Re: AT&T. Layer 6-8 needed.
Shon wrote: Seth,
I said it could be, not that it is. Thanks for pointing that out. However, I believe the reason they are being blocked at AT&T is the main reason I supplied on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
It's not because of content, or to piss people off. It's to protect their network, as any of you would do when you got DDoSed on your own networks.
They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
It's damage control,
essentially, until they find out who is involved and block them, then
It's a damage challenge. they'll
likely lift the block.
They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
This ISN'T the first time this has happened.
Exactly. Now you see the problem ?
We'll take data from **Trusted** sources. I'm just not going to take a public open mailing list post as evidence at this point. chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However,
I
believe the reason they are being blocked at AT&T is the main reason I
supplied
on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
It's not because of content, or to piss people off. It's to protect their network,
as any
of you would do when you got DDoSed on your own networks.
They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
It's damage control,
It's a damage challenge.
essentially, until they find out who is involved and block them, then
they'll
likely lift the block.
They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
This ISN'T the first time this has happened.
Exactly.
Now you see the problem ?
Uh. You posted on Twitter. The most trusted name in [?] On Mon, Jul 27, 2009 at 12:17 AM, John Bambenek <bambenek@gmail.com> wrote:
We'll take data from **Trusted** sources.
I'm just not going to take a public open mailing list post as evidence at this point.
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However,
I
believe the reason they are being blocked at AT&T is the main reason I
supplied
on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
It's not because of content, or to piss people off. It's to protect their network,
as any
of you would do when you got DDoSed on your own networks.
They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
It's damage control,
It's a damage challenge.
essentially, until they find out who is involved and block them, then
they'll
likely lift the block.
They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
This ISN'T the first time this has happened.
Exactly.
Now you see the problem ?
Someone else posted on twitter, I saw it recently. To make it even clearer, we'll take your data, sure. Just don't expect us to jump on it until we verify with something solid. chris rollin wrote:
Uh.
You posted on Twitter.
The most trusted name in [?]
On Mon, Jul 27, 2009 at 12:17 AM, John Bambenek <bambenek@gmail.com <mailto:bambenek@gmail.com>> wrote:
We'll take data from **Trusted** sources.
I'm just not going to take a public open mailing list post as evidence at this point.
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However,
I
believe the reason they are being blocked at AT&T is the main reason I
supplied
on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
It's not because of content, or to piss people off. It's to protect their network,
as any
of you would do when you got DDoSed on your own networks.
They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
It's damage control,
It's a damage challenge.
essentially, until they find out who is involved and block them, then
they'll
likely lift the block.
They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
This ISN'T the first time this has happened.
Exactly.
Now you see the problem ?
I posted it on Twitter. And I was talking with John at the time. We're observing the information that is coming in, but it's hard to verify something like that when: A) We haven't heard from our contacts at AT&T. B) The only information we are seeing "confirming" it is on open mailing lists, and no offense, but given 4chan's proclivity in spreading disinformation extremely well.... C) I don't know if we want to take the word of moot directly from the 4chan website either. I've read in a couple places that the connectivity is coming back up, I have a hard time believing that AT&T would do this, and even if they did, they did it for a legit reason (maybe a DDOS?) J On Jul 27, 2009, at 1:19 AM, John Bambenek wrote:
Someone else posted on twitter, I saw it recently.
To make it even clearer, we'll take your data, sure. Just don't expect us to jump on it until we verify with something solid.
chris rollin wrote:
Uh.
You posted on Twitter.
The most trusted name in [?]
On Mon, Jul 27, 2009 at 12:17 AM, John Bambenek <bambenek@gmail.com <mailto:bambenek@gmail.com>> wrote:
We'll take data from **Trusted** sources.
I'm just not going to take a public open mailing list post as evidence at this point.
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However,
I
believe the reason they are being blocked at AT&T is the main reason I
supplied
on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
It's not because of content, or to piss people off. It's to protect their network,
as any
of you would do when you got DDoSed on your own networks.
They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
It's damage control,
It's a damage challenge.
essentially, until they find out who is involved and block them, then
they'll
likely lift the block.
They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
This ISN'T the first time this has happened.
Exactly.
Now you see the problem ?
-- Joel Esler http://www.joelesler.net http://www.twitter.com/joelesler [m]
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However, I believe the reason they are being blocked at AT&T is the main reason I supplied on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
Actually, they are. They are returning responses to hundreds of thousands of SPOOFED SYN requests. Where do you think those are gonna go? The ACKs are gonna come back to the network in which IPs were SPOOFed from, essentially, causing a DDoS on a network not even really involved.
It's not because of content, or to piss people off. It's to protect their network, as any of you would do when you got DDoSed on your own networks.
They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
Is that some kind of threat or what? Why would you even make a statement like that?
It's damage control,
It's a damage challenge.
essentially, until they find out who is involved and block them, then they'll likely lift the block.
They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
They don't have the right to protect their network? So you're saying, if someone is DDoSing your network either direct or indirect, the network operator is just supposed to sit there and do nothing while all of it's customers get crappy internet service because of something they probably don't even know about or care about.
This ISN'T the first time this has happened.
Don't cut it off there. This ISN'T the first time it's happened, as 4chan goes through DDoSes from script kiddies on a regular basis, and it harms lots of networks along the way in the process.
Exactly.
Now you see the problem ?
The problem is the DDoS attacks. Not AT&T. 4chan's users constantly instigate this. Chris Poole needs to do more than just sit back and watch. He needs to start collecting this information and turning it in to the authorities, because all of this is convered under domestic terrorism as a cyber-crime. I'm betting there's reasons why he hasn't. He's afraid to get into trouble himself on some of the content that's posted to /b/... whether it's there 5 seconds or 5 minutes.
On Sun, 2009-07-26 at 22:37 -0700, Shon Elliott wrote:
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However, I believe the reason they are being blocked at AT&T is the main reason I supplied on my first post. The DDoS attack issue is the main ticket here.
The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
Actually, they are. They are returning responses to hundreds of thousands of SPOOFED SYN requests. Where do you think those are gonna go? The ACKs are gonna come back to the network in which IPs were SPOOFed from, essentially, causing a DDoS on a network not even really involved.
{citation needed}. It is possible to send spoofed ACK responses without the SYN ever happening in the first place. At any rate, you would think that if this was really going on that status.4chan.org would have an update on the topic. It is widely known that AT&T loves censorship. They love censorship because it is profitable for them to love censorship, and this isn't the first time they have enmasse blocked access to a website they didn't like. This has nothing at all to do with forged ACK responses, and everything to do with content. AT&T does not have the right to filter what their users can access, period. You can put all the spin on it that you want, but in the end it's about content. If this was about protecting their network, then they could do that in a different way, period end of story.
It's not because of content, or to piss people off. It's to protect their network, as any of you would do when you got DDoSed on your own networks.
They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
Is that some kind of threat or what? Why would you even make a statement like that?
Do not underestimate the power of teenagers living in their parents' basement. There's a lot of them, and they can't access their favourite website anymore. This is going to result in a lot of these families switching to Cable or an alternative DSL provider.
It's damage control,
It's a damage challenge.
essentially, until they find out who is involved and block them, then they'll likely lift the block.
They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
They don't have the right to protect their network? So you're saying, if someone is DDoSing your network either direct or indirect, the network operator is just supposed to sit there and do nothing while all of it's customers get crappy internet service because of something they probably don't even know about or care about.
They have the right to protect their network, but not at the cost of reducing neutrality. But luckily we live in a free market, and AT&T is about to lose a lot of business because of that block. If I were them, I would fix it now, and be extremely apologetic about this happening.
This ISN'T the first time this has happened.
Don't cut it off there. This ISN'T the first time it's happened, as 4chan goes through DDoSes from script kiddies on a regular basis, and it harms lots of networks along the way in the process.
No, he means, this isn't the first time AT&T has degraded service as a matter of policy.
