Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs
William, The plan is to carve out a /24 for "Estonia" and have special servers on it. This would be the same /24 I'd have to use if I were to put a legitimate POP there. This also means I don't conflict with the real Germany. I am just worried about violating the 'rules' of these providers and getting myself blacklisted from submitting corrections. Afterall the traceroute will still show us hitting a router in Germany before it hits my network. Traceroutes aren't the end all be all but it's a tell-tale sign. I guess this is all ISP-reported info so it's not "illegal" or a violation in any way. -Nanoguser100 Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Wednesday, April 21, 2021 4:31 PM, William Herrin <bill@herrin.us> wrote:
On Wed, Apr 21, 2021 at 12:35 PM nanoguser100 nanoguser100@protonmail.com wrote:
providing cloud hosted desktop solutions for end users.
I missed this on the first read. Virtual Desktop along the lines of Azure Virtual Desktop, Google VDI or Amazon Workspaces.
I would emphasize this; it'll help folks on the group offer better information.
We are not a VPN per-se, it's more of a cloud hosted remote desktop service. We do have a VPN service as well which provides security services.
That's a really interesting question. Some uses of geolocation will give suboptimal results if you pick Estonia since the packets need to go to Germany. Others, like content restriction, won't work right unless the IPs reflect the users' location.
Generally, I think the geolocation is represented as the rough region where the servers are, with services that care about geolocation for content restriction intentionally disallowing them. That's the safe answer. For the alternative, I expect the different consumers of geolocation services will have different opinions about it.
With that being said is it proper for transit providers to advertise the IP of their end users?
Yes.
Are we considered a true transit provider since we are not an ISP per-se?
No. It's not whether you're an ISP, the IP packets are stopping at your network; you're not transiting them onward.
Regards, Bill Herrin
--------------------------------------------------------------------------------------------------------------------------------------------
William Herrin bill@herrin.us https://bill.herrin.us/
On Thu, Apr 22, 2021 at 7:12 AM nanoguser100 via NANOG <nanog@nanog.org> wrote:
William,
The plan is to carve out a /24 for "Estonia" and have special servers on it. This would be the same /24 I'd have to use if I were to put a legitimate POP there. This also means I don't conflict with the real Germany.
I am just worried about violating the 'rules' of these providers and getting myself blacklisted from submitting corrections. Afterall the traceroute will still show us hitting a router in Germany before it hits my network. Traceroutes aren't the end all be all but it's a tell-tale sign.
I guess this is all ISP-reported info so it's not "illegal" or a violation in any way.
-Nanoguser100
I think it's safe to say that before anyone could be held accountable for geolocation data, there would have to *first* be a requirement that the data be able to be reliably updated to be *correct*. As we have not yet achieved a way of ensuring that legitimate holders of IP resources can reliably update the geolocation data, I think you can rest assured, nobody will be holding you accountable for whatever the geolocation data might show for a particular block of addresses. Now, if, as an industry, we had a consistent, reliable way in which geolocation records could be updated with a means to audit and ensure the updates are being made only by the legitimate holders of the number resources...*then* you might have reason to be concerned. But as of now, as evidenced by the number of "how do I get my geolocation data updated" emails sent to NANOG, which result in a flurry of "meetoo" followups, no reasonable court would ever give any legal credence to the current data in the various geolocation databases. You can sleep soundly at night, whichever road you may choose to take. Matt
On Apr 22, 2021, at 10:23 AM, Matthew Petach <mpetach@netflight.com> wrote:
On Thu, Apr 22, 2021 at 7:12 AM nanoguser100 via NANOG <nanog@nanog.org> wrote:
William,
The plan is to carve out a /24 for "Estonia" and have special servers on it. This would be the same /24 I'd have to use if I were to put a legitimate POP there. This also means I don't conflict with the real Germany.
I am just worried about violating the 'rules' of these providers and getting myself blacklisted from submitting corrections. Afterall the traceroute will still show us hitting a router in Germany before it hits my network. Traceroutes aren't the end all be all but it's a tell-tale sign.
I guess this is all ISP-reported info so it's not "illegal" or a violation in any way.
-Nanoguser100
Love the fact you try to anonymize the question - after giving details like “server is in German, we want it to appear in Estonia”. Anyway....
I think it's safe to say that before anyone could be held accountable for geolocation data, there would have to *first* be a requirement that the data be able to be reliably updated to be *correct*.
Matt: I find it amusing you think rationality and logic have anything to do with government activity. You are not usually this naïve.
As we have not yet achieved a way of ensuring that legitimate holders of IP resources can reliably update the geolocation data, I think you can rest assured, nobody will be holding you accountable for whatever the geolocation data might show for a particular block of addresses.
I am not at all certain of this. At the very least, the maintainer of the information may hold it against you if they find out you have intentionally falsified the data. Remember, the people offering IP address <> Geo-location databases for money are not beholden to you. They are beholden to the people paying them money. If $CONTENT_OWNER wants to ensure only devices in Estonia get certain content, and you go out of your way to allow devices in German get the content, this could present a problem. Will they sue you? I cannot see that happening. Will they ignore any future updates you give them? Would not surprise me. BTW: I know VPN providers advertise this precise ability. However, at least the VPN end point is where they say it is.
Now, if, as an industry, we had a consistent, reliable way in which geolocation records could be updated with a means to audit and ensure the updates are being made only by the legitimate holders of the number resources...*then* you might have reason to be concerned.
Wait, I thought we did. At least I see it in every movie….
But as of now, as evidenced by the number of "how do I get my geolocation data updated" emails sent to NANOG, which result in a flurry of "meetoo" followups, no reasonable court would ever give any legal credence to the current data in the various geolocation databases.
I find a difference between “we tried to keep the data straight, but there are mistakes” and “this data was intentionally misrepresented”. My guess is the law might as well. As stated above, I seriously doubt anyone will someone sue you over it. Will you go to jail? Yeah, again, I cannot see that happening. Doesn’t mean you should do it.
You can sleep soundly at night, whichever road you may choose to take.
What is this “sleep” you mention? -- TTFN, patrick
participants (3)
-
Matthew Petach -
nanoguser100 -
Patrick W. Gilmore