EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

[Peter Eckersley]

Dear network operators,

I'm sure this is a controversial topic in the NANOG community, but EFF and a
number of ISPs and networking companies are writing to Congress opposing the
repeal of the FCC's broadband privacy rules, which require explicit opt-in
consent before ISPs use or sell sensitive, non-anonymized data (including
non-anonymized locations and browsing histories).

If you or your employer would like to sign on to such a letter, please reply
off-list by midday Monday with your name, and a one-sentence description of
your affiliation and/or major career accomplishments. 

Back story on what's happening:

https://www.eff.org/deeplinks/2017/03/five-creepy-things-your-isp-could-do-if-congress-repeals-fccs-privacy-protections
https://www.eff.org/deeplinks/2017/03/senate-puts-isp-profits-over-your-privacy
https://www.eff.org/deeplinks/2017/02/congress-contemplating-making-it-illegal-protect-consumer-privacy-online

Summary of the FCC Broadband Privacy Rules themselves:

https://apps.fcc.gov/edocs_public/attachmatch/FCC-16-148A1.pdf

-- 
Peter Eckersleyp...@eff.org
Chief Computer Scientist  Tel  +1 415 436 9333 x131
Electronic Frontier FoundationFax  +1 415 436 9993

VPS plus email

[Samual Carman]

Howdy y'all I would like to know if if anyone can recommend a good VPS to run a 
exchange server as well as host a website I would like to set up an exchange 
server with a  professional email address unless you guys can recommend a 
different approach I should take to get a professionaladdress so it would 
look better on resumes etc and I can consolidate all my various email accounts 
to one I could consider switching to google apps and or Microsoft outlook 
unless there are other better providers out there I am in college so if there 
are any special programs please feel free to advice me of such Feel free to 
private message me 
Not sure if this is allowed the rules where murkey on this 
Get Outlook for iOS

Re: VPS plus email

[mike . lyon]

Keep it simple. Google Apps.

> On Mar 27, 2017, at 12:16, Samual Carman  wrote:
> 
> Howdy y'all I would like to know if if anyone can recommend a good VPS to run 
> a exchange server as well as host a website I would like to set up an 
> exchange server with a  professional email address unless you guys can 
> recommend a different approach I should take to get a professionaladdress 
> so it would look better on resumes etc and I can consolidate all my various 
> email accounts to one I could consider switching to google apps and or 
> Microsoft outlook unless there are other better providers out there I am in 
> college so if there are any special programs please feel free to advice me of 
> such Feel free to private message me 
> Not sure if this is allowed the rules where murkey on this 
> Get Outlook for iOS

Re: VPS plus email

[Aaron C. de Bruyn via NANOG]

Easy solution if you don't know how to configure e-mail:  Google Apps
for Business.  $5/user/month.

Cheaper solution than Exchange: $5/mo Digital Ocean server running
something like Dovecot and Haraka to handle e-mail.

If you don't want to leave Microsoft, I believe Outlook premium will
do what you want: https://premium.outlook.com/

Or pony up for Office 365.

-A

On Mon, Mar 27, 2017 at 12:16 PM, Samual Carman  wrote:
> Howdy y'all I would like to know if if anyone can recommend a good VPS to run 
> a exchange server as well as host a website I would like to set up an 
> exchange server with a  professional email address unless you guys can 
> recommend a different approach I should take to get a professionaladdress 
> so it would look better on resumes etc and I can consolidate all my various 
> email accounts to one I could consider switching to google apps and or 
> Microsoft outlook unless there are other better providers out there I am in 
> college so if there are any special programs please feel free to advice me of 
> such Feel free to private message me
> Not sure if this is allowed the rules where murkey on this
> Get Outlook for iOS

Fwd: [ARIN-consult] Community Consultation on CKN23-ARIN Now Open

[John Curran]

NANOGers -

We have initiated a community consultation on a possible restructuring of 
existing
information in the ARIN registry – this is to address the long-standing 
concern that
some have expressed with the association of a “No Contact Known” 
point-of-contact
(POC) in some registry records that may have potentially valid Admin and 
Tech
contact information.

