Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 62, Issue 5
Suresh, The Anti-Spam Man. According Suresh, spam is basically transference of cost. It transfers the costs to others who haven't asked for it: the spammers' ISPs, the recipients' ISPs, the recipients. As you can see Andre, who qualifies the highest profit of ISPs (260 billion spam and scam per day) as being a cost transfer from the spammer to the ISP, has to be considered with caution. David Conrad - Chief Technology Officer - ICANN staff. His team developed one the first TCP/IP packages for the original IBM PC, Director General of APNIC, Nominum Inc, CloudFlare, performing roles at ICANN and general manager of the IANA. A expert with a remarkable curriculum. :) But Andre, he is doing what he is paid to do - to defend what he has created. So Andre, in an anti-spam wg, you cannot take seriously criticism about your correct anti-conformism with the lack of good ethics of this rotten and dishonest system they created. The offenses like "messianic complex" only indicate the fear they have of making public the illegal activity of the system. As wrote Simon, they will just have to agree to disagree. Are the foxes caring the henhouse. Until Marilson From: anti-abuse-wg-request@ripe.net Sent: Wednesday, January 04, 2017 9:00 AM To: anti-abuse-wg@ripe.net Subject: anti-abuse-wg Digest, Vol 62, Issue 5 Send anti-abuse-wg mailing list submissions to anti-abuse-wg@ripe.net To subscribe or unsubscribe via the World Wide Web, visit https://lists.ripe.net/mailman/listinfo/anti-abuse-wg or, via email, send a message with subject or body 'help' to anti-abuse-wg-request@ripe.net You can reach the person managing the list at anti-abuse-wg-owner@ripe.net When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..." Today's Topics: 1. Re: DNS Abuse, Abuse of Privacy & Legitimizing Criminal Activity (ox) 2. Re: DNS Abuse, Abuse of Privacy & Legitimizing Criminal Activity (Rob Evans) 3. Re: DNS Abuse, Abuse of Privacy & Legitimizing Criminal Activity (ox) ---------------------------------------------------------------------- Message: 1 Date: Wed, 4 Jan 2017 09:16:02 +0200 From: ox <andre@ox.co.za> To: David Conrad <drc@virtualized.org> Cc: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] DNS Abuse, Abuse of Privacy & Legitimizing Criminal Activity Message-ID: <mailman.4.1483527602.30829.anti-abuse-wg@ripe.net> Content-Type: text/plain; charset=US-ASCII On Tue, 3 Jan 2017 23:05:07 -0800 David Conrad <drc@virtualized.org> wrote:
Andre, On Jan 3, 2017, at 10:43 PM, ox <andre@ox.co.za> wrote:
On Jan 3, 2017, at 9:57 PM, ox <andre@ox.co.za> wrote:
When respected Internet Engineers and organizations develop standards for Internet software that completely ignores ethics, morality, honesty and is pale and anemic in the truth department?
You've developed quite the messianic complex here.
You do not say why this is not true. or not factual. or not correct.
Because empirically, Internet Engineers (whoever they may be) and organizations document protocols and bit patterns expressed across wires. These protocols are tools that are neutral in terms of ethics, morality, and honesty. How those tools are used and by whom is what results in whether that are ethical, moral, or honest. You are blaming the tool for the (presumed) failings of it users. However, in this context, you presume to know The Truth. Such certainty must be quite reassuring.
Your comments in your entire reply, is the same. Let me place your own argument, in context, for yourself: Your argument is that someone making a nuclear weapon is not responsible for the use of a nuclear weapon. Yes, I do know my truth. I know my own ethics. I know my own morality. I know myself. I know right from wrong, if you want to make this about my own ethics. I would venture that I am not alone in my understanding of what is good and what is evil. Let me try to help you with that, as you seem to have a real problem: It is always wrong to lie. it is wrong to hide the truth of your lies (deception/falsehood) It is EVIL to declare that as "normal" behavior It is EVIL to support lies, falsehoods and suppression of knowledge. hth Andre
Yow. RPZ is a tool. You don't like that tool? Don't use it. You care about the "truth"? Do your own DNSSEC validation. Sure, there are many tools, hacker tools, 0day scripts (for kidd1eS)
If you cannot tell the difference between a tool I choose to deploy to protect myself and the users I am responsible for (who can also opt out if they so choose) and a tool that allows me to attack external users, I doubt continued discussion is worthwhile.
Why do you not discuss the real issues?
As far as I can tell, you have not identified any real issue, either here or on DNSOP. You have, like religious preachers, declared your view on ethics, morality, honesty, and truth, as axiomatic but not discussed real issues that affect the development of tools to help reduce abuse (relevant to this list) or the implementation of the protocol (relevant to DNSOP). When you do so, perhaps then there might be a discussion.
The truth is: I do not have a messianic complex
It appears the truth is you believe you know The Truth.
The truth is, very obviously, you do not care about the truth :)
If you say so, it must be true.
Regards, -drc (speaking only for myself)
------------------------------ Message: 2 Date: Wed, 4 Jan 2017 09:31:37 +0000 From: Rob Evans <rhe@nosc.ja.net> To: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] DNS Abuse, Abuse of Privacy & Legitimizing Criminal Activity Message-ID: <6bd5d9a3-c1ab-75cd-f2d3-783684a17b3e@nosc.ja.net> Content-Type: text/plain; charset=windows-1252; format=flowed Hi,
The presumed draft you're unhappy about (https://datatracker.ietf.org/doc/draft-vixie-dns-rpz/) is informational. It is not a standard.
not yet a standard. operational word, I guess, is yet. so there is still time to create awareness and to speak out.
