A new resource for spotlighting organizations that are unwittingly
contributing to the global spam problem aims to shame junk email havens
into taking more aggressive security measures.
is a project launched by the Center for Research in
Electronic Commerce at the University of Texas at Austin. Its goal is
to identify and call attention to organizations with networks that have
been infiltrated by spammers.
Andrew Whinston, the center’s director, said the group initially
is focusing on health care providers that appear to be infected with
spam bots. “Nobody wants to do business with a bank or hospital or
Internet hosting company that has been hijacked by spammers,” Whinston
said. “It’s an environment in which user data can be stolen or
The rest of his writeup quotes me quite a bit, and everyone knows I’m quite shy,
go read his blog!
I applaud this effort, and hope that it gains traction. I remain convinced
that the Internet community would benefit from a more comprehensive and
centralized approach to measuring badness on the Web. There are many
existing efforts to measure reputation and to quantify badness online,
but most of those projects seek to enumerate very specific threats (such
spam or hacked Web sites) and measure the problem from a limited vantage
point. What is lacking is an organization that attempts to collate data
collected by these disparate efforts and to publish that information in
RIPE-NCC is the oldest of the Regional Internet Registries (RIRs),
and RIPE is the deliberately unorganized association of interested parties
that meets twice a year and holds discussions online in between.
It’s a mix of operations, research,
Topics range from obscure details of deploying IPv6 to organizational
proposals such as what I was talking about.
430 people attended the meeting in Rome, which was quite a few more
than the dozen or two of the first RIPE meeting I went to many years ago.
Interesting questions were asked.
I may blog some of them.