The Hypocrisy Weblog

The Registry writes:

“Level 3, the supposedly secure back bone provider, has lost all services at its Braham Street data centre thanks to a robbery.

The company refused to speak to the Register this morning but many of its customers have been in touch.

According to Level 3 customers thieves got into the building on Braham Street, E1, and stole core router cards.

An email sent by Level 3 to its customers said only: “There was a security breach in our Braham St gateway early this morning. A number of service affecting cards were removed without authority from live equipment. This has resulted in the loss of IP and voice services to a number of customers at Braham St. We are currently attempting to restore service as quickly as possible. We will issue further updates as information becomes available.”

We were told no spokesperson was available or likely to be available.

Other technology companies hit by the downtime include easyspace.com.

The theft has raised fears that data centres and large IT departments in the City of London could be the target of an organised gang – last month Easynet’s centre on nearby Brick Lane suffered a similar robbery.

In other news BT Broadband suffered a major failure last night.

A spokesman for BT told the Reg: “About 100,000 BT Retail customers lost access late last night but normal service has now been restored. There was an authentication problem with our servers and it was not related to events at Level 3.”"

The above is a warning sign to all of you whom is looking for the cheapest deal possible. When you pay a little bit extra you not only pay for better network accessibility, but you also pay for physical security at the datacenter where your equipment is standing.

It is most unfortunate if thieves start to target datacenters, as this will bring the costs of hosting and co-location up, as well as it will bring uncertainty for us customers of these datacenters.

One of my sites, located at Easyspace, was down during a long night because of a said power-failure, though this article “Mystery surrounds Easynet ‘robbery’” and the attached customer letter really makes me wonder. I know that Easyspace and Easynet aren’t the same company(?), but I can’t help but put two and two together. Perhaps I’m conspiracy-minded, but it is a very fitting co-incident…

Perhaps the problems at Easyspace was linked to the issues with Easynet, I am not sure. But what is serious is that customers were in fact lied to regarding the status of their services. I can understand the “cover-up” from Easynet’s view point, but they will only lose in the long term by hiding the status of their organization’s services.

How many of you administrates your own server(s)? How many of you don’t but still receive on the magnitude of 10 to 1 more spam than real email in your inbox?

Matt Lake really puts down the grim reality into words in his chronicle.

One of the biggest problems is the outgoing spam which we as domain-owners can’t protect ourselves against: Spoofed from-addresses.

This quote says it all:

“Somebody out there, probably thousands of people, are getting messages for V-1-A=G-R-A and c1a-L:IS and embedded GIFs touting some penny stock that nobody’s heard of–all with my domain name all over the From field.”

The above can be handled on a pure technical level, as most of the error-responses can be filtered out automatically. What is worse however is the bad-will that these spoofed send-outs creates, whether these fake emails contains the spam mentioned above or viruses.

This is how it works, told through Matt Lake’s experience:

“Essentially, spoofing would mean that a spammer ran a piece of software that got hold of my domain name, possibly from its own spam lists, maybe from sniffing around in vulnerable e-mail servers from which e-mail came to me, or maybe from the central WHOIS database. The software then generated a mess of fake addresses with my domain on the end to masquerade as the sender’s addresses in the From and/or Reply To fields of their crass bulk e-mail. Then they sent out messages to unwitting strangers.”

Matt continues:

“I picked up the bounced-back messages only because I have a catchall account at my domain host. E-mail spoofing could happen to anybody with a domain (it could have happened to you), and most people never find out about it.

Unfortunately, if this spammer manages to annoy enough people, my domain may end up on a blacklist. Fortunately, because this kind of thing happens all the time, the blacklist compilers probably won’t punish me for what that spammer did, but they may. So I need to keep an eye out for any dropped messages to important clients and friends and comb the huge public list of blacklisted sites and hope for the best.

All told, my options aren’t terribly cheering.”

What is needed is an overhaul of the email-system, however there are many competing technologies and companies promoting these technologies plus that email shouldn’t lose it’s simplictic and genious usage.

A risk that is often forgotten when talking about which way is best to develop email to be less sensitive to UCE (Unsolicited Commercial Email = spam) is that less developed countries will be left behind (again) if the systems becomes too complex and / or expensive.

Another quote from Matt’s chronicle shows on another trap you as an administrator / provider can run into:

“So perhaps Verizon’s spam filter was doing exactly what it was supposed to do: removing objectionable unsolicited content from my mailbox. But of course, this does also mean that Verizon considers itself a spammer.”

Also note that there’s been a class action lawsuit against Verizon due to their spam-filtering methods. (Read about it here.)

It looks like we are stuck between a rock and a hard place…

The European Union has now put it’s foot down and denying Serbia membership if they fail to bring Bosnian Serb military leader Ratklo Mladic to the war crimes tribunal in The Hague. This is something valuable for the quality and internal bond of the European Union, making it a factor of justice in Europe.

