Here’s a thought.

If we applied the same ferocity the media industry has applied to fighting piracy, to fighting spam instead, how much better would our internet be?

If we were to make a list of every IP address of an SMTP server or rogue machine filling our inbox with spam, or of a machine probing and brute-forcing for SSH access to our systems, or attempting to exploit vulnerabilites in our HTTP servers, FTP servers, SMB servers, you name it.

And then we would go and send abuse mail to providers of every single one of them. With logs. Detailed. And thorough inquiries after the perpetrator’s identity.

And we would go all the way to take legal action against these basement crawlers or their shady providers.

Point is…

We take an awful lot of this crap as just an everyday chore for our systems to deal with, and put all of our services in virtual bunkers to prevent anything bad from happening because of it. Which is good sysadmin practice, of course, but…

Then there’s nobody putting these guys on the stand for what they are doing. And it piles up. This often isn’t even that far from our doorstep. Most of the attacks on the systems I manage are from elsewhere in continental Europe.

And furthermore, these things or not legally grey, like some of the things the media industry is pursuing. But pitch black, as far as I know.

So why does it take such incredible effort to get back at these people?