Re: GeoIP database issues and the real world consequences

[Wayne Bouchard]

On Mon, Apr 11, 2016 at 06:15:08PM -, John Levine wrote:
> 
> >The problem with MaxMind (and other geoip databases I've seen that do 
> >Lat/Long as well as Country / State / Town) is that the
> >data doesn't include uncertainty, so it returns "38.0/-97.0" rather than 
> >"somewhere in a 3000 mile radius circle centered on
> >38.0/-97.0".
> >
> >Someone should show them RFC 1876 as an example of better practice.
> 
> Oh, heck, you know better than that.  You can put in all the flags and
> warnings you want, but if it returns an address, nitwits will show up
> at the address with guns.
> 
> Bodies of water probably are the least bad alternative.  I wonder if
> they're going to hydrolocate all of the unknown addresses, or only the
> ones where they get publically shamed.

I personal favor setting the generic location as a certain set of
roundish holes in the ground up in the northern plains. Let the
government raid itself for once.

---
Wayne Bouchard
w...@typo.org
Network Dude
http://www.typo.org/~web/

Re: Stop IPv6 Google traffic

[Eitan Adler]

On 10 April 2016 at 12:33,   wrote:
> Who cares what his motivations are unless he asks for help with that
> underlying problem?

See Also: http://xyproblem.info/


-- 
Eitan Adler

Re: GeoIP database issues and the real world consequences

[Hank Nussbacher]

On 12/04/2016 00:41, Ricky Beam wrote:
> On Mon, 11 Apr 2016 12:55:11 -0400, Chris Boyd
>  wrote:
>> Interesting article.
>>
>> http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/
> ...
>
> "Until you reached out to us, we were unaware that there were issues..."
>
> Bull! I can dig up dozens (if not hundreds) of emails from coworkers
> and customers who have complained to MaxMind about their asinine
> we-don't-have-a-frakin-clue results. They've known for years! They're
> paid for a definitive answer, not an "unknown", which is why the
> default answer is the same near-the-center-of-the-country lat/lon. He,
> personally, may have had no idea, but MaxMind The Company did/does.
>

Its called class action lawsuit.

-Hank

Re: GeoIP database issues and the real world consequences

[Joel Maslak]

On Mon, Apr 11, 2016 at 3:09 PM, Owen DeLong  wrote:


> So really, what is needed is two additional fields for the lat/lon of
> laterr/lonerr so that, for example, instead of just 38.0/-97.0, you would
> get 38.0±2/-97.0±10 or something like that.
>

It does seem needed to the geo location companies too, at least several of
them provide this - and it's been this way for a long time.

I didn't remember if Maxmind does or not, so I just checked.  From some of
their documentation, the field "accuracy_radius" is returned which is "The
radius in kilometers around the specified location where the IP address is
likely to be." See
http://dev.maxmind.com/geoip/geoip2/web-services/#location .  I don't think
it's in their free stuff (you get what you pay for, it seems).

It doesn't show up on their web interface to "try" the service nor does it
give a warning that these things can be wrong, but IMHO probably wouldn't
be a bad idea to say "Don't go show up at this address - it might not be
right!"

Re: GeoIP database issues and the real world consequences

[Stephen Frost]

Owne,

* Owen DeLong (o...@delong.com) wrote:
> However, my home address has been published in multiple whois databases since 
> I moved here in 1993.
> 
> Not once has a nitwit with a gun shown up on my doorstep as a result. (I have 
> had visits from nitwits with guns,
> but they were the results of various local oddities unrelated to the 
> internet).

I'm glad to hear you've not had the joy of such an experience.

I nearly had one, but I managed to convince the nitwit to not to show
up, but it took a few hours on the phone.

He had seen my email address fly across while Linux was booting (thanks
to a Netfilter module I had written which had been included) on some
device he had he wasn't technical, so it wasn't easy for me to work out
what he was talking about, except that it was very clearly something he
was trying to "fix" to get his internet working again.

From that, he looked up my domain via whois and got my phone number and
address and called me and accused me of being with various three-letter
government organizations, said he had found proof that he was being
spied on and a litany of similar concerns.

Ultimately, I got him to believe (or at least, it seemed so) that I was
just some technical guy that wrote some code for a company that built
the device and got off the phone with him hours later.

On the plus side of this particular story, a few Airbus planes were
built with a version of Linux which displayed the boot messages during
startup on the in-seat displays and my name and email have shown up for
the reason on those devices, leading to emails from a few strangers
around the world with pictures of the boot process showing my email.

I'm not quite sure that the up-side out-weighs the down in this
particular story, but there it is.

Thanks!

Stephen


signature.asc
Description: Digital signature

Re: GeoIP database issues and the real world consequences

[Larry Sheldon]

On 4/11/2016 11:55, Chris Boyd wrote:


Interesting article.

http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/

An hour’s drive from Wichita, Kansas, in a little town called Potwin,
there is a 360-acre piece of land with a very big problem.

The plot has been owned by the Vogelman family for more than a hundred
years, though the current owner, Joyce Taylor née Vogelman, 82, now
rents it out. The acreage is quiet and remote: a farm, a pasture, an old
orchard, two barns, some hog shacks and a two-story house. It’s the kind
of place you move to if you want to get away from it all. The nearest
neighbor is a mile away, and the closest big town has just 13,000
people. It is real, rural America; in fact, it’s a two-hour drive from
the exact geographical center of the United States.

But instead of being a place of respite, the people who live on Joyce
Taylor’s land find themselves in a technological horror story.


And not even slightly funny.

What happened to Truth.  If you do not know, say "I don't know."

Or be silent.





For the last decade, Taylor and her renters have been visited by all
kinds of mysterious trouble. They’ve been accused of being identity
thieves, spammers, scammers and fraudsters. They’ve gotten visited by
FBI agents, federal marshals, IRS collectors, ambulances searching for
suicidal veterans, and police officers searching for runaway children.
They’ve found people scrounging around in their barn. The renters have
been doxxed, their names and addresses posted on the internet by
vigilantes. Once, someone left a broken toilet in the driveway as a
strange, indefinite threat.

