Re: Interesting Point of view - Russian police and RIPE accused of aiding RBN
I think the larger point is that ripe turned a blind eye to an internationally recognized criminal network. On Oct 24, 2009 2:01 AM, "Suresh Ramasubramanian" <ops.lists@gmail.com> wrote: http://www.eweekeurope.co.uk/news/russian-police-and-internet-registry-accus... Some quotes from the article - Internet registry RIPE NCC turned a blind eye to cybercrime, and Russian police corruption helped the perpetrators get away with it, according to the UK Serious Organised Crime Agency [...] "RIPE was being paid by RBN for that service, for its IP allocation," he said. "Essentially what you have - and I make no apologies for saying this is - if you were going to interpret this very harshly RIPE as the IP allocation body was receiving criminal funds and therefore RIPE was involved in money laundering offences," said Auld. [...] "All we could get there was a disruption, we weren't able to get a prosecution in Russia," admitted Auld. "Our biggest concern is where did RBN go? Our information suggests that RBN is back in business but now pursuing a slightly different business model which is bad news." [...] "Where you have got LIRs (Local Internet Registries) set up to run a criminal business- that is criminal actvity being taken by the regional internet registries themselves. "So what we are trying to do is work with them to make internet governance a somewhat less permissive environment for criminals and make it more about protecting consumers and individuals," added Auld. RBN looked legitimate, says RIPE NCC In response to the comments that it could be accused of being involved in criminal activity, Paul Rendek, head of external relations and communications at RIPE NCC said that the organisation has very strict guidelines for dealing with LIRs. "The RBN was accepted as an LIR based on our checklists," he said." Our checklists include the provision of proof that a prospective LIR has the necessary legal documentation, which proves that a business is bona fide." etc
On 24.10 03:05, Paul Bosworth wrote:
I think the larger point is that ripe turned a blind eye to an internationally recognized criminal network.
That may be a point but not a convincing one. Imagine the outcry on this list if ARIN were to deny some organisation address space or ASNs just because they are "internationally recognised" criminals. Wouldn't we demand a little more due process? Especially since the alternatives are not as easy as walking to the next fastfood joint. The RIPE NCC operates in a region where whole sovereign states call each other criminals or worse on a daily basis. The only tenable position for each RIR is to strictly apply the policies developed in its bottom-up self-regulatory process. Doing anything else would require intervention via a proper legal process, e.g. a *judge* with appropriate jurisdiction telling the RIR that its actions are unlawful. Frustration is a bad advisor when trying to stop crime, unrelenting application of due process is the only way ... frustrating as it may be. Daniel Karrenberg Chief Scientist RIPE NCC Speaking only for himself as is customary here. PS: This is old news, compare http://www.h-online.com/security/news/item/Security-expert-calls-for-IP-addr... And see the press release that Marco pointed out. Daniel
The decision to filter networks should remain with the collective network operators. Everyone, even criminals, has a "right" to distribute content but it's up to each operator to decide if that content will be allowed to transit their network. Personally, if an entire /22 does not have a single legitimate resource on it in the case of 91.202.60.0/22 *and* is widely suspected of being owned/operated by a criminal enterprise then filtering makes sense. Historically it takes a few pioneers to present a case for filtering specific networks before larger networks will begin to see the light. Jeff On Sat, Oct 24, 2009 at 9:59 AM, Daniel Karrenberg <daniel.karrenberg@ripe.net> wrote:
On 24.10 03:05, Paul Bosworth wrote:
I think the larger point is that ripe turned a blind eye to an internationally recognized criminal network.
That may be a point but not a convincing one.
Imagine the outcry on this list if ARIN were to deny some organisation address space or ASNs just because they are "internationally recognised" criminals. Wouldn't we demand a little more due process? Especially since the alternatives are not as easy as walking to the next fastfood joint.
The RIPE NCC operates in a region where whole sovereign states call each other criminals or worse on a daily basis.
The only tenable position for each RIR is to strictly apply the policies developed in its bottom-up self-regulatory process. Doing anything else would require intervention via a proper legal process, e.g. a *judge* with appropriate jurisdiction telling the RIR that its actions are unlawful.
Frustration is a bad advisor when trying to stop crime, unrelenting application of due process is the only way ... frustrating as it may be.
Daniel Karrenberg Chief Scientist RIPE NCC Speaking only for himself as is customary here.
PS: This is old news, compare http://www.h-online.com/security/news/item/Security-expert-calls-for-IP-addr...
And see the press release that Marco pointed out.
Daniel
-- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications of The IRC Company, Inc. Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 - 21 to find out how to "protect your booty."
participants (3)
-
Daniel Karrenberg
-
Jeffrey Lyon
-
Paul Bosworth