Verizon Accused of Helping Spammers By Routing Millions of Stolen IP Addresses (spamhaus.org) 120
An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."
Math (Score:5, Informative)
Illicit gains > anticipated cost of getting caught? Proceed to fuck everyone.
Re:Math (Score:5, Insightful)
Well, with a government there is at least a chance that it might have your interest on its mind. At least on paper it has.
No corporation will, ever, have your interests as a goal. Never. You're the necessary evil to profit, nothing else. If there's no profit to be had with you, you can as well not exist.
Re:Math (Score:4, Insightful)
Yea, but only government can take EVERYTHING you have away and give it to someone else, evil corporations cannot do that alone.
Re: (Score:1)
Re: (Score:2)
I don't believe the punch cards were actually used in the murders. That was done by various means, including bullets, carbon monoxide, and a commercial cyanide product. IBM did not commit genocide, no matter how much they aided the German government in doing so.
Re: (Score:2)
" Do you blame a machine for being broken, or do you blame the operator for using a broken machine?"
You think the government is the machine, don't you?
You're wrong.
Re:Math (Score:5, Insightful)
evil corporations cannot do that alone.
If not for government, they COULD take everything away and probably would.
Re: (Score:3, Insightful)
I know you were probably living in your parents basement at the time (like you are right now), but way back in 2008 there was a huge world wide financial meltdown. You might not have been aware of it because of your troglodyte lifestyle, but for anyone w
Re: (Score:1, Insightful)
You do know that your vitriol invalidates every argument you make, or at least makes everyone tune it out, right? Try civil discourse for a change. I know it's hard but I think if you keep taking your meds you can do it.
Re: (Score:1, Interesting)
How was people going bankrupt the fault of anyone else but the people who asked to be given money in the first place?
If you want to buy a house and need a loan to do so THEN FUCKING MAKE SURE YOU ARE CAPABLE OF PAYING THAT LOAN. If you are not able to pay if conditions slightly worsen then it's all on you. Stop blaming the bank for your own inadequacy. You look the loan, you have to make sure you can pay it back, if you can't it's 100% on you.
Take responsibility for your own life and stop blaming your failu
Re: (Score:1, Interesting)
People taking a loan they can't pay may be their own fault - at least in part.
Banks bankrupting themselves by giving out too many such loans have only themselves to blame too.
A nation getting a recession by allowing too many banks to operate like that has itself to blame . . .
Re: (Score:2, Insightful)
^this is a person that has never attempted to read and understand a mortgage.
Re: (Score:1, Interesting)
They were told they'd be able to pay the loan, and didn't have the financial sophistication to understand what an interest-only loan really was, didn't understand that there would be a huge balloon payment at the end of the term, and wholly trusted those who sold them the loan. The bottom-feeders selling the loan didn't care, because the mortgage was going to be bundled up and sold to someone
Re: (Score:2)
Since you seem to think Mortgages are so easy to understand, please explain to me what paying a point means.
The issue with the financial crisis was that people were "sold" loans that were ARMs, and they didn't know what an ARM is. Adjustable Rate Mortgages look like a great deal, until the rate adjusts and you are stuck with your payment doubling overnight. This is something you would have to really understand to understand how it affects you. Many people took the loans not understanding that they were l
Re: (Score:2)
It happens that there are people who comprehend finances well, and those who don't. Without evidence, I'm going to surmise that the those who don't are overrepresented in low income brackets. Mortgage vendors were assuring these borrowers that everything would work out, and that in the unlikely case of default they wouldn't lose money because their homes would be worth more on the market.
I'm also going to surmise that people working at mortgage vendors comprehend finances better, and they were eager to
Re: (Score:2)
So what happened to the home owners when they couldn't pay up? Bankruptcy! That means they lost everything they owned except maybe their car and some personal items. All their saving and anything material with a salable value were confiscated and given to the banks to cover the unpaid debt. That would pretty much be your definition of "take EVERYTHING you have away".
That isn't an example of corporations taking everything you have. That's an example of you giving away everything you have to the corporation. You agreed to that voluntarily when you took out the loan. It is a simple and perfectly obvious condition of any loan that you have to pay back the borrowed funds at some point. Loans are not "free money". If you don't want to end up in that situation, don't borrow more than you can pay—and investigate taking out a credit insurance policy for your own protectio
Re: (Score:2)
Bankruptcy is a legal action, meaning the government is involved...
So, even in this case, corporations can only legally take what the government allows them too.
Re: (Score:2)
No problem; the corps will just lobby Congress to allow them to take more.
Re:Math (Score:5, Insightful)
What a load of crap. In the past when governments have been weak, that is exactly what established business interests could do. Anything and everything. Government stopping them is the only thing preventing "evil" corporations (and the rest) from taking everything you have.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Yea, but only government can take EVERYTHING you have away and give it to someone else, evil corporations cannot do that alone.
Incorrect. Any suitably empowered thug can take everything away. In the U.S. we have been empowering corporate thugs by allowing them to buy influence withing the the government.
Re: (Score:2)
Yea, but only government can take EVERYTHING you have away and give it to someone else, evil corporations cannot do that alone.
Incorrect. Any suitably empowered thug can take everything away.
An important part of the context that is missing from this discussion is that the original quote was referring to legal behavior. The government claims that its actions are "legitimate", and for the most part people let them get away with this claim despite all evidence to the contrary. The "suitably empowered thug", not so much. Sure, they can take whatever they want by force, but it won't be deemed legitimate, and you wouldn't be demonized for daring to defend yourself.
Re: (Score:2)
That's small-time thugs. Large corporate thugs can take things, and they'll blame you if you say anything against it.
