There was also the attack on the Tor network a few months ago.

In that case I spoke to the "security" company that was sending the abuse notices to my provider - and they confirmed that they know the notices are bullshit, they acknowledge that if they cause financial losses I might be able to win damages in a lawsuit, and they will continue sending them anyway because they don't care to update their policies.

Has this sort of thing always been a problem on the internet or is it a new attack vector?

On 18 December 2024 6:40:54 pm GMT+01:00, "Dan Mahoney (Gushi)" <danm@prime.gushi.org> wrote:

On Wed, 18 Dec 2024, Dan Mahoney wrote:

Hey there,

Dayjob recently got a report from compliance@tucows.com alleging that an old, historic bind9.tar.gz.asc (a plain-text checksum file) on ftp.isc.org is malware.  It’s not.  It’s a false positive.

Additionally, the URL they sent to vew the reporting material is http-only, and does not work, but it’s not hosted by tucows/hover, it’s hosted at http://url4091.abuse-report.pir.org, is http-only (what year is it?) and doesn’t work!  Nor does that report actually come out and say what the file in question is, it’s only shown in an attached screenshot.

Given what recently happened to another important internet domain (one of our IP providers) being put on administrative hold due to basically one complaint of fraud, I am incredibly concerned.

I’ve been in touch with the registrar that holds our domain name about this (Hover/Tucows), and I’ve got a direct line with the CTO, but I need assurances that this will not lead to obnoxious actions, a week before Christmas.

-Dan
(From personal address, but with very much DayJob hat on)

Whoops, helps to add:

email dmahoney at isc org (but cc ray@)
phone 703-DEV-24x7 (txt/imessage, but identify yourself in the first volley)

-Dan