it in comp.org.acm. Would that have made me
guilty of _defending_ mud slinging? (assume it is mud slinging for a
moment, humor me.)

cheers,

BM

Jim Seymour

unread,
Feb 20, 2005, 10:50:01 AM2/20/05
to
In article <87hdk7x...@p4.internal>,
Bulent Murtezaoglu <b...@acm.org> writes:
[snip]

>
> I'd be serving them dinner presumably and giving them a platform if
> there are other guests. So aiding and abetting could probably be made
> to fit by that reasoning.
[snip]

Presumably your guests would either tolerate it, or they'd leave.
How 'bout if your guest was out on your front lawn, using it for
Hyde Park? How 'bout if your guest was regularly excusing himself
from your affair to burgle your neighbours' homes?

>
> JS> An ISP that provides services
> JS> to a spammer or other network-abuser is clearly aiding and
> JS> abetting.
>
> I understand this is the position behind the petition also. MCI and
> Dr. Cerf, in defense of their lack of action, seem to be taking the
> position that tool vendors don't violate their terms of service and
> they won't pick and choose who they'll do business with based on the
> content of their web site. Had the tool in question been something
> like back orifice, would that position not get them at least the
> benefit of a doubt?

I understand the position and once held the very same position. In
fact, I'm pretty sure I still do.

>
> JS> ... In fact, I once
> JS> suggested to a family member they reign-in one of their
> JS> friends, or I would ask them to leave, when I over-heard
> JS> racist comments at a party at our house. [...]
>

[snip]


> In any event, in your story
> above, would you have turned into a defender of racism had you _not_
> made the suggestion to your family member?

Certainly. Inaction by choice is a choice.

--

David Cary Hart

unread,
Feb 20, 2005, 9:24:24 AM2/20/05
to
Robert Braver opined with great erudition:

>
> I respectfully disagree on this point. Under many state laws,
> it is
> indeed a criminal offense. This excerpt from the Oklahjoma
> Fraudulent Use of Electronic Mail statute became effective in
> 1999:
>

I stand corrected. Thanks.
--
Displayed Email Address is a Spam Trap
Fight Spam: http://www.tqmcube.com/rbldnsd.htm
Daily updates at: http://www.tqmcube.com/spam_trap.htm

Richard Johnson

unread,
Feb 20, 2005, 12:33:58 PM2/20/05
to
In article <87vf8oy...@p4.internal>,
Bulent Murtezaoglu <b...@acm.org> wrote:

> None of those seem to have happened. Quite on the contrary. There's
> simply an opinion with very questionable reasoning behind it that
> spamware vendors violate anti-spam laws and that carrying traffic that
> includes spamware is 'blatant support' for this illegal action.


You're incorrect. Selling dedicated spamware violates many if not most
US State anti-spam laws.

In addition, do not forget that send-safe author Ibragimov is very
likely an author of various versions of zombie-creating worms for MS
Windows, which compromise hosts to produce open proxies that can be
used by send-safe.

Also, note that the publishers use send-safe daily, even when it is in
the hands of others. The spamware assists in searches for and
optionally exploits additional open proxies, then sends the open proxy
data back to the send-safe spammer gang for their own uses. That
violates computer misuse laws of EU countries, as well as violating
even the limp youCANSPAM act in the USA.


Richard

--
To reply via email, make sure you don't enter the whirlpool on river left.

My mailbox. My property. My personal space. My rules. Deal with it.
http://www.river.com/users/share/cluetrain/

Robert Braver

unread,
Feb 20, 2005, 2:17:27 PM2/20/05
to
On Sun, 20 Feb 2005 19:15:53 +0200, Bulent Murtezaoglu <b...@acm.org>
wrote:

>But neither of these fit the 'defending the spammer' assertion, IMHO.
>One can use the burglar idea though. Perhaps renting your property to
>a locksmith that caters to burglars is a more appropriate analogy.
>The issue is whether or not refusing to break the guy's lease to evict
>him can be fairly construed as 'defense of burglary.' (let us assume
>the law doesn't force landlords to, as it apparently has not. The OK
>law someone kindly posted would make these tools illegal to sell, for
>example. In which case the landlord would be out of the loop anyway.
>I understand that in MCI's case, the lease is a sublet, but the
>analogy works the same nonetheless.)

