Re: The US government has betrayed the Internet. We need to take it back
I'm sorry if you don't share my view. Personally I think the Patriot Act is unconsitutional and CALEA is a tool to enable the total invasion of privacy. I think the laws need changed, I want to change. That said I will not break them and neither will you. How would/does your company respond to NSLs or subpoenas? Do you comply with FCC 499 requirements and with CALEA requirements? I do, and I'm betting you will to. Does it suck? Yea of course it does but unless you have a better plan for a US based provider I will keep doing what I'm doing. Sam On 2013-09-06 18:29, Scot Weeks wrote: --- s...@circlenet.us wrote: From: Sam Moats s...@circlenet.us There only options are to: Disobey the law, unacceptable in my opinion Close down services, noble but I need to eat and you probably want to keep getting email Compromise your principles and obey the law, the path often choosen. So, there's no choice except to get a 5-gallon bucket of gov't-ky jelly and take it? So many things come to mind on your flag-waving emails, I can't think of what to say first. And believe me, that's not usual... ;-) After a while, you'll become raw and probably change your mind. scott
Re: AlbertaIX - no longer a Cybera project?
On 9/5/13 1:47 PM, Theo de Raadt wrote: The last six months in AlbertaIX saw no discussions (or approval) for any action plan. Without votes, nothing can be built. This is probably the key ideological problem and a good example not to follow if you are trying to start an exchange. Do first, implement bureaucracy later, if at all. I completely respect the people that were on the board and also Cybera. FWIW, I have no direct insight into the conversations between the people involved. From a distance it seemed like exactly the right people to be involved (with only the minor problem of not enough ethernet switch pluggin' in and too much meetin' and discussin'). Facility and parties willing, hopefully there will be a YYCIX switch in Cybera. The entire organization also lacks documents. The new game plan is to follow YYCIX because of Hurricane Electric's arrival at the datacenter which was (originally) the least preffered. Our criteria for choosing a facility in Calgary was: * Which facilities have a live ethernet switch for any Internet exchange? Then given the candidate list of data centers in the area: * Is there a live ethernet switch in their facility? * How many IPs are pingable on that switch? * Does the facility want us in their facility? (Is there any value for them? Are they happy to have us build in?) * Does the facility want the exchange to succeed? (Do they get it?) (Sadly sometimes the answer here is either indifference or hostility.) * Does the facility understand that we need them to encourage more networks to build into their facility? * Is the price for cross connects and power reasonable? * How many networks are in the building? * Can we get develop enough revenue to cover our costs to get circuits, colo, power, cross connects etc to build out to the site? (DataHive met all of these requirements and was repeatedly very helpful to make things happen.) There's a magic moment in the beginning of forming data center neutral exchanges where the engineers operating the exchange and the facility owners need to have a meeting of the minds and view the exchange as something they are doing together and then take the immediate actions to get it live. I'm not sure how the magic of this goes down since the facility owners may or may not view each other as competitors (and may or may not view the exchange as that useful). Once an exchange has critical mass like AMS-IX I suppose this becomes an easy decision for a new facility owner. I am led to understand that there is city fiber in Calgary available at reasonable cost, which hopefully would translate to exchange switches in multiple buildings eventually in Calgary (if various stages of critical mass are achieved). Mike.
Re: AlbertaIX - no longer a Cybera project?
Mike Leber wrote: Facility and parties willing, hopefully there will be a YYCIX switch in Cybera. Interesting idea, how the heck did I miss that. It would depend on Cybera being open to the idea, which starts off with a reevaluation of the following not-for-profit acting as an ISP of last resort strategy: http://www.cybera.ca/strategic-projects/internet-buying-group http://www.cybera.ca/strategic-projects/peering/ http://www.cybera.ca/membership/membership-structure/ In Canada, the other collision preventing exchanges from showing up is the CANARIE content peering model, which by providing free content access to schools and such takes many (young bandwidth hungry) eyeballs out of the equation for IX development and growth: http://www.canarie.ca/en/cds/policy http://www.canarie.ca/en/cds/cds_content_providers Time for change?
Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
A Canadian ISP colleague of mine suggested that the NANOG constituency might be interested in this, given some recent 'revelations', so I forward it here for you perusal. Preliminary analysis of more than 25,000 traceroutes reveals a phenomenon we call ‘boomerang routing’ whereby Canadian-to-Canadian internet transmissions are routinely routed through the United States. Canadian originated transmissions that travel to a Canadian destination via a U.S. switching centre or carrier are subject to U.S. law - including the USA Patriot Act and FISAA. As a result, these transmissions expose Canadians to potential U.S. surveillance activities – a violation of Canadian network sovereignty. http://lawprofessors.typepad.com/media_law_prof_blog/2013/09/routing-internet-transmission-across-the-canada-us-border-and-us-surveillance-activities.html Cheers, - ferg -- Paul Ferguson Vice President, Threat Intelligence Internet Identity, Tacoma, Washington USA IID -- Connect and Collaborate -- www.internetidentity.com
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
Not just a Canadian issue but one we should look at in the US as well. Deploying more IXs and routing our traffic direct instead of through the big guys can secure our own communications from our own government until we change who we have in office. Aaron On 9/7/2013 4:08 PM, Paul Ferguson wrote: A Canadian ISP colleague of mine suggested that the NANOG constituency might be interested in this, given some recent 'revelations', so I forward it here for you perusal. Preliminary analysis of more than 25,000 traceroutes reveals a phenomenon we call ‘boomerang routing’ whereby Canadian-to-Canadian internet transmissions are routinely routed through the United States. Canadian originated transmissions that travel to a Canadian destination via a U.S. switching centre or carrier are subject to U.S. law - including the USA Patriot Act and FISAA. As a result, these transmissions expose Canadians to potential U.S. surveillance activities – a violation of Canadian network sovereignty. http://lawprofessors.typepad.com/media_law_prof_blog/2013/09/routing-internet-transmission-across-the-canada-us-border-and-us-surveillance-activities.html Cheers, - ferg
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
Paul, I agree this is a problem, but its been a problem since at least 1994 ( my first exposure ) and I suspect longer, the issue is east we capacity in Canada is very $$, pushing traffic from Toronto east to points south to get it to Vancouver is much more cost effective. -jim On Sat, Sep 7, 2013 at 6:08 PM, Paul Ferguson fergdawgs...@mykolab.comwrote: A Canadian ISP colleague of mine suggested that the NANOG constituency might be interested in this, given some recent 'revelations', so I forward it here for you perusal. Preliminary analysis of more than 25,000 traceroutes reveals a phenomenon we call ‘boomerang routing’ whereby Canadian-to-Canadian internet transmissions are routinely routed through the United States. Canadian originated transmissions that travel to a Canadian destination via a U.S. switching centre or carrier are subject to U.S. law - including the USA Patriot Act and FISAA. As a result, these transmissions expose Canadians to potential U.S. surveillance activities – a violation of Canadian network sovereignty. http://lawprofessors.typepad.**com/media_law_prof_blog/2013/** 09/routing-internet-**transmission-across-the-**canada-us-border-and-us-** surveillance-activities.htmlhttp://lawprofessors.typepad.com/media_law_prof_blog/2013/09/routing-internet-transmission-across-the-canada-us-border-and-us-surveillance-activities.html Cheers, - ferg -- Paul Ferguson Vice President, Threat Intelligence Internet Identity, Tacoma, Washington USA IID -- Connect and Collaborate -- www.internetidentity.com
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
You have to change way more than that. BTW the one in office didn't start this. -Jorge On Sep 7, 2013, at 4:17 PM, Aaron Wendel aa...@wholesaleinternet.net wrote: Not just a Canadian issue but one we should look at in the US as well. Deploying more IXs and routing our traffic direct instead of through the big guys can secure our own communications from our own government until we change who we have in office. Aaron
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
On Sat, Sep 7, 2013 at 5:17 PM, Aaron Wendel aa...@wholesaleinternet.net wrote: Not just a Canadian issue... Nor even a North American one. -Jim P.
RE: Yahoo is now recycling handles
There's still the much more minor point that when I tried to self serve I ended up at a blank page on the Yahoo! web site, hopefully they will figure that out as well. I'm continually amazed at the number of web designers that don't test their pages with NoScript enabled. Just sayin'. The whole point of putting JavaScript (and other similar smegma) on a Web Page where it is not needed is to prevent people with smegma filters from being to access the page, and to suggest in no uncertain terms that these people take their business (and their money) elsewhere. Same applies to Flash. Take your business elsewhere. There is no point in complaining about it. Sometimes, it is a deliberate feature which is deliberately used to attack the visitors of a web site. Prime example is the DHS.
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
It's a good point to consider however that omits the probabilty that Canada is doing exactly the same thing as the U.S. and thus this may free you from certain legalities but does not actually ensure privacy. The other fact of this is that we are well aware that the NSA's database is being accessed freely by (at the very least) England and Australia (I think that's who I read) I believe with reciprical agreements and I'd be shocked if Canada isn't in there too. What are the ramifications of that? Do we even know? Points to ponder... -Wayne On Sat, Sep 07, 2013 at 02:08:31PM -0700, Paul Ferguson wrote: A Canadian ISP colleague of mine suggested that the NANOG constituency might be interested in this, given some recent 'revelations', so I forward it here for you perusal. Preliminary analysis of more than 25,000 traceroutes reveals a phenomenon we call ?boomerang routing? whereby Canadian-to-Canadian internet transmissions are routinely routed through the United States. Canadian originated transmissions that travel to a Canadian destination via a U.S. switching centre or carrier are subject to U.S. law - including the USA Patriot Act and FISAA. As a result, these transmissions expose Canadians to potential U.S. surveillance activities ? a violation of Canadian network sovereignty. http://lawprofessors.typepad.com/media_law_prof_blog/2013/09/routing-internet-transmission-across-the-canada-us-border-and-us-surveillance-activities.html Cheers, - ferg -- Paul Ferguson Vice President, Threat Intelligence Internet Identity, Tacoma, Washington USA IID -- Connect and Collaborate -- www.internetidentity.com --- Wayne Bouchard w...@typo.org Network Dude http://www.typo.org/~web/
RE: Yahoo is now recycling handles
The appropriate party to inform would be the FBI ... The word fraud comes to mind, and millions of 50 centses puts company officers in prison for a long long long time. -Original Message- From: Kee Hinckley [mailto:naz...@marrowbones.com] Sent: Thursday, 5 September, 2013 11:28 To: nanog@nanog.org list Subject: Re: Yahoo is now recycling handles On Sep 4, 2013, at 9:47 PM, Leo Bicknell bickn...@ufp.org wrote: I've got to apologize publicly to Yahoo! here as part of my issue was my own stupidity. It appears in the past I've had multiple Yahoo! ID's and I was I, on the other hand, need someone from Yahoo! to contact me, because I decided to test their email wishlist feature. Repeated attempts got me nothing but a message saying that my credit card information was incorrect. But when I checked my bill this morning, I have three fifty cent charges against my account (one for each time I revalidated my email address while attempting to use their form). There's no contact page on http://wishlist.yahoo.com, despite the fact that it's an ecommerce page that takes credit cards, and there's no apparent way to contact a human from the main yahoo page. I can always ask my credit card company to refuse the charges, but if Yahoo! is charging credit cards and not providing services, I think someone there needs to know there's a problem. Never mind taking credit card numbers and providing no customer support.
RE: MTR for Android?
Look for TRACEROUTE by SRCGUARDIAN in the Play Store. It needs network access only... Doesn't do TCP but does ICMP and UDP traceroutes and displays ASN as well ...
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
On 7 September 2013 17:08, Paul Ferguson fergdawgs...@mykolab.com wrote: Preliminary analysis of more than 25,000 traceroutes reveals a phenomenon we call ‘boomerang routing’ whereby Canadian-to-Canadian internet transmissions are routinely routed through the United States. I sincerely hope that nobody in Canada is surprised by this, since it was already an issue in 1994 (when I was at CA*net). -- Harald
Re: MTR for Android?
Look for TRACEROUTE by SRCGUARDIAN in the Play Store. thanks. works.
RE: The US government has betrayed the Internet. We need to take it back
Sure it does. You have confidentiality between the parties who are speaking together against third-parties merely passively intercepting the communication. Authentication and Confidentiality are two completely separate things and can (and are) implemented separately. The only Authentication which would be of any value to me is if the certificates was issued by me to the other party. Otherwise, one must assume that the certificate is fake for the purposes of authentication (ie, has no more value than a self-signed certificate). -Original Message- From: Michael Thomas [mailto:m...@mtcc.com] Sent: Friday, 6 September, 2013 13:25 To: Eugen Leitl Cc: nanog@nanog.org Subject: Re: The US government has betrayed the Internet. We need to take it back On 09/06/2013 12:14 PM, Eugen Leitl wrote: On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote: On 09/06/2013 11:19 AM, Nicolai wrote: That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol. Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least. Of course: Received: from sc1.nanog.org (sc1.nanog.org [50.31.151.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) doesn't instill a lot of confidence :) It's better than nothing though. Mike
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
On Sep 8, 2013, at 4:08 AM, Paul Ferguson wrote: As a result, these transmissions expose Canadians to potential U.S. surveillance activities – a violation of Canadian network sovereignty. Yes, far better to keep those communications within Canada - where CSEC can hand them over to GCHQ, who'll then hand them over to NSA . . . ; There are no technical solutions to purely social ills. This set of issues has nothing to do with technology, and everything to do with civil society. Any meaningful change in the status quo will not originate the technological realm, but rather in the political sphere. Quite frankly, all this chatter about technical 'calls to arms' and whatnot is pointless and distracting (thereby calling into question the motivations behind continued agitation for technical remedies, which clearly won't have any effect whatsoever). --- Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Luck is the residue of opportunity and design. -- John Milton
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
On Sep 8, 2013, at 8:09 AM, Dobbins, Roland wrote: There are no technical solutions to purely social ills. That should read, 'There are no purely technical solutions to social ills.' ; --- Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Luck is the residue of opportunity and design. -- John Milton
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
On 7 September 2013 18:09, Dobbins, Roland rdobb...@arbor.net wrote: On Sep 8, 2013, at 4:08 AM, Paul Ferguson wrote: As a result, these transmissions expose Canadians to potential U.S. surveillance activities – a violation of Canadian network sovereignty. Yes, far better to keep those communications within Canada - where CSEC can hand them over to GCHQ, who'll then hand them over to NSA . . . But I don't think every secret service have installed his own backdoors in all popular software and protocols. And the NSA can't share these backdoors/weakness with all his friends, because if you tell a secret to everyone, it stop being a secret. The existence and nature of these backdoors will be revealed, and the affected software will fix them. So probably the NSA works like Wall-Mart Secrets. And they sell secrets, 100.000$ for a list of human rights activist, 2 millions for the emails of the leaders of the opposition. -- -- ℱin del ℳensaje.