BGP-based blackholing/hijacking patented in Australia?
http://australianit.news.com.au/articles/0,7204,10394549%5E15306%5E%5Enbv%5E... 2004-08-10 (via InfoAnarchy) "Pipe has applied for a patent for its method of blocking access to deceptive websites linked to fraudulent emails that direct users to fake bank websites to capture bank account and password details. [..] "Pipe Networks managing director Bevan Slattery said Pipe had been testing a method of enabling banks, ISPs and law enforcement agencies to notify Pipe of new phishing emails. "Pipe could then distribute updated internet routing information to ISPs via the border gateway protocol, so internet users could not reach the fraudulent website." The implications of this are scary. Hijacking of IP space by a private company, supported by the government? -- Niels. -- Today's subliminal thought is:
We have had running code for this since early this year, so depending on the date they filed, prior art exists well documented. (blueprints obviously predate running code) Pete Niels Bakker wrote:
http://australianit.news.com.au/articles/0,7204,10394549%5E15306%5E%5Enbv%5E... 2004-08-10 (via InfoAnarchy)
"Pipe has applied for a patent for its method of blocking access to deceptive websites linked to fraudulent emails that direct users to fake bank websites to capture bank account and password details. [..] "Pipe Networks managing director Bevan Slattery said Pipe had been testing a method of enabling banks, ISPs and law enforcement agencies to notify Pipe of new phishing emails. "Pipe could then distribute updated internet routing information to ISPs via the border gateway protocol, so internet users could not reach the fraudulent website."
The implications of this are scary. Hijacking of IP space by a private company, supported by the government?
-- Niels.
On Thu, 12 Aug 2004, Petri Helenius wrote:
We have had running code for this since early this year, so depending on the date they filed, prior art exists well documented. (blueprints obviously predate running code)
everyone has gone patent crazy, every time a new concept is developed some company applies for patent. is this the future or rfcs then? Steve
Well if it will harm the community, would it be possible to auto copyright rfc's, so that the authors of a concept can prevent someone from sipping their effort off? Ignorance at the top doesn't mean we can't be like always leading the way...... -Henry --- "Stephen J. Wilcox" <steve@telecomplete.co.uk> wrote:
On Thu, 12 Aug 2004, Petri Helenius wrote:
We have had running code for this since early this year, so depending on the date they filed, prior art exists well documented. (blueprints obviously predate running code)
everyone has gone patent crazy, every time a new concept is developed some company applies for patent. is this the future or rfcs then?
Steve
one issue with that might be that the patents are taken out on variations of the core idea, imho the variations are not new ideas but legally they seem to get away with it Steve On Thu, 12 Aug 2004, Henry Linneweh wrote:
Well if it will harm the community, would it be possible to auto copyright rfc's, so that the authors of a concept can prevent someone from sipping their effort off?
Ignorance at the top doesn't mean we can't be like always leading the way......
-Henry
--- "Stephen J. Wilcox" <steve@telecomplete.co.uk> wrote:
On Thu, 12 Aug 2004, Petri Helenius wrote:
We have had running code for this since early this year, so depending on the date they filed, prior art exists well documented. (blueprints obviously predate running code)
everyone has gone patent crazy, every time a new concept is developed some company applies for patent. is this the future or rfcs then?
Steve
ok so then in the copyright let us see if can cover all variations of the original concept as belonging to the original author or author's as a test case for adaption and modificaiton to copyright law. I strongly believe in the protection of original idea's in reference to rfc's -Henry --- "Stephen J. Wilcox" <steve@telecomplete.co.uk> wrote:
one issue with that might be that the patents are taken out on variations of the core idea, imho the variations are not new ideas but legally they seem to get away with it
Steve
On Thu, 12 Aug 2004, Henry Linneweh wrote:
Well if it will harm the community, would it be possible to auto copyright rfc's, so that the authors of a concept can prevent someone from sipping their effort off?
Ignorance at the top doesn't mean we can't be like always leading the way......
-Henry
--- "Stephen J. Wilcox" <steve@telecomplete.co.uk> wrote:
On Thu, 12 Aug 2004, Petri Helenius wrote:
We have had running code for this since early
this
year, so depending on the
date they filed, prior art exists well documented. (blueprints obviously predate running code)
everyone has gone patent crazy, every time a new concept is developed some company applies for patent. is this the future or rfcs then?