However, these strict rules need to be applied to prospect countries such as Turkey – where over a half million kurds are being oppressed on a dialy basis by the Turkish regime.

(From The Guardian)

EU tells Serbia: no Mladic, no entry

Simon Jeffery and agencies
Wednesday May 3, 2006

The European Union today suspended membership talks with Serbia over its failure to deliver the Bosnian Serb military leader Ratklo Mladic to the war crimes tribunal in The Hague.

Mladic is the UN tribunal’s second most wanted war crimes suspect from the Yugoslav wars after Radovan Karadzic, the Bosnian Serb political leader. Both are charged in connection with the massacre of more than 7,000 Muslim men and boys at Srebenica.

Announcing the decision to suspend talks, the EU enlargement commissioner, Olli Rehn, said:”Serbia must show that nobody is above the law and that anybody indicted for serious crimes will face justice.”

The western Balkans are a key area for EU enlargement, with supporters of the process arguing that the 25-member bloc has a choice between promoting stability and living with a volatile collection of states on its borders.

The talks had been intended to conclude a stabilisation and association agreement with Serbia, the first step towards EU membership.

But Mr Rehn’s announcement, made after consulting the chief UN prosecutor, Carla Del Ponte, could further destabilise Serbia’s shaky, centre-left coalition. Vojislav Kostunica, the Serbian prime minister, is dependent for parliamentary support on nationalist hardliners who oppose Mladic’s extradition.

In a statement to the press, Mr Kostunica said Mladic was “hiding all alone” after a crackdown on his support network, and called on him to surrender.

He said his government had done “absolutely everything in its power” to capure Mladic and send him to The Hague.

Ms Del Ponte later accused Serbia of misleading UN prosecutors by telling them Mladic’s capture was imminent.

Because of his precarious position, Mr Kostunica was reported to have been trying to persuade Mladic to give himself up voluntarily.

His government faces a summer with plenty of potential for conflict with nationalists: Montenegro votes on dissolving its three-year union with Serbia on May 21, and the ethnic Albanian majority in Kosovo – officially a Serbian province – is seeking full independence in talks under way in Vienna.

The Serbian deputy prime minister, Miroljub Labus, said yesterday the suspension of membership talks would represent a serious defeat for liberal parties advocating closer cooperation with the EU. He predicted that it would have “serious repercussions” on the political situation in Serbia.

Slovenia is the only former Yugoslav republic that is a member of the EU, but Croatia and Macedonia have both signed stabilisation and association agreements with the bloc, which is due to expand to 27 members next year with the entry of Romania and Bulgaria.

Croatia’s membership talks were delayed over its failure to surrender General Ante Gotovina to the UN tribunal to face charges of war crimes and crimes against humanity.

The impasse was broken in October last year when EU national leaders decided to begin talks with Turkey, too. Gen Gotovina, the third most wanted suspect after Mladic, was arrested on the Spanish island of Tenerife the following December.

Tim Grieve writes:

“When Tom DeLay appeared on “Hardball” this week, he complained about the unfairness of the grand jury process that led to his indictment. “You know, grand juries, it’s all one-sided,” DeLay said. “It is all what [the prosecutor] presents to the grand jury, how he spins, how he presents it.” DeLay said that Travis County District Attorney Ronnie Earle has had him under a cloud for two years while “never talking to me, never talking to me, never asking me to testify.”

It’s a good story for someone who could use a little sympathy just now. It just happens not to be true. “

Read more here.

Justice has been served:

A former America Online software engineer was sentenced yesterday to a year and three months in prison for stealing 92 million screen names and e-mail addresses and selling them to spammers who sent out up to 7 billion unsolicited e-mail messages.

“I know I’ve done something very wrong,” a soft-spoken and teary Jason Smathers told U.S. District Judge Alvin Hellerstein.

Jason Smathers will be spending 15 months in jail and will pay $84,000 in liability to AOL. I find the sentence to be fair, even though it could be even more severe in order to set a legal precedent.

Speaking about AOL, this is from the Slashdot sea of comments:

America Online: A sucker born every minute…

According to a corporate press release dated June 16, 2000, America Online has surpassed the 23 million member mark. Founded in 1985, AOL has been a household name to novice computer users worldwide. Unfortunately, many of these novices don’t know that they’re only seeing a small portion of the Internet and are being limited by AOL’s proprietary and archaic interface.

Now, it’s fairly safe to make the assumption that at least a quarter of AOL’s 23 million customers are simply short-term users along for the free trial or jumping from service to service looking for the best deal. And, using that same line of thinking, roughly half of those 17.25 million remaining customers are probably smart enough to see AOL for what it really is and cancel their service in a desperate fit of fight or flight.

That leaves approximately 8.63 million customers that use AOL as their primary Internet Service Provider, give or take a random three quarter million people at any given time signing up or canceling. With this in mind, and approximately 7.88 million minutes in AOL’s 15 year history, this proves that a sucker really is born every minute.