Exactly.
Now you see the problem ?
The problem is the DDoS attacks. Not AT&T. 4chan's users constantly instigate this. Chris Poole needs to do more than just sit back and watch. He needs to start collecting this information and turning it in to the authorities, because all of this is convered under domestic terrorism as a cyber-crime. I'm betting there's reasons why he hasn't. He's afraid to get into trouble himself on some of the content that's posted to /b/... whether it's there 5 seconds or 5 minutes.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ There you go right there. It's about the content. End of story. William -- William Pitcock SystemInPlace - Simple Hosting Solutions 1-800-688-5018
William Pitcock wrote:
On Sun, 2009-07-26 at 22:37 -0700, Shon Elliott wrote:
chris rollin wrote:
Shon wrote:
Seth,
I said it could be, not that it is. Thanks for pointing that out. However, I believe the reason they are being blocked at AT&T is the main reason I supplied on my first post. The DDoS attack issue is the main ticket here. The ACK storms arent coming from the 4chan servers It's just like the DNS attack (IN/NS/.). It points to the stupidity of AT&T uppers SANS: Are you or arent you soliciting data? I have some to confirm also
Actually, they are. They are returning responses to hundreds of thousands of SPOOFED SYN requests. Where do you think those are gonna go? The ACKs are gonna come back to the network in which IPs were SPOOFed from, essentially, causing a DDoS on a network not even really involved.
{citation needed}.
It is possible to send spoofed ACK responses without the SYN ever happening in the first place. At any rate, you would think that if this was really going on that status.4chan.org would have an update on the topic.
Regardless of that, I have logs from firewalls to show that it's happening. So what, do I have to post them here to prove that it's happening?
It is widely known that AT&T loves censorship. They love censorship because it is profitable for them to love censorship, and this isn't the first time they have enmasse blocked access to a website they didn't like. This has nothing at all to do with forged ACK responses, and everything to do with content.
Yes, they do love censorship. I agree. You got me there.. But for ME it was about the forged ACK responses. I already lifted my block on it some time ago. It was temporary while I figured out some other ways to lessen the attack.
AT&T does not have the right to filter what their users can access, period. You can put all the spin on it that you want, but in the end it's about content.
I'm not putting any spin on why they did what they did. I'm just stating I know some of the facts and saying what I did and WHY I did it.
If this was about protecting their network, then they could do that in a different way, period end of story.
Maybe they can. I don't know the situation. For a small ISP such as us, we don't have a lot of alternatives. It's not like we're made of AT&T's billions of dollars.
It's not because of content, or to piss people off. It's to protect their network, as any of you would do when you got DDoSed on your own networks. They are going to get some first hand experience in what Protecting their Network involves real soon, now. Blocking 4chan was an exercise in Stupidity
Is that some kind of threat or what? Why would you even make a statement like that?
Do not underestimate the power of teenagers living in their parents' basement. There's a lot of them, and they can't access their favourite website anymore.
This is going to result in a lot of these families switching to Cable or an alternative DSL provider.
I bet if half of the parents knew what their kids were doing on the internet... this wouldn't be a problem.
It's damage control, It's a damage challenge.
essentially, until they find out who is involved and block them, then they'll likely lift the block. They don't have the right to do this. Not in their TOS/EULA/User-Agreement. Not in any sane legal forum. (I*A*AL)
They don't have the right to protect their network? So you're saying, if someone is DDoSing your network either direct or indirect, the network operator is just supposed to sit there and do nothing while all of it's customers get crappy internet service because of something they probably don't even know about or care about.
They have the right to protect their network, but not at the cost of reducing neutrality. But luckily we live in a free market, and AT&T is about to lose a lot of business because of that block. If I were them, I would fix it now, and be extremely apologetic about this happening.
Okay, so how do YOU block the attacks from eating up your bandwidth and filling up your logs without blocking the entire IP?
This ISN'T the first time this has happened. Don't cut it off there. This ISN'T the first time it's happened, as 4chan goes through DDoSes from script kiddies on a regular basis, and it harms lots of networks along the way in the process.
