Suresh Ramasubramanian wrote:
> On Thu, Nov 04, 2004 at 11:06:48PM +0530, Ramanraj K wrote:
>
>>Nine years for sending spam !! That sounds far too harsh! I
wonder how
>>such complicated mischief is even possible, and it may be that the
>>system should take a fair share of the blame.
>>
>
>
> That spam was "girls with horses" type stuff (and no, I dont mean a
ladies
> gymkhana at the guindy race club),
Whatever happened to the poor horses? They must have bolted!
That sounds more serious than the spam. Just joking :)
> and it was sent through several hundred
> thousand hacked machines around the world.
Looks like a case of having shot one's bolt. Is the Internet & WWW still
largely beta? If "security" of machines depends on short strings that
could be guessed by others, it is a bit of joke to take that kind of
"security" for granted as foolproof, and blame and convict others for
guessing passwords. Imagine bank managers claiming: "Our bank walls and
safe vaults are made of straw! By law, it is an offence to touch the
straw! Our bank is highly secure". If infallible security is not yet
there, sysadmins or others need to inform users about their
inability to provide infallible security, and users may use the
available services at their own risk. In short, blaming sysadmins for
this [ok. giving credit too] would help; finding fault with users or
malicious crackers is useless and a very weak form of security.
Of course, even after we do get to the point of having infallible
security where cracking is impossible, other kinds of criminal acts may
still continue, for instance we will then come across cases
like what happens in routine bank robberies: "sysadmin held at gun
point, millions looted"
> That spammer (Gaven Stubberfield aka Jeremy Jaynes) was supposed to
have
> about 20 million dollars liquid assets in black money, that was
held in
> various offshore accounts, from running this illegal porn
operation and
> sending spam for it.
>
> So - spamming, cracking servers to spam, laundering money etc etc -
sure,
> worth 9 years.
Blocking sounds like a reasonable way to deal with spammers. If huge
money laundering is involved, surely that is a mild sentence, but
surprisingly, no confiscations or heavy fines seem to have been imposed.