ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [gnso-ff-pdp-may08] Suggestion: Stopping fast flux doesn't cure the common cold

  • To: Dave Piscitello <dave.piscitello@xxxxxxxxx>, Fast Flux Workgroup <gnso-ff-pdp-May08@xxxxxxxxx>
  • Subject: RE: [gnso-ff-pdp-may08] Suggestion: Stopping fast flux doesn't cure the common cold
  • From: Paul Stahura <Paul.Stahura@xxxxxxxx>
  • Date: Mon, 20 Oct 2008 09:26:59 -0700

I agree with the wording below.

-----Original Message-----
From: owner-gnso-ff-pdp-may08@xxxxxxxxx 
[mailto:owner-gnso-ff-pdp-may08@xxxxxxxxx] On Behalf Of Dave Piscitello
Sent: Monday, October 20, 2008 7:36 AM
To: Fast Flux Workgroup
Subject: Re: [gnso-ff-pdp-may08] Suggestion: Stopping fast flux doesn't cure 
the common cold


Wendy,

I think this is nearly impossible to do. A FF *attacks* is as much a
weapon/tool/means for e-criminals as a getaway car is for bank robbers. Yes,
some bank robbers get away by foot or bicycle, but these methods don't put
as much distance between the perpetrators and the investigators as a car.

I do think that balance is important and suggest that your second paragraph
is a good basis for tempering what we include the report. Specifically, I'd
suggest that we include a statement in this section that nearly replicates
your wording:

"The WG does not suggest that mitigating fast flux attacks would eliminate
the need for other anti-abuse or law enforcement work, nor do we intend to
exaggerate the benefits of this attack technique to would-be malefactors by
calling detailed attention to specific harms. Rather, we call attention to
these attacks in a markedly strong manner to emphasize that fast flux
attacks have considerable influence in the duration and efficacy of harmful
activities."





On 10/17/08 12:10 PM  Oct 17, 2008, "Wendy Seltzer" <wendy@xxxxxxxxxxx>
wrote:

>
>
> Many of the harms listed under "who is harmed by fast flux" (398 and
> following) appear to be generic harms, that may be perpetrated on the
> Internet or off, via fast flux or by other techniques.  I would suggest
> distinguishing betweens those that are unique to fast flux attacks (if
> there are any, such as particular aspects of the harm to hosts
> compromised into herds, or to network providers), versus those that may
> be facilitated by using fast-flux techniques or networks as a substrate
> (e.g., fraudulent transactions) but would continue to be a problem even
> if fast flux were ended tomorrow.
>
> We do not want to imply that stopping fast flux would eliminate the need
> for other anti-abuse or law enforcement work, nor to exaggerate the
> benefits of this attack technique to would-be malefactors.
>
> Thanks,
> --Wendy
> --
> Wendy Seltzer -- wendy@xxxxxxxxxxx
> Visiting Professor, American University Washington College of Law
> Fellow, Berkman Center for Internet & Society
> http://cyber.law.harvard.edu/seltzer.html
> http://www.chillingeffects.org/
> https://www.torproject.org/






<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy