[anti-abuse-wg] RIPE NCC Anti-Abuse Training: Next Steps & WG Input!

Hi there, (speaking as Tobias, and not a Chair)

I disagree with the idea of defining what abuse is for 3 reasons.

First, we will never be going to get it done. If you ask 200 people you'll
get 500 opinions. We already know that from RIPE, maawg, IETF, ICANN, and
every other organization in the history of the internet and before, that
tried.

Second, Spam is illegal in several countries, in a  lot of others it isn't.
That doesn't make it right, but makes the definition harder. It gets more
tricky when we are talking about copyright and trademark abuse. Which is by
nature a very controversial topic. And there is enough other examples.


Third, abuse depends on the perspective of the victim. And yes I know this
is a very controversial statement but let me explain it.

A small hosting company will see an attack towards their infrastructure
differently than AWS, GOOGLE, or Cloudflare do. What might be
life-threatening for the small hosting company will not even ring a bell at
the big companies? So while I agree an attack of all sorts is abusive, it
still depends on what you are willing to do about it.

Do I send a spam report for every spam email I receive? No. Is it still
abuse? Yes. At the end of the day, the solution to abuse is not going to
have a clear definition of abuse, it's the fact that people or companies
report what they consider abuse as the victim. And that is followed by what
the receiver of the reports is doing about. Not a global definition.


Fourth, I know I said 3 but ...
Abuse is changing every day and nothing is worse than old stale and
outdated definitions.
We haven't gotten definitions in the first place. So how are we keeping
them up to date on a constant basis?


Abuse Management is a very simple and very pragmatic job that needs to be
done. It's no science project and no Mars mission.
So instead of spending a ton of time on definitions, we might just be
simple and pragmatic and try to teach the people that join those training
sessions to make abuse a topic in their organization and start doing a
decent job in receiving and handling abuse reports as good as they can.
That will already make a big impact. Without any definitions.

Thanks,

Tobias
-- 


Tobias Knecht

|

Founder & CEO

T. +49 170 455 98 45

abusix.com
<https://cloud.letsignit.com/collect/bc/5fc946660b5c6b0008d672f1?p=3QW9LKZRNsNLctpv2M4xw66qtjrDbFHkRfe_Jo_T8nIlQuwLC6zZ9OH0kt1uknMTCaPgfev0DqYl37D4m9Ee4vsbDzR0i3-_vR79jccowDesvdhqrvzXzi6k_yA1omSOmnzd-c_2CqBfYJjJFgV9BQOpBRSRjC8wMv-fT3nwGx3tkMlHQ6jWt4ciVIkA_II6>

Book a meeting
<https://cloud.letsignit.com/collect/bc/5fc946660b5c6b0008d672f1?p=3QW9LKZRNsNLctpv2M4xw66qtjrDbFHkRfe_Jo_T8nIlQuwLC6zZ9OH0kt1uknMT9SwLHL8nP_FvGHuL1dmuWvzSzogpcTfxgYqITma2NzHMq5pXRQAYjPHEkBYpwTr5FBNOY9SMkZqJWdDoUo-I_A==>

[image: My Logo]



<https://cloud.letsignit.com/collect/bc/5fc946660b5c6b0008d672f1?p=3QW9LKZRNsNLctpv2M4xw66qtjrDbFHkRfe_Jo_T8nIlQuwLC6zZ9OH0kt1uknMT9SwLHL8nP_FvGHuL1dmuWkBl_vB1ZA4WrZhHQQ6slR_5b_FnETHpRTKihQLpXLRkFBNOY9SMkZqJWdDoUo-I_A==>

<https://cloud.letsignit.com/collect/bc/5fc946660b5c6b0008d672f1?p=3QW9LKZRNsNLctpv2M4xw66qtjrDbFHkRfe_Jo_T8nIlQuwLC6zZ9OH0kt1uknMT9SwLHL8nP_FvGHuL1dmuWuwTIYoZ5mdTWmhqltOyd8WxVKbCGLLoqGos1EesYhP7>

<https://cloud.letsignit.com/collect/bc/5fc946660b5c6b0008d672f1?p=3QW9LKZRNsNLctpv2M4xw66qtjrDbFHkRfe_Jo_T8nIlQuwLC6zZ9OH0kt1uknMT9SwLHL8nP_FvGHuL1dmuWmVS4sTjl1cJ51NN-gNCB_rcu1jgPRgfsr52W-kkb52KhFdCjGAFnnZN_nkWEHAE7w==>



CONFIDENTIALITY This email and any attachments are confidential and may
also be privileged or otherwise protected from disclosure. If you are not
the named recipient, please notify the sender immediately and do not
disclose the contents to another person, use it for any purpose, or store
or copy the information in any medium.







