Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

Your sig is fine, anyone who says otherwise needs to obtain gainful employment to occupy more free time On Fri, Apr 26, 2019 at 8:36 PM James R Cutler wrote: > --- amitch...@isipp.com wrote: > From: "Anne P. Mitchell, Esq." > > [This .sig space open to suggestions.] > > Just to continue this

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

The policy specifically states that it’s not intended towards honest mistakes, but repeated deliberate persistent behavior. Do you know of any such case involving resource holders that have signed RSAs with ARIN or any other RIR for that matter? Owen > On Apr 26, 2019, at 20:44 , William

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Fri, Apr 26, 2019 at 7:48 PM Owen DeLong wrote: > Do you honestly believe that hijackings are being committed by ARIN members or even ARIN resource holders that have signed RSAs with ARIN? Wasn't Softlayer (an ARIN resource holder) called out on this list about 14 hours ago for hijacking a

My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

--- amitch...@isipp.com wrote: From: "Anne P. Mitchell, Esq." mailto:amitch...@isipp.com>> [This .sig space open to suggestions.] Just to continue this clearly trivial discussion: I enjoy your signature. It always leaves no question regarding the posting identity.

Re: Packetstream - how does this not violate just about every provider's ToS?

> On Apr 25, 2019, at 09:10 , Mark Seiden wrote: > > feeling cranky, are we, job? (accusing an antispam expert of spamming on a > mailing list by having too long a .sig?) > but it’s true! anne runs the internet, and the rest of us (except for ICANN > GAC representatives) all accept that.

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

> The proposal is “guarantor”, or at least that’s our intent. Is not ARIN > taking the decision, is the community by means of experts. We have improved > it in the v2 that will be posted in a matter of days in RIPE, but we can’t > improve it in ARIN because simply discussing it is not allowed

Re: Packetstream - how does this not violate just about every provider's ToS?

On Fri, Apr 26, 2019 at 6:06 PM John Levine wrote: > I assumed that something this sleazy would be offshore, but their > terms of service say they're in Los Angeles. > They tricked you. https://packetstream.io/legal/privacy PacketStream 8605 Santa Monica Blvd Los Angeles, CA, 90069

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Even among the network security community the number of people who track bgp hijacks and gather data is quite small yet such people do exist and have been active in speaking for this proposal when the same thing was discussed on the ripe anti abuse wg to an expected chorus of "we are not the

Re: Packetstream - how does this not violate just about every provider's ToS?

In article <003d01d4fc27$ba0bb300$2e231900$@netconsultings.com> you write: >But isn't there a law in US that protects oblivious or outright simple-mined >population from falling for these type of "easy money" schemes by >prohibiting these types of business? If it became popular enough to be

Re: Packetstream - how does this not violate just about every provider's ToS?

In article <44a32613-a255-44eb-a094-cee68b6d088a@Spark> you write: >-=-=-=-=-=- > >particularly "interesting" when someone downloads CP (or, as it now seems to >be called, CSAM) using their >ipaddr and causes them to become a Person of Interest. I was thinking the same thing, that'll do it. Or

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

> I personally support the petition. I think the out of scope reasoning is > flawed. By enforcing minimum assignment sizes, ARIN has long acted as a > gatekeeper to the routing system, controlling who can and can not > participate. For better or worse, that puts the proposal in scope. Speaking

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

--- amitch...@isipp.com wrote: From: "Anne P. Mitchell, Esq." [This .sig space open to suggestions.] --- I don't really care about your .sig, but in general... %s/\[This .sig space open to suggestions.\]//g scott

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

> On Apr 26, 2019, at 5:49 PM, JORDI PALET MARTINEZ > wrote: > > "AP stated that at the LACNIC meeting has discussed it and they dismissed it > as out of scope." > > LACNIC will have the first meeting where this topic will be discussed in two > weeks from now. How come an AC member can

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

RSA (https://www.arin.net/about/corporate/agreements/rsa.pdf) clearly state that the services are subject to the terms and conditions stated in the policy manual. There is explicit text in case of lack of payment. Not so clear what to do if there is a policy violation, but it looks like at

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, Apr 26, 2019 at 2:36 PM Jon Lewis wrote: > Maybe I missed it in the proposal, but I don't see that it actually says > what ARIN will do other than produce a report "Yep, our expert panel says > this is hijacked.". What's the expected result (other than the report)? > i.e. What action is

Re: SoftLayer NOC contact to get two IP prefixes de-announced

Hi, the prefixes in question (144.48.82.0/24 and 185.121.178.0/24) are no longer announced today after forwarding the original email to networksupportengineers-softlayer...@wwpdl.vnet.ibm.com and peer...@softlayer.com Thanks Best regards Katie Holly On 4/26/19 10:57 PM, Sandra Murphy

