JUser: :_load: Unable to load user with ID: 63
Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Tuesday, 25 October 2005 19:40

Beware of self-appointed guardians of Cyberspace

"Someone must have been telling lies about Josef K., he knew he had done nothing wrong but, one morning, he was arrested."

Thus begins Franz Kafka's 'The Trial'. Josef K is given no reason for his 'arrest' and is even allowed to continue with his life as normal. Nevertheless, he feels compelled to determine the nature of the charges against him and to prove his innocence. His quest leads him into an impenetrable bureaucratic labyrinth and his quest proves fruitless. But the seriousness of his 'crime' becomes all too evident when the sentence is one day carried out as arbitrarily and anonymously as the arrest'. Two men arrive on his doorstep, take him away: and knife him to death.

Cyberspace would have appealed to Kafka's vision of unseen, arbitrary and implacable forces sheltering behind inscrutable bureaucracies. They are out there: policing the Net for suspicious behaviour. They define the 'crime'. They determine guilt or innocence. The ISPs who use their services carry out the sentence.

The first you know about it is that your email is not getting through. First you have to find out why: your ISP is querying a database of some organisation that has decided you are spamming. Then you have to 'prove' your innocence.

Nobody vets these guardians of the net. They set their own rules. They are answerable to no one but their customers. And they do a very good job, most of the time, or they would not stay in business. But woe-betide the unfortunate citizen of cyberspace who through some glitch in one of their systems is incorrectly fingered as a cyber-pariah.

Take Trend Micro's 'Network Reputation Services" launched in July this year and based on IP filtering and 'reputation' services provided by Kelkea, a company recently acquired by Trend Micro.

This service is enabled by the Trend Micro Threat Prevention Network, which monitors the Internet and rates the 'reputation' of IP addresses based on whether or not  it thinks they are sending spam. This information is "stored in an extensive reputation database that Trend Micro believes to be the largest of its kind in the industry".

According to Trend Micro's press release there are two avenues by which an IP address is determined to be a source of spam:
- Trend Micro RBL+ Service: This service involves checking lists of suspect IP addresses from four databases - an open-relay list, open proxy list, a real-time black-hole list, and a dial-up user list.
 - Trend Micro Network Anti-Spam Service (NAS). "This advanced service consists of a dynamic list that queries a database focused on dynamic behavioural monitoring of suspect zombie PCs."

Now Trend Micro does not actually block any messages: ISPs can subscribe to its service, get the list of suspect addresses and block them. It all sounds wonderful, and so it would be if was 100 percent reliable, but of course it isn't. Nothing ever is.

If you send email from a fixed IP address, and that address gets fingered by Trend Micro then you won't be able to send emails to anyone on a domain served by an ISP that uses Trend Micro's Reputation Services. One of those ISPs is Telstra BigPond which make you incommunicado with an awful lot of Internet users in Australia.

This happened to a friend of mine: he could not communicate even with the other directors of his company!

Not surprisingly it took him sometime to figure out why, and he was then able to go the Trend Micro web site and remove his IP address from the black list. But not for long. Soon it was back on. Again he removed it. Again it was black-listed. And he could no longer remove it.

The website had a helpful explanation: "The QIL database is highly dynamic; IP addresses are added as soon we observe them to be involved in the sending of spam. This database is continuously being updated with IP addresses being added and removed as their behaviour warrants. Decisions to add or remove an IP are based a combination of history and current spamming activity.... You may, of course, request removal of the address from the QIL database, but be aware that it may be placed back on the database if additional spam is sent. To prevent abuse we limit the number of removal requests in a given period."

He, unfortunately reached this limit, but was not sending spam, indeed was not sending any email. Nor was his computer infected with a nasty that was doing the sending unbeknownst to him. He checked. There was nothing going out.

Now, here is where it starts to get Kafkaesque as he ran into Trend Micros' implacable and impenetrable Cyberspace bureaucracy. It shelters behind email addresses with auto replies and is determined at all costs to not to present any avenue for expeditious intervention. Presumably it has such confidence in its technology  that it cannot imagine any such channel being necessary.

In fact over the space of three days not one of these 'official' channels produced any response. What did work was a journalist's 'inside information'. I gave him the details of Trend Micro Australia's public relations agency. He called them, within a few hours a Trend Micro employee called him and promised the problem would be fixed by that afternoon, and fixed it was.

But he's still hopping mad and demanding recompense: for the time and energy he had to put into this, and for the damage to his company's reputation.

The one small consolation is that no organisation exists entirely in cyberspace: it has corporate entities incorporated under the laws of various countries. Trend Micro is in Australia so could be sued under Australian law. But on what charge?

He might be better off tackling BigPond, which did the actual blocking, but doubtless somewhere in its fine print will be a clause saying that it does not guarantee delivery of any email message.

Bottom line: companies like Trend Micro should recognise that if they are successful they bear a responsibility to do their best endeavours to get it right and to provide a channel through which those they inadvertently wrong can obtain immediate and effective remedial action.

And how did all this happen? He still does not know, although an explanation was promised. Nor have my requests to discuss the issue with Trend Micro met with any response.

Subscribe to Newsletter here

WEBINAR INVITE: Exploring Emerging Strategies for 5G Monetization

Network Operators continue to invest in 5G and build out their infrastructure.

With the recent impact of world events, the pressure is on to explore additional ways beyond traditional subscription models to monetize existing investments and speed up returns.

Creative thinking is key in this space, and in this webinar, you will learn about innovative ideas for Network Operators and Enterprise Business to enable new services and opportunities to drive incremental revenue.

Join us for this thought-provoking webinar with ITR Analyst, Marc Einstein, where you will learn about:

- Key industry 5G trends
- How COVID-19 is driving innovation and potential new business opportunities and applications for 5G

Click below to register your interest for the AUGUST 26, 4PM WEBINAR (AEST)



It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.







Guest Opinion

Guest Interviews

Guest Reviews


Guest Research & Case Studies

Channel News