Dear RIPE: Please don't encourage phishing

Jay Ashworth jra at
Fri Feb 10 18:59:36 UTC 2012

---- Original Message -----
> From: "William Herrin" <bill at>

> And if we could just train people to never send or accept email
> attachments, we could get rid of email-spread viruses. Not gonna
> happen -- the functionality is too useful.
> Security isn't just about what you can train someone to do... it's
> also about what you can convince them to do when you're not standing
> behind them watching -- the instructions that they're willing to
> internalize. You can't convince people never to click links in an
> email. It's too useful.

I did admit that it was throwing the baby out with the bathwater.

Being able to drive across someone's golf course to get to work is
convenient for me as well, but I'm still forbidden to do it.  This is a
tragedy of the commons problem -- since the biggest target for zombies
on PCs is probably spambots ...

> You might, however, be able to convince the average person that if a
> link they clicked from an email asks for a password or asks for any
> personal information then the message was probably from an
> impersonator trying to steal the user's identity and they should
> report it immediately lest they be victimized.

Yup.  Just like Steve just did in the posting that started this.

Y'know: the thing that only looked like a phish.

-- jr 'and don't even get me started on e-cards' a
Jay R. Ashworth                  Baylink                       jra at
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates         2000 Land Rover DII
St Petersburg FL USA             +1 727 647 1274

More information about the NANOG mailing list