[anti-abuse-wg] (no subject)

On Thu, 11 Aug 2016 05:15:50 -0700
"Ronald F. Guilmette" <rfg at tristatelogic.com> wrote:
> andre at ox.co.za wrote:
> >1. When we find crime, child porn, credit card scams, etc on
> >networks, we should immediately report it to the Police in the
> >jurisdiction where the data is.
> 
> The above is delusional on so many levels I'm not sure even where to
> begin.
> 
Your ad hominem statement makes whatever you say less trustworthy, I do
the same, so does Suresh, so I guess I can hardly point fingers, I have
also called people delusional, mental, nuts or bofh  - it helps to
break the sheep down and makes wolves angry that they type silly
things :)

Of course, I am not delusional, I may be wrong, I may be mistaken, mis-informed,
stupid or even ignorant but to tell me that I am delusional is obviously and patently untrue...

This already detracts from anything valid that you may (or may not) say
later on in your reply...

> In the first place, who exactly is this royal "we"?
> 
We as in us the people, I believe that we already discussed that, as in
we, the people on this mailing list :)

including the Queen, actually including all Queens, even Freddy 
if they are in reading distance of this list :)

> In the second place, what exactly is the "jurisdiction where the data
> is" for 82.221.130.101?  Is that Belize?  Is that Iceland?  Is that
> Russia? Do you know?  Does RIPE NCC know?  If you are claiming that
> you know, then please do enlighten us... or at least me... as to
> exactly HOW you know the actual jurisdiction is in this case.
> 
Well it could be anywhere right now - but it will be somewhere at that
point in time when someone needs to apply for a search warrant.

> Thirdly, weren't you the same fellow who was just arguing a few
> messages back that "crime" only exists in relation to a specific
> jurisdiction anyway?  maybe the *real* jurisdiction of 82.221.130.101
> is the Principality of Sealand, where there are no laws prohibiting
> the buying and selling of other people's credit card numbers.  So
> what "should" we do then?
> 
legally? - nothing. If the society and people of whatever sovereign
country wants to do whatever they want - this is their business and not
mine. (I am not an American, maybe if I become an American I will have
to start kicking butt and taking names all over the planet, I guess
you will have to train me then... :) in Africa we like to believe in
the goodness of humanity, to truly appreciate that people are generally
evil pathetic selfish shitty little creatures is not in our concept of
Ubuntu - in fact until of late some of these words did not even exist in our
local cultures )

If it is truly heinous we can lobby your congress to send a drone?

I am of course joking, but legally - nothing - Internet wise, you are
working up a proposed policy document about how crime should be 
handled? 

But, definitely, there is a big difference between abuse, actual crime
and crime intelligence ?or not? 

do you agree/disagree with that? (trying to have/add/find some value
in a devolved thread...)

> Finally, did you miss it when I posted, just not very long ago, the
> following link to a BBC story that describes in some detail that
> police are overwehelmed and that they can't even keep up with this
> the great and growing masses of cybercrime anymore?
> 
>     http://www.bbc.com/news/uk-36731694
> 
But we are CIVIL society and more interestingly, we are cross
border, cross cultural and cross social

The law enforcement problem in the UK is not an International one
and still, like you yourself said, we (me/I/You/Us :) ) don't have the
power of a state

In another thread you are discovering how there are questions of legal
identity about RIPE that "we" are not sure of ourselves :)


> >We must not, discuss this on a public list before the Police has at
> >the very least, had the opportunity to first ensure that they have
> >secured the data/servers/evidence that may be required to prosecute.
> Gee!  And here I was starting to think that you were in favor of free
> speech on the Internet!  I guess not.  Sorry.  My mistake.  (You
> apparently want to tell me what I "must not" say.  That's not my
> definition of free speech.)
> 

if someone is actively selling credit card, identity theft child porn,
etc. in an ideal world, I would like to see those criminals properly
investigated, prosecuted and sentenced

Free Speech is a right that has to be in balance with it's
responsibility.

You cannot claim that hate speech - is free speech - so free speech has
limits - in terms of the other rights of other people

For example - little children have the right not to be abused by
pedophiles - and publishing child pornography - IS NOT FREE SPEECH

similarly - not giving criminals a "heads up" or null routing their
traffic and/or obstructing the functionality of law enforcement, laws
of countries and the rule of law - is not "free speech"
 

> Also, I refer you again to this:
> 
>      http://www.bbc.com/news/uk-36731694
> 
> and I remind you again that you are living in a fantasy world.
> Speaking from direct personal experience, it doesn't matter how many
> months of lead time you give law enforcement.  They simply DO NOT put
> down their doughnuts and rush out to image servers until *after*
> reports of serious cybercrimes appear in the media.
> 
it depends on the priorities, resources and many other factors.

