I don't know if I would want to contribute tio something like this. I
mean this seems like a job for depth psychologists not technical people.
Remember no matter how noble a cause is in theory providing tools for
opression is not a good idea. What you want to do is create unremovable
spyware. I can't see it as an good.
This will get may off topic. But much of the whole addiction to
pornography stuff is convincing people something is a problem that
probably isn't. There will be always be people like the crazy lady who
got sick because she drank most of her calories as tomatoe juice. Do I
want to help someone make a shopping card to stop the 1:1,000,000,000
people like her ... the answer is no. If you browbeat people enough you
can convince them that somehow curious behaior is evil. But that doesn't
make it so.
I'll shut up now....
I'd rather talk about technical stuff and not opressing humans
or providing tools to do so.
Have Fun,
Sends Steve
Matt Marooney wrote:
Exactly, thank you Randall. I appreciate your feedback, I'll check into
your suggestions further.
I like the way you put, "this is targeted at adults who are trying to
curb their own behavior". Seems like this list needs more people like
that! ;)
-- Matt
-----Original Message-----
From: Randall Perry [mailto:lists@domain-logic.com]
Sent: Thursday, March 03, 2005 4:17 PM
To: full-disclosure@lists.netsys.com
Cc: Matt Marooney
Subject: RE: [Full-Disclosure] Bios programming...
The program in question is quite legitimate in nature and already exists
in several forms.
In some instances, it sends the data to 'accountability partners' who
are your chosen peers that monitor your activity.
Think of it as AA for online porn. Online porn has become a real
problem for males age 12 to early 40's. Properly implemented, solutions
to combat porn are good business. (mind you, this is not 'spyware' for
parents. this is targeted at adults who are trying to curb their own
behavior).
Those who are not aware of that epidemic should sit quietly and not
scoff at the efforts of others.
As for the function of BIOS, that is the wrong road to go down.
If you are looking for checking if services are disabled, then have a
bot call home every so often (much like DirectTV PPV).
Any 'net activity could be logged in a seperate file and compared to the
monitor's activity report (to determine if it was active or not). It
would purge every 2-3 days to the online site. If you do not have an
update in 2-3 weeks, then send out an email reminder.
To monitor IP activity, you might want to insert into the tcp/ip stack
through LSP layers (only for Windows boxes).
This lower level monitoring is harder to disable (but not impossible).
In this scenario you could either choose to redirect/block sites
(through blacklists or other)
-or-
Just log activity, don't block anything and lean towards the
'accountability' side.
Good luck with the project,
it sounds noble at root.
RP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