No, he means, this isn't the first time AT&T has degraded service as a matter of policy.
I suppose that's possible. I've been on AT&T's network as a home user and have not really experienced that before.
Exactly.
Now you see the problem ?
The problem is the DDoS attacks. Not AT&T. 4chan's users constantly instigate this. Chris Poole needs to do more than just sit back and watch. He needs to start collecting this information and turning it in to the authorities, because all of this is convered under domestic terrorism as a cyber-crime. I'm betting there's reasons why he hasn't. He's afraid to get into trouble himself on some of the content that's posted to /b/... whether it's there 5 seconds or 5 minutes. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
There you go right there. It's about the content. End of story.
No, the problem is that he won't do anything about it. I doubt AT&T is doing it for censorship reasons, but that's speculation on my part. But don't sit there and take the second half of my sentence to make a point like that. Chris CAN do something about it, he just won't. Why do you think that is?
William
On Sun, 2009-07-26 at 23:15 -0700, Shon Elliott wrote:
Okay, so how do YOU block the attacks from eating up your bandwidth and filling up your logs without blocking the entire IP?
If I was AT&T, I would purchase DDoS filtering equipment and run it at edge where all of my traffic is peering anyway. This discussion is about AT&T, not you. William -- William Pitcock SystemInPlace - Simple Hosting Solutions 1-800-688-5018
William Pitcock wrote:
On Sun, 2009-07-26 at 23:15 -0700, Shon Elliott wrote:
Okay, so how do YOU block the attacks from eating up your bandwidth and filling up your logs without blocking the entire IP?
If I was AT&T, I would purchase DDoS filtering equipment and run it at edge where all of my traffic is peering anyway.
This discussion is about AT&T, not you.
William
While I agree, I certainly believe that due to the nature of some of the content on 4chan, AT&T can make a strong "Good Samaritan" claim under 47USC230. There's always TOR. Andrew D Kirch
Seems that ATT has restored access to 4chan as confirmed on http://www.centralgadget.com/att-blocking-access-to-portions-of-4chan-2336/ and on an IRC I happened to be idleing in. -- Kody Riker Level II VAServ Ltd -----Original Message----- From: Andrew D Kirch [mailto:trelane@trelane.net] Sent: Monday, July 27, 2009 2:25 AM To: William Pitcock Cc: nanog - n. am. network ops group list Subject: Re: AT&T. Layer 6-8 needed. William Pitcock wrote:
On Sun, 2009-07-26 at 23:15 -0700, Shon Elliott wrote:
Okay, so how do YOU block the attacks from eating up your bandwidth and filling up your logs without blocking the entire IP?
If I was AT&T, I would purchase DDoS filtering equipment and run it at edge where all of my traffic is peering anyway.
This discussion is about AT&T, not you.
William
While I agree, I certainly believe that due to the nature of some of the content on 4chan, AT&T can make a strong "Good Samaritan" claim under 47USC230. There's always TOR. Andrew D Kirch
This only protects ISPs from, upon being served notice, being liable for content A majority of the CDA was overturned, as it violates both first and fifth amendments. What is left of it only applies to ISPs PUBLISHING (*not* filtering) content This is Net Neutrality realm On Mon, Jul 27, 2009 at 1:25 AM, Andrew D Kirch <trelane@trelane.net> wrote:
William Pitcock wrote:
On Sun, 2009-07-26 at 23:15 -0700, Shon Elliott wrote:
Okay, so how do YOU block the attacks from eating up your bandwidth and filling up your logs without blocking the entire IP?
If I was AT&T, I would purchase DDoS filtering equipment and run it at edge where all of my traffic is peering anyway.
This discussion is about AT&T, not you.
William
While I agree, I certainly believe that due to the nature of some of the content on 4chan, AT&T can make a strong "Good Samaritan" claim under 47USC230. There's always TOR.
