Firewall or Proxey server protection?

[Jay T. Blocksom]

On Fri, 5 Sep 2003 22:19:42 -0500, in <alt.privacy.spyware>, "Doug"
<DeliverSpam@Landfill.Com> wrote:
>
> Will a Firewall or Proxy server protect against these spy programs?
[snip]

Not if you do something silly to obviate them, they won't.

> I'm
> guessing they won't because having to lower your browser security
> settings to allow cookies and sometimes activeX controls to access a
> particular website would leave you vulnerable.
[snip]

This is a perfect example of what I was just talking about. Are you
familiar with the old joke about the man who goes to the Doctor:

Man: "Doctor, Doctor, it hurts when I hold my arm like this!"
Doctor: "Then don't hold your arm like that."

Get the point?

> For instance, my own ip requires i have
> cookies turned on to access my account.
[snip]

Say what? That sentence doesn't even make any sense.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[mto]

"Jay T. Blocksom" <usenet01+SPAMBLOCK@appropriate-tech.net> wrote in message
news9l0mvgkd79a38uaievo5eq132aurrqpc7@news.rcn.com...
<SNIP>
> > For instance, my own ip requires i have
> > cookies turned on to access my account.
> [snip]
>
> Say what? That sentence doesn't even make any sense.

Sure it does - lots of ISPs (AOL, NetZero, bunch of others) make you read
your email through their particular browser or their web interface. No
cookies = no email. PITA and good grounds for a new ISP as far as I'm
concerned, but many of the ISPs have strongly promoted the idea that you
need a PhD to set up a dial up connection without their own special software
and lots of people buy into that.

[Jay T. Blocksom]

On Thu, 11 Sep 2003 11:20:02 -0400, in <alt.privacy.spyware>, "mto"
<nobody@dontsendmeanyspam.thanks> wrote:
>
> "Jay T. Blocksom" <usenet01+SPAMBLOCK@appropriate-tech.net> wrote in
> message news9l0mvgkd79a38uaievo5eq132aurrqpc7@news.rcn.com...
> <SNIP>
> > > For instance, my own ip requires i have
> > > cookies turned on to access my account.
> > [snip]
> >
> > Say what? That sentence doesn't even make any sense.
>
> Sure it does - lots of ISPs (AOL, NetZero, bunch of others) make you read
> your email through their particular browser or their web interface.
[snip]

Well first, he said "IP", not "ISP". Now granted, his statement does make a
bit more sense if we assume that was a typo; but that still leaves open the
question of the claim's veracity... And no "real" ISP could possibly even
implement such a requirement, since "access my account" does not even imply
the use of ANY "browser" (especially in the context of E-Mail!) let alone a
proprietary one.

Now, to engage in some even wilder speculation, *IF* what you're talking
about isn't really an ISP, but rather an OSP such as AOL, CompuServe, etc.,
who do not (necessarily) follow established interoperability standards, then
all bets are off -- but that would be a special case, and it doesn't seem to
apply to the OP anyway:

--> From: "Doug" <DeliverSpam@Landfill.Com>
--> Newsgroups: alt.privacy.spyware
--> Subject: Firewall or Proxey server protection?
--> Date: Fri, 5 Sep 2003 22:19:42 -0500
--> Message-ID: <pAGdnek_mt7_z8SiXTWJkw@gbronline.com>
--> NNTP-Posting-Host: 69.9.66.118
^^^^^^^^^^^
|
Note ------------------------+

OrgName: Great Barrier Reef, Inc.
OrgID: GBRI
Address: PO Box 1177
City: Joplin
StateProv: MO
PostalCode: 64802
Country: US

NetRange: 69.9.64.0 - 69.9.111.255
CIDR: 69.9.64.0/19, 69.9.96.0/20
NetName: GBRONLINE001
NetHandle: NET-69-9-64-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
NameServer: DNS01.GBRONLINE.COM
NameServer: DNS02.GBRONLINE.COM
Comment:
RegDate: 2002-11-27
Updated: 2003-07-18

OrgAbuseHandle: GBRAB-ARIN
OrgAbuseName: GBRABUSE
OrgAbusePhone: +1-417-659-8991
OrgAbuseEmail: abuse@gbronline.com

OrgTechHandle: IPADM87-ARIN
OrgTechName: IP Administrator
OrgTechPhone: +1-417-659-8991
OrgTechEmail: ipadmin@gbronline.com

# ARIN WHOIS database, last updated 2003-09-26 19:15

Looks like a standard-issue (small, local) ISP to me.

> No cookies = no email.
[snip]

This simply isn't true -- nor CAN it be. At least most mail clients don't
even support "cookies", which are exclusively an HTTP artifact. HTTP is
*not* a mail protocol. This is not to say that mail systems cannot have
web-based auxillary interfaces; but that's beside the point. If whatever
"messaging system" a given person is using *requires* a web browser, let
alone "cookies", then it's not even Internet E-Mail, by definition.

> PITA and good grounds for a new ISP as far as I'm
> concerned, but many of the ISPs have strongly promoted the idea that you
> need a PhD to set up a dial up connection without their own special
> software and lots of people buy into that.

That is a different issue entirely, and not really related to the topic at
hand.

--

Jay T. Blocksom
--------------------------------
Appropriate Technology, Inc.
usenet01[at]appropriate-tech.net


"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: E-Mail address in "From:" line is INVALID! Remove +SPAMBLOCK to mail.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Unsolicited advertising sent to this E-Mail address is expressly prohibited
under USC Title 47, Section 227. Violators are subject to charge of up to
$1,500 per incident or treble actual costs, whichever is greater.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -