[anti-abuse-wg] GDPR - positive effects on email abuse
- Previous message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
- Next message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Tue May 29 15:57:42 CEST 2018
I am so happy that you are asking this question :) This is what causes much confusion with people, including experienced netadmins, sysadmins and many very technically advanced people. You can use any email address as an example: anti-abuse-wg at ripe.net Please think about it for a second: How would you go about sending spam to this email address without using an IP number? It is not possible for Internet abuse to exist - without an IP number. So, for this wg : EVERYTHING that is abuse is powered by IP numbers. Andre On Tue, 29 May 2018 15:51:38 +0200 JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> wrote: > How come you can't send spam without the IP? > > I can look for new registered domains, use whois for catching the > emails that appear there, and then spam them. > > This is something that I experience everytime I register a new > domain, tons of spams to the whois recently created email contacts. > > Regards, > Jordi > > > > -----Mensaje original----- > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en nombre de ox > <andre at ox.co.za> Organización: ox.co.za > Fecha: martes, 29 de mayo de 2018, 15:39 > Para: <anti-abuse-wg at ripe.net> > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse > > > Please correct me if you think I am wrong: > > 1. > You cannot send spam without an IP number. > > 2. > You cannot do any abuse without an IP number. > > > I can do a whois on any.com or some.eu and have a tech or abuse > email address and WORKING registrar contact information. > > I cannot do a whois on ALL ripe assigned ipv4 resources and get > accurate and/or working resource contact information. > > > So, where the problem is - is easy to see, no? > > Andre > > > On Tue, 29 May 2018 15:12:27 +0200 > JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> > wrote: > > I consider an abuse the fact of collecting emails and sending > > spam. Also, if you have a domain, you can see what IPs are > > related to it for other kinds of abuses. > > > > Regards, > > Jordi > > > > > > > > -----Mensaje original----- > > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en nombre de > > ox <andre at ox.co.za> Organización: ox.co.za > > Fecha: martes, 29 de mayo de 2018, 14:32 > > Para: <anti-abuse-wg at ripe.net> > > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email > > abuse > > > > > > Abuse has nothing to do with a domain name. > > > > Nobody can abuse anyone armed only with a domain name. > > > > Without using an actual IP number, a domain name can do > > nothing. > > Protecting the privacy of a domain registrant is absolutely > > correct. > > The trouble is that network operators are resistant to > > accept the responsibility (costs, issues, trouble) of managing > > abuse > > Even if you do a whois right now, you will find a functional > > registrar abuse email address. > > > > The same cannot yet be said for the resources assigned by > > this RR > > Andre > > > > > > On Tue, 29 May 2018 14:00:44 +0200 > > JORDI PALET MARTINEZ via anti-abuse-wg > > <anti-abuse-wg at ripe.net> wrote: > > > Whois, as everything in the life, has good and bad things. > > > Against: Privacy invaded. In fact, when you register a new > > > domain and you associate a visible email to it, in a > > > matter of hours, you get spam. > > > Pro: If it is a real email with humans behind, it > > > facilitates the resolution of abuse cases. > > > The balance is always difficult ... > > > Regards, > > > Jordi > > > > > > > > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en > > > nombre de Volker Greimann <vgreimann at key-systems.net> > > > Fecha: martes, 29 de mayo de 2018, 13:49 Para: Suresh > > > Ramasubramanian <ops.lists at gmail.com>, > > > "anti-abuse-wg at ripe.net" <anti-abuse-wg at ripe.net> Asunto: > > > Re: [anti-abuse-wg] GDPR - positive effects on email abuse > > > > > > > > > > > > Even in those cases, whois is but one tool that helps > > > identify bad actors by means of violating privacy rights > > > of millions. There are other tools, like DNS traces, > > > reviews of hosting infrastructures used, etc. all of > > > which will continue to be available for the uses you > > > refer to. > > > > > > And maybe it is time to ensure law enforcement is better > > > equipped to deal with such issues earlier and faster. Up > > > to now, governments have been afforded the luxury of > > > being able to underfund such efforts as others were doing > > > their jobs for them. Maybe this will lead to better law > > > enforcement and international cooperation. > > > > > > Best, > > > > > > Volker > > > > > > > > > > > > Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian: > > > > > > This unfortunately is entirely wrong and short sighted > > > > > > > > > > > > All security practitioners protect our respective > > > services and networks against a wide variety of threats > > > including malware and phish campaigns. > > > > > > > > > > > > Very few of those go on to be referred to law enforcement > > > and that only after an extensive dossier is built > > > internally to show that the perps in question justify a - > > > frequently cross border - law enforcement action. > > > > > > > > > > > > Security and protecting user privacy go hand in hand and > > > I wish more people realised that, and maybe also realised > > > the resource and administrative lconstraints and limits > > > law enforcement is saddled with > > > > > > > > > > > > > > > > > > > > > > > > From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> on > > > behalf of Volker