Andrew D Kirch
On Mon, 27 Jul 2009, William Pitcock wrote:
It is widely known that AT&T loves censorship. They love censorship because it is profitable for them to love censorship, and this isn't the first time they have enmasse blocked access to a website they didn't like. This has nothing at all to do with forged ACK responses, and everything to do with content.
How does breaking things (censorship) make them more money? http://njabl.org/faq.html#Q12
AT&T does not have the right to filter what their users can access, period. You can put all the spin on it that you want, but in the end it's about content.
Whatever happened to "My network, my rules?" If AT&T blocks something, and as an AT&T customer, you don't like it, get your connectivity from someone else. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Because most of the net libertarians insist that they should do whatever they want and everyone else should help cater to them. Liberty for me but not for thee. On 7/27/09, Jon Lewis <jlewis@lewis.org> wrote:
On Mon, 27 Jul 2009, William Pitcock wrote:
It is widely known that AT&T loves censorship. They love censorship because it is profitable for them to love censorship, and this isn't the first time they have enmasse blocked access to a website they didn't like. This has nothing at all to do with forged ACK responses, and everything to do with content.
How does breaking things (censorship) make them more money?
AT&T does not have the right to filter what their users can access, period. You can put all the spin on it that you want, but in the end it's about content.
Whatever happened to "My network, my rules?" If AT&T blocks something, and as an AT&T customer, you don't like it, get your connectivity from someone else.
---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
-- Sent from my mobile device
On Jul 27, 2009, at 10:04 AM, John C. A. Bambenek wrote:
Because most of the net libertarians insist that they should do whatever they want and everyone else should help cater to them.
Liberty for me but not for thee.
I am very much of the "my network, my rules" camp. As soon as att pays back all the gov't subsidies, tax credits, etc., - we- paid them, they can call it -their- network. Until then, things are a lot murkier. -- TTFN, patrick
On 7/27/09, Jon Lewis <jlewis@lewis.org> wrote:
On Mon, 27 Jul 2009, William Pitcock wrote:
It is widely known that AT&T loves censorship. They love censorship because it is profitable for them to love censorship, and this isn't the first time they have enmasse blocked access to a website they didn't like. This has nothing at all to do with forged ACK responses, and everything to do with content.
How does breaking things (censorship) make them more money?
AT&T does not have the right to filter what their users can access, period. You can put all the spin on it that you want, but in the end it's about content.
Whatever happened to "My network, my rules?" If AT&T blocks something, and as an AT&T customer, you don't like it, get your connectivity from someone else.
---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
-- Sent from my mobile device
I"m not a lawyer, but I think that the argument goes something like this... The common carriers want to be indemnified from the content they carry. In other words, the phone company doesn't want to be held liable for the Evil Plot planned over their phone lines. The price they pay for indemnification is that they must not care about ANY content (including content that competes with content offered by a non-carrier division of the common carrier). If they edit SOME content, then they are acting in the role of a newspaper editor, and have assumed the mantle of responsibility for ALL content. Carriers can, however, do what they need to do to keep their networks running, so they are permitted disrupt traffic that is damaging to the network. The seedy side of all of this is that if a common carrier wants to block a particular set of content from a site/network, all they need to do is point out some technical badness that comes from the same general direction. Since the background radiation of technical badness is fairly high from every direction, it's not too hard to find a good excuse when you want one. David Hiers CCIE (R/S, V), CISSP ADP Dealer Services 2525 SW 1st Ave. Suite 300W Portland, OR 97201 o: 503-205-4467 f: 503-402-3277 -----Original Message----- From: Jon Lewis [mailto:jlewis@lewis.org] Sent: Monday, July 27, 2009 6:58 AM To: William Pitcock Cc: nanog - n. am. network ops group list Subject: Re: AT&T. Layer 6-8 needed. On Mon, 27 Jul 2009, William Pitcock wrote:
It is widely known that AT&T loves censorship. They love censorship because it is profitable for them to love censorship, and this isn't the first time they have enmasse blocked access to a website they didn't like. This has nothing at all to do with forged ACK responses, and everything to do with content.
