Re: Atrivo/Intercage
Hi, On Wed, 2008-09-24 at 17:54 -0700, Scott Weeks wrote:
--- nenolod@systeminplace.net wrote: I have also noticed that most of the people doing the whining aren't even the people who are tracking the problem. Again, a case of the NANOG story verses the real story... --------------------------------------
I didn't whine.
No, but others have, and it isn't helpful towards resolving this problem. Ultimately, neither is forcing them off the internet. Well, in actuality, that resolves part of the problem, but I suspect that a lot of the affected cybercrime has moved to other networks by now... so in reality the real problem isn't solved (except that the problem is mostly being moved away from Intercage). And shutting down ISPs who host these guys will solve nothing either. They will jump providers until the end of time. The solution here is to go after the *people* who make this crap. They *are* breaking the law and we have the proof. William
On Wed, Sep 24, 2008 at 9:50 PM, William Pitcock <nenolod@systeminplace.net> wrote:
The solution here is to go after the *people* who make this crap. They *are* breaking the law and we have the proof.
agreed... but keep in mind 'breaking the law' is relative... So, CP is illegal in the US, but maybe not where it was made (CP's not the best example of course because it lives in a wierd place in everyone's laws)... how about simple hacking? that's illegal in the US (mostly, depending on what's being done) but not in other places, and perhaps not if committed outside the local jurisdiction(s). -Chris
Christopher Morrow wrote:
On Wed, Sep 24, 2008 at 9:50 PM, William Pitcock <nenolod@systeminplace.net> wrote:
The solution here is to go after the *people* who make this crap. They *are* breaking the law and we have the proof.
agreed... but keep in mind 'breaking the law' is relative... So, CP is illegal in the US, but maybe not where it was made (CP's not the best example of course because it lives in a wierd place in everyone's laws)... how about simple hacking? that's illegal in the US (mostly, depending on what's being done) but not in other places, and perhaps not if committed outside the local jurisdiction(s).
Apprehending criminals is the Law's job. My job is making sure they don't deal that sh*t in MY parkinglot.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Sep 24, 2008 at 7:02 PM, Laurence F. Sheldon, Jr. <LarrySheldon@cox.net> wrote:
Apprehending criminals is the Law's job.
My job is making sure they don't deal that sh*t in MY parkinglot.
Exactly. It could be argued (since _is_ the North American Network Operators Group) that pushing this sort of criminal activity _out_ of North America is a good First Step.... to be able to better manage the situation. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFI2vKTq1pz9mNUZTMRAhK3AJ41SKDLnteNVSqjoNlLDMNutY3sNACgu3O8 EZT2NSbpVvHcd7XRgjBAAQA= =bmQI -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
It could be argued (since _is_ the North American Network Operators Group) that pushing this sort of criminal activity _out_ of North America is a good First Step.... to be able to better manage the situation.
It could also be argued that pushing this activity into multiple legal jurisdictions just makes it darn near impossible for law enforcement to take any action. --Michael Dillon
michael.dillon@bt.com writes:
It could also be argued that pushing this activity into multiple legal jurisdictions just makes it darn near impossible for law enforcement to take any action.
and you'd be able to measure this exactly how? instead of two prosecutions a year that lead to plea bargains or short stints in "camp fed", we'd have even fewer prosecutions with even lighter sentences? and that's a bad thing exactly why? let's push this stuff back into the nation-states who sponsor it and then use treaties to wall it off inside those places. -- Paul Vixie
let's push this stuff back into the nation-states who sponsor it and then use treaties to wall it off inside those places.