More than that, it hasn't yet been adopted by the dnsop working group in the IETF, where a similar discussion is happening, and I don't believe the authors have stated an aim for an individual submission RFC. Raising awareness of RPZ is good, however it's an operational tool that many service providers and enterprises might want in their arsenal (even if as an opt-in). The best place to discuss furthering (or otherwise) RPZ is likely to be on the IETF's dnsop list. Cheers, Rob ------------------------------ Message: 3 Date: Wed, 4 Jan 2017 12:26:02 +0200 From: ox <andre@ox.co.za> To: Rob Evans <rhe@nosc.ja.net> Cc: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] DNS Abuse, Abuse of Privacy & Legitimizing Criminal Activity Message-ID: <mailman.5.1483527602.30829.anti-abuse-wg@ripe.net> Content-Type: text/plain; charset=US-ASCII On Wed, 4 Jan 2017 09:31:37 +0000 Rob Evans <rhe@nosc.ja.net> wrote:
The presumed draft you're unhappy about (https://datatracker.ietf.org/doc/draft-vixie-dns-rpz/) is informational. It is not a standard. not yet a standard. operational word, I guess, is yet. so there is still time to create awareness and to speak out. More than that, it hasn't yet been adopted by the dnsop working group in the IETF, where a similar discussion is happening, and I don't believe the authors have stated an aim for an individual submission RFC. Raising awareness of RPZ is good, however it's an operational tool that many service providers and enterprises might want in their arsenal (even if as an opt-in).
This is also maybe a good discussion to have in an abuse wg on a different thread:Why "DNS Firewalls" and RPZ is the wrong abuse tool to use or why it is a "good tool" for providers and enterprises to use. Whether "walled off Internet gardens" is a good thing for abuse and how that balances out with freedom, openness and the other pesky problems. About this thread though, it is very important that any inkling of this becoming an RFC needs to generate much more interest and involvement than DNS ops. Judging from where RPZ is at now: Adding DECEPTION to LIES, and producing different lies depending on which user is asking the questions, is patently and clearly not good. Arguments that we need to become killers because there are killers is simply not in the best interests of a free and open society. DNS ops quite obviously cannot be objective, AND they cannot be left alone with this issue. It is clear where this laissez-faire re RPZ has led and produced over the past 7? years! And abuse admins will be directly impacted by the adoption of this as a standard.
The best place to discuss furthering (or otherwise) RPZ is likely to be on the IETF's dnsop list.
Not really. (and I have already done that anyway) It is the DNS Op's whom are in need of protection against themselves. As I said above, the drift over the past years has been to use non ethical, dishonest methods (and now also to even use deception and hide their lies) - Non acceptable and the abuse admins and others need to become involved as the situation is not fixing itself. It is the entire methodology and flawed foundation of the entire RPZ protocol that is in question. if you build a house foundation in clay, your walls will crack. If the majority here agrees that RPZ is evil, then we may start discussing why DNS is better used as a reactive abuse tool and poorly suited to "firewall" use and that it is completely wrong to promote a method that involves promoting dishonesty. If the majority does not agree that RPZ is evil, as you seem not to yourself? then we still need to discuss the WHY you think it is not evil and why you think it is a good idea to tell different lies to different users and to hide the truth from your own users, etc etc Andre End of anti-abuse-wg Digest, Vol 62, Issue 5 ********************************************
Marilson, On Jan 4, 2017, at 5:24 AM, Marilson <marilson.mapa@gmail.com> wrote:
But Andre, he is doing what he is paid to do - to defend what he has created.
Sorry, this discussion has nothing to do what "what I'm paid to do" and I had no role whatsoever in the development of RPZ (I left ISC long before Paul and Vernon hacked BIND to support it). I don't even like it all that much. However, given RPZ solves a particular need and that multiple vendors are implementing it, I'd prefer they do so in an interoperable way rather than everybody doing their own thing in incompatible ways. I would have hoped we (folks who develop Internet technologies) learned our lesson from NAT (hey, isn't that "lying"?). Regards, -drc (speaking only for myself)
On Wed, 4 Jan 2017 07:50:00 -0800 David Conrad <drc@virtualized.org> wrote:
Sorry, this discussion has nothing to do what "what I'm paid to do" and I had no role whatsoever in the development of RPZ (I left ISC long before Paul and Vernon hacked BIND to support it). I don't even like it all that much. However, given RPZ solves a particular need and that multiple vendors are implementing it, I'd prefer they do so in an interoperable way rather than everybody doing their own thing in incompatible ways. I would have hoped we (folks who develop Internet technologies) learned our lesson from NAT (hey, isn't that "lying"?).
Hi David, No, NAT is not lying. At All, and that you are saying that it is, is a clear example that you do have a serious ethics challenge. This is not a "bad" thing, I suck at many things myself, nobody is great at everything. when you forward traffic for someone else, using your own ip number, how can you possibly equate that with lying? RPZ solves particular needs, exactly the same as a brute force password hacking tool solves particular needs Do you understand now? Also, lying is one thing, deception is another level and RPZ is pure EVIL - It is WORSE than the brute force password cracking tool - as RPZ can affect lives (actual real living people - as in life & death) Andre
participants (3)
-
David Conrad -
Marilson -
ox