How does breaking things (censorship) make them more money? http://njabl.org/faq.html#Q12
AT&T does not have the right to filter what their users can access, period. You can put all the spin on it that you want, but in the end it's about content.
Whatever happened to "My network, my rules?" If AT&T blocks something, and as an AT&T customer, you don't like it, get your connectivity from someone else. ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
On Jul 27, 2009, at 11:22 AM, Hiers, David wrote:
I"m not a lawyer, but I think that the argument goes something like this...
The common carriers want to be indemnified from the content they carry. In other words, the phone company doesn't want to be held liable for the Evil Plot planned over their phone lines. The price they pay for indemnification is that they must not care about ANY content (including content that competes with content offered by a non-carrier division of the common carrier). If they edit SOME content, then they are acting in the role of a newspaper editor, and have assumed the mantle of responsibility for ALL content.
Famous two cases, Prodigy & Compuserve. Overturned many years ago. If you edit "some" content you are not automatically liable for all content. No ISP is a common carrier. That implies things like "you must provide service to everyone". Some common carriers get orders like "you must provide service in $MIDDLE_OF_NOWHERE". ISPs can, under certain circumstances, get a "mere conduit" style immunity.
Carriers can, however, do what they need to do to keep their networks running, so they are permitted disrupt traffic that is damaging to the network.
The seedy side of all of this is that if a common carrier wants to block a particular set of content from a site/network, all they need to do is point out some technical badness that comes from the same general direction. Since the background radiation of technical badness is fairly high from every direction, it's not too hard to find a good excuse when you want one.
That, I believe, is much harder. But IANAL. Hell, I Am Not An ISP even. :) -- TTFN, patrick
I'm not a lawyer either, but I know how ISPs are regulated in the US. The actual framework is the FCC's "Internet Policy Statement," to wit: http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-05-151A1.pdf . To encourage broadband deployment and preserve and promote the open and interconnected nature of the public Internet, consumers are entitled to access the lawful Internet content of their choice. . To encourage broadband deployment and preserve and promote the open and interconnected nature of the public Internet, consumers are entitled to run applications and use services of their choice, subject to the needs of law enforcement. . To encourage broadband deployment and preserve and promote the open and interconnected nature of the public Internet, consumers are entitled to connect their choice of legal devices that do not harm the network.13 . To encourage broadband deployment and preserve and promote the open and interconnected nature of the public Internet, consumers are entitled to competition among network providers, application and service providers, and content providers.14 All of this is subject to a "reasonable network management" exception. There is some disagreement about what consitututes "reasonable network management" at the fringes, but the FCC is on record that spam killing and DDOS attack mitigation are "reasonable." Some people want to add a fifth "non-discrimination" rule. In the case of the ISPs and carriers who blocked access to 4chan for a while Sunday, since that was done in accordance with DDOS mitigation, there's not any issue as far as the FCC is concerned, but that hasn't prevented the usual parties from complaining about censorship, etc. Richard Bennett -----Original Message----- From: Patrick W. Gilmore [mailto:patrick@ianai.net] Sent: Monday, July 27, 2009 8:35 AM To: nanog - n. am. network ops group list Subject: Re: AT&T. Layer 6-8 needed. On Jul 27, 2009, at 11:22 AM, Hiers, David wrote:
I"m not a lawyer, but I think that the argument goes something like this...
The common carriers want to be indemnified from the content they carry. In other words, the phone company doesn't want to be held liable for the Evil Plot planned over their phone lines. The price they pay for indemnification is that they must not care about ANY content (including content that competes with content offered by a non-carrier division of the common carrier). If they edit SOME content, then they are acting in the role of a newspaper editor, and have assumed the mantle of responsibility for ALL content.
Famous two cases, Prodigy & Compuserve. Overturned many years ago. If you edit "some" content you are not automatically liable for all content. No ISP is a common carrier. That implies things like "you must provide service to everyone". Some common carriers get orders like "you must provide service in $MIDDLE_OF_NOWHERE". ISPs can, under certain circumstances, get a "mere conduit" style immunity.
