This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] On the abuse handling policy of manitu.net (AS34240)
- Previous message (by thread): [anti-abuse-wg] On the abuse handling policy of manitu.net (AS34240)
- Next message (by thread): [anti-abuse-wg] On the abuse handling policy of manitu.net (AS34240)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Fri Feb 19 22:03:47 CET 2021
Even worst ... You've read that, but automated systems will not do, just use the abuse mailbox. Anyway, I think in general the information will get if an automated abuse report is sent, will be not personal, but from an organization. In fact, if they send personal data to the "abuser", I think they will be breaking the GDPR, because you need an explicit consent to transfer personal data to third parties, right? And of course, in front of law, all this text is "wet paper". If there is a claim because an abuse case, and their customer doesn't respond, they may be liable. Regards, Jordi @jordipalet El 19/2/21 21:56, "anti-abuse-wg en nombre de furio ercolessi" <anti-abuse-wg-bounces at ripe.net en nombre de furio+as at spin.it> escribió: Manitu.net is a german hosting provider operating AS34240 currently announcing 2.59.84.0/22, 85.116.192.0/19, 89.238.64.0/18, 217.11.48.0/20 and 2a00:1828::/32. I was quite disconcerted to read this notice in their whois record in the RIPE NCC db (within the nic handle MANI-RIPE ): remarks: trouble:+------------------------------------------------+ remarks: trouble:| In case of abuse, e.g. spam, scans, probes, | remarks: trouble:| hack attacks, violation or any other illegal | remarks: trouble:| activity, please contact | remarks: trouble:| | remarks: trouble:| abuse at manitu.net | remarks: trouble:| | remarks: trouble:| IMPORTANT:Your message will probably sent to | remarks: trouble:| the customer concerned by an automatic system. | remarks: trouble:| All of your data, esp. your name, your e-mail | remarks: trouble:| address and the content of your message, will | remarks: trouble:| be visible to the customer. If you do not | remarks: trouble:| agree with this do not use the e-mail address | remarks: trouble:| shown above. | remarks: trouble:| | remarks: trouble:| Complaints sent to any other contacts cannot | remarks: trouble:| be handled in realtime and are therefore not | remarks: trouble:| preferred. | remarks: trouble:| | remarks: trouble:| Please note that this contact is not | remarks: trouble:| responsible for the actions themselves. | remarks: trouble:| So please do not blame us for actions of | remarks: trouble:| third parties. | remarks: trouble:+------------------------------------------------+ This is so absurd, I had to read it twice to make sure that I was not misreading it. They state that they automatically pass all my personal data to abusers if I send a report to them, so that: * Abusers can listwash me and avoid getting further reports from me * Abusers can sell my data to other abusers * Abusers can start harass me electronically (for instance using list bombing, DDOS etc) as a retaliation for disturbing their activity * Abusers could also harass me or my family in real life for the same reason In this process: * My personal data are released automatically to third parties without my explicit consent * Those third parties will presumably remain unknown to me, and the whole process is completely opaque: I will never know where my personal data went. So this is what a reporter would get back in exchange of doing volunteering work to report incidents to them so that they could run a cleaner network! This behaviour appears to blatantly violate RIPE-409, section 5 [ https://www.ripe.net/publications/docs/ripe-409#5 ]: The ISP MUST ensure that the alleged abuser is NOT informed of the identity of those who are reporting the abuse, except with their explicit permission and I thought that this was given for granted by the whole Internet industry. This brings a lot of suspicion around Manitu GmbH. Who are they? Why are they violating the BCP, probably many privacy laws, putting reporters at danger, and doing such a huge favour to cybercriminals ? What benefit are they getting from acting in this way? In the meanwhile, I would suggest that no one sends anything to Manitu abuse. They have two upstreams, AS9063 (VSE NET) and AS42652 (Inexio): probably their abuse desks should receive all the AS34240 reports, at least until this situation has been clarified. furio ercolessi ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
- Previous message (by thread): [anti-abuse-wg] On the abuse handling policy of manitu.net (AS34240)
- Next message (by thread): [anti-abuse-wg] On the abuse handling policy of manitu.net (AS34240)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]