Let's not mince words. You want to wall off the Chinese and Russian Internets because you believe that the reason so much cybercrime originates there is for political reasons (state sponsorship) rather than economic ones. Have you ever visited these countries (Moscow and Beijing don't count) and seen how people live? There is a much larger economic incentive than you can imagine. Using the exchange rate figures from xe.com does not tell you how valuable an American dollar is in those countries. You need to spend enough time in the country to see how it costs to ride a bus, buy your lunch, etc. In fact, cybercrime originates abroad because the economic incentive is so great in those countries, and their level of technical education is high enough that they can actually build the distributed software systems that they need to drive the flow of hard cash. Fiddling with router configs, or mail server configs, does not change this. In fact, the economic incentive for a NANOG reader to block the bad stuff is probably a lot lower than for the foreign bad guy to evade your blocks. He will just route around your efforts. Economic and legal problems should be fixed in the economic and legal system, not in network operations. People on this list would do more good by supporting legal and economic efforts to fix the problem than by tweaking their routers. Or by simply ignoring the problem because it is a lot easier for law enforcement to hit a standing target. In any case, I don't believe that nation states sponsor cybercrime. Bad guys are found in every country and they will always act for their own benefit regardless of what laws or treaties may be put in place. Over the past 15 years, it has been shown that network vigilantism does not work. If anything, this just makes cybercriminals stronger by forcing them to evolve their systems, and by weeding out the less intelligent ones. --Michael Dillon
So, wll you be turning off your firewall and removing your router passwords first to be the test case? On 9/25/08, michael.dillon@bt.com <michael.dillon@bt.com> wrote:
let's push this stuff back into the nation-states who sponsor it and then use treaties to wall it off inside those places.
Let's not mince words. You want to wall off the Chinese and Russian Internets because you believe that the reason so much cybercrime originates there is for political reasons (state sponsorship) rather than economic ones. Have you ever visited these countries (Moscow and Beijing don't count) and seen how people live? There is a much larger economic incentive than you can imagine. Using the exchange rate figures from xe.com does not tell you how valuable an American dollar is in those countries. You need to spend enough time in the country to see how it costs to ride a bus, buy your lunch, etc.
In fact, cybercrime originates abroad because the economic incentive is so great in those countries, and their level of technical education is high enough that they can actually build the distributed software systems that they need to drive the flow of hard cash.
Fiddling with router configs, or mail server configs, does not change this. In fact, the economic incentive for a NANOG reader to block the bad stuff is probably a lot lower than for the foreign bad guy to evade your blocks. He will just route around your efforts.
Economic and legal problems should be fixed in the economic and legal system, not in network operations. People on this list would do more good by supporting legal and economic efforts to fix the problem than by tweaking their routers. Or by simply ignoring the problem because it is a lot easier for law enforcement to hit a standing target.
In any case, I don't believe that nation states sponsor cybercrime. Bad guys are found in every country and they will always act for their own benefit regardless of what laws or treaties may be put in place. Over the past 15 years, it has been shown that network vigilantism does not work. If anything, this just makes cybercriminals stronger by forcing them to evolve their systems, and by weeding out the less intelligent ones.
--Michael Dillon
-- Sent from Gmail for mobile | mobile.google.com
<michael.dillon@bt.com> writes:
let's push this stuff back into the nation-states who sponsor it and then use treaties to wall it off inside those places.
Let's not mince words. You want to wall off the Chinese and Russian Internets because you believe that the reason so much cybercrime originates there is for political reasons (state sponsorship) rather than economic ones. ...
No. That's not what I want and that's not what I believe. -- Paul Vixie
On Wed, 24 Sep 2008, William Pitcock wrote:
No, but others have, and it isn't helpful towards resolving this problem.
Ultimately, neither is forcing them off the internet. Well, in actuality, that resolves part of the problem, but I suspect that a lot of the affected cybercrime has moved to other networks by now... so in reality the real problem isn't solved (except that the problem is mostly being moved away from Intercage). And shutting down ISPs who host these guys will solve nothing either. They will jump providers until the end of time.
The fear is evolution in technological advancement they may make rather than just where they will scatter to, but that is a solid point. Still, we have seen in the past that they evolve regardless. The future will tell whether this was a foolishness, or a step in the right directions.
The solution here is to go after the *people* who make this crap. They *are* breaking the law and we have the proof.
I couldn't agree more. Unfortunately, that isn't happening. Whethr I like it or not there are two layers of attackers. The initiator, and the proxy. The proxy is on networks, and networks we can reach out to. Gadi.
William
participants (8)
-
Christopher Morrow
-
Gadi Evron
-
John C. A. Bambenek
-
Laurence F. Sheldon, Jr.
-
michael.dillon@bt.com
-
Paul Ferguson
-
Paul Vixie
-
William Pitcock