Carriers can, however, do what they need to do to keep their networks running, so they are permitted disrupt traffic that is damaging to the network.
The seedy side of all of this is that if a common carrier wants to block a particular set of content from a site/network, all they need to do is point out some technical badness that comes from the same general direction. Since the background radiation of technical badness is fairly high from every direction, it's not too hard to find a good excuse when you want one.
That, I believe, is much harder. But IANAL. Hell, I Am Not An ISP even. :) -- TTFN, patrick
Richard Bennett wrote:
In the case of the ISPs and carriers who blocked access to 4chan for a while Sunday, since that was done in accordance with DDOS mitigation, there's not any issue as far as the FCC is concerned, but that hasn't prevented the usual parties from complaining about censorship, etc.
If someone came out and said "Hey, DDOS mitigation, please hold!" that would be cool, too. Based on the content of 4chan, it's either DDOS or someone cried about the content. It looked like the latter. ~Seth
Corporate PR staffs don't generally work on Sunday, but when AT&T came into the office today they drafted this statement: http://www.att.com/gen/press-room?pid=4800&cdvn=news&newsarticleid=26970 "Beginning Friday, an AT&T customer was impacted by a denial-of-service attack stemming from IP addresses connected to img.4chan.org. To prevent this attack from disrupting service for the impacted AT&T customer, and to prevent the attack from spreading to impact our other customers, AT&T temporarily blocked access to the IP addresses in question for our customers. This action was in no way related to the content at img.4chan.org; our focus was on protecting our customers from malicious traffic. "Overnight Sunday, after we determined the denial-of-service threat no longer existed, AT&T removed the block on the IP addresses in question. We will continue to monitor for denial-of-service activity and any malicious traffic to protect our customers. "Here's more (http://budurl.com/DDoSVideo) on AT&T's efforts to prevent denial-of-service attacks." There's obviously a history of DOS attacks to and from 4chan and the membership over the years, some of it quite righteous. The "Anonymous" attacks against the Cult of Scientology, for example, were very sweet. But all you have to do is read the status page that moot posts on 4chan to realize that they've been the target of a counter-attack for past three weeks or so. Richard Bennett -----Original Message----- From: Seth Mattinen [mailto:sethm@rollernet.us] Sent: Monday, July 27, 2009 3:00 PM To: 'nanog - n. am. network ops group list' Subject: Re: AT&T. Layer 6-8 needed. Richard Bennett wrote:
In the case of the ISPs and carriers who blocked access to 4chan for a while Sunday, since that was done in accordance with DDOS mitigation, there's not any issue as far as the FCC is concerned, but that hasn't prevented the usual parties from complaining about censorship, etc.
If someone came out and said "Hey, DDOS mitigation, please hold!" that would be cool, too. Based on the content of 4chan, it's either DDOS or someone cried about the content. It looked like the latter. ~Seth
Hi NANOG, I'd like to announce the formation of a NANOG-knockoff group for voice operators, the Voice Operators' Group. Voice network operators share many of the same challenges as IP network operators; we register with registrars (CILLI, OCN, and ACNA as well as ASN and DNS), route traffic (point codes as well as IP addresses), resolve names (CNAM as well as DNS), manage reachability (to countries, LATAs and NPA/NXXs as well as to IP networks), and deal with equipment issues. NANOG has been so useful at the IP layer that it seems like a good idea to try to duplicate it a little further up the stack. For now, the group is on Yahoo: http://tech.groups.yahoo.com/group/voip_operators_group/ Of course, we're looking for a better place, name, and charter. Regards, David Hiers CCIE (R/S, V), CISSP ADP Dealer Services 2525 SW 1st Ave. Suite 300W Portland, OR 97201 o: 503-205-4467 f: 503-402-3277 This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Hiers, David wrote:
Hi NANOG, I'd like to announce the formation of a NANOG-knockoff group for voice operators, the Voice Operators' Group.
