Both registries and registrars that are accredited by ICANN have contracts with clear clauses related to abuse and their responsibility towards reports etc., As of right now no such requirement exists in the RIPE region, so I’m not sure that the parallel is a good one. In an ideal world self-regulation would be the way, but sadly there are a lot of providers who turn a blind eye to all sorts of unpleasant behaviour on their platforms / networks etc., so legislators are getting involved more and more. If there are LIRs in the RIPE region with dodgy contact details or anything else that would be illegal under Dutch law or in breach of any contracts or policies then they should be reported to RIPE NCC. It’s in RIPE NCC’s best interest not to run afoul of regulators and I know they invest quite heavily in engagement with government including LEA. Also please do not refer to DMCA. It’s American and is not legal in Europe. Seriously Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 I have sent this email at a time that is convenient for me. I do not expect you to respond to it outside of your usual working hours. From: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> on behalf of Carlos Friaças via anti-abuse-wg <anti-abuse-wg@ripe.net> Date: Friday, 19 January 2024 at 09:36 To: OSINTGuardian <contact@osintguardian.com> Cc: anti-abuse-wg@ripe.net <anti-abuse-wg@ripe.net> Subject: Re: [anti-abuse-wg] Bulletproof servers causing mischief on the internet [EXTERNAL EMAIL] Please use caution when opening attachments from unrecognised sources. Greetings, Maybe we need a bulletproof hosting directory on the web? :-))
From what i've learned, illegal content depends on jurisdiction, and effectively that's what greatly impacts the possibility of takedowns.
I've also seen what you mention about advertising services as 'bulletproof', but i've already seen some of those companies remove that kind of advertising (in this case, web archives are your friend!) The RIPE NCC, afaik, doesn't act on illegal content, because it lacks any mandate for that. In the same way criminals are able to use phones, they are allowed to use IP addresses. The downside with the IP addresses is they can in practice build/manage (informal?) network operators, which provide them with a lot more flexibility. But that's the model we have had for decades... I totally agree with the ICANN comparison, but it wouldn't be only RIPE NCC, for efectiveness you would have to have all the five RIRs on the same page. But i'm afraid "the community" -- which also includes the 'bulletproofers' -- will not issue any mandate to the RIPE NCC to do something. Instead, at some point, we well see more regulatory stuff kicking in........ Best Regards, Carlos On Wed, 17 Jan 2024, OSINTGuardian wrote:
hi,
There are more and more bulletproof hosting in the world every month and they are causing more and more chaos, feeding the dark web by providing servers to criminals of all kinds who use the servers on .onion websites in Tor and flooding the clear web with illegal content.
There is a bulletproof hosting market that is even openly promoted, it is as easy to find companies that provide bulletproof servers as searching on Google, hacker forums or simple internet websites that provide lists of bulletproof hosting companies.
The business model of these companies is to ignore reports of abuse of illegal content, to look the other way when someone uploads illegal content. This is openly their business model, what does RIPE NCC do about this?
RIPE NCC provides IP addresses to many of these companies with bulletproof servers that are then used by criminals on the Internet, strengthening organized crime.
ICANN publicly has an abuse reporting form, where users can report if a company provides bulletproof domains or ignores abuse reports. If RIPE NCC did this same thing, the internet would become a better place.
If RIPE NCC did this and also other IP address accreditors, they would greatly affect criminals on the Internet and therefore the Internet would become a slightly safer place than it is today. Bulletproof server companies would be afraid of being caught by RIPE NCC committing these violations. Unfortunately, these companies currently feel enough freedom to do this, that they even show themselves publicly.
Is RIPE NCC planning to do anything against this?
- Claudia Lopez OSINTGuardian