New Abuse Information on RIPE NCC Website
[Apologies for duplicate emails] Dear colleagues, The RIPE NCC receives a lot of inquiries from people dealing with network abuse, such as spamming, hacking and phishing. While we have several tools available to help victims of network abuse find appropriate contact information, in addition to FAQs and information about the Anti-Abuse Working Group, all of this information was previously scattered across the RIPE NCC website in different places and could be difficult to find. We're happy to announce that we have created a dedicated page about network abuse that contains all the information on this topic that the RIPE NCC has available. We've developed this page in cooperation with the Anti-Abuse Working Group Chairs and we hope that this resource will be helpful to anyone dealing with network abuse, regardless of their technical background. The page is linked from the RIPE NCC's homepage under the Data & Tools section, but you can also access it directly at: https://www.ripe.net/abuse We hope you will find this resource useful. Kind regards, Suzanne Taylor Muzzin Communications Writer RIPE NCC
In message <F8778529-E48C-4037-88E4-F70AE3B6E32A@ripe.net>, Suzanne Taylor Muzzin <staylormuz@ripe.net> wrote:
We're happy to announce that we have created a dedicated page about network abuse...
What is that, exactly? I mean "network abuse". -=-=-=-=-=-=-=-=-=-=- As should be obvious to anyone who has been here for awhile, or anyone who knows me, my question is at least somewhat retorical. I would like an answer, but am not expecting any to be forthcoming, certainly not from RIPE NCC (as opposed to RIPE itself), and certainly not in any sense either formal or binding upon anyone or any thing. I have previously stated my own extreme displeasure and concern about this entirely unsatisfactory state of affairs, in which no person or entity within the RIPE region or community is willing to offer up any specific definition of the term "network abuse", and my own meager attempts to instigate some process that would simply codify and formalize this key term of debate and policy have met with no success whatsoever, as everyone who has been on this list in recent months already knows. Regardless, I feel compelled by both history and my own innate sense of justice and fairness to try yet again to make my case. (And yes, despite any contentions to the contrary, the current lack of a formal definition of "network abuse" _is_ resulting in unfairness and injustice, even if that unfairness and injustice has not yet come for for any of the members of RIPE who still maintain the indefensible position that no proper definition of "network abuse" is either necessary or useful.) I will be the first to admit that we here in the United States of America have made a lot of mistakes, have gotten a lot of things wrong, and have often behaved badly in, among and towards others in the community of nations. One of the things that our founding fathers did not get wrong however was their commitment to forming a more perfect union based upon the rule of law, as opposed to the rule of men. The latter had historically, consistantly and inevitably degenerated into abject and unfettered tyranny. Our forefathers worked and fought to free both themselves and their posterity from exactly that injustice, forever. This was an unambiguous and self-evidently laudable goal. Now the Internet itself in engaged in a great civil war, testing whether any distributed any decentralized amalgam and association of communicating but otherwise independent networks, each answerable to no law but their own, can long endure. At present, almost daily reports of various highly de- structive Distributed Denial of Service attacks flood the news, spammers run free and largely unchecked by anyone or anything, skript kiddies can and do invest mere minutes, and by so doing can and do cost reputable firms and individuals countless hours and euros in defense and cleanup costs, and both companies and nation states have now, by all accounts, formalized their own ongoing policies of either mass intellectual property theft or Denial of Service attacks, or both, against perceived commercial competitors or perceived national enemies. Whereas the costs and implications of all these issues and problems are everwhere clear and apparent, organizations such as RIPE continue to maintain in public a studied and all-encompassing position of utter ignorance regarding the very nature of these problems, even as mainstream journalists with far more compelling claims to techno- logical ignorance report, often clearly and correctly, on these events essentally every day now. If RIPE still does not know what "network abuse" is, then it is virtually alone in the industralized portions of the modern world in its abject ignorance of the nature of these problems. RIPE's current and ongoing policy of refraining from any attempts to codify any formal or even any working definition of the term "network abuse" is not a shining example of leadership. Rather, it is an abdication. Worse, it amounts in practice to a tacit endorsement of the current defacto "anything goes" environment and ethos which has, which does now, and which will continue to be so costly to so many of RIPEs own members. This turing of a blind eye is defensible only in the minds of those members who harbor a misplaced fear of one day finding themselves and their own actions on the wrong side of some formalized definition of "network abuse", and then being subjected to some form of community sanction on that basis. What I believe those members do not realize is that they run a greater risk of being _unjustly_ sanctioned on othe basis of a fluid, ill-defined, and constantly changing community conception of what is and isn't "network abuse" than they would if the definition of this term were codified, clear, public, and unchangable other than by community vote. For all of the above reasons I again implore the RIPE community as a whole, and specifically the ambiguously named Anti-Abuse Working Group to begin work immediately to develop and codify a consensus-driven formal definition of the term "network abuse". Any failure to do so will, in time, be under- stood by all to have been an error of historic proportions. This is a choice that the membership must make and _is_ making, including even those members who naively believe that the community is deferring and demurring from any choice. Not to decide is to decide. A choice not to decide, in this instance, is tantamount to nothing less than a choice of the rule of men over the rule of law. Regards, rfg
Hi, On Thu, Jun 13, 2013 at 04:22:38PM -0700, Ronald F. Guilmette wrote:
Now the Internet itself in engaged in a great civil war, testing whether any distributed any decentralized amalgam and association of communicating but otherwise independent networks, each answerable to no law but their own, can long endure.
