5460509
story
Comments: 116 +- Technology: After Links To Cybercrime, Latvian ISP Cut Off on Thursday August 06 2009, @03:51AM
Posted
by
timothy
on Thursday August 06 2009, @03:51AM
from the people-interpret-jerks-as-damage-and-route-around-them dept.
from the people-interpret-jerks-as-damage-and-route-around-them dept.
background: url(//a.fsdn.com/sd/topics/topicinternet.gif); width:70px; height:73px;
internet
background: url(//a.fsdn.com/sd/topics/topicsecurity.gif); width:59px; height:78px;
security
alphadogg writes with this Network World story, excerpting "A Latvian ISP linked to online criminal activity has been cut off from the Internet, following complaints from Internet security researchers. Real Host, based in Riga, Latvia was thought to control command-and-control servers for infected botnet PCs, and had been linked to phishing sites, Web sites that launched attack code at visitors and were also home to malicious 'rogue' antivirus products, according to a researcher using the pseudonym Jart Armin, who works on the Hostexploit.com Web site. 'This is maybe one of the top European centers of crap,' he said in an e-mail interview. 'It was a cesspool of criminal activity,' said Paul Ferguson, a researcher with Trend Micro."
Related Stories
Executive ability is prominent in your make-up.
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2010 Geeknet, Inc.
They'll move elsewhere (Score:5, Interesting)
The questions that should be asked is "Are they closing in on the criminals who set up these sites?"
Surely with all the information they can get from this rogue ISP they can track down the wankers who run them.
Re:They'll move elsewhere (Score:5, Informative)
Parent
Re:They'll move elsewhere (Score:5, Informative)
Actually, what happened was that Real Host was getting its connection from Junik which in turn gets its upstream from TeliaSonera and TeliaSonera pressured Junik into cutting off Real Host.
/Mikael
Parent
Re:They'll move elsewhere (Score:4, Informative)
Parent
Re:They'll move elsewhere (Score:5, Interesting)
Thing is rogue antivirus products and such isn't exactly illegal. In USA it can count as misleading advertisement but as we know USA laws dont apply everywhere. This case also is not police investigation, but their upstream provider TeliaSonera just cut them off because it made them look bad.
We demand net neutrality for pirates and defend laws of other countries. Now botnets and phishing are really bad, but instead of getting to root of the problem these security researchers are purposely destroying net neutrality. TeliaSonera is also upstream provider for The Pirate Bay so they could just suddenly cut TPB's access to the internet. Then everyone would be saying how they're legal in Sweden and they should not be allowed to do that. Well, its the same issue here.
Parent
Re: (Score:3, Insightful)
Re:They'll move elsewhere (Score:5, Informative)
That is not net neutrality.
If you connect to the Internet you are an equal peer on it - you can receive and send data. You have the right to set up services just like bbc.co.uk can. If your ISP cuts you connection without a court order (a court that has jurisdiction over you), then it is a violation of net neutrality.
Traffic shaping based on the destination (or source) of the traffic is also a violation of net neutrality, traffic shaping to prioritize some protocols over others is not (unless a phone company reduces the priority of all VoIP traffic to zero).
Parent
Re: (Score:2)
Limited discrimination and tiering
This approach allows higher fees for QoS as long as there is no exclusivity in service contracts. According to Tim Berners-Lee: "If I pay to connect to the Net with a given quality of service, and you pay to connect to the net with the same or higher quality of service, then you and I can communicate across the net, with that quality of service."[1] "[We] each pay to connect to the Net, but no one can pay for exclusive access to me."
Source [wikipedia.org]
Re: (Score:2)
No, he was right and you, as well as the idiots who modded you up, were wrong.
Net Neutrality is about the neutrality of a node on the network, it has all the same rights as every other node. What you said was AGAINST Net Neutrality! Isolating nodes on a network and limiting access is against it.
Let me guess, you work for one of the ISPs that are trying to confuse people in to hating Network Neutrality?
I'm sorry, you must have misunderstood me. My point was that by indulging in said activities you break net neutrality. I didn't say that the example was net neutrality, and as I said it's about net neutrality. Meaning it can be both about maintaining it and breaking it, as long as it's about net neutrality. I felt it was easier to explain the concept of net neutrality using an example that breaks it.
And no, I don't work for any ISP. And no I don't hate net neutrality, rather the contrary.
Re: (Score:2)
That is not net neutrality.