Greimann <vgreimann at key-systems.net> > > > Sent: Tuesday, May 29, 2018 4:06:18 PM To: > > > anti-abuse-wg at ripe.net Subject: Re: [anti-abuse-wg] GDPR > > > - positive effects on email abuse > > > > > > > > > > > > Wow, the level of narrowmindedness and fearmongering is > > > high with this one. > > > > > > Crime online will likely not increase due to GDPR. It may > > > be more difficult to detect and take action against due > > > to the loss of one tool amongst many, but ultimately that > > > tool was illegal to begin with as it violated the rights > > > to privacy of millions of domain owners. > > > > > > "Private researchers" and other vigilantes or rent-a-cops > > > will indeed have a more difficult time to obtain such > > > data as they will finally have to do so by legal means, > > > but then they are in an untenable position anyway, taking > > > upon themselves functions that should be fulfilled by > > > actual law enforcement. > > > > > > Ultimately, private data if internet users no longer being > > > public will lead to better registration data for those > > > with a right to access it. Those with no such rights will > > > have to figure out alternate routes to do their jobs that > > > does not violate the rights of millions. > > > > > > Best, > > > > > > Volker > > > > > > > > > > > > Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette: > > > > ox <andre at ox.co.za> wrote: > > > > > > > >> Firstly I would like to comment that the > > > >> multinationals and their funded trade groups (and > > > >> their lobby orgs) shouted from the rooftops that if > > > >> the GDPR came into effect, Internet in the EU would > > > >> collapse and there would be digital doom and > > > >> gloom. > > > > I am not a multinational. I am an individual volunteer > > > > anti-abuse researcher. And yet even -I- have told > > > > everyone I know that the disappearance of public WHOIS > > > > is and will be an epic catastrophy. If there was > > > > cybercrime on the Internet before, it will be > > > > increased, going forward, by tenfold. > > > >> How wrong they were (hindsight is perfect - as we can > > > >> all clearly see) > > > > Be patient. The change has only just occurred. > > > > > > > >> The EU has truly become a world and global leader in > > > >> the reclamation of individual rights and the free > > > >> Internet. > > > > Here on this side of the pond, one usually has to turn > > > > on Fox News in order to be treated to this level of > > > > rubbish. > > > > > > > > The only thing that has happened is that private > > > > researchers the world over have been effectively > > > > blinded due to the supreme arogance and idiocy of > > > > europeans... europeans who, in their religious fervor, > > > > have come to view it as their holy obligation to foist > > > > their demented notions onto the rest of the world, > > > > whether any of the rest of us like it or not. > > > > > > > > Meanwhile the malevolent forces of state-sponsored > > > > intrigue and violation of human rights are and shall > > > > remain totally unfettered and unaffected by GDPR, as > > > > they will be the first ones to obtain special > > > > exemptions allowing them to continue to see WHOIS data. > > > > The CIA, NSA, BDN, and FSB are undoubtedly celebrating > > > > the arrival of GDPR, as it further entrenches their > > > > special status at the expense of the great unwashes > > > > masses. > > > > > > > > Friday was a sad day for both transparency and > > > > democracy, but all across the globe both criminals and > > > > statists undoubtedly celebrated it with toasts of > > > > champaign. > > > > > > > > > > > > Regards, > > > > rfg > > > > > > > > > > > > > > > > > > > > > ********************************************** > > IPv4 is over > > Are you ready for the new Internet ? > > http://www.consulintel.es > > The IPv6 Company > > > > This electronic message contains information which may be > > privileged or confidential. The information is intended to be > > for the exclusive use of the individual(s) named above and > > further non-explicilty authorized disclosure, copying, > > distribution or use of the contents of this information, even > > if partially, including attached files, is strictly prohibited > > and will be considered a criminal offense. If you are not the > > intended recipient be aware that any disclosure, copying, > > distribution or use of the contents of this information, even > > if partially, including attached files, is strictly prohibited, > > will be considered a criminal offense, so you must reply to the > > original sender to inform about this communication and delete > > it. > > > > > > > > > > > > > > > > > ********************************************** > IPv4 is over > Are you ready for the new Internet ? > http://www.consulintel.es > The IPv6 Company > > This electronic message contains information which may be privileged > or confidential. The information is intended to be for the exclusive > use of the individual(s) named above and further non-explicilty > authorized disclosure, copying, distribution or use of the contents > of this information, even if partially, including attached files, is > strictly prohibited and will be considered a criminal offense. If you > are not the intended recipient be aware that any disclosure, copying, > distribution or use of the contents of this information, even if > partially, including attached files, is strictly prohibited, will be > considered a criminal offense, so you must reply to the original > sender to inform about this communication and delete it. > > > > >
- Previous message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
- Next message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]