Re: Disney+ CDN

but hey... they're getting transit from VZB\MCI\UUNET... so it'll be great! - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Jon Lewis" To: "NANOG" Sent: Friday, April 26, 2019

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

A policy proposal typically is not perfect when submitted. However, not having the discussion, doesn't allow to improve it and maybe then, reach consensus. It may happen that the end of the discussion is, instead of a group of experts, we need something different, or may be a compensation for

Re: Disney+ CDN

I doubt it. If they use the BAM stuff and launch in October (after World Series) the timing might be right. Sent from my iCar > On Apr 26, 2019, at 6:06 PM, Ross Tajvar wrote: > > Agreed, I noticed the single IX as well and asked them about it in my email. > If they don't expand

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

On Fri, 26 Apr 2019, JORDI PALET MARTINEZ wrote: The intent is to clearly state that this is a violation of the policies. The membership documents/bylaws or the RSA, your account may be closed. I looked at it when adapting the policy from RIPE to ARIN, don't have this information right in my

Re: Disney+ CDN

Agreed, I noticed the single IX as well and asked them about it in my email. If they don't expand aggressively in the next ~6 months, they're going to have a very problematic launch. On Fri, Apr 26, 2019 at 5:59 PM Jon Lewis wrote: > On Fri, 26 Apr 2019, Ross Tajvar wrote: > > > Yeah, I'm going

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

By the way, even if ARIN (or the community) decides to do *nothing* in case of a policy violation, clearly the victim will have a better situation to defend the case in courts, and not rely in the judgement of inexperienced folks that will know nothing about what is an Internet Resource, BGP,

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

The intent is to clearly state that this is a violation of the policies. The membership documents/bylaws or the RSA, your account may be closed. I looked at it when adapting the policy from RIPE to ARIN, don't have this information right in my mind, but I'm sure it was there. Otherwise, if

Re: Disney+ CDN

On Fri, 26 Apr 2019, Ross Tajvar wrote: Yeah, I'm going to send them an email and see if I can get ahold of their peering policy. I'm hoping they will update it as they get more attention from other networks.  They may just be procrastinating setting things up. According to bgp.he.net they are

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Not only that. I really think they have not invested enough time to read the proposal, check with the authors and then take a decision. We have got some email exchange, but clearly not sufficient. I also must state that the staff has been very helpful and diligent to clarify and support the

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, Apr 26, 2019 at 4:37 PM Jon Lewis wrote: > > Anecdotally, ARIN has, in the past, gotten involved in this sort of thing. > Many years ago, during an acquisition that went sour at the last minute, > the renegging seller went to ARIN complaining that we were hijacking his > IP space. ARIN

Re: Disney+ CDN

Sorry for the double email but I wanted to add - the ARIN org was only created in November 2018: OrgName:Disney Streaming Services OrgId: DSTL-2 Address:75 9th Ave. Address:6th Floor City: New York StateProv: NY PostalCode: 10011 Country:

Re: Disney+ CDN

Yeah, I'm going to send them an email and see if I can get ahold of their peering policy. I'm hoping they will update it as they get more attention from other networks. They may just be procrastinating setting things up. According to bgp.he.net they are only announcing one v4 /24 and one v6 /48,

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

I respect the viewpoints of those who made comments about your sig, but I do not agree. There are many things to be annoyed about. I don’t think your email signature is one of them. On Fri, Apr 26, 2019 at 17:16 Ross Tajvar wrote: > I want to clarify that while I didn't say anything (since it

Re: Disney+ CDN

On 4/26/19 4:33 PM, Ross Tajvar wrote: Looks like Disney has an ASN for their streaming service: https://www.peeringdb.com/net/15627 Helluva entry ... *crickets* *tumbleweeds*

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, 26 Apr 2019, William Herrin wrote: On Fri, Apr 26, 2019 at 9:41 AM Matt Harris wrote: Can you (or someone else on the list, perhaps even someone who was involved in voting this down) provide some more details as to why it was rejected? Hi Matt, As I understand it (someone

Re: Disney+ CDN

Looks like Disney has an ASN for their streaming service: https://www.peeringdb.com/net/15627 On Fri, Apr 26, 2019 at 5:26 PM Bryan Holloway wrote: > > On 4/12/19 2:31 PM, Chris Grundemann wrote: > > > > > > > > On Fri, Apr 12, 2019 at 3:03 PM Jared Geiger > >

Re: Disney+ CDN

On 4/12/19 2:31 PM, Chris Grundemann wrote: On Fri, Apr 12, 2019 at 3:03 PM Jared Geiger > wrote: An article mentioned BAMTech's platform which is what NHL, MLB, and HBO GO are built on. The bits from the first two come from Akamai and Level3 CDNs.

