On Fri, 13 Aug 2004, Bevan Slattery wrote:
Hi,
Just to ease peoples concerns, the patent has nothing to do with blackholing. A brief description of the way it works can be found here:
And based on what I've read, the above has a lot to do with blackholing, I don't see how patent can be claimed on this system with so many cases of prior work of similar nature. On Fri, 13 Aug 2004, Stephen J. Wilcox wrote:
sorry cant find a really good link, this is what BT have been doing in the UK for a couple months: http://msnbc.msn.com/id/5158457/
In answer to the critics, what an ISP chooses to do with its traffic *internally* is up to the ISP, and bear in mind you are not suggesting the scope of the service is anything more than an ISPs own network. This is not IP hijacking by any means, more like transparent caching and blacklisting.
I agree with above, its not hijacking as far as it does not effect the whole internet and it only effects local ISP that chooses to use such a service. To me this all looks like a transparent firewall, which instead of completely blocking access to ip, provides redirection to explanation page. However usually firewalls have static setup and maintained 100% by sysadmin at the location, here its letting somebody else to control your firewall and allow to add new entries there in real-time and I'd be carefull in choosing to trust such external service. At the same time this all sounds a lot like real time dns blacklist service and those are widely used and commerical services such as MAPS do exist as well as numerious non-commercial dnsbl which are trusted by thousands of ISPs. Now I hate to be giving advice to company I do not like (based on their insistance of patent and based even more on the answer just given on nanog by company representative to post by Mychel Py; the answer said this is hostile list and chosen not to answer ANY of the legitimate concerns sited by Mychel, this was completely inappropriate behavior if they are insterested in having this technology and their company seriously considered), but I think what is being proposed could be done better and safer if instead of being pushed and marketed as complete block of bad sites, the same or similar technology is marketed as automated warning for end-users of potentially bad and unsafe websites. The only imlementation change to do this would be to provide a link from the webpage where user might have been redirected to the original website they wanted to access (it would have to be done by using proxy service since ip is not directly available). In such a case, this service in case of possibly bad ips only functions as an additional warning that webpage user wanted to access is considered not to be safe and may be used by phishers (is that correct term?). Most users would listen to such a warning and not give any of personal information if this was to be a bank website if they otherwise would have believed the phishing email. At the same time, if blackholing this site was not correct and user really does want to go to that website, person can just click on the link to continue. -- William Leibzon Elan Networks william@elan.net