And, "reminding me that I live in a fantasy world" simply dilutes
credibility as obviously I live in the same sewer as the rest of us.
 
> These days, the only times when they are actually pro-active and
> actually ahead of the curve is in terrorism-related cases.
> 
I refer you to this article:

      http://www.bbc.com/news/uk-36731694

They say all of it - they do not say that they are all over terrorism...

See, I can do that also :)

> >2. If, after a reasonable amount of time, we receive no feedback (as
> >in back off, we are investigating this - or we are busy prosecuting
> >or whatever) then we should do what?
> 
> See above.  For a long while I did exactly what you think should be
> done. I tried to always inform law enforcement early and often, about
> all of the really bad crap I found.  And I gave them a fair
> opportunity to tell me to keep quiet, because they had an ongoing
> investigation.  So far, no matter what I've reported to them, and no
> matter how bad it was, they haven't even given me a courtesy call

yeah, I feel your pain. I may be in the same boat as you, I guess it
is because I called some of them a bunch of incompetent troglodytes that
could not even investigate someone breaking into a paper bag... they
tend to kinda delete my emails and information even before reading it...

I do not really blame them, I can be a pain in the ass sometimes :)
just from reading you a bit, I think you may be in the same boat

> back.  In short, they are worse than useless.  They are a waste of my
> time.  They don't care what I do or say or find, and I no longer care
> what they do or say or think or find.  On those rare occasions when
> they actually do bust some cybercriminal, I applaud them, but usually
> the arrest only comes years after the criminals have already been
> well-known to be doing their crimes.  (And as I learned recently, in
> Russia, at least, when a criminal of any kind gets busted, the
> authorities don't even release their names.  So as a non-LE person,
> you can't even be sure that the Russians aren't just making the whole
> thing up for publicity reasons, you know, to make Putin look good,
> like the _alleged_ arrest of "fifty" cybercriminals that is _alleged_
> to have taken place in Russia earlier this year.  What a nice round
> number to release to the media!)
> 
doing pretty press releases is always a bonus for budgets :)

> >...but you cannot simply find a random domain, note content on it
> >that seems as if there may possibly be criminal activity and/or
> >abuse.
> 
> I can't?  Oh.  Sorry.   Too late!  I already did.  Sorry.  I didn't
> know that rule until now. :-)
> 
Okay, well, now you know :)

> >I cannot publish anything about this website or this content on there
> >as their is simply no due process, no proof of actual illegal
> >activity, no actual trial, guilt, verdict, etc.
> 
> That's quite alright,  YOU don't have to. I already did.
> 
Oh, thanks for that then, I did not notice 
(btw sarcasm is the lowest form of wit - i'll betcha I am lower than
you :)  )

> See, *I* don't have the power of a state.  I can't send people to
> jail. I can only bad-mouth them in public and hope that other people
> realize what criminals they are, and then stop trading packets with
> them.
> 
yes, *sigh* if only now we had that credibility thing going for us...
btw - do you still run your blacklists? - links? info?

> Because the penalities that I personally can impose are so limited and
> weak, I don't have to make a case against any party "beyond a
> reasonable doubt".  If I make a case aganst a party where the
> "preponderance of the evidence" (i.e. 51%) says that they are guilty,
> then people who read what I write, and agree with my analysis may
> stop accepting packets from the crooks I identify.  That is a
> reasonable outcome.
> 
> >We should start filtering/editing/censoring content deciding to
> >'null-route' entire IP ranges because of our content decisions?
> 
> I do it every day, at least for my own server.  It's called "spam
> filtering".  (I don't like spam.)
> >seriously?
> Oh yes, seriously.
> 
everyone claims to hate spam - yet in many decades it is a persistent
problem, I wonder why...

Oh, yes, it is a BALLS thing. 

Twitter.com does not accept abuse complaints - so what do we do?
oh, I know, I know - we continue accepting all emails from twitter.com 
in case our users get upset - bwahahahaha

Does twitter.com ever feel any pain? heck no. unimaginable thing that.

> >We can also maybe build a huge wall around our networks? Maybe we
> >should not route any traffic that we have not properly inspected?
> 
> Works for me!  Sounds like a perfect description of my firewall.
> 
ROFL, I was joking - but you can also just pull out the
fiber/cable/antenna/dish :)

Andre

> 
> Regards,
> rfg
>