If you connect to the Internet you are an equal peer on it - you can receive and send data. You have the right to set up services just like bbc.co.uk can. If your ISP cuts you connection without a court order (a court that has jurisdiction over you), then it is a violation of net neutrality.
No, but it might be a violation of contract and a court might have something to say about consequences. If the ISP gives as a reason that you were violating the terms of service, then it's quite possible that you'll have no comeback at them at all (other than a return of potentially some of what you have paid; details matter there).
Traffic shaping based on the destination (or source) of the traffic is also a violation of net neutrality, traffic shaping to prioritize some protocols over others is not (unless a phone company reduces the priority of all VoIP traffic to zero).
Traffic-shaping based on source or destination is indeed the issue (unless either the source or the destination requested it specifically; shaping on an opt-in basis is fine and
Re: (Score:2)
Giving priority to one protocol over another is NOT net neutrality. Net neutrality, in a VERY short phrase, ensures that the end user can use his bandwidth as he see fit without conforming to other's expectations.
To imply otherwise exposes an agenda. In the case of telcos, the agenda is pretty clear - they want to reserve the bulk of their bandwidth for traditional telephonic services because those services pay more than internet television, VoIP, and P2P.
Re: (Score:2)
I'm not sure getting TeliaSonera cut off from the Internet is going to be all that easy, they're the biggest telco in Sweden and Finland and are quite active in northern and eastern europe, central asia and a few other places. TeliaSonera International Carrier is a Tier 1 btw...
/Mikael
Re: (Score:2)
Actually, the main issue with net neutrality is about ISPs forcing content providers to pay for "premium access" and similar shenanigans. This is just large-scale abuse handling.
/Mikael
Re: (Score:2)
Re: (Score:2)
Hrmm...cut off their connection, or ninja special-ops team to take them out...cut off their connection, or ninja special-ops team to take them out...tough decision.
I'm guessing the U.S. doesn't have an extradition treaty with Latvia?
Re: (Score:2)
It counts as misleading advertising in the EU as well.
Re: (Score:2)
but as we know USA laws dont apply everywhere.
Reference please?
Centers of Crap (Score:3, Funny)
This is maybe one of the top European centers of crap,'
The server 216.178.38.116 is an American server known to have loads of crap too! I hope they also could get it!
Re: (Score:2)
I think they know that, since MySpace is a huge centre of crap.
Granted, it tends to be self-contained rather than aggressive (so it is crap you land in rather than crap that is thrown at you) but it's still home to a shitload of crap ;)
If there's one kind of cesspool I hate... (Score:5, Funny)
...it's a cesspool of crap.
the other kinds are ok.
Re: (Score:2)
As a test of mental strength, now try NOT to visualise a cesspool of butterflies.
Can we do Nigeria next? (Score:2)
That one's long overdue...
Throw the baby out with the bathwater (Score:4, Insightful)
A real problem here is that if upstream providers do this sort of thing, there is no limit to their power. We're not talking about any court action, any due process or any other legal nicity. We are talking about vigilante action and mob rule.
The idea of "net neutrality" pretty much can be agreed upon that upstream providers do not cut off users for actions that violate the laws of some jurisdiction on their own. Now this may not be a good idea, but if your ISP is prevented from cutting you off for downloading pirated music and movies then a rogue ISP better not be cut off for hosting botnet control centers and phishing web sites. Sorry, you can't have it both ways.
Of course the real problem is that there is no force of law that can successfully prosecute folks like this. They might even be violating laws in their home country - but how do law enforcement agencies conduct a highly technical investigation when they have no facilities. Not only that, but the whole idea of the Internet makes it extremely difficult to conduct investigations without effectively wiretapping and requires the cooperation of a high level provider. It is difficult to see how such an investigation can be conducted by anyone without lots of resources and financial backing. And cooperation of providers, often at their own expense.
No, prosecution of such crimes as are alleged on the Internet is very difficult without either inside information (usually bragging) or evidence collected for other court actions. For example, the ISP is sued for lack of tax payments and the servers are seized as part of discovery, which then uncovers further evidence.
No I think this vigilante action is short lived and not in the best interests of people vitally concerned with the freedom of action on the Internet. Of course, freedom of action implies freedom to commit crimes on the Internet, like copyright violation and phishing.
Re: (Score:3, Interesting)
Well, all providers have this power and are using it. You bet that my (and hopefully your) upstream provider will cut me off very fast the moment I start spamming the world.