--Chris





--
sed quis custodiet ipsos custodes? (Juvenal)

Re: GeoIP database issues and the real world consequences

[Owen DeLong]

> On Apr 11, 2016, at 15:23 , Niels Bakker  wrote:
> 
>>> Oh, heck, you know better than that.  You can put in all the flags and 
>>> warnings you want, but if it returns an address, nitwits will show up at 
>>> the address with guns.
> 
> * o...@delong.com (Owen DeLong) [Tue 12 Apr 2016, 00:02 CEST]:
>> I hear this argument about various things over and over and over again.
>> 
>> However, my home address has been published in multiple whois databases 
>> since I moved here in 1993.
>> 
>> Not once has a nitwit with a gun shown up on my doorstep as a result.
> 
> I think you miss the point.  Your geocoordinates were not mistakenly 
> associated with nigh infinite amounts of internet abuse.  This thread has 
> (mostly) been about wrong information being published, not information being 
> published at all.

I didn’t miss the point, but the specific statement quoted is patently false in 
both cases (the article itself admits that the vast majority of such “victim” 
households contacted had not suffered any ill effects).

Owen

Re: Stop IPv6 Google traffic

[Constantine A. Murenin]

On 10 April 2016 at 14:48, Jon Lewis  wrote:
> On Sun, 10 Apr 2016, Max Tulyev wrote:
>
>> Hi All,
>>
>> I need to stop IPv6 web traffic going from our customers to Google
>> without touching all other IPv6 and without blackhole IPv6 Google
>> network (this case my customers are complaining on long timeouts).
>>
>> What can you advice for that?
>
>
> Just use Cogent transit for IPv6.  Problem solved.  :)

Unless Cogent is doing something different for Google than HE does for
Cogent, using Cogent is unlikely to solve the timeout issues:

% telnet -6 www.cogentco.com 80
Trying 2001:550:1::cc01...
^C
%

As has already been pointed out, the proper half-baked solution is to
return a destination unreachable packet in these situations, instead
of silently dropping the packets and forcing the clients to go through
a timeout.

Cheers,
Constantine.SU.

Re: GeoIP database issues and the real world consequences

[Niels Bakker]

Oh, heck, you know better than that.  You can put in all the flags 
and warnings you want, but if it returns an address, nitwits will 
show up at the address with guns.


* o...@delong.com (Owen DeLong) [Tue 12 Apr 2016, 00:02 CEST]:

I hear this argument about various things over and over and over again.

However, my home address has been published in multiple whois 
databases since I moved here in 1993.


Not once has a nitwit with a gun shown up on my doorstep as a result.


I think you miss the point.  Your geocoordinates were not mistakenly 
associated with nigh infinite amounts of internet abuse.  This thread 
has (mostly) been about wrong information being published, not 
information being published at all.



-- Niels.

Re: GeoIP database issues and the real world consequences

[Owen DeLong]

> On Apr 11, 2016, at 12:01 , Baldur Norddahl  wrote:
> 
> On 11 April 2016 at 20:15, John Levine  wrote:
> 
>> Oh, heck, you know better than that.  You can put in all the flags and
>> warnings you want, but if it returns an address, nitwits will show up
>> at the address with guns.
>> 
>> Bodies of water probably are the least bad alternative.  I wonder if
>> they're going to hydrolocate all of the unknown addresses, or only the
>> ones where they get publically shamed.
>> 
> 
> They should stop giving out coordinates on houses period. Move the
> coordinate to the nearest street intersection if you need to be that
> precise (I would prefer nearest town square). Anything more than that
> should be illegal.
> 
> Regards,
> 
> Baldur

The thing I find particularly amusing having just looked up my own IP addresses 
is the following:

1.  My addresses are tied to my actual address in whois.
2.  That is not the address linked to in any of the GeoIP databases I know 
how to check.
3.  The address is only a few blocks away, but where an ambiguity is 
provided, it is sufficient to cover
most of the city of San Jose, including my house of course.

Needless to say, it’s not confidence inspiring. I might look to see whose house 
it does send me to later
if I feel inclined, just for amusement.

Owen

Re: GeoIP database issues and the real world consequences

[Owen DeLong]

> On Apr 11, 2016, at 11:15 , John Levine  wrote:
> 
> 
>> The problem with MaxMind (and other geoip databases I've seen that do 
>> Lat/Long as well as Country / State / Town) is that the
>> data doesn't include uncertainty, so it returns "38.0/-97.0" rather than 
>> "somewhere in a 3000 mile radius circle centered on
>> 38.0/-97.0".
>> 
>> Someone should show them RFC 1876 as an example of better practice.
> 
> Oh, heck, you know better than that.  You can put in all the flags and
> warnings you want, but if it returns an address, nitwits will show up
> at the address with guns.

I hear this argument about various things over and over and over again.

However, my home address has been published in multiple whois databases since I 
moved here in 1993.

Not once has a nitwit with a gun shown up on my doorstep as a result. (I have 
had visits from nitwits with guns,
but they were the results of various local oddities unrelated to the internet).

Examples:

1.  A neighbor managed to get the SJPD (most common example of 
nitwits with guns in this area) to darken
my doorstep because he spotted (and complained about) a dog in 
my yard being out of control and not
on a leash or supervised. (Not sure why they thought it was my 
dog, as I have never owned a dog at this
address).

2.  I opened my front door to be greeted by a nitwit with a gun 
(again, SJPD) telling me to go back inside
while they completed an arrest nearby.

So, apparently there still aren’t enough nitwits with guns operating enough 
typewriters to fulfill this bit of conventional
wisdom as yet.

Owen

Re: Stop IPv6 Google traffic

[Owen DeLong]

> On Apr 11, 2016, at 14:03 , Rubens Kuhl  wrote:
> 
> On Mon, Apr 11, 2016 at 5:56 PM, Ricky Beam  wrote:
> 
>> On Sun, 10 Apr 2016 20:09:04 -0400, Rubens Kuhl  wrote:
>> 
>>> If your users are seeing captchas, one or a few or them are likely to be
>>> infected to the point of generating too much requests to Google.
>>> 
>> 
>> If that were the case, they'd be seeing the same via IPv4. And apparently,
>> they aren't.
>> 
> 
> Nope. If you have both A and  IP addresses in DNS responses and have
> both IPv4 and IPv6 connectivity, IPv6 will be preferred, with even a bit of
> latency handicap favoring IPv6 in current Happy Eyeballs implementations.
> Remember that the symptom is not unresponsive website, but an answer with
> an inconvenience (the captcha), so the browser and the network stack won't
> deem it as IPv6 load failure.

Also, incorrect or non-existant PTR records are much more common in IPv6
than in IPv4, so that could also account for some difference in behavior.

Most res.ISPs, for example, synthesize PTR responses for their IPv4
addresses such as:

240.59.103.76.in-addr.arpa. 7200 IN PTR 
c-76-103-59-240.hsd1.ca.comcast.net.

vs.

; <<>> DiG 9.8.3-P1 <<>> -x 2601:1c1:1234:5678:b834:f36d:2bb9:285
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48639
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;5.8.2.0.9.b.b.2.d.6.3.f.4.3.8.b.8.7.6.5.4.3.2.1.1.c.1.0.1.0.6.2.ip6.arpa. IN 
PTR

;; AUTHORITY SECTION:
0.1.0.6.2.ip6.arpa. 3600IN  SOA dns101.comcast.net. 
dnsmaster.comcastonline.com. 2014093006 7200 300 604800 3600

;; Query time: 128 msec
;; SERVER: 172.22.186.6#53(172.22.186.6)
;; WHEN: Mon Apr 11 14:43:53 2016
;; MSG SIZE  rcvd: 171

for example.

Owen

Re: GeoIP database issues and the real world consequences

[Ricky Beam]

On Mon, 11 Apr 2016 12:55:11 -0400, Chris Boyd   
wrote:

Interesting article.

http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/

...

"Until you reached out to us, we were unaware that there were issues..."

Bull! I can dig up dozens (if not hundreds) of emails from coworkers and  
customers who have complained to MaxMind about their asinine  
we-don't-have-a-frakin-clue results. They've known for years! They're paid  
for a definitive answer, not an "unknown", which is why the default answer  
is the same near-the-center-of-the-country lat/lon. He, personally, may  
have had no idea, but MaxMind The Company did/does.

Re: Stop IPv6 Google traffic

[Ricky Beam]

On Mon, 11 Apr 2016 17:03:02 -0400, Rubens Kuhl  wrote:
If that were the case, they'd be seeing the same via IPv4. And  
apparently,

they aren't.



Nope. If you have both A and  IP addresses in DNS responses and have
both IPv4 and IPv6 connectivity, IPv6 will be preferred, with even a bit


You misunderstood. If they disable IPv6, then their "attacks" would  
continue via IPv4, thus getting IPv4 similarly blacklisted. This is not  
happening -- hence the plan of blocking IPv6.


While it's possible there's some IPv6 specific "spambot" (adbot, whatever)  
running, I doubt it.

Re: GeoIP database issues and the real world consequences

[Owen DeLong]

> On Apr 11, 2016, at 10:26 , Steve Atkins  wrote:
> 
>> 
>> On Apr 11, 2016, at 10:11 AM, Hugo Slabbert  wrote:
>> 
>> 
>> On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase  wrote:
>> 
>>> TL;DR: GeoIP put unknown IP location mappings to the 'center of the country'
>>> but then rounded off the lat long so it points at this farm.
>>> 
>>> Cant believe law enforcement is using this kind of info to execute searches.
>>> Wouldnt that undermine the credibility of any evidence brought up in trials
>>> for any geoip locates?
>>> 
>>> Seems to me locating unknowns somewhere in the middle of a big lake or park 
>>> in
>>> the center of the country might be a better idea.
>> 
>> ...how about actually marking an unknown as...oh, I dunno: "unknown"?  Is 
>> there no analogue in the GeoIP lookups for a 404?
> 
> It's not unknown - it's (according to the DB, anyway, which has a bunch of 
> flaws) "in the US somewhere".
> 
> The problem with MaxMind (and other geoip databases I've seen that do 
> Lat/Long as well as Country / State / Town) is that the data doesn't include 
> uncertainty, so it returns "38.0/-97.0" rather than "somewhere in a 3000 mile 
> radius circle centered on 38.0/-97.0".
> 
> Someone should show them RFC 1876 as an example of better practice.
> 
> Cheers,
>  Steve

So really, what is needed is two additional fields for the lat/lon of 
laterr/lonerr so that, for example, instead of just 38.0/-97.0, you would get 
38.0±2/-97.0±10 or something like that.

This seems reasonable to me.

Owen

Re: how to deal with port scan and brute force attack from AS 8075 ?

[Owen DeLong]

> On Apr 11, 2016, at 12:12 , William Herrin  wrote:
> 
> On Mon, Apr 11, 2016 at 2:18 PM, Owen DeLong  wrote:
>> On Apr 7, 2016, at 07:41 , William Herrin  wrote:
>> On Thu, Mar 31, 2016 at 5:36 AM, Bacon Zombie  wrote:
>> 
>> I would ignore the portscans since there is nothing wrong with portscanning
>> the Internet.
>> 
>> You might want to check with your lawyer on that. If you
>> _intentionally_ port-scan a computer located in Virginia without the
>> owner's permission (and do nothing else, just port-scan it) it's a
>> class 3 misdemeanor under 18.2-152.1, et seq. That's up to a $500 fine
>> for each computer you scan. By comparison, shoplifting is a class 1
>> misdemeanor while possession of a schedule V narcotic is another class
>> 3.
>> 
>> I think you’re on shaky ground here.
>> 
>> 18.2-152.3 reads:
> 
> That's computer fraud. You want § 18.2-152.4, computer trespass.

I worked forward (et. seq.) from where you started… However…

18.2-152.4 
. 
Computer trespass; penalty.

A. It shall be unlawful for any person, with malicious intent, to:

1. Temporarily or permanently remove, halt, or otherwise disable any 
computerdata, computer programs or computer software from a computer or 
computernetwork;

2. Cause a computer to malfunction, regardless of how long the 
malfunctionpersists;

3. Alter, disable, or erase any computer data, computer programs or 
computersoftware;

4. Effect the creation or alteration of a financial instrument or of 
anelectronic transfer of funds;

5. Use a computer or computer network to cause physical injury to theproperty 
of another; or

6. Use a computer or computer network to make or cause to be made 
anunauthorized copy, in any form, including, but not limited to, any printed 
orelectronic form of computer data, computer programs or computer 
softwareresiding in, communicated by, or produced by a computer or computer 
network.

7. [Repealed.]