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

I want to clarify that while I didn't say anything (since it wasn't on-topic in the other thread), I also found the long signature annoying. I did not read it beyond the first 1-2 lines. I expect many more than the few people who spoke up share this opinion. While I don't feel it's appropriate

Re: My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

Oops..sorry to follow up on myself (and before anybody says anything about this, sorry/not sorry for top-posting - it's on myself after all)..but I'd meant to include this: Case in point: This very (original) thread, about Packetstream - if I had just posted the original thread, about how

My .sig (Was Re: Packetstream - how does this not violate just about every provider's ToS?)

Apparently, after many, many years of using essentially the same .sig here, it is now an issue of contention. (Well, 3 people probably does not contention make, but still...). However, as one person decided I was trying to market myself, let me address why I have all of that info in there:

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

There are factual errors in the ARIN meeting minutes. It really is a disservice that people on the AC don’t have facts about ARIN and the function of their routing registry (for example). It would be good if the ARIN AC had people that were more aware of the functions ARIN provides. If you

Re: Comcast storing WiFi passwords in cleartext?

On Fri, Apr 26, 2019, 9:31 PM Rich Kulawiec wrote: > Also, given that this is a public mailing list, lots of people who didn't > know the target existed last week could certainly know it now. > Yup, the dependency on an obscurity was inadvertently broken here. Sorry for that. Hope no one was

Re: SoftLayer NOC contact to get two IP prefixes de-announced

Hi Katie, Can you send me an email off list please? I'm going to see if I can get some movement on this for you. Thanks, ChrisP. From: Katie Holly To: NANOG list Date: 04/26/2019 08:03 AM Subject:SoftLayer NOC contact to get two IP prefixes de-announced Sent by:

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

El 26/4/19 20:25, "NANOG en nombre de Matt Harris" escribió: On Fri, Apr 26, 2019 at 12:49 PM William Herrin wrote: I personally support the petition. I think the out of scope reasoning is flawed. By enforcing minimum assignment sizes, ARIN has long acted as a gatekeeper to the routing

Re: Comcast storing WiFi passwords in cleartext?

On Thu, 25 Apr 2019 at 20:17, Doug Barton wrote: > There are two mindsets that desperately need changing in the tech world: > > 1. Do not store data that you don't have a legitimate requirement to store > 2. Do not store anything even remotely sensitive in the clear #2 might be quite complex

Re: Packetstream - how does this not violate just about every provider's ToS?

On Thu, Apr 25, 2019 at 1:06 PM Anne P. Mitchell, Esq. wrote: > > On Apr 25, 2019, at 1:41 PM, Tom Beecher wrote: > > > > It seems like just another example of liability shifting/shielding. I'll defer to Actual Lawyers obviously, but the way I see it, Packetstream doesn't have any contractual or

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

Hi, (please see inline) On Fri, 26 Apr 2019, Matt Harris wrote: (...) As far as expanding roles goes... Over the past few decades, we've all watched as the internet became less and less "wild wild west" and more and more controlled (sometimes centrally, sometimes in a more or less

Re: Comcast storing WiFi passwords in cleartext?

On Fri, Apr 26, 2019 at 07:06:40PM +0300, T??ma Gavrichenkov wrote: > Also, I've seen people who use the same password (sometimes with few easily > reversible modifications) for virtually all the purposes, from the WiFi > router up to their e-mail and banking accounts. This is one of the many

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, Apr 26, 2019 at 12:49 PM William Herrin wrote: > I personally support the petition. I think the out of scope reasoning is > flawed. By enforcing minimum assignment sizes, ARIN has long acted as a > gatekeeper to the routing system, controlling who can and can not > participate. For

Weekly Routing Table Report

This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, SANOG, PacNOG, SAFNOG TZNOG, MENOG, BJNOG, SDNOG, CMNOG, LACNOG and the RIPE Routing WG. Daily listings are sent to

Re: Packetstream - how does this not violate just about every provider's ToS?

> On Apr 26, 2019, at 11:57 AM, Mel Beckman wrote: > > Anne, > > As a lawyer, I’m sure you realize those overly broad policies are > unenforceable on their face. Phrases such as “resell...directly or > indirectly” could just as easily be interpreted to mean you can’t perform > paid

Re: Packetstream - how does this not violate just about every provider's ToS?

Anne, As a lawyer, I’m sure you realize those overly broad policies are unenforceable on their face. Phrases such as “resell...directly or indirectly” could just as easily be interpreted to mean you can’t perform paid consulting work by email over a residential link — something patently

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, Apr 26, 2019 at 9:41 AM Matt Harris wrote: > Can you (or someone else on the list, perhaps even someone who was > involved in voting this down) provide some more details as to why it was > rejected? > Hi Matt, As I understand it (someone with better knowledge feel free to correct me)

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, 26 Apr 2019, Matt Harris wrote: On Fri, Apr 26, 2019 at 11:28 AM Carlos Friaças via NANOG wrote: Hi, Just to let everybody know that a petition was started in order to try to enable a policy discussion about "BGP Hijacking is an ARIN Policy Violation".