What I then must do is either look for another (upstream) provider or stop spamming.
If I would start moaning "but I was not accused by law of anything" they would just show me the AUP I agreed with. The same should be happening with
Re: (Score:3, Interesting)
If I would start moaning "but I was not accused by law of anything" they would just show me the AUP I agreed with. The same should be happening with anybodies provider. You spam? We disallow you to do that over our network.
Exactly. Network Neutrality shouldn't (IMO) preclude ISPs from banning harmful acts over their networks through their contracts. You should be allowed to prohibit illegal activities and those whose primary purpose is to disrupt the service of others.
Network Neutrality should simply say that you should be treated the same, no matter who you are and who you're talking to. It doesn't matter if you interrupt your neighbor's connection or a foreign connection, both are blocked. If they limit high-bandwidth a
Re: (Score:3, Informative)
A real problem here is that if upstream providers do this sort of thing, there is no limit to their power. We're not talking about any court action, any due process or any other legal nicity. We are talking about vigilante action and mob rule.
You agreed to abide by your ISP's AUP when you signed up for their service. I know this because I'm damn sure that it's a condition of the service agreement, and I'm sure that any court would view that as a reasonable and proportionate thing to impose. Yes, there is collusion between ISPs on this; no legit ISP wants anything to do with the likes of the scum behind the RBN...
Real Host is not an ISP (Score:4, Informative)
Real Host is some company that is running fraudulent operations and other crap, making use of the Zeus botnet. Real Host rented servers from Junik, which is an ISP. They're a small ISP connected upstream via the Latvian branch of Telia. And the story now is that Junik cut off Real Host's access and revoked the servers they rented. Real Storm itself doesn't appear to be linked to Latvia in any real way. They use an address in Kazakhstan as the legal address from where the IP blocks are leased, the botnet itself is being linked to a Russian group of hackers. And they chose Latvian servers to rent, which doesn't make them a Latvia-based group.
Re:It's not criminal activity when we do it (Score:5, Insightful)
Perhaps the malice these researchers feel towards Latvia is similar in some way to the anger the RIAA feels towards filesharers?
Latvia? You're taking things out of context. This is not about Latvia in general, this is about a Latvian ISP responsible for a shitload of spam and botnets. You're free to replace Latvia for any country you wish and it wouldn't make a difference. Also I think it's fair to say that RIAA only serve their interests, whilst spam and botnets concern anybody who uses internet.
Parent
Re: (Score:2)
Personally I love Riga it is nice city with interesting sites to visit and some decent restaurants.
Re: (Score:2, Funny)
Well, malice towards Latvians would be xenophobia, and the RIAA definitely have a lot of phobias, so yes.
Re:It's not criminal activity when we do it (Score:5, Funny)
I thought xenophobia was a fear of virtualised environments?
Parent
Re: (Score:2)
No, it's fear of shooting tortoises.
Re: (Score:3, Interesting)
You may have noticed that there have been stories recently about ISPs who *do* cut off the access of copyright infringers. Without deep packet inspection (which I'm wholly opposed to without a warrant, just making that clear) it's not like they catch anywhere close to all of it, but if they do catch you the contract you signed lets them cut off your access, and they will.
Re: (Score:2)
I don't think that it is the ISP's job to filter what goes on over their networks except to the extent that they may need to throttle some users who flood the pipes during peak usage hours.
I don't even agree with throttling -- at least with the way it tends to be implemented. I don't see an issue with traffic shaping that puts p2p/ftp/nntp/etc at the bottom of the packet queue but if there's so much as a kilobit of free bandwidth it's stupid to throttle someone down just because it's "peak hours"
My own traffic shaping set up at the office looks something like this:
0) VOIP
1) Business related VPN activity
2) TCP ACKs and SYNs, DNS requests, NTP packets
3) Small ssh packets (only small ones
Re:Censorship (Score:5, Insightful)
So you'd prefer to be subjected to DDoS attacks, have your E-mail account hacked and used to send spam, be phished for your credit card details all in the name of Net Neutrality?
These are harmful activities. Harmful to people, REAL PEOPLE. It is the definition, at least in my eyes, of what crime is: serious irreversable harm to a person or people.
Botnets sending out DDoS attacks make the Server Admin's job harder. Whatever site it is running becomes locked, likely losing the business revenue they can never get back.
