[NCAP-Discuss] why enhanced controlled interruption - not legal
Danny McPherson
danny at tcb.net
Fri Feb 25 19:14:30 UTC 2022
On 2022-02-25 13:22, Rubens Kuhl via NCAP-Discuss wrote:
> Matt,
>
> Those ways can be summarized in the famous Sledgehammer catch phrase:
> "Trust me, I know what I am doing".
> When you say other operators, my organization happens to run one such
> honeypot network of SMTP listeners. But we don't keep sending e-mail
> to people so they hit our honeypots back, the only ones that get there
> are those looking for open relays.
>
> You might consult with the author of the Verisign comment that called
> such mechanism controlled exfiltration, because I agree with him or
> her.
>
> Rubens
I suppose the author of those comments would also say that ignoring the
plausibility of said exfiltration _until someone has made money off the
domain sale (i.e., TLD delegated, traffic analyzed, domain registered,
registrant does whatever they want, etc..) might well be convenient, but
I'm not sure it's what responsible or good looks like.
I'm not going to redebate these things again here, we can agree to
disagree...
-danny
More information about the NCAP-Discuss
mailing list