Steve
Hi!
We have had running code for this since early this year, so depending on the date they filed, prior art exists well documented. (blueprints obviously predate running code)
everyone has gone patent crazy, every time a new concept is developed some company applies for patent. is this the future or rfcs then?
I didnt read the papers, perhaps i should, but as it sounds this is something for example mail-abuse allready does for years. http://www.pch.net/documents/tutorials/maps-rbl-bgp-cisco-config-faq.html http://www.dotcomeon.com/invisible_hand.html Can anyone point me to some docs of this new project, or does it basicly do the same thing? Bye, Raymond.
Petri Helenius wrote:
We have had running code for this since early this year, so depending on the date they filed, prior art exists well documented. (blueprints obviously predate running code)
You have to be aware that the Australian Patent System is of declaratory nature only. Anyone can claim anything in an patent application. There is no check on the content done by the patent office. Only the general formal outline of an patent application has to be fulfilled. If you remember the very old story on Slashdot where some guy in Australia managed to secure a patent on a "circular transportation device" (a.k.a. "Wheel") it will explain many things... ;-) Essentially any Australian Patent is worthless and the owner needs to establish its validity in court first before infringement stuff starts. However a patent might come in handy if the owner wants to prevent someone else from importing a device that "violates" his patent. We have basically the same situation in Switzerland. Pretty crappy. Although prior art occurs very fast. Anything known to the public (more than two people outsite of your company) before the date of filing is considered prior art. Even patents in flight while you file your patent establish prior art. So patenting anything that can be found in any mailing list archive, posting or whatever with a date prior to your filing sinks your patent if you go to court. (Which is unlike the US system where you have up to twelve month from disclosing to filing your patent application). Conclusion: Just ignore any Australian Patent. It needs to be validated by a court first (which is highly unlikely considering the substantial prior art). -- Andre
On Thu, 12 Aug 2004, Andre Oppermann wrote:
You have to be aware that the Australian Patent System is of declaratory nature only. Anyone can claim anything in an patent application. There is no check on the content done by the patent office. Only the general formal outline of an patent application has to be fulfilled.
Essentially any Australian Patent is worthless and the owner needs to establish its validity in court first before infringement stuff starts.
We have basically the same situation in Switzerland. Pretty crappy. Although prior art occurs very fast. Anything known to the public (more than two people outsite of your company) before the date of filing is considered prior art. Even patents in flight while you file your patent establish prior art. So patenting anything that can be found in any mailing list archive, posting or whatever with a date prior to your filing sinks your patent if you go to court. (Which is unlike the US system where you have up to twelve month from disclosing to filing your patent application).
Conclusion: Just ignore any Australian Patent. It needs to be validated by a court first (which is highly unlikely considering the substantial prior art).
This sounds far saner than the approach used in US and over here. Patents are examined before they're granting, but still any old crap gets through, and once granted, AIUI, the patents have the presumption of validity and are very hard to knock down. So at least under the Australian system you recognise that patents arent worth much if only the patent office has examined them, presumably they're not presumed valid on first litigation either? Hence making the crap-flood of patents less of a problem? Ie, it sounds like au. and ch. are sane, compared to the insane system in some of rest of 1st world, rather than other way around as you claim. PS: How do the pending trade treaties between US and AU affect things? Will AU get "presumed-valid and very hard to defeat" for the patent cruddage that are granted everywhere else? regards, -- Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A Fortune: The reader this message encounters not failing to understand is cursed.
The implications of this are scary. Hijacking of IP space by a private company, supported by the government?
