On Tue, 22 Jun 2004, perdurabo wrote: > While I agree to a large extent, I think there's something to be said > for large corporate ISPs with too many users, too many policies, too > many eyes, and too much work to make "privacy violation" ventures > feasible/desirable. I'd wager that it affords more than "precious > little obscurity. But who knows, that's all theoretical, for all we > know, Comcast is an NSA front.
I wouldn't take that wager. A large ISP isn't inherently disorderly but a disorderly one can make privacy transgressions more accessible and oversight more difficult. To an attacker lots of users may mean more data to steal. Too many policies, especially conflicting, may grant a legitimate and legal cover for misdeeds. Many eyes don't mean squat if they're all looking elsewhere - hey there's a box of Krispy Kreme in the lounge! And how much work is it to cobble up a maildir snarfer that intercepts, say, the risque phone-camera pictures Bob is sending to Alice? Rawr. How about looking for all the mail to and from ml.com with an eye toward the blue chip action? Bling! Put another way, what makes you think your traffic isn't interesting to unethical admins in any environment? (They are mercifully rare because the competent shun them and the best put stakes through their hearts.) > Nice domain name, do much crypto coding? Are you local? Thank you. A little. Physically local to Eugene, yes. -po _______________________________________________ EUGLUG mailing list [EMAIL PROTECTED] http://www.euglug.org/mailman/listinfo/euglug
