This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Fri Mar 22 22:43:14 CET 2019
In message <B9295EF6-D574-4D52-BD44-C0A9312FC3D6 at a2b-internet.com>, Erik Bais <ebais at a2b-internet.com> wrote: >So even if they would get the Bulgarian spammer/hijackers in front of a >Dutch judge .. the change was that ... they would walk, because there was >no harm done .. No law was broken, no system invaded and nothing stopped >working . . . This sound like an argument IN FAVOR of the proposal that you have said you are opoposing! Ordinary civil and criminal counrts are still operating on rules from the last century, or more often, from the century before that. Neither they nor the applicable laws even know what the hell a "route" is! This general lack of technical savvy has been a problem, and is likely to remain a problem for a long long time. Legislators and legislation in -every- country just cannot keep up with the pace of technological change in the 21st century. Why then should it not be the case that we ourselves clean up our own messes, and our own dogpiles, especially as -we-, i.e. the Internet community, and the RIPE community, are vastly more qualified to do that job than some luddite politicians? If we wait for -them- to introduce some rules and some sanity, then we may all be waiting for that still in the 22nd century. And even if they do impose some rules on our community before then, those rules are quite likely to create more harm that good. I'm a big believer in self-reliance, and I don't think that the technical community which created the possibility of such problems should either expect, or wait for, or defer to some -other- set of folks to solve the problems that we ourselves, the technologists, have created. >So in this case, the Italian Police (ROS) used (forced??) an Italian ISP to >hijack some IP space to regain control of their lost RAT C&C server.. >(endpoint for RAT infected machines.) This wasn't an accident .. but was it >criminal by the ISP to assist their local police ? >And what would have been the impact if they didn't . . ? I am sooooooo glad that Erik Bais brought up the case of Hacking Team, because this case totally undermines Eric's argument in opposition to the proposal. Hacking Team is itself a malevolent and well known Bad Actor, and I do encourage everyone on this list to familiarize themselves with the history and known facts regarding this sinister company: https://en.wikipedia.org/wiki/Hacking_Team To say that Hacking Team is a set of dirty tricksters would be an under- statement. What kinds of folks do we know who routinely use 0-days? Yet Erik Bais is arguing that RIPE policy decisions should be driven by a desire to accomodate the needs of exactly such Bad Actors. That is ridiculous on the face of it! These people are neither respectable nor are they our friends, and just because they might have some secret and sinister customers in and among the ministers or ministries of some (or many) unethical and criminal governments, that does not make them any less repugnant, or their actions any more deserving of our respect, let alone our actve accomodation. While he is suggesting that RIPE policy should be driven by the needs or desires of one of the most widely reviled companies on the Internet, Erik Bais goes on to -speculate- ... without offering a single shread of supporting evidence... that that company, in combination with Italian law enforcement, somehow held a gun to the head of the Italian ISP "Aruba" and "forced" them to engage in a a delibrate BGP hijack. It is my claim that this unsubstantiated claim on the part of Erik Bais is entirely without merit, or evidence, and that it should thus carry no weight whatsoever in the deliberations on the proposal before us. But I encourage all members to consider also the alternative view on this, because a rational analysis of THAT possibility must lead us all to an even more forceful support of the present proposal. What if Erik Bais is actually correct and that Italian Police, working in conjunction with Hacking Team, actually -forced- the Italian ISP Aruba to engineer a deliberate hijack? Is this kind of unilateral action on the part of just one agency of just one national government really the kind of thing that the RIPE community desires, by its inaction, to effectively encourage and endorse, worldwide, and by arbitrary agencies of any and all governments, at all times and for any arbitrary reason that suits that agency and that government?? I believe that the answer should be a clear "no", and that the RIPE community should use the present proposal to make a clear statement and send a clear message that the global routing table is *not* a playground in which arbitrary agencies of arbitrary governments may play games, as and when they like. As the royality of England might put it "We are not amused" by these private games, nor even by any such games that might be played with the endorsement of some specific part of some specific (and transient) government or another. I will go even further and say that it is a bit remarkable that it should fall to me, an American to make this rather obvious point. I mean hasn't it been you folks in Europe that have been working -ahead of- us, your American cousins, in enacting legislation to try to rid yourselves of the pernicious effects of electronic spying on the part of a foreign government, namely my own? Do you now wish, by inaction on the present proposal, to actually -endorse- the notion that governments may play as they please with the global routing table?? If so, then it will be a self-evident inconsistancy on the part of europe and europeans, and one of historic proportions. Note that even Erik Bais himself has neither condoned nor endorsed that which he seems to say should be a factor in the present deliberations, saying, with respect to the misuse of the Italian ISP Aruba to carry out a deliberate hijack "These are your/our tax dollars at work ... They either don't care or are the bad actor themselves." That is Erik Bais' personal opinion. And it happnes to be one that I share, along with quite a lot of other people. Hijackers are Bad. The present proposal merely seeks to convert our shared private sentiments on hijacking into a community-endorsed sentiment. And this conversion is long overdue. Erik Bais' final and "biggest" objection is as follows: >The biggest issue what I see in this policy, is that the RIPE NCC ( either >themselves or the Exec Board. ) is desired / aimed to pull the trigger on a >membership or contractual relationship. I state the obvious question: Who ELSE is empowered, under law, to "pull the trigger" on one of RIPE's contractual relationships? Obvious answer: Nobody. The member can himself/herself/itself terminate the contract, but the only other party that may do so, under law, and in accordance with the contract itself, is RIPE. Erik Bais seems to be suggesting that there are, or should be, -no- situations in which RIPE should be the one to terminate a member contract. I doubt that this is what he means, but this is what he seems to be saying. And he goes on to assert that RIPE should at all times remain "neutral". That's an admirable sentiment, but like it or not, RIPE does and must judge cases where its contract terms have been violated, and must (and does) then act accordingly. Impartiality and neutrality are, and rightly should be halmarks of RIPE's every action, but it is a bit difficult to take a position of complete neutrality when and if a given member's dues are not paid, or with respect to the question of whether or not Poland was invaded in 1939. Facts are facts, and there has never been a case of IP block hijacking that I have seen where the facts were not abundantly clear, once all of those facts were laid out on the table. These things are never even close calls. In short, I think that Eric's reasonable concerns about the neutrality of RIPE are misplaced in this instance, and that the proposal should be endorsed, if for no other reason, then at least so that we will have, going forward, an entity which has both impartiality and neutrality in its very veins and DNA, i.e. RIPE, making the necessary impartial and well-reasoned judgements about the correspondance between routes and the allocations it has issued, or the lack thereof, in contrast to the current state of affairs which leaves these determinations entirely in the -biased- hands of often untrustworthy individuals and governments. A vote in favor of the proposal is in fact a vote in favor of *true* neutrality and impartiality and *against* the unilateral decisions and actions of individual actors which themselves have personalized motives that are often both unseen and also often more than a little suspect. Regards, rfg
- Previous message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
- Next message (by thread): [anti-abuse-wg] 2019-03 New Policy Proposal (BGP Hijacking is a RIPE Policy Violation)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]