> On 24 Jul 2022, at 10:20 AM, Abraham Y. Chen <ayc...@avinta.com> wrote:
>
> Hi, John:
>
> 1) "... dynamically assigned IP address space can still be tracked back to a
> given system ... ": I fully agree with this statement. However,
> A. You overlooked the critical consideration of the response time. If this
> can not be done in real time for law enforcement purposes, it is meaningless.
Abe -
That’s correct - but that does not require having static addresses to
accomplish (as you postulated earlier),
rather it just requires having appropriately functioning logging apparatus.
> B. Also, the goal is to spot the specific perpetrator, not the "system"
> which is too general to be meaningful. In fact, this would penalize the
> innocent users who happen to be on the same implied "system".
Yes, it is quite obvious that a degree of care is necessary.
> C. In addition, for your “whack-a-mole” metaphor, the party in charge is
> the mole, not the party with the mallet. It is a losing game for the mallet
> right from the beginning.
As with all enforcement, it is a question on changing to breakeven point
calculation on incentives & risks
for the would be perpetrators, and presently there’s almost nearly no risk
involved.
> So, the current Internet practices put us way behind the starting line
> even before the game. Overall, this environment is favored by multi-national
> businesses with perpetrators riding along in the background. When security is
> breached, there are more than enough excuses to point the finger to. No
> wonder the outcome has always been disappointing for the general public.
Indeed.
> 2) What we need to do is to reverse the roles in every one of the above
> situations, if we hope for any meaningful result, at all. The starting point
> is to review the root differences between the Internet and the traditional
> communication systems. With near half a century of the Internet experience,
> we should be ready to study each issue from its source, not by perpetuating
> its misleading manifestations.
That’s one possible approach, although before becoming too enamored with it, it
is probably worth remembering]
that the “traditional communication systems” have also suffered from similar
exploits occasion (they’ve been fewer
in number, but then again, the number of connected devices was also several
orders of magnitude smaller.)
Thanks,
/John
Disclaimer: my views alone – use caution - contents may be hot!
> ...
>
> On 2022-07-24 07:27, John Curran wrote:
>> Abe -
>>
>> Static versus dynamic address assignment isn’t the problem - dynamically
>> assigned IP address space can
>> still be tracked back to a given system (reference: RFC6302/BCP162 & RFC6269
>> for discussion of the
>> requirements and various related issues.)
>>
>> Tracking back to a particular server doesn’t really matter if all that
>> happens is that the service is terminated
>> (as the culprit will simply appear elsewhere in the Internet with a new
>> connection/server and start over.)
>>
>> Alas, the situation doesn’t change unless/until there’s a willingness to
>> engage law enforcement and pursue
>> the attackers to prevent recurrence. This is non-trivial, both because of
>> the skills necessary, the volume of
>> attacks, the various jurisdictions involved, etc. – but the greatest
>> obstacle is simply the attitude of “Why bother,
>> that’s just the way it is…”
>>
>> With zero effective back pressure, we shouldn’t be surprised as frequency of
>> attempts grows without bound.
>>
>> Thanks,
>> /John
>>
>> Disclaimers: my views alone – no one else would claim them. Feel free to
>> use/reuse/discard as you see fit.
>>