B. Any person who violates this section shall be guilty of computer 
trespass,which offense shall be punishable as a Class 1 misdemeanor. If there 
isdamage to the property of another valued at $1,000 or more caused by 
suchperson's act in violation of this section, the offense shall be punishable 
asa Class 6 felony.

C. Nothing in this section shall be construed to interfere with or 
prohibitterms or conditions in a contract or license related to computers, 
computerdata, computer networks, computer operations, computer programs, 
computerservices, or computer software or to create any liability by reason of 
termsor conditions adopted by, or technical measures implemented by, 
aVirginia-based electronic mail service provider to prevent the transmissionof 
unsolicited electronic mail in violation of this article. Nothing in 
thissection shall be construed to prohibit the monitoring of computer usage 
of,the otherwise lawful copying of data of, or the denial of computer 
orInternet access to a minor by a parent or legal guardian of the minor.

Doesn’t really seem to fit the bill, either.

First, I think you have a hard time proving “malicious intent” from just a port 
scan without other activity.

However, even if you do, it’s hard to imagine how a port scan would meet any of 
the 6 tests stated.

Care to try again?

Owen

Re: Stop IPv6 Google traffic

[Rubens Kuhl]

On Mon, Apr 11, 2016 at 5:56 PM, Ricky Beam  wrote:

> On Sun, 10 Apr 2016 20:09:04 -0400, Rubens Kuhl  wrote:
>
>> If your users are seeing captchas, one or a few or them are likely to be
>> infected to the point of generating too much requests to Google.
>>
>
> If that were the case, they'd be seeing the same via IPv4. And apparently,
> they aren't.
>

Nope. If you have both A and  IP addresses in DNS responses and have
both IPv4 and IPv6 connectivity, IPv6 will be preferred, with even a bit of
latency handicap favoring IPv6 in current Happy Eyeballs implementations.
Remember that the symptom is not unresponsive website, but an answer with
an inconvenience (the captcha), so the browser and the network stack won't
deem it as IPv6 load failure.



> This also points out the problems with *ASSUMING* you know the size of
> someone's netblock. If you think "/64", then you'd be wrong. Just as
> wrong as assuming all IPv4 is "/24". And on the same side of that coin
> is the over-reaching "block all of Asia" blacklist. Sure, that'll kill
> a heap of nonsense, but if you actually have business in Asia...
>


> (Yes, *I* banish APNIC. "works for me", not recommended for others.)
>

One known issue in both APNIC and LACNIC regions is that some addresses are
indeed countries instead of single networks, due to NIRs (National Internet
Registries).


Rubens

Re: Stop IPv6 Google traffic

[Ricky Beam]

On Sun, 10 Apr 2016 20:09:04 -0400, Rubens Kuhl  wrote:

If your users are seeing captchas, one or a few or them are likely to be
infected to the point of generating too much requests to Google.


If that were the case, they'd be seeing the same via IPv4. And apparently,
they aren't.

This also points out the problems with *ASSUMING* you know the size of
someone's netblock. If you think "/64", then you'd be wrong. Just as
wrong as assuming all IPv4 is "/24". And on the same side of that coin
is the over-reaching "block all of Asia" blacklist. Sure, that'll kill
a heap of nonsense, but if you actually have business in Asia...

(Yes, *I* banish APNIC. "works for me", not recommended for others.)

Re: GeoIP database issues and the real world consequences

[Valdis . Kletnieks]

On Mon, 11 Apr 2016 21:13:48 +0200, Niels Bakker said:
> * baldur.nordd...@gmail.com (Baldur Norddahl) [Mon 11 Apr 2016, 21:02 CEST]:
> >They should stop giving out coordinates on houses period. Move the
> >coordinate to the nearest street intersection if you need to be that
> >precise (I would prefer nearest town square). Anything more than that
> >should be illegal.
>
> That's going to make USPS's and FedEx's lives a lot harder.

Are they in the habit of delivering to a location identified by an IP
address?  I've never managed to get either one to deliver to anything
other than a street address (and in fact, we recently had to assign street
addresses to all the buildings on campus because too many GPS-based programs
only work on street addresses, not building names).


pgpOAJe01I3GQ.pgp
Description: PGP signature

Re: GeoIP database issues and the real world consequences

[Niels Bakker]

* baldur.nordd...@gmail.com (Baldur Norddahl) [Mon 11 Apr 2016, 21:02 CEST]:

They should stop giving out coordinates on houses period. Move the
coordinate to the nearest street intersection if you need to be that
precise (I would prefer nearest town square). Anything more than that
should be illegal.


That's going to make USPS's and FedEx's lives a lot harder.


-- Niels.

Re: how to deal with port scan and brute force attack from AS 8075 ?

[William Herrin]

On Mon, Apr 11, 2016 at 2:18 PM, Owen DeLong  wrote:
> On Apr 7, 2016, at 07:41 , William Herrin  wrote:
> On Thu, Mar 31, 2016 at 5:36 AM, Bacon Zombie  wrote:
>
> I would ignore the portscans since there is nothing wrong with portscanning
> the Internet.
>
> You might want to check with your lawyer on that. If you
> _intentionally_ port-scan a computer located in Virginia without the
> owner's permission (and do nothing else, just port-scan it) it's a
> class 3 misdemeanor under 18.2-152.1, et seq. That's up to a $500 fine
> for each computer you scan. By comparison, shoplifting is a class 1
> misdemeanor while possession of a schedule V narcotic is another class
> 3.
>
> I think you’re on shaky ground here.
>
> 18.2-152.3 reads:

That's computer fraud. You want § 18.2-152.4, computer trespass.

-Bill



-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Owner, Dirtside Systems . Web: 

Re: GeoIP database issues and the real world consequences

[Sean Donelan]

On Mon, 11 Apr 2016, Laszlo Hanyecz wrote:
I imagine some consumers of the data will 'correct' the position to fall on 
the nearest road in front of the nearest house.


If GeoIP insists on giving a specific lon/lat, instead of an uncertaintity 
how about using locations such as the followign as the "default I don't 
know where it is"


United States: 38.8899 N, 77.0091 W (U.S. Capital Building)
Missouri: 38.5792 N, 92.1729 W (Missouri State Capital Building)

After the legislators get tired of the police raiding the capital 
buildings, they will probably do something to fix it.

Re: GeoIP database issues and the real world consequences

[Baldur Norddahl]

On 11 April 2016 at 20:15, John Levine  wrote:

> Oh, heck, you know better than that.  You can put in all the flags and
> warnings you want, but if it returns an address, nitwits will show up
> at the address with guns.
>
> Bodies of water probably are the least bad alternative.  I wonder if
> they're going to hydrolocate all of the unknown addresses, or only the
> ones where they get publically shamed.
>

They should stop giving out coordinates on houses period. Move the
coordinate to the nearest street intersection if you need to be that
precise (I would prefer nearest town square). Anything more than that
should be illegal.

Regards,

Baldur

Re: GeoIP database issues and the real world consequences

[Laszlo Hanyecz]

On 2016-04-11 18:15, John Levine wrote:



Bodies of water probably are the least bad alternative.  I wonder if
they're going to hydrolocate all of the unknown addresses, or only the
ones where they get publically shamed.

R's,
John


I imagine some consumers of the data will 'correct' the position to fall 
on the nearest road in front of the nearest house.


-Laszlo

Re: how to deal with port scan and brute force attack from AS 8075 ?

[Jared Mauch]

> On Apr 11, 2016, at 2:18 PM, Owen DeLong  wrote:
> 
> I could be wrong, IANAL, but I’d be surprised if a mere portscan would 
> actually be treated as a violation for the reasons cited above.
> 
>> Not that I've ever heard of someone being fined but you're definitely
>> in to "something wrong" territory.
> 
> I don’t think you’ve made your case for “definite” so far. I agree you might 
> be at risk from an overzealous prosecutor and an activist judge that hates 
> hackers for some reason, but short of that, I think you’re unlikely to run 
> afoul of this statute just on a port scan.
> 

my experience in talking to the DoJ in the US is this is not going to illicit 
any sort of a response.

I will say that the number of people who “set up a tool” to watch for activity 
then claim things like a DNS packet or backscatter from DDoS represent a log-on 
attempt generates the most amusing email to read.

- Jared

Re: GeoIP database issues and the real world consequences

[Laszlo Hanyecz]

Why not use the locations of their own homes?  They're indirectly 
sending mobs to randomly chosen locations.  There's enough middle men 
involved so they can all say they're doing nothing wrong, but wrong is 
being done.


-Laszlo


On 2016-04-11 17:34, Steve Mikulasik wrote:

Just so everyone is clear, Maxmind is changing their default locations.

" Now that I’ve made MaxMind aware of the consequences of the default locations it’s 
chosen, Mather says they’re going to change them. They are picking new default locations 
for the U.S. and Ashburn, Virginia that are in the middle of bodies of water, rather than 
people’s homes."

Re: how to deal with port scan and brute force attack from AS 8075 ?

[Owen DeLong]

> On Apr 7, 2016, at 07:41 , William Herrin  wrote:
> 
> On Thu, Mar 31, 2016 at 5:36 AM, Bacon Zombie  wrote:
>> I would ignore the portscans since there is nothing wrong with portscanning
>> the Internet.
> 
> You might want to check with your lawyer on that. If you
> _intentionally_ port-scan a computer located in Virginia without the
> owner's permission (and do nothing else, just port-scan it) it's a
> class 3 misdemeanor under 18.2-152.1, et seq. That's up to a $500 fine
> for each computer you scan. By comparison, shoplifting is a class 1
> misdemeanor while possession of a schedule V narcotic is another class
> 3.

I think you’re on shaky ground here.

18.2-152.3 reads:

Any person who uses a computer or computer network, without authority and:
1. Obtains property or services by false pretenses;
2. Embezzles or commits larceny; or
3. Converts the property of another;
is guilty of the crime of computer fraud.
If the value of the property or services obtained is $200 or more, the crime of 
computer fraud shall be punishable as a Class 5 felony. Where the value of the 
property or services obtained is less than $200, the crime of computer fraud 
shall be punishable as a Class 1 misdemeanor.

The requirements here are to meet at least one of the 3 tests listed.

I think it’s rather hard to claim that a portscan by itself “obtained property 
or services by false pretenses”.
I think it’s even harder to claim that it constitutes “embezzling” or “larceny”.
I also think you’d have a tough time arguing that eliciting a response packet 
to one or more packets actually constitutes conversion of property.

So I don’t see how you’d make much of a case for a port-scan being a violation 
of 18.2-152.1 et. seq.

I think the argument, rather easily, could be made that a port-scan is the 
internet equivalent of a door-knock. By itself, it doesn’t constitute unlawful 
entry. Now, a persistent door-knock might constitute some form of harassment 
and frequent or continuous port-scans could be argued to be a form of denial of 
service (which would constitute conversion), but the odd port-scan is unlikely 
to meet the tests under the law you cited.

> A key word here is "intentionally." Poking at it by mistake (e.g. you
> thought it was a different computer which you had the authority to
> scan) is not a crime. Nor, most likely, is less aggressive behavior
> which would not ordinarily be part of gaining unauthorized access,
> such as pinging or tracerouting.

I could be wrong, IANAL, but I’d be surprised if a mere portscan would actually 
be treated as a violation for the reasons cited above.

> Not that I've ever heard of someone being fined but you're definitely
> in to "something wrong" territory.

I don’t think you’ve made your case for “definite” so far. I agree you might be 
at risk from an overzealous prosecutor and an activist judge that hates hackers 
for some reason, but short of that, I think you’re unlikely to run afoul of 
this statute just on a port scan.


Owen

Re: GeoIP database issues and the real world consequences

[John Levine]

>The problem with MaxMind (and other geoip databases I've seen that do Lat/Long 
>as well as Country / State / Town) is that the
>data doesn't include uncertainty, so it returns "38.0/-97.0" rather than 
>"somewhere in a 3000 mile radius circle centered on
>38.0/-97.0".
>
>Someone should show them RFC 1876 as an example of better practice.

Oh, heck, you know better than that.  You can put in all the flags and
warnings you want, but if it returns an address, nitwits will show up
at the address with guns.

Bodies of water probably are the least bad alternative.  I wonder if
they're going to hydrolocate all of the unknown addresses, or only the
ones where they get publically shamed.

R's,
John

Re: GeoIP database issues and the real world consequences

[John Levine]

In article <90136824.12309.1460396310889.JavaMail.mhammett@ThunderFuck> you 
write:
>So they launch exhaustive and expensive searches of lakes instead? :-) 

I'm starting a new chain of kiosks that rent wet suits and snorkels.

R's,
John

RE: GeoIP database issues and the real world consequences

[Steve Mikulasik]

I imagine it might look something like this http://i.imgur.com/HlpOXP0.jpg



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mike Hammett
Sent: Monday, April 11, 2016 11:39 AM
Cc: nanog@nanog.org
Subject: Re: GeoIP database issues and the real world consequences

So they launch exhaustive and expensive searches of lakes instead? :-) 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 



Midwest Internet Exchange 
http://www.midwest-ix.com 


- Original Message -

From: "Steve Mikulasik"  
To: nanog@nanog.org 
Sent: Monday, April 11, 2016 12:34:35 PM 
Subject: RE: GeoIP database issues and the real world consequences 

Just so everyone is clear, Maxmind is changing their default locations. 

" Now that I’ve made MaxMind aware of the consequences of the default locations 
it’s chosen, Mather says they’re going to change them. They are picking new 
default locations for the U.S. and Ashburn, Virginia that are in the middle of 
bodies of water, rather than people’s homes." 

Re: GeoIP database issues and the real world consequences

[Jared Mauch]

> On Apr 11, 2016, at 1:34 PM, Steve Mikulasik  
> wrote:
> 
> Just so everyone is clear, Maxmind is changing their default locations.
> 
> " Now that I’ve made MaxMind aware of the consequences of the default 
> locations it’s chosen, Mather says they’re going to change them. They are 
> picking new default locations for the U.S. and Ashburn, Virginia that are in 
> the middle of bodies of water, rather than people’s homes."

The middle of lake superior and hudson bay would be good choices for the US and 
Canada.

Quick, run a commercial diving team with on-call at the nearest ports.

- Jared

Re: GeoIP database issues and the real world consequences

[Mike Hammett]

So they launch exhaustive and expensive searches of lakes instead? :-) 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 



Midwest Internet Exchange 
http://www.midwest-ix.com 


- Original Message -

From: "Steve Mikulasik"  
To: nanog@nanog.org 
Sent: Monday, April 11, 2016 12:34:35 PM 
Subject: RE: GeoIP database issues and the real world consequences 

Just so everyone is clear, Maxmind is changing their default locations. 

" Now that I’ve made MaxMind aware of the consequences of the default locations 
it’s chosen, Mather says they’re going to change them. They are picking new 
default locations for the U.S. and Ashburn, Virginia that are in the middle of 
bodies of water, rather than people’s homes." 

RE: GeoIP database issues and the real world consequences

[Steve Mikulasik]

Just so everyone is clear, Maxmind is changing their default locations.

" Now that I’ve made MaxMind aware of the consequences of the default locations 
it’s chosen, Mather says they’re going to change them. They are picking new 
default locations for the U.S. and Ashburn, Virginia that are in the middle of 
bodies of water, rather than people’s homes."

Re: GeoIP database issues and the real world consequences

[Steve Atkins]

> On Apr 11, 2016, at 10:11 AM, Hugo Slabbert  wrote:
> 
> 
> On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase  wrote:
> 
>> TL;DR: GeoIP put unknown IP location mappings to the 'center of the country'
>> but then rounded off the lat long so it points at this farm.
>> 
>> Cant believe law enforcement is using this kind of info to execute searches.
>> Wouldnt that undermine the credibility of any evidence brought up in trials
>> for any geoip locates?
>> 
>> Seems to me locating unknowns somewhere in the middle of a big lake or park 
>> in
>> the center of the country might be a better idea.
> 
> ...how about actually marking an unknown as...oh, I dunno: "unknown"?  Is 
> there no analogue in the GeoIP lookups for a 404?

It's not unknown - it's (according to the DB, anyway, which has a bunch of 
flaws) "in the US somewhere".

The problem with MaxMind (and other geoip databases I've seen that do Lat/Long 
as well as Country / State / Town) is that the data doesn't include 
uncertainty, so it returns "38.0/-97.0" rather than "somewhere in a 3000 mile 
radius circle centered on 38.0/-97.0".

Someone should show them RFC 1876 as an example of better practice.

Cheers,
  Steve

Re: GeoIP database issues and the real world consequences

[Ken Chase]

Well they DO know the IP location is within the USA - many apps use the GeoIP
API and require a lat/long returned, and some need one that lands within a
country border (thus my suggestion of middle of a remote wilderness park - let
the cops search some desolate remote desert in nevada amirite?)

MaxMind might not want the quality hit for a 0,0 answer (as funny as that would 
be).

(my 'middle of a lake in the middle of the country' retains some of that 
mischievous
win however.)

/kc


On Mon, Apr 11, 2016 at 01:14:37PM -0400, Josh Luthman said:
  >Or 0,0, send the FBI to Africa on a boating trip.  that would probably be
  >easier than "unknown" or "null".
  >
  >
  >Josh Luthman
  >Office: 937-552-2340
  >Direct: 937-552-2343
  >1100 Wayne St
  >Suite 1337
  >Troy, OH 45373
  >
  >On Mon, Apr 11, 2016 at 1:11 PM, Hugo Slabbert  wrote:
  >
  >>
  >> On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase  wrote:
  >>
  >> TL;DR: GeoIP put unknown IP location mappings to the 'center of the
  >>> country'
  >>> but then rounded off the lat long so it points at this farm.
  >>>
  >>> Cant believe law enforcement is using this kind of info to execute
  >>> searches.
  >>> Wouldnt that undermine the credibility of any evidence brought up in
  >>> trials
  >>> for any geoip locates?
  >>>
  >>> Seems to me locating unknowns somewhere in the middle of a big lake or
  >>> park in
  >>> the center of the country might be a better idea.
  >>>
  >>
  >> ...how about actually marking an unknown as...oh, I dunno: "unknown"?  Is
  >> there no analogue in the GeoIP lookups for a 404?
  >>
  >>
  >>> /kc
  >>>
  >>
  >> --
  >> Hugo Slabbert   | email, xmpp/jabber: h...@slabnet.com
  >> pgp key: B178313E   | also on Signal
  >>
  >>
  >>
  >>> On Mon, Apr 11, 2016 at 11:55:11AM -0500, Chris Boyd said:
  >>>  >
  >>>  >Interesting article.
  >>>  >
  >>>  >http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/
  >>>  >
  >>>  >An hour???s drive from Wichita, Kansas, in a little town called Potwin,
  >>>  >there is a 360-acre piece of land with a very big problem.
  >>>  >
  >>>  >The plot has been owned by the Vogelman family for more than a hundred
  >>>  >years, though the current owner, Joyce Taylor n??e Vogelman, 82, now
  >>>  >rents it out. The acreage is quiet and remote: a farm, a pasture, an old
  >>>  >orchard, two barns, some hog shacks and a two-story house. It???s the
  >>> kind
  >>>  >of place you move to if you want to get away from it all. The nearest
  >>>  >neighbor is a mile away, and the closest big town has just 13,000
  >>>  >people. It is real, rural America; in fact, it???s a two-hour drive from
  >>>  >the exact geographical center of the United States.
  >>>  >
  >>>  >But instead of being a place of respite, the people who live on Joyce
  >>>  >Taylor???s land find themselves in a technological horror story.
  >>>  >
  >>>  >
  >>>  >For the last decade, Taylor and her renters have been visited by all
  >>>  >kinds of mysterious trouble. They???ve been accused of being identity
  >>>  >thieves, spammers, scammers and fraudsters. They???ve gotten visited by
  >>>  >FBI agents, federal marshals, IRS collectors, ambulances searching for
  >>>  >suicidal veterans, and police officers searching for runaway children.
  >>>  >They???ve found people scrounging around in their barn. The renters have
  >>>  >been doxxed, their names and addresses posted on the internet by
  >>>  >vigilantes. Once, someone left a broken toilet in the driveway as a
  >>>  >strange, indefinite threat.
  >>>  >
  >>>  >--Chris
  >>>  >
  >>>
  >>

Re: GeoIP database issues and the real world consequences

[Blair Trosper]

Has happened in Atlanta, too, due to (what I think) was a lookup on the
ASN's whois, which wasn't specific:
http://fusion.net/story/214995/find-my-phone-apps-lead-to-wrong-home/

On Mon, Apr 11, 2016 at 9:55 AM, Chris Boyd  wrote:

>
> Interesting article.
>
> http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/
>
> An hour’s drive from Wichita, Kansas, in a little town called Potwin,
> there is a 360-acre piece of land with a very big problem.
>
> The plot has been owned by the Vogelman family for more than a hundred
> years, though the current owner, Joyce Taylor née Vogelman, 82, now
> rents it out. The acreage is quiet and remote: a farm, a pasture, an old
> orchard, two barns, some hog shacks and a two-story house. It’s the kind
> of place you move to if you want to get away from it all. The nearest
> neighbor is a mile away, and the closest big town has just 13,000
> people. It is real, rural America; in fact, it’s a two-hour drive from
> the exact geographical center of the United States.
>
> But instead of being a place of respite, the people who live on Joyce
> Taylor’s land find themselves in a technological horror story.
>
>
> For the last decade, Taylor and her renters have been visited by all
> kinds of mysterious trouble. They’ve been accused of being identity
> thieves, spammers, scammers and fraudsters. They’ve gotten visited by
> FBI agents, federal marshals, IRS collectors, ambulances searching for
> suicidal veterans, and police officers searching for runaway children.
> They’ve found people scrounging around in their barn. The renters have
> been doxxed, their names and addresses posted on the internet by
> vigilantes. Once, someone left a broken toilet in the driveway as a
> strange, indefinite threat.
>
> --Chris
>

Re: GeoIP database issues and the real world consequences

[Josh Luthman]

Or 0,0, send the FBI to Africa on a boating trip.  that would probably be
easier than "unknown" or "null".


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Mon, Apr 11, 2016 at 1:11 PM, Hugo Slabbert  wrote:

>
> On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase  wrote:
>
> TL;DR: GeoIP put unknown IP location mappings to the 'center of the
>> country'
>> but then rounded off the lat long so it points at this farm.
>>
>> Cant believe law enforcement is using this kind of info to execute
>> searches.
>> Wouldnt that undermine the credibility of any evidence brought up in
>> trials
>> for any geoip locates?
>>
>> Seems to me locating unknowns somewhere in the middle of a big lake or
>> park in
>> the center of the country might be a better idea.
>>
>
> ...how about actually marking an unknown as...oh, I dunno: "unknown"?  Is
> there no analogue in the GeoIP lookups for a 404?
>
>
>> /kc
>>
>
> --
> Hugo Slabbert   | email, xmpp/jabber: h...@slabnet.com
> pgp key: B178313E   | also on Signal
>
>
>
>> On Mon, Apr 11, 2016 at 11:55:11AM -0500, Chris Boyd said:
>>  >
>>  >Interesting article.
>>  >
>>  >http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/
>>  >
>>  >An hour???s drive from Wichita, Kansas, in a little town called Potwin,
>>  >there is a 360-acre piece of land with a very big problem.
>>  >
>>  >The plot has been owned by the Vogelman family for more than a hundred
>>  >years, though the current owner, Joyce Taylor n??e Vogelman, 82, now
>>  >rents it out. The acreage is quiet and remote: a farm, a pasture, an old
>>  >orchard, two barns, some hog shacks and a two-story house. It???s the
>> kind
>>  >of place you move to if you want to get away from it all. The nearest
>>  >neighbor is a mile away, and the closest big town has just 13,000
>>  >people. It is real, rural America; in fact, it???s a two-hour drive from
>>  >the exact geographical center of the United States.
>>  >
>>  >But instead of being a place of respite, the people who live on Joyce
>>  >Taylor???s land find themselves in a technological horror story.
>>  >
>>  >
>>  >For the last decade, Taylor and her renters have been visited by all
>>  >kinds of mysterious trouble. They???ve been accused of being identity
>>  >thieves, spammers, scammers and fraudsters. They???ve gotten visited by
>>  >FBI agents, federal marshals, IRS collectors, ambulances searching for
>>  >suicidal veterans, and police officers searching for runaway children.
>>  >They???ve found people scrounging around in their barn. The renters have
>>  >been doxxed, their names and addresses posted on the internet by
>>  >vigilantes. Once, someone left a broken toilet in the driveway as a
>>  >strange, indefinite threat.
>>  >
>>  >--Chris
>>  >
>>
>

Re: GeoIP database issues and the real world consequences

[Hugo Slabbert]

On Mon 2016-Apr-11 13:02:14 -0400, Ken Chase  wrote:


TL;DR: GeoIP put unknown IP location mappings to the 'center of the country'
but then rounded off the lat long so it points at this farm.