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, Apr 26, 2019 at 11:41:18AM -0500, Matt Harris wrote: [snip] > Can you (or someone else on the list, perhaps even someone who was involved > in voting this down) provide some more details as to why it was rejected? > What were the arguments in favor of rejecting the proposal? This seems >

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

On Fri, Apr 26, 2019 at 11:28 AM Carlos Friaças via NANOG wrote: > > Hi, > > Just to let everybody know that a petition was started in order to try > to enable a policy discussion about "BGP Hijacking is an ARIN Policy > Violation". > > If you would like to read the proposal, it is available at:

Re: Packetstream - how does this not violate just about every provider's ToS?

hi, > Just ran into packetstream.io: Had a quick look but doesn't seem to mention Blockchain at all - therefore it can't be that good! ;-) alan

Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation (fwd)

Hi, Just to let everybody know that a petition was started in order to try to enable a policy discussion about "BGP Hijacking is an ARIN Policy Violation". If you would like to read the proposal, it is available at: https://www.arin.net/participate/policy/proposals/2019/ARIN_prop_266_v2/

Re: Comcast storing WiFi passwords in cleartext?

Peace, On Thu, Apr 25, 2019, 4:53 PM Stephen Satchell wrote: > > not only does someone have to 'hack' the database, > > they also need to drive up to your house and sit in your driveway to get > > free Internet. > > Sounds like you live in a single-family home, in a low-density > neighborhood.

Re: Comcast storing WiFi passwords in cleartext?

On Thu, Apr 25, 2019, 9:51 PM Valdis Klētnieks wrote: > This assumes that the customer has a spare CAT-5 cable and knows how to > use it. > This is assuming that no customer's device has an access to the same network, in which case you just happily reset the password or even the device as a

Re: Packetstream - how does this not violate just about every provider's ToS?

> On Apr 26, 2019, at 9:24 AM, Mel Beckman wrote: > > With all due respect, you haven’t yet cited an example of an ISP TOS at > “every provider” that this new company’s product violates. I’m not asking you > to critique TORs, I’m asking that you tell us the TOS restriction that you >

Re: Packetstream - how does this not violate just about every provider's ToS?

Anne, With all due respect, you haven’t yet cited an example of an ISP TOS at “every provider” that this new company’s product violates. I’m not asking you to critique TORs, I’m asking that you tell us the TOS restriction that you believe is so obvious to everyone? Because it’s not obvious to

Re: Packetstream - how does this not violate just about every provider's ToS?

> On Apr 26, 2019, at 6:10 AM, Matthew Kaufman wrote: > > So providers should stamp this out (because it is “bad”) and support > customers who are running TOR nodes (because those are “good”). Did I get > that right? If that is how you see it, then it's right for you. At no time did I

Re: Packetstream - how does this not violate just about every provider's ToS?

Great... someone brought up Net Neutrality. I guess it's time to unsubscribe from the list for a few days until the shit show disappears. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From:

Re: Packetstream - how does this not violate just about every provider's ToS?

And that is the conundrum here I think. It's very difficult (for me) to reconcile "NET NEUTRALITY!! PROVIDERS SHOULD BE DUMB PIPES!" with "Hey providers, this company is trying to do something sketchy, you should take action to stop it from working." Reselling bandwidth/access to your residential

SoftLayer NOC contact to get two IP prefixes de-announced

Hi, anyone from SoftLayer (AS36351) around or someone with a contact to their NOC? They have been announcing two /24's from us without permission and we'd like them to remove the announcement immediately. Emails were sent to ipad...@softlayer.com, ab...@ibm.com and ip...@us.ibm.com without

Re: Packetstream - how does this not violate just about every provider's ToS?

On Thu, Apr 25, 2019 at 1:09 PM Anne P. Mitchell, Esq. wrote: > > > > On Apr 25, 2019, at 1:41 PM, Tom Beecher wrote: > > > > It seems like just another example of liability shifting/shielding. I'll > defer to Actual Lawyers obviously, but the way I see it, Packetstream > doesn't have any

RE: Packetstream - how does this not violate just about every provider's ToS?

> Anne P. Mitchell, Esq. > Sent: Thursday, April 25, 2019 9:06 PM > > > > On Apr 25, 2019, at 1:41 PM, Tom Beecher wrote: > > > > It seems like just another example of liability shifting/shielding. I'll defer to > Actual Lawyers obviously, but the way I see it, Packetstream doesn't have > any