Niels, The UK government have looked at this as a possibility to use this non-technology as away for the banks to advise ISP's about false bank logon schemes "phishing sites". The UK industry lead by the members of the London Internet Exchange responded with a paper outlining how this non-solution was fatally flawed and would actually not resolve this problem at all, and actually give a false sense of security. The UK government has since agreed with the industry and is working on other possible solutions, like the banks solving their own problem with token like technologies etc, rather than let us poor operators solve their problems for them. I hope this "non-technology" gets the patent it deserves! Regards, Neil.
http://www.linx.net/papers/blocking/Blackhole%20Policy%20Announcement%20Serv ice%20-%20LINX%20position%20paper%20FINAL.pdf Is the paper for those who are interested. Malcolm Hutty <malcolm@linx.net> did a lot of the good work on this paper. Regards, Neil. I Wrote:
Niels, The UK government have looked at this as a possibility to use this non-technology as away for the banks to advise ISP's about false bank logon schemes "phishing sites".
The UK industry lead by the members of the London Internet Exchange responded with a paper outlining how this non-solution was fatally flawed and would actually not resolve this problem at all, and actually give a false sense of security. The UK government has since agreed with the industry and is working on other possible solutions, like the banks solving their own problem with token like technologies etc, rather than let us poor operators solve their problems for them.
I hope this "non-technology" gets the patent it deserves!
Regards, Neil.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Just to set the history straight - so it is on the record. RTBH - Remote Triggered Black Hole filtering reemerged as a key security reaction tool when two things happened: 1. When Chris Morrow and Brian Gemberling shared their Backscatter Traceback technique with the world. http://www.secsup.org/Tracking/ 2. When we - Cisco - created uRPF Loose Check to allow for source based RTBH (see attached for lots of my links) My first use of RTBH - what Pipe is saying they invented - was back in 1991 to stop an attack on a network I was operating. It was a technique taught to me from someone at JVNCnet. I'm not sure who that person was - but Steve Johnson - who worked at JVNCnet at that time and was later my boss confirmed that they were using RTBH every now and then. Also note that at least one of the anti-SPAM solutions have used RTBH for years. MAPS (http://www.mail-abuse.com/) started in 1996. So it really surprises me that "Pipe has applied for a patent."
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Niels Bakker Sent: Thursday, August 12, 2004 3:11 AM To: nanog@merit.edu Subject: BGP-based blackholing/hijacking patented in Australia?
http://australianit.news.com.au/articles/0,7204,10394549%5E153 06%5E%5Enbv%5E,00.html 2004-08-10 (via InfoAnarchy)
"Pipe has applied for a patent for its method of blocking access to deceptive websites linked to fraudulent emails that direct users to fake bank websites to capture bank account and password details. [..] "Pipe Networks managing director Bevan Slattery said Pipe had been testing a method of enabling banks, ISPs and law enforcement agencies to notify Pipe of new phishing emails. "Pipe could then distribute updated internet routing information to ISPs via the border gateway protocol, so internet users could not reach the fraudulent website."
The implications of this are scary. Hijacking of IP space by a private company, supported by the government?
-- Niels.
-- Today's subliminal thought is:
-----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQRt6x7/UEA/xivvmEQIMDwCgu728Asqpb5hJAC/PwJVzMJfPsW4AoNtu y9Bg5VAUS8f3lqheCknRCrRx =gB4B -----END PGP SIGNATURE-----
On Thu, 12 Aug 2004, Niels Bakker wrote:
The implications of this are scary. Hijacking of IP space by a private company, supported by the government?
this happens today in many countries.... 1) france and the 'yahoo nazi site' 2) state of PA (usa) and child porn sites 3) panama and blocking of VOIP traffic there are quite a few more, and yes, it's not too pretty ;(
Christopher L. Morrow wrote:
this happens today in many countries.... 1) france and the 'yahoo nazi site' 2) state of PA (usa) and child porn sites 3) panama and blocking of VOIP traffic
there are quite a few more, and yes, it's not too pretty ;(
Prof Jonathan Zittrain and Ben Edelman at Harvard's Berkman Center for Internet & Society have documented several such instances at http://cyber.law.harvard.edu/filtering/ - Ben has presented at at least some netops conferences about this as well. suresh
participants (11)
-
Andre Oppermann
-
Barry Raveendran Greene
-
Christopher L. Morrow
-
Henry Linneweh
-
Neil J. McRae
-
Niels Bakker
-
Paul Jakma
-
Petri Helenius
-
Raymond Dijkxhoorn
-
Stephen J. Wilcox
-
Suresh Ramasubramanian