This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Notice: Fradulent RIPE ASNs
- Previous message (by thread): [anti-abuse-wg] Attempting to provide some transparency to RIPE NCC abuse handling (was Notice: Fradulent RIPE ASNs)
- Next message (by thread): [anti-abuse-wg] Notice: Fradulent RIPE ASNs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Mon Jan 21 12:44:57 CET 2013
In message <20130121105243.04109468 at shane-desktop>, Shane Kerr <shane at time-travellers.org> wrote: >It does not seem to me that merely recording reclaimed resources is >really going to get to the heart of the transparency problem. Well, it would be a good start. Better than nothing. As should be apparent, now, to anyone who seriously investigates the report I made here recently, there are fraudsters on the Internet. (DUH!) And some of them have found, and clearly do find (present tense) that RiRs are enormously easy marks. Some might be inclined to rage against the various RiR staffs for this, but not me. I understand why hyper-vigilance against this sort of thing is probably not the best way for RiRs to spend their limited resources. (Nor is it particularly likely that they will.) Still, there ought to be some way to making this particular sort of crime ether less easy or else less attaractive. Assuming that the former is not really in the cards, I would suggest that more thought be put into the latter. I can't remember where anymore, but somewhere, a long time ago, I read something about crime & punishment that basically said that for crimes that are particularly easy to pull off, it can be easily seen that those specific types of crimes will run rampant _unless_ the punishment for those few who get caught is made extremely harsh... you know, so that anyone in their right mind would really have to think twice before trying it, even in the odds are only one in a hundred of ever actually getting caught. Based on various situations, past and present, that I have brought to light, in the ARIN region, and now in the RIPE region, although I mean no offense to any RiR staff member(s), I have to say that from where I am sitting it appears to me that defrauding an RiR sure looks like it is as easy as pie, _and_ that the probability of ever even getting caught is extremely small. The implications of those facts for any policy that seeks to deter such abuses is, in my mind at least, self evident. The punishment for this sort of hanky panky should be severe, and a head or two on pikes would go a long way towards reducing the likelihood of these events in the future. Public naming and shaming of any and all parties involved should be a part of that, in my opinion, and furthermore I think that a pro- vision which explicitly allows this should be written into all RIPE contracts from now on.... as in "If we catch you doing this, then no, you DON'T get to hide behind any confidentiality provisions within this contract that might otherwise apply." (This would be a good thing to add, going forward, but actually, depending on the wording of existing contracts, that might not even be necessary, i.e. in order for RIPE to be able to name and shame anybody who has an existing contract with RIPR NCC _today_, because any fraud on their part, or any failure... e.g. on the part of an LIR, to properly vet the lower level entities they dole out resources to... is, I would guess, a material breach of contract. And a breach of contract by the other party means, I think, that RIPE NCC is no longer legally obliged to hold up its end of the contract... specifically with respect to confidentiality of the other party.) With respect to this fraudulent scheme I outted the other day, it is possible that one or more LIRs were either behind it or at the very least were happy to collude with the real perps in order to make it possible... as long as they also go a cut of the profits to be made out of this scheme. (And make no mistake about it... spamming is _highly_ profitable.) Me personally? I would like to see the perps named and shamed, _and_ I'd also like to see any LIR that didn't do its job... to properly vet applications for reasources according to established guidelines... or that actively colluded with the real perps... named and shamed, publically, also. To me, this is the absolute least that both prudence and an ordinary sense of justice and fair play would demand. But if it were up to me, I would certainly go further... making criminal referrals, wherever possible and filing civil suits for breach of contract (and the con- cominant damage to RIPE NCC's reputation). Of course, in my ideal universe, one could achieve much the same ends, but much more efficiently, economically, and expediently simply by revoking a up-front performance bond that all parties contracting with RIPE NCC would be required to post before being allocated resources. (Having said that however, let me assure all that I _do_ understand that most probably a majority of all current RIPE members would howl at even the suggestion of what I just said, and that thus, it would never fly, politically, in practice. Nontheless, that doesn't mean it is a bad idea. RIPE has resources which it loans out to other parties to use for a time, and those resources can be damaged, or can be made off with fradulently. Don't they demand a credit card number from you before you drive off in a rental car?) >Perhaps something more like a couple of checkboxes on the complaint form >which say: > >[ ] I wish this complaint to be public. > [ ] I wish my name to be included in the public report. Color me flumoxed. I _thought_ that we were talking about the (unfortunate) confidentiality now being routinely and contractually provided to RIPE members... even, apparently, utterly fictitious and fradulent ones... who make off with resources, counter to current allocation policies, via fraud, deceit, or artifice. All of a sudden you seem to be worried about _my_ confi- dentiality, or lack thereof, or forfiture thereof. Allow me to be clear. I never asked for, nor ever expected that anything about my report... including but not limited to my name... would be held in any sort of confidence. Indeed quite the opposite. Ever since I found that big fat Romanian spam empire/cesspit I have been staying awake at nights, trying to figure out how to get news of it publicised and circulated even more widely than what I have so far been able to accomplish on my own. (And I _do_ hope that any reporting on this will mention my name somewhere, in a favorable light, as the guy who discovered this mess.) I suspect that most folks making reports to RIPE about abusive/deceptive violations of RIPE allocation policies, like me, will be only too happy to have the information they report... and their names... trumpted on every streetcorner. In short, your suggested checkboxes are, I think, utterly superfluous and unnecessary. >This way we could have an opt-in public archive of all abuse reports >that the RIPE NCC has received. See above. You have a solution in search of a problem. Has _any_ person who has _ever_ reported any kind of fraud or "abuse" to RIPE NCC _ever_ seriously desired _any_ anonymity and/or confidentialty in connection with any such report? I rather doubt it. The people who need to hide in the shadows are the abusers... not the public spirited samaritans who merely report their skulduggery. Speaking for myself, I can assure you that _I_ don't feel any need to hide. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] Attempting to provide some transparency to RIPE NCC abuse handling (was Notice: Fradulent RIPE ASNs)
- Next message (by thread): [anti-abuse-wg] Notice: Fradulent RIPE ASNs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]