If you have hold a strong view on this matter, please see the attached 
consultation
announcement and participate in the discussion on the open 
arin-cons...@arin.net
mailing list 

Thanks!
/John

John Curran
President and CEO
ARIN

===

Begin forwarded message:

From: ARIN mailto:i...@arin.net>>
Subject: [ARIN-consult] Community Consultation on CKN23-ARIN Now Open
Date: 22 March 2017 at 1:24:12 PM EDT
To: mailto:arin-cons...@arin.net>>

There are thousands of instances of the ARIN Point of Contact (POC)
handle “No, Contact Known” or CKN23-ARIN registered in the ARIN
database, most of them associated with legacy resource records. ARIN
would like the community to review the history of this situation and the
proposed solution and provide us with their feedback.

The creation and addition of this POC handle was due to a combination of
factors.

* In 2002, a database conversion project was done at ARIN that
created a new database structure and added a new record type
(Organization ID) as well as new POC types (Admin, Tech, Abuse and NOC).
When an Org ID didn’t have a clear POC that had been recently updated or
vetted by ARIN staff, the original resource POC remained on the resource
record only and no POCs were added to the Org record at all.
* In a later 2011 database conversion, reverse DNS delegation
switched from per-net to per-zone. This created significant hijacking
potential by allowing resource POCs to change their reverse delegation
without first being verified by staff as legitimate.
* Also in 2011, ARIN added a new business rule that required an Admin
and a Tech POC on all Org records as a way of enhancing data quality.
* Policy 2010-14 was implemented in 2011 and required Abuse POCs on
all Org records.

In order to maintain ARIN’s business rules, comply with policy 2010-14,
and prevent hijackings, several actions were initiated by staff:

* CKN23-ARIN was created to become the Admin and Tech POC on Orgs
that lacked them
* Resource POCs of legacy networks that had never been updated or
validated by ARIN were moved to the Organization record as the Abuse POC
* ARIN’s verification and vetting requirements were thus reinstated
as the Abuse POC had to be vetted before making any changes to the
record, and therefore could not hijack the resource by adding or
changing the nameservers

Over time, the above actions have created several issues:

* It is easy for hijackers to identify and target records with CKN23
(no contact known) as the handle
* POCs that were moved from resource tech to Org abuse are not happy
about no longer having control of their resource record

There are several different courses of action that ARIN could take to
resolve the current situation.

Option 1

Retain the current status and do nothing

Option 2

Restore the resource POCs back to their original state on the
resource record keeping in mind that this would open up the hijacking
risk by giving the original resource POC control of the network without
a verification process
 * Retain the Abuse POC on the Org record
 * Retain CKN23-ARIN as Org POC

Option 3 - **Recommended option**

Restore the resource POC back to their original state on the
resource record.   This will allow contacts historically associated with
a resource record to more readily administer that record going forward.
 * Retain the Abuse POC on the Org
 * Replace CKN23-ARIN with a handle that better explains the record’s
status (e.g. “Legacy Record – See Resource POC”)
 * Lock all resources associated with these legacy records who have
had their resource POC restored. This would ensure that any changes made
by the resource POC would first have to be reviewed by ARIN.

We would like to thank the ARIN Services Working Group (WG) for their
helpful review of the proposed change – while the ARIN Services WG did
not take a formal position in support of or in opposition of the
proposed change, their review led to improvements in presentation of the
options

We are seeking community feedback on this proposed change (Option #3) to
the ARIN Registry database.

This consultation will remain open for 60 days - Please provide comments
to arin-cons...@arin.net.

Discussion on arin-cons...@arin.net will close on 
22 May 2017.

If you have any questions, please contact us at 
i...@arin.net.

Regards,

John Curran
President and CEO
American Registry for Internet Numbers (ARI

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

[Brett Glass]

All:

It's worth noting that most of EFF's list consists of individuals 
and/or politically connected organizations, not actual ISPs. This 
is for good reason. EFF was founded with the intention of creating 
a civil rights organization but has morphed into a captive 
corporate lobbying shop for Google, to which several of its board 
members have close financial ties. EFF opposes the interests of 
hard working ISPs and routinely denigrates them and attempts to 
foster promotes hatred of them. It also promotes and lobbies for 
regulations which advantage Google and disadvantage ISPs -- 
including the so-called "broadband privacy" regulations, which 
heavily burden ISPs while exempting Google from all oversight.


No knowledgeable network professional or ISP would support the 
current FCC rules. Both they AND the FCC's illegal Title II 
classification of ISPs must be rolled back, restoring the FTC's 
ability to apply uniform and apolitical privacy standards to all of 
the players in the Internet ecosystem. The first step is to support 
S.J. Res 34/H.J. Res 86, the Congressional resolution which would 
revoke the current FCC regulations that were written and paid for 
by Google and its lobbyists. So, DO contact  your legislators... 
but do so in support of the resolutions that will repeal the 
regulations. It is vital to the future of the Internet.


--Brett Glass, Owner and Founder, LARIAT.NET

At 05:05 PM 3/26/2017, Peter Eckersley wrote:


Dear network operators,

I'm sure this is a controversial topic in the NANOG community, but EFF and a
number of ISPs and networking companies are writing to Congress opposing the
repeal of the FCC's broadband privacy rules, which require explicit opt-in
consent before ISPs use or sell sensitive, non-anonymized data (including
non-anonymized locations and browsing histories).

If you or your employer would like to sign on to such a letter, please reply
off-list by midday Monday with your name, and a one-sentence description of
your affiliation and/or major career accomplishments.

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

[Patrick W. Gilmore]

I am somehow please that Mr. Glass does not find me a “knowledgeable network 
professional”. It feels like a badge of honor. Any other “not” knowledgeable 
network professionals want to come forward and accept this badge?

Personally, I find the FCC’s current rules to be sub-optimal. But saying a 
gov’t regulation is sub-optimal is like saying water is wet. The question is 
not whether the regulation could be improved. It is whether the proposed 
changes are an improvement.

To be 1% clear: I prefer the current privacy regime over the new one being 
proposed.

Oh, and I do not believe the EFF is just a shill for Google. But then, I’m just 
a not knowledgeable network professional, so what do I know?

-- 
TTFN,
patrick

> On Mar 27, 2017, at 7:13 PM, Brett Glass  wrote:
> 
> All:
> 
> It's worth noting that most of EFF's list consists of individuals and/or 
> politically connected organizations, not actual ISPs. This is for good 
> reason. EFF was founded with the intention of creating a civil rights 
> organization but has morphed into a captive corporate lobbying shop for 
> Google, to which several of its board members have close financial ties. EFF 
> opposes the interests of hard working ISPs and routinely denigrates them and 
> attempts to foster promotes hatred of them. It also promotes and lobbies for 
> regulations which advantage Google and disadvantage ISPs -- including the 
> so-called "broadband privacy" regulations, which heavily burden ISPs while 
> exempting Google from all oversight.
> 
> No knowledgeable network professional or ISP would support the current FCC 
> rules. Both they AND the FCC's illegal Title II classification of ISPs must 
> be rolled back, restoring the FTC's ability to apply uniform and apolitical 
> privacy standards to all of the players in the Internet ecosystem. The first 
> step is to support S.J. Res 34/H.J. Res 86, the Congressional resolution 
> which would revoke the current FCC regulations that were written and paid for 
> by Google and its lobbyists. So, DO contact  your legislators... but do so in 
> support of the resolutions that will repeal the regulations. It is vital to 
> the future of the Internet.
> 
> --Brett Glass, Owner and Founder, LARIAT.NET
> 
> At 05:05 PM 3/26/2017, Peter Eckersley wrote:
> 
>> Dear network operators,
>> 
>> I'm sure this is a controversial topic in the NANOG community, but EFF and a
>> number of ISPs and networking companies are writing to Congress opposing the
>> repeal of the FCC's broadband privacy rules, which require explicit opt-in
>> consent before ISPs use or sell sensitive, non-anonymized data (including
>> non-anonymized locations and browsing histories).
>> 
>> If you or your employer would like to sign on to such a letter, please reply
>> off-list by midday Monday with your name, and a one-sentence description of
>> your affiliation and/or major career accomplishments.