Who gets to say whether a mail server belongs in the white-list registry?
conversation point - we all know blacklists are pretty useless but if "the internet" was to adopt a white list policy, what level should it be at? I would certainly say schools and public bodies should have a strict whitelist - with good enough organisation that new entries can be ratified very quickly.
ISP level is perhaps a bit much, you're general user is not going to like a whitelist that is never going to keep up with a changing internet. However, i could see the attraction of a whitelist policy for mail servers - you have to register domain names so why not something that is rarely EVER at a user level - mail servers....
comments...
Who gets to say whether a mail server belongs in the white-list registry?
Let your mind go and your body will follow. – Steve Martin, LA Story
the governing body that doesnt exist yet
I am not sure we all know blacklists are pretty useless, or even that we all believe it.
The part of your quote that I have emboldened is a big sticking point in how well such an approach would work, in particular
* dealing with foregin language sites
* dealing with sites that are fundamentally OK for a whitelist but may contain some objectionable content (and who gets to define that) e.g image sites such as Flickr, Google Images
Last edited by ducasi; 13th-August-2007 at 02:06 PM. Reason: italics don't show in quotes
Really ? Surely if a list is incomplete the moment its published and is always firefighting to stay ahead - its really not that useful overall.
Indeed, it could be really hard work, but the end result is probably worth it.The part of your quote that I have emboldened is a big sticking point in how well such an approach would work, in particular
There will be a requirement for more than one whitelist, and probably "levels" of white list - ie. grades of 10 (extremely offensive, porn etc..) to 1 (safe for 4 year olds). A huge simplification of course, but you get the idea. Public Content management sites .e.g. sites that host the publics own uploads like flickr would be part of some "discretionary white list" and in the future, I would foresee them adopting a similar model for content themselves - e.g. Instead of hunting for bad clips (a never ending blacklist job) - flickr would mark content as "safe" - so the address safecontent.flickr.com for example would be one on the whitelist. Its doable - wikipedia manages this level of content management NOW. Inevitably some content will not make it to "safe" for some time if its fairly obscure, but if no one looks for it, it doesnt matter. I imagine the whole thing would snowball and trusted "taggers" of safe content and original uploaders will be fast tracked. So that a biologists insect videos appear "safe" right away.* dealing with foregin language sites
* dealing with sites that are fundamentally OK for a whitelist but may contain some objectionable content (and who gets to define that) e.g image sites such as Flickr, Google Images
Of course none of tis would affect users at home - in the privacy of your own home you would use whatever lists you want. But in my case, Ill be using my own whitelist when my children are old enough to use the internet if there isnt anything concrete by then.
As I said - this is a conversation point - i'm just thinking out loud so to speak
For Nursery to Secondary education in Scotland we already have a government quango - I work for it! Learning and Teaching Scotland
We are told to hit the delete button if we find a link that has gone bad, but we are actively trying to promote the use Flicker Bebo etc - there are members of our technologies team promoting the active education of learners of how to use these tools effectively and safely so as to avoid the security and personal safety problems.
We are also developing a personalisation tool so that everyone in education (from Nursery kids to Authority Development officers (within Scotland) can actively upload, download and share ideas, use IM, videoconferencing, messageboards etc etc - within a secure, safe and individually personalised space with one password... - Sound impossible?? We are nearly live Glow programme - subset of previous URL
Scotland is the only country in the world to attempt this - never mind get as far as we have already..
Oh and we are included as part of the taxes - no need to pay extra for us
Sorry Promotion / Rant over.
Whitetiger
Last edited by whitetiger1518; 13th-August-2007 at 02:38 PM.
I would imagine it would be very easy. Look at how wikipedia manages. This would be a worthwhile public service with funded sections from public bodies for school lists etc..and support from private bodies. If it cleans up the internet and creates opportunities for the honest..whose going to object...the bad guys is all
you say who you are , you can prove it and you use it honestly.How do they decide that the mail server I run on my server at home is more worthy than the one run remotely by a spammer on my neighbour's?
not the same argument. In your example, the scientific paper would be appearing on a site already on a whitelist. And by "out of date" i mean information on locations, not information itself, for example, a child porn site is created on a new domain that wasn't on your blacklist - it could be avaiable to primary school kids for a whole day before the next list update. Is that good enough ?
When we were setting Glow up we had governing / education groups being shown around us from all over the world...
We (and our predecessors) are quite well known within the Education sector.
Now especially with RSS feeds and several of our more high profile members blogging, those that need to know are in the know
Whitetiger
aah but the idea is a good one - so really the whole internet needs to know - especially parents 95%* of which allow their children to have internet access without knowing the difference between a black list and a white list
*made up figure used to bias toward the point im making
the chinese don't count - you're not famous there
Whitelists are only the inverse of blacklists, the same problems of authentication apply but they are made worse by "somebody" having to "authorise" something. Whitelists are worse than blanklists IMHO, the cure is worse than the disease! Don't get me started on graylists...
Your original premise is wrong, blacklists DO work, the most effective one of which is the DUL - if you're trying to send me mail directly without using a smarthost relay then you will be ignored (well over 50% of all spam comes from zombies with small SMTP engines). Another very effective method is xenophobic filters, I routinely block anything from the far east with huge IP filters.
The very last thing we need is some nanny "you're not allowed to send email" body
There are currently 1 users browsing this thread. (0 members and 1 guests)
Bookmarks