On Fri, Feb 11, 2022 at 11:15 AM Laura Atkins <laura at wordtothewise.com>
wrote:

> I’m going to try and make the call, but one thing that strikes me as
> important for any abuse training process is to call out different kinds of
> abuse online.
>
> There are things that are abuse of the internet. Abuse that harms the
> ability of the internet to work or for people to use the internet. Things
> like dDoS and spam and even phishing, mailbombing, etc. They are problems
> that affect a lot of people. Often we can use raw numbers of reports or
> complaints or traffic mapping to identify these kinds of abuses. We can
> usually point to objective measures and justify taking actions based on
> those objective measurements. They harm us collectively as a community and
> an infrastructure.
>
> There are those things that are abuse on the internet. This is people
> using internet services to harm individuals. Harassment and stalking and
> doxxing are examples of this. These are problems that are targeted at
> individuals. We can’t use raw numbers of reports or complaints or traffic
> mapping to identify these kinds of abuses. They are targeted at usually
> vulnerable or marginal individuals (or sometimes communities). In this case
> we don’t get the raw numbers of complaints, there’s not an objective
> measurement of harm. Taking action requires much more judgement on the part
> of the network owner.
>
> Then there are things I’ve not figured out a category for. Is it abuse to
> spread disinformation and propaganda campaigns? Is it abuse to sell snake
> oil and fear based on lies and propaganda? Is it abuse to organize a
> insurrectionist attack on a platform? Does the network owner have an
> obligation to shut down traffic? How do we tell the difference between good
> uprisings (Arab Spring) and bad uprisings? What do we do about Nazi and
> white supremacist websites that allow for actual scholarly and critical
> discussion of them? I certainly don’t have the answers.
>
> I think one of the learning goals should be to understand the scope and
> breadth of online abuse. Also making it clear what kinds of things
> operators must take action against and what responsibilities they have to
> the infrastructure and to individuals. We’re not law enforcement, but law
> enforcement hasn’t kept up with a lot of the abuse taking place on the
> internet. I think that is worthy of discussion.
>
> laura
>
>
>
>
>
> On 10 Feb 2022, at 09:25, Brian Nisbet <brian.nisbet at heanet.ie> wrote:
>
> Colleagues,
>
> Since we last spoke about the proposed training the NCC have been working
> with various community members to put a draft syllabus in place for further
> discussion.
>
> This is a link to the feedback document for this draft:
>
>
> https://docs.google.com/document/d/1M9Wrqu-VKGGwMfJQGK0NlTs5UzH6xJ2_HR2MkTBVR2w/edit?usp=sharing
>
> What the NCC and the Co-Chairs would love is if everybody could just
> comment what they think they understand from the learning goals as they’re
> written and suggest any changes or additions and obviously ask any
> questions. We’d also like the feedback on the webinar flow design.
>
> It’s important for everybody to understand that the learning objectives
> are the basis for the training. These are the skills that the learner must
> acquire. With these skills we also expect a change of attitude towards
> abuse handling (which is we think the purpose of this training).
>
> While discussion on the list is welcomed and encouraged, we've also
> planned a Zoom session for any interested parties to discuss this further.
> This will take place on Wednesday 23rd February at 14:00 CET:
>
> https://ripe.zoom.us/j/8221791822?pwd=ZFY0MnNQeWJsTkhQSFlyeEZlUkNJQT09
>
> Meeting ID: 822 179 1822
> Passcode: 1277
>
> Hopefully with discussion on list and at the session on the 23rd we can
> move this into a final draft and progress from there.
>
> Thanks,
>
> Brian
> Co-Chair, RIPE AA-WG
>
> Brian Nisbet (he/him)
> Service Operations Manager
> HEAnet CLG, Ireland's National Education and Research Network
> 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
> +35316609040 brian.nisbet at heanet.ie www.heanet.ie
> Registered in Ireland, No. 275301. CRA No. 20036270
> --
>
> To unsubscribe from this mailing list, get a password reminder, or change
> your subscription options, please visit:
> https://mailman.ripe.net/
>
>
> --
> The Delivery Experts
>
> Laura Atkins
> Word to the Wise
> laura at wordtothewise.com
>
> Email Delivery Blog: http://wordtothewise.com/blog
>
>
>
>
>
>
> --
>
> To unsubscribe from this mailing list, get a password reminder, or change
> your subscription options, please visit:
> https://mailman.ripe.net/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20220223/50a061e0/attachment.html>