Cant believe law enforcement is using this kind of info to execute searches.
Wouldnt that undermine the credibility of any evidence brought up in trials
for any geoip locates?

Seems to me locating unknowns somewhere in the middle of a big lake or park in
the center of the country might be a better idea.


...how about actually marking an unknown as...oh, I dunno: "unknown"?  Is 
there no analogue in the GeoIP lookups for a 404?




/kc


--
Hugo Slabbert   | email, xmpp/jabber: h...@slabnet.com
pgp key: B178313E   | also on Signal



On Mon, Apr 11, 2016 at 11:55:11AM -0500, Chris Boyd said:
 >
 >Interesting article.
 >
 >http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/
 >
 >An hour???s drive from Wichita, Kansas, in a little town called Potwin,
 >there is a 360-acre piece of land with a very big problem.
 >
 >The plot has been owned by the Vogelman family for more than a hundred
 >years, though the current owner, Joyce Taylor n??e Vogelman, 82, now
 >rents it out. The acreage is quiet and remote: a farm, a pasture, an old
 >orchard, two barns, some hog shacks and a two-story house. It???s the kind
 >of place you move to if you want to get away from it all. The nearest
 >neighbor is a mile away, and the closest big town has just 13,000
 >people. It is real, rural America; in fact, it???s a two-hour drive from
 >the exact geographical center of the United States.
 >
 >But instead of being a place of respite, the people who live on Joyce
 >Taylor???s land find themselves in a technological horror story.
 >
 >
 >For the last decade, Taylor and her renters have been visited by all
 >kinds of mysterious trouble. They???ve been accused of being identity
 >thieves, spammers, scammers and fraudsters. They???ve gotten visited by
 >FBI agents, federal marshals, IRS collectors, ambulances searching for
 >suicidal veterans, and police officers searching for runaway children.
 >They???ve found people scrounging around in their barn. The renters have
 >been doxxed, their names and addresses posted on the internet by
 >vigilantes. Once, someone left a broken toilet in the driveway as a
 >strange, indefinite threat.
 >
 >--Chris
 >


signature.asc
Description: Digital signature

Re: GeoIP database issues and the real world consequences

[Ken Chase]

TL;DR: GeoIP put unknown IP location mappings to the 'center of the country'
but then rounded off the lat long so it points at this farm.

Cant believe law enforcement is using this kind of info to execute searches.
Wouldnt that undermine the credibility of any evidence brought up in trials
for any geoip locates?

Seems to me locating unknowns somewhere in the middle of a big lake or park in
the center of the country might be a better idea.

/kc

On Mon, Apr 11, 2016 at 11:55:11AM -0500, Chris Boyd said:
  >
  >Interesting article.
  >
  >http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/
  >
  >An hour???s drive from Wichita, Kansas, in a little town called Potwin,
  >there is a 360-acre piece of land with a very big problem.
  >
  >The plot has been owned by the Vogelman family for more than a hundred
  >years, though the current owner, Joyce Taylor n??e Vogelman, 82, now
  >rents it out. The acreage is quiet and remote: a farm, a pasture, an old
  >orchard, two barns, some hog shacks and a two-story house. It???s the kind
  >of place you move to if you want to get away from it all. The nearest
  >neighbor is a mile away, and the closest big town has just 13,000
  >people. It is real, rural America; in fact, it???s a two-hour drive from
  >the exact geographical center of the United States.
  >
  >But instead of being a place of respite, the people who live on Joyce
  >Taylor???s land find themselves in a technological horror story.
  >
  >
  >For the last decade, Taylor and her renters have been visited by all
  >kinds of mysterious trouble. They???ve been accused of being identity
  >thieves, spammers, scammers and fraudsters. They???ve gotten visited by
  >FBI agents, federal marshals, IRS collectors, ambulances searching for
  >suicidal veterans, and police officers searching for runaway children.
  >They???ve found people scrounging around in their barn. The renters have
  >been doxxed, their names and addresses posted on the internet by
  >vigilantes. Once, someone left a broken toilet in the driveway as a
  >strange, indefinite threat.
  >
  >--Chris
  >

GeoIP database issues and the real world consequences

[Chris Boyd]

Interesting article.

http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/

An hour’s drive from Wichita, Kansas, in a little town called Potwin,
there is a 360-acre piece of land with a very big problem.

The plot has been owned by the Vogelman family for more than a hundred
years, though the current owner, Joyce Taylor née Vogelman, 82, now
rents it out. The acreage is quiet and remote: a farm, a pasture, an old
orchard, two barns, some hog shacks and a two-story house. It’s the kind
of place you move to if you want to get away from it all. The nearest
neighbor is a mile away, and the closest big town has just 13,000
people. It is real, rural America; in fact, it’s a two-hour drive from
the exact geographical center of the United States.

But instead of being a place of respite, the people who live on Joyce
Taylor’s land find themselves in a technological horror story.


For the last decade, Taylor and her renters have been visited by all
kinds of mysterious trouble. They’ve been accused of being identity
thieves, spammers, scammers and fraudsters. They’ve gotten visited by
FBI agents, federal marshals, IRS collectors, ambulances searching for
suicidal veterans, and police officers searching for runaway children.
They’ve found people scrounging around in their barn. The renters have
been doxxed, their names and addresses posted on the internet by
vigilantes. Once, someone left a broken toilet in the driveway as a
strange, indefinite threat.

--Chris

Re: Stop IPv6 Google traffic

[Bjørn Mork]

b...@theworld.com writes:

> It seems like every technical list is over-run with
> meta-conversations, how do I (blah), WHY WOULD YOU WANT TO (blah)?!?!

It is reasonable to expect anyone asking for help to describe the
process leading up to the situation where they are stuck.  I'd say it is
rare that such an explanation can be given without describing the
original problem.

If you are worrying about these meta discussions, then I'd suggest
killng them off in the first place by simply answering the questions
before they are asked.



Bjørn