I challenge that "answerable to no law". We all are operating in the boundaries of the national legal system that governs where an entity is located (easier for national ISPs, might be interesting for international networks, but still, laws *do* govern and ISPs are answerable to them). What people seem to overlook when looking across the great waters is that there's a large number of countries in europe, and each has their own legal system - so whatever is illegal across all of the US might be legal in one of the non-US states around the world - and that's actually what makes defining "network abuse" *that stands up to law* in a RIPE-wide manner somewhat tricky. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
In message <20130614081812.GB2504@Space.Net>, Gert Doering <gert@space.net> wrote:
On Thu, Jun 13, 2013 at 04:22:38PM -0700, Ronald F. Guilmette wrote:
Now the Internet itself in engaged in a great civil war, testing whether any distributed any decentralized amalgam and association of communicating but otherwise independent networks, each answerable to no law but their own, can long endure.
I challenge that "answerable to no law".
We all are operating in the boundaries of the national legal system that governs where an entity is located (easier for national ISPs, might be interesting for international networks, but still, laws *do* govern and ISPs are answerable to them).
OK, two points: First, you're right and perhaps I should have said no "common" law, which holds sway in all parts of the RIPE region. Second, I hope and believe that it is beyond question that some nations within the RIPE region, either on paper or as a results of non-enforcement, do have, in effect, essentially no law whatsoever that would or does govern any uses or abuses of any network of computer networks or any parts or portions thereof. That lowest common denominator may suit the interests of criminals. It does less well as a basis for an organized cooperative association bent on something other that the perpetration of crime.
What people seem to overlook when looking across the great waters is that there's a large number of countries in europe, and each has their own legal system
I, for one, do not overlook this key fact. And indeed, by stating it, you are helping to make my case for me. There are laws whose application and jurisdiction are various nations and their inhabitants. There are no laws whose jurisdiction is The Internet, save for those promulgated by RIPE, ARIN, APNIC, LACNIC, AFRINIC, IANA, and ICANN, and at present those laws say essentially nothing other than "Thou shalt not fail to pay, or defraud thy applicable RiR out of any fees reasonably owed, on penalty of forfeiture of any and all number resources registered." Yes, there are also numerous codifications of the clerical minutiae of seemingly innumerable processes and procedures by which number resources are allocated, deallocated, reallocated, reclaimed, and redistributed, but as we know, none of these say word one about the nature, character, or intent of the bits any member might or might not elect to send down the wire, once applicable fees have been paid and connections established, nor about any community sanctions that might be applied in the event of behavior which, while possibly obeying all applicable national laws, materially does damage to the relevant RiR community and/or other members thereof.
so whatever is illegal across all of the US might be legal in one of the non-US states around the world - and that's actually what makes defining "network abuse" *that stands up to law* in a RIPE-wide manner somewhat tricky.
Tricky it may be, however the time during which it might be viewed as optional has passed. History has killed it. Regards, rfg
On Fri, Jun 14, 2013 at 06:26:42AM -0700, Ronald F. Guilmette wrote:
laws whose jurisdiction is The Internet, save for those promulgated by RIPE, ARIN, APNIC, LACNIC, AFRINIC, IANA, and ICANN, and at present those laws say essentially nothing other than "Thou shalt not fail to pay, or defraud thy applicable RiR out of any fees reasonably owed, on penalty of forfeiture of any and all number resources registered." Yes, there
Yes. And long may it continue to be so.
are also numerous codifications of the clerical minutiae of seemingly innumerable processes and procedures by which number resources are allocated, deallocated, reallocated, reclaimed, and redistributed, but as we know, none of these say word one about the nature, character, or intent of the bits any member might or might not elect to send down the wire, once applicable fees have been paid and connections established,
Yes. And long may it continue to be so. My membership fees will *not ever* go towards establishing the RIPE NCC as the Internet Censor.
nor about any community sanctions that might be applied in the event of behavior which, while possibly obeying all applicable national laws, materially does damage to the relevant RiR community and/or other members thereof.o
Wrong. Attempts to establish the RIR as a censorship authority do damage to the RIR and its community. I do not think a RIR can survive any other way than by being a "disinterested party" that engages in registry duties, and none other. /ends Sascha Luck
Dear all, I welcome this initiative. Thanks. Kind regards, P. Vissers Authority for Consumers and Markets -----Oorspronkelijk bericht----- Van: anti-abuse-wg-bounces@ripe.net [mailto:anti-abuse-wg-bounces@ripe.net] Namens Suzanne Taylor Muzzin Verzonden: donderdag 13 juni 2013 12:00 Aan: anti-abuse-wg@ripe.net Onderwerp: [anti-abuse-wg] New Abuse Information on RIPE NCC Website[Decrypted by ACM Verified] [Apologies for duplicate emails] Dear colleagues, The RIPE NCC receives a lot of inquiries from people dealing with network abuse, such as spamming, hacking and phishing. While we have several tools available to help victims of network abuse find appropriate contact information, in addition to FAQs and information about the Anti-Abuse Working Group, all of this information was previously scattered across the RIPE NCC website in different places and could be difficult to find. We're happy to announce that we have created a dedicated page about network abuse that contains all the information on this topic that the RIPE NCC has available. We've developed this page in cooperation with the Anti-Abuse Working Group Chairs and we hope that this resource will be helpful to anyone dealing with network abuse, regardless of their technical background. The page is linked from the RIPE NCC's homepage under the Data & Tools section, but you can also access it directly at: https://www.ripe.net/abuse We hope you will find this resource useful. Kind regards, Suzanne Taylor Muzzin Communications Writer RIPE NCC
participants (5)
-
Gert Doering -
Ronald F. Guilmette -
Sascha Luck -
Suzanne Taylor Muzzin -
Vissers, Pepijn