Hacked Email accounts cause headaches for the person who's account was compromised, it causes headaches for those who recieve it, especially if it came from a white-listed friend, as it means wading through them and deleting them manually rather than have them caught by the filter. And again, most importantly, it makes the server admins job harder, as they have to devise work arounds and filters for Spam.
And the most serious of all? Phishing for card details. Serious Monetery loss from an individual - they may be able to get it back, but not without a serious fight (My card got skimmed at a shop once, they managed to spend £700 before the bank stopped the card. It was a week before a new card was sent out, and 2 months before I got the money back)
A whole industry has arisin around fighting these criminals. We're in a Broken Window [wikipedia.org] situation and the only way to stop it is not to fix the window, but to remove the person throwing the stones.
Parent
Re: (Score:3, Insightful)
You have to take the bad with the good. Nothing is 100% good.
These are harmful activities. Harmful to people, REAL PEOPLE. It is the definition, at least in my eyes, of what crime is: serious irreversable harm to a person or people.
That's not "criminal", it's "immoral". Posessing marijuana is a crime, but it's not harmful or immoral. Adultery is immoral and very painful to its victims (I can tell you from experience; Evil-X was a serial adultress), but it's perfectly legal. In Illinois it won't even do you
Re: (Score:2)
I am absolutely certain my "definition" for what is crime differs from yours.
Mine has "until proven quilty" clause which yours apparently does not: there were no police nor court order, just a bunch of vigilantes (so called "security researchers", if you prefer).
Re: (Score:2)
Re: (Score:2)
Sending spam is illegal under the EU's e-privacy directive. However the maximum punishment is a small fine, and nobody has been prosecuted yet as far as I'm aware.
Re: (Score:2)
Define "spam". Unfortunately, both the EU and the US have laws that are very generous in permitting bulk email: even if the blatantly illegal and fraudulent material is controlled, there remains a lot of protected material that can be and is sent.
Is the EU law any better than the truly stupid US's 'CAN-SPAM' act?
Re: (Score:2)
Re:Censorship (Score:4, Insightful)
It's almost certainly against the contract terms that Real Host signed with their upstream provider. Net neutrality has nothing to do with this issue; this isn't packet injection or traffic shaping or anything like that. This is simply disconnecting a client who is in breach of contract and criminal law. In effect, blocking them (as you personally advocated).
Do you honestly think it should be the responsibility of the rest of the world to deal with these attacks, just because they are sent over the Internet?
Parent
DoS attacks are censorship (Score:2)
Because this IS a good thing.
You do understand the purpose of a DoS attack don't you?
Re:Censorship (Score:5, Insightful)
The "powers that be" didn't shut them down. Their upstream provider did.
Take this analogy:
--start-bad-analogy--
I let you watch TV at my house. But, most of the time you are there, you leave trash and shit everywhere, and fail to clean up after yourself.
So, after enough complaints from my other guests, I decide to kick your ass out.
--end-bad-analogy--
Parent
Re: (Score:2, Funny)
--start-bad-analogy--
I let you watch TV at my house. But, most of the time you are there, you leave trash and shit everywhere, and fail to clean up after yourself.
So, after enough complaints from my other guests, I decide to kick your ass out.
--end-bad-analogy--
Hey, fuck you. That's my shtick.
What if I was the one providing everyone a ride that night? You just fucked over all your guests, you inconsiderate asshole.
Re: (Score:2)
You're just jealous because it wasn't you're bad analogy.
Re: (Score:2)
Who are (some of) the people that have power over them.
Watching TV is a passive activity. Let's say they're ON tv instead. They make a mess of the set, but also happen, in a moment of clarity, to say something important that thousands of viewers find useful. Is it still your right to kick them of
Re: (Score:2)
Yes, you have an inalienable right to press whatever button you want on your remote control.
Re: (Score:2)
Is it still your right to kick them off TV, even if you did pay for the set?
It's your right to kick them off the set, sure, especially if they violated any contract with you.
Regardless of how 'important' or 'useful' they may be, you have no obligation to provide them TV time if they're going to break your shit. They can look for another TV studio who will allow their actors breaking shit on stage, but good luck finding it.
Re: (Score:2)
Actually...
It's more like they are on TV... perhaps giving a lecture on free energy to the world... then all the other people on the set (hey it's a free and open set) start swearing and showing titties.
Now, the FCC doesn't really care about the free energy speech, but they do care that station is breaking the rules. (No one likes free titties)
Down strikes the FCC and away goes the problem. (free energy and all)
It's not like they can never get back on air, but it will take some cleaning up.