Very cool! :)
Voice network operators share many of the same challenges as IP network operators; we register with registrars (CILLI, OCN, and ACNA as well as ASN and DNS), route traffic (point codes as well as IP addresses), resolve names (CNAM as well as DNS), manage reachability (to countries, LATAs and NPA/NXXs as well as to IP networks), and deal with equipment issues.
Indeed we do!
NANOG has been so useful at the IP layer that it seems like a good idea to try to duplicate it a little further up the stack.
Yep.
For now, the group is on Yahoo:
http://tech.groups.yahoo.com/group/voip_operators_group/
Of course, we're looking for a better place, name, and charter.
Might I recommend google groups, or puck.nether.org. An IPTV list was recently formed. NAVOG works for me.
I second the idea of google groups or some other group provider; Yahoo groups are known within many circles for having long email delays. Charles Wyble wrote:
Hiers, David wrote:
Hi NANOG, I'd like to announce the formation of a NANOG-knockoff group for voice operators, the Voice Operators' Group.
Very cool! :)
Voice network operators share many of the same challenges as IP network operators; we register with registrars (CILLI, OCN, and ACNA as well as ASN and DNS), route traffic (point codes as well as IP addresses), resolve names (CNAM as well as DNS), manage reachability (to countries, LATAs and NPA/NXXs as well as to IP networks), and deal with equipment issues.
Indeed we do!
NANOG has been so useful at the IP layer that it seems like a good idea to try to duplicate it a little further up the stack.
Yep.
For now, the group is on Yahoo:
http://tech.groups.yahoo.com/group/voip_operators_group/
Of course, we're looking for a better place, name, and charter.
Might I recommend google groups, or puck.nether.org. An IPTV list was recently formed.
NAVOG works for me.
puck.nether.net. way to volunteer someone else's box :-) -j On Tue, Jul 28, 2009 at 4:37 PM, Charles Wyble <charles@thewybles.com>wrote:
Hiers, David wrote:
Hi NANOG, I'd like to announce the formation of a NANOG-knockoff group for voice operators, the Voice Operators' Group.
Very cool! :)
Voice network operators share many of the same challenges as IP network operators; we register with registrars (CILLI, OCN, and ACNA as well as ASN and DNS), route traffic (point codes as well as IP addresses), resolve names (CNAM as well as DNS), manage reachability (to countries, LATAs and NPA/NXXs as well as to IP networks), and deal with equipment issues.
Indeed we do!
NANOG has been so useful at the IP layer that it seems like a good idea to try to duplicate it a little further up the stack.
Yep.
For now, the group is on Yahoo:
http://tech.groups.yahoo.com/group/voip_operators_group/
Of course, we're looking for a better place, name, and charter.
Might I recommend google groups, or puck.nether.org. An IPTV list was recently formed.
NAVOG works for me.
jamie wrote:
puck.nether.net <http://puck.nether.net>.
Right. That's what I meant.
way to volunteer someone else's box :-)
Good point. My apologies. Google groups then. :)
Hi All, We're making progress... I registered the domains voiceops.org and voiceops.net. No matter what the final name becomes, at least we've got some domains that aren't too hard on the eyes. Some noble souls have already volunteered to host it on a proper mailman server. Nothing is set up yet, but it's coming together. Thanks, David Hiers -----Original Message----- From: Charles Wyble [mailto:charles@thewybles.com] Sent: Tuesday, July 28, 2009 3:17 PM To: nanog@nanog.org Subject: Re: OT: Voice Operators' Group forming jamie wrote:
puck.nether.net <http://puck.nether.net>.
Right. That's what I meant.
way to volunteer someone else's box :-)
Good point. My apologies. Google groups then. :) This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
participants (16)
-
AMuse -
Andrew D Kirch -
Charles Wyble -
chris rollin -
Hiers, David -
jamie -
Joel Esler -
John Bambenek -
John C. A. Bambenek
-
Jon Lewis -
Kody Riker -
Patrick W. Gilmore -
Richard Bennett -
Seth Mattinen -
Shon Elliott -
William Pitcock