Criminals, The Network, and You [Was: Something Else]

michael.dillon at bt.com michael.dillon at bt.com
Wed Sep 19 09:33:29 UTC 2007


> Instead of they suck, it might be more useful to highlight 
> providers of similar scale which you think do a good job 
> which others could emulate.

How about some smarter statistics. Instead of counting the spam emails
from Network X, count the spam sources and divide that by the number of
end user customers (or hosts) in Network X. By doing this you get a
clearer picture of who is cleaning their house, and who is letting it
slide.

Think of a messy house. You say that there were 8 dirty plates in the
living room, on the floor, the sofa the coffee table. Horrible, right?
Not if there are 8 people living in the house. In that case it
represents one evening of laziness, going to bed without cleaning up
first. But if only one person lives in the house and there are no
guests, then the 8 dirty plates represent a big mess.

Whenever you scale up anything, small nits also grow in absolute
magnitude. The small scale operator who ignores the nits is following
the same practices as the large scale operator who ignores the nits. If
there are lots of nits, I want to know if the large scale operator
should be criticised for not adjusting their processes to deal with
scaling up, or whether somebody really is being incompetent. There are
different remedies to the two situations. Scaling issues can be solved
by paying attention, education, installing tools/products/services. But
incompetence generally requires replacing people, especially management
who allow the incompetence to thrive.

> Unlesss accept all those messages from those addresses and 
> check them, you really don't know the false positive rate.  
> You only know the self-reported complaint rate; which is 
> usually a fraction of the actual false positive rate.

Yes. It is tempting to take numbers at their face value, but I find that
whenever somebody has an axe to grind, their numbers are based on flawed
reasoning or measuring the wrong things.

--Michael Dillon



More information about the NANOG mailing list