Re: How to Handle ISPs Who Turn a Blind Eye to Criminal Activity?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- Gadi Evron <ge@linuxbox.org> wrote:
That's a different question all together, not about criminal ISPs, which [...]
No, not necessarily. Given that there are Tier 1 ISPs, Tier 2, etc., so you can certainly have some small-ish ISP colluding with criminal activity, in effect, by ignoring it or claiming ignorance. However, it's kind of hard to plead ignorance when, say, people continually alert them to the issues and they persist. That's just one example... I can come up with more. :-) - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHD/N0q1pz9mNUZTMRAqtkAKCLJifYupBbpjmqVfVGUND95NVGNwCdFYp8 SM37ObYbO88K2iCkd99fp7c= =DjDg -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
On Fri, 12 Oct 2007, Paul Ferguson wrote:
No, not necessarily. Given that there are Tier 1 ISPs, Tier 2, etc., so you can certainly have some small-ish ISP colluding with criminal activity, in effect, by ignoring it or claiming ignorance.
However, it's kind of hard to plead ignorance when, say, people continually alert them to the issues and they persist.
I don't know of any ISP that regularly (i.e. more than once) refuses to obey lawful orders of authorities in the relevant jurisdiction to take action. There are disputes about what is the correct jurisdiction, and what is a lawful order. I predict in a month or so, someone else will be ranting about ISPs censoring their "First Amendment" right to do something. There are lots of laws around the world, lots of courts, and lots of law enforcement agencies. Somewhere in the world, there seems to be a law against almost anything. People make lots of complaints about all sorts of stuff that may not be illegal. The FCC receives hundreds of thousands of complaints about television and radio programs frome people who have never seen or heard them. The number of complaints isn't proof. On one hand, there are the pundits that claim ISPs will never be able to stop whatever favored activity is prohibited by law in a jurisdiction: VOIP bypass, copyright infringement, encourging public disorder, etc. How long was The Pirate Bay shutdown after authorities seized their equipment, but didn't arrest the people? On the other hand, there are the pundits that claim ISPs are ignoring whatever disfavored activity: indecency, defamation, blasphemy, fraud, etc. Should ISPs be responsible for the network stuff (traceability, disruption of service, etc) and let the appropriate authorities enforce the laws of each jurisdiction? Is the complaint about ISPs, or about some the lack of law enforcement resources in some jurisdictions?
Sean Donelan wrote:
I don't know of any ISP that regularly (i.e. more than once) refuses to obey lawful orders of authorities in the relevant jurisdiction to take action.
No disagreement there, but take a look at the wording. "orders of authorities". Inference: It's ok if someone I'm leasing bandwidth to is spamming, sending out DoS attacks, child pornography. I don't have any subpoenas, therefore I won't take any actions.
The number of complaints isn't proof.
Should ISPs be responsible for the network stuff (traceability, disruption of service, etc) and let the appropriate authorities enforce the laws of each jurisdiction?
Scenario: I run silsdomain.com which is leasing facilities in donelanNetworks.com My infrastructure consists of insecure servers which have been compromised and are now: 1) sending spam 2) housing malware 3) running botnets 4) hosting child porn Concerned networker, individual, anyone contacts admins@donelanNetworks.com: ------ Dear Donelan Network Admins, We've been trying to get in touch with someone at silsdomain.com which is being hosted from your IP space. It has come to our attention that silsdomain has been carrying out illicit and illegal activities. We've attempted to contact someone directly at silsdomain to no avail and we have yet to receive resolution, we are now attempting to contact you in hopes of curtailing some of these activities. Sincerely, Someone else on the Internet ------ My inference from your message is, the appropriate response to an email or letter like this would be: ------ Dear Someone else on the Internet, What you may see as child porn, others may see as art. What you may think of botnet traffic, we've labeled academic penetration testing. What you may view as spam, we view as opt-out redirection to opt-in. What you view as malware, we view as enhanced features in Windows that offers you advertisements and the weather. We appreciate you contacting us however we are only a network provider and not an authority on law enforcement. So while child porn may be illegal in the US let us not forget in Japan it is ok to bed underage children. Please contact overwhelmed law enforcement authorities chasing terrorists and provide them with the information necessary to assess your claim. Sincerely DonelanNetworks Staff. ------ So let me not distort this any more than my own interpretation of your message. I understand the need for certain traffic to go through networks as evil as some traffic may be, perhaps there is an investigation already under way and sites are being left opened in hopes of "catching bigger fish". I also know factually that there are individuals in this industry who care about nothing more than making quarterly earnings and keeping their accounts in order. Personally, if I were a business owner, I would attempt my best to keep my networks in order and ensure that traffic being sent *from* my network to the world wasn't tainted in any shape form or fashion. What goes around comes around... Keep turning a blind eye to issues like botnets and spam... When the poop hits the fan and you are forced to curtail these activities when you've knowingly allowed them, they'll turn right back around and haunt you. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 "I hear much of people's calling out to punish the guilty, but very few are concerned to clear the innocent." Daniel Defoe
On Sat, 13 Oct 2007, J. Oquendo wrote:
Personally, if I were a business owner, I would attempt my best to keep my networks in order and ensure that traffic being sent *from* my network to the world wasn't tainted in any shape form or fashion.
This is basically the clause for terminating service which may "damage the reputation" that several bloggers found objectionable last week in some ISP's terms of service. You can propose many provocative statements, groups which murder unborn children, engage in illegal drug trafficking, corrupting the morals of youth, and so on. As I said before, I expect next month some group will be protesting that an evil ISP blocked their activities. If you want to turn the Internet into a broadcaster style environment, where only content the network owner considers acceptable to their reputation is allowed, that's probably not the Internet anymore. Just because a particular group uses an ISP to transmit something doesn't mean the ISP approves of the activities of that group or its content. In the UK, ISPs helped create the Internet Watch Foundation to block "illegal" material on the Internet. BT blocked those web sites from all its downstream networks. That didn't stop the biggest child porn group in the world to date operating from the UK, and it took the Canadian RCMP to crack the case since UK law enforcement apparently wasn't aware of the group operating in the UK. Arresting the members of the group was needed, because the network "blocks" simply made it harder to find. In the USA, the Wire Act allows law enforcement to issue orders to disconnect gambling operations. Several other countries have filed international complaints against the USA for blocking their countries' gambling operations. The US has also arrested the executives of several gambling operations, and companies that assisted those gambling operations. Out of sight, out of mind may help politicians show they are doing something because the voters stop complaining. But trying to suppress communications usually isn't that effective at stopping criminals. On the other hand, what can we do about the victims?
participants (3)
-
J. Oquendo
-
Paul Ferguson
-
Sean Donelan