On Sun, Nov 06, 2005 at 05:50:18AM -0800, Jimmy Wales wrote: > I know I must sound like a broken record, but I believe that at least > some people here are still simply not listening. People who use RBLs > for hard blocking services generally find the strategy to work quite > well. They are not out of their fucking minds, they are using a > practical approach to a practical problem and they are being > successful. > And you know what? I'm not out of my fucking mind. I would not argue that you are crazy for using RBLs, but consider the tradeoffs carefully. Conflating routing information with identity means false positives, and adding another trust dependency in administrative decisions creates risk. Granted, SORBS is a particularly threatening RBL: its motivation is largely sociopolitical in nature, and it uses a number of inappropriate techniques for deriving the composition of its list. However, theoretically speaking it is not possible for you to know whether your RBL is malicious without going through the effort of maintaining such a list yourself, i.e. the process of list verification is not easier than the process of list creation. > People with this attitude virtually ensure that Tor will never be > successful and doom any movement towards privacy on the Internet to > failure. No, people with the attitude that RBLs are dangerous are right in thinking so. Effectively blackholing traffic based upon network or transport layer characteristics threatens the end-to-end character of the Internet, even if the filtering occurs on the end hosts. Putting someone else in charge of these decisions is little different than allowing an upstream ISP to block content on your behalf. Sure, there are arguments for how this can be useful, but in my opinion the dangers to society outweigh the benefits. Perhaps this is a Tragedy of the Commons, but I think that it is one that deserves more thought than "RBLs are good because they reduce the amount of spam I see." Geoff
Attachment:
signature.asc
Description: Digital signature