<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [gnso-ff-pdp-may08] Saturday Harms
- To: ebw@xxxxxxxxxxxxxxxxxxxx
- Subject: RE: [gnso-ff-pdp-may08] Saturday Harms
- From: Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>
- Date: Sat, 19 Jul 2008 09:32:13 -0700
At the risk of earning an angry retort, let me see if I can
summarize the 300 or so lines of your last note. If I got the
gist of what you were trying to say, I *think* it may have
been:
"Fastflux doesn't hurt anybody."
I disagree.
Without trying to tag any given constituency as the source or
sink of fastflux related ills, let me just mention a few of
the behaviors that I think *do* represent damage to some part
of the Internet community.
-- Fastflux happens on clandestinely compromised machines;
botting hosts for that (or any purpose) is bad. They may
become unstable, they may be expensive to cleanup, personally
identifiable information may lost along the way, connections
may end up getting turned off, etc., etc., etc. Getting
botted is unquestionably a bad thign.
-- Fastflux facilitates and enables some of the most egregious
substantive ills our society knows, including child
exploitation, drug abuse, financial crime, the distribution
of malware, etc.
-- Attempts to technically (rather than administratively)
cope with fastflux have/will result in increasingly Rube
Goldbergesque technical "solutions" which may destroy Internet
transparency or break the network in hard to diagnose ways
-- Fastflux domain names are registered with bogus point of
contact data, hindering accountability, resulting in
complaints, and frustrating the rule of law
-- Suggestions that criminal enforcement be left to criminal
authorities are frustrated by a lack of cooperation in
basic areas such as requiring customers to be accountable
(e.g., if point of contact information for domains is
routinely allowed to be entirely fictitious, law enforcement
won't have an easy time going after the bad guys using the
resources at their disposal)
-- Unchecked, the bad guys are accumulating a substantial
stockpile of network firepower. At some point, it is going to
dawn on some of them (if it hasn't already), that they
very well may actually be the ones who are in de facto control
of the Internet. Disagree with that assertion? How big a DDoS
can you sinkhole for how long? Ready to resist DNS-based
attacks? Route injection attacks? Floods of blow back traffic
from Joe Job'd spam runs?
Factors such as those make me disagree 100% that fastflux is benign,
and should be implicitly or explicity tolerated in any way.
Regards,
Joe
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|