Some more things to think about in terms of such analogies...

Check your state's landlord tenant act, and you'll see something like
this:

The tenant shall at all times during the tenancy:

[...]

8. Not engage in criminal activity that threatens the health, safety
right of peaceful enjoyment of the premises by other tenants or is a
danger to the premises, and not engage in any drug-related criminal
activity on or near the premises either personally or by any member of
the tenant's household or any guest or other person under the tenant's
control.

###

Also see various state and federal statutes relating to forfeitures of
items, vehicles, and even real property used in the commission of
certain crimes (e.g. drug related or felonies in general) as they
relate to the owner of the property if the owner has knowledge of such
unlawful use.

In a similar thread the issue of common carriers came up. The
limitation of liability of common carriers for illegal use of their
facilities is only to the extent that there is an absence of "a high
degree of involvement or actual notice of an illegal use and failure
to take steps to prevent such transmissions." (See Use of Common
Carriers, 2 FCC Rcd 2819, 2820 (1987) quoted in the FCC Memorandum
Opinion and Order implementing rules under the TCPA, 7 FCC Rcd. 8752,
71 Rad. Reg. 2d (1992) at para. 54).


The FCC pointed out in the report and order implementing the TCPA
rules (prohibition on transmission of junk faxes and unsolicited
prerecorded calls) that fax broadcasters and common carriers would not
ne held liable


--
Robert Braver
rbr...@ohww.norman.ok.us

Bulent Murtezaoglu

unread,
Feb 20, 2005, 2:29:17 PM2/20/05
to
>>>>> "RJ" == Richard Johnson <rn...@whirlpool.river.com> writes:
[me]

>> None of those seem to have happened. Quite on the contrary.
>> There's simply an opinion with very questionable reasoning
>> behind it that spamware vendors violate anti-spam laws and that
>> carrying traffic that includes spamware is 'blatant support'
>> for this illegal action.


RJ> You're incorrect. Selling dedicated spamware violates many if
RJ> not most US State anti-spam laws. [...]

Then my question is why this endevour to get rid of those vendors even
needs some MCI muckity mucks' (be it Dr. Cerf or someone else) action
through a sense of moral obligation. So I stand corrected but puzzled:
why the need for Dr. Cerf's intervention then? (The characterization of
the absence of which is costing all of us perhaps an hour each?)

cheers,

BM


Bulent Murtezaoglu

unread,
Feb 20, 2005, 2:47:23 PM2/20/05
to

>>>>> "RB" == Robert Braver <rbr...@ohww.norman.ok.us> writes:

RB> [...]

RB> 8. Not engage in criminal activity that threatens the health,
RB> safety right of peaceful enjoyment of the premises by other
RB> tenants or is a danger to the premises, and not engage in any
RB> drug-related criminal activity on or near the premises either
RB> personally or by any member of the tenant's household or any
RB> guest or other person under the tenant's control. [...]

I figured as much. I'd assumed when they said 'not in violation of the
terms of service' they meant 'this is not illegal, furthermore our terms
of service does not preclude this.' This is probably a well known topic
for the nanae crowd, it is not obvious to someone who just sees a
petition blaming someone of "blatantly supporting the violation
of numerous Federal and Sate laws." (Had this been an ordinary posting
I'd do my research before shooting my mouth off, BTW).

BM

Erik Warmelink

unread,
Feb 20, 2005, 10:02:38 PM2/20/05
to
In article <878y5jx...@p4.internal>,

In my opinion it would be enough if Dr. Cerf would *not* intervene in
the normal operation of the abuse desks.
I have heard "US headquarters don't allow us to disconnect" by abuse
desks of "borged" companies often enough to believe the support for
spammers is actively enforced.

--
er...@selwerd.nl

0 new messages