Re: (Score:2)
That's small-time thugs. Large corporate thugs can take things, and they'll blame you if you say anything against it.
Blaming the victim is a common tactic for thugs of all sizes. However, it's much less common for your neighbors to side with the thugs and blame you for fighting back—unless the thug in question happens to be a government. Then you find yourself labelled "dissident", "anarchist", and/or "terrorist", and those you once considered your friends turn against you for no better reason than that you defended yourself against an unjustified attack on yourself and/or your property. Apparently when a thug with
Re: (Score:2)
The establishment (whatever that is exactly) has managed to frame the discussion on banks acting like thugs, so lots of people side with the banks for reasons I do not comprehend.
I have seen plenty of protests of various sorts over government actions. I have participated in some. The reason the ranchers out West (who forgot their snacks) are called terrorists is that they carry arms openly, and have made threats to use them, not because they're anti-government.
Re: (Score:2)
Corporations could easily do that in the absence of a government reigning them in. Simply by filling that power vacuum that the absence of government would create. They are in today's world the only entities organized and powerful enough to take over. Essentially doing de jure what de facto already is the case. Ruling themselves instead of by proxy, so to speak.
And then you have to buy from them. Like it or not. You want to live. You will buy.
Governments are actually your ONLY line of defense against corpor
Re: (Score:2)
Corporations/companies cannot legally take anything away from you without a willing or at least complicit government making it legally possible. Government can legally do what it wants with you all on its own...
Thugs can illegally do anything, but the illegal is not what I'm talking about...
Re: (Score:2)
Like I said, government, i.e. "the law" is what stands between you and corporations doing with you what they please.
"Legal" and "illegal" depends highly on the existence of a government (at least if you care about it being enforced), in case you have not noticed that.
Re: (Score:2)
And what I said is true.... Government can take everything from you including your life, businesses cannot.
Which leads me to the actual point I've been beating around.... We should fear the government more, it can take more....
Re: (Score:2)
I have influence over the government. I vote, and I write to my Congressman and Senators. I don't have influence over corporations, including the ones I own stock in, because the bulk of the stock is held by institutions that will simply vote as the board of directors recommends. The boards are mostly self-governing and only theoretically responsible to anyone.
Re: (Score:2)
If you own "stock" in a corporation, you have a lot more power over the company with your vote than you can ever hope to have with your vote for government, even if you only own one share..
Try again....
Re: (Score:1)
" We should fear the government more, it can take more.... "
Corporations, can, and have taken the same.
Full stop
Re: (Score:2)
They only do this legally when the government lets them and I'm not discussing those who break the law....
Guess your "full stop" is a bit too soon, and shows how short sighted folks can be...
Re: (Score:2)
You can only break a law if there is a government and it's not you.
Re: (Score:1)
"I'm not discussing those who break the law.... "
I am.
I'm also discussing those who've done it when there's no laws to prevent it, and those who've done it when or where there's been simply no government present.
Re: (Score:2)
Exactly how is that? I've got a greater proportion of the votes available with some of these companies, but I don't know what I'm supposed to do to change anything. I can vote at the annual meetings, which means pretty much nothing, since most stockholders will go with what the board recommends. I assume this is particularly so with institutions. I have mutual funds and three retirement accounts, which invest in mutual funds, and so the majority of my overall stock ownership is probably in a form where
Re: (Score:2)
"Corporations are beholden to the majority shareholders. Governments are not."
And do you realize the shareholders of our government are both the people and the 'interests' so many rail on about?
Which has the power to bend government to their will? Hint - there is more than one right answer to this. It depends...
Re: Math (Score:2)
You think I assume a democracy when I present the argument that either government or business is in control?
Do you even read my posts?
Re: (Score:2)
It's not like I have a choice.
Governments are pretty much what keeps corporations from taking over ownership of countries. Nothing else will stand between power over everything and corporations but governments. Nobody else could keep them from taking it.
And if that is the only choice, even the hairpiece looks like an option.
Re: (Score:2)
Then your corporation will fail. For while you are pondering whether some opportunity is moral, a corporation that doesn't even enter into this consideration will already have taken it.
Corporations are intelligence without morals. Everything we fear about AIs is already reality in them.
Re: (Score:1)
You know, you can start your own corporation tomorrow, well - you can get the paperwork started. It takes three people, usually. You need a president, vice president, and a treasurer. They must be different people. You can hold that position in more than one corporation. Done properly, you can even get a whole bunch of new and interesting ways to reduce your tax burden. It's not even expensive to create one.
You might ask how I know. Well, suffice to say that there are quite a few corporations who do not car
Re: (Score:2)
But you know that's the same bullshit fallacy as "if you don't like the government, form your own party", right?
Re: (Score:1)
No, not really. It's you painting with a very broad brush. Corporations are at either end of the spectrum.
Re: (Score:2)
Again, corporations are not "evil". They just have different interests than what's "good for you". They don't care about you. They don't go out of their way to harm you, but you're simply not important.
They care about revenue. They HAVE TO do that. Anything else would get the board slapped left and right by their shareholders. A corporation that cares about you might give you a warm fuzzy feeling, but it is not what their job is.
Re: (Score:1)
I see... You could have saved me some time by telling me that you don't know what corporations are. I kind of figured that and tried to help you understand with my first post. Not all corporations are publicly traded, beholden to their stakeholders/shareholders, or even must demonstrate capacity to profit. Again, you might want to look into this.
Also, you might want to note the examples that I used and wonder why it is that I used those examples and how it is that I am familiar with them. Again, I can assur
Re: (Score:2)
If a corporation is publically traded, it has a legal requirement to have it's shareholders' interests as it's goal.
Customers' interests will only be fulfilled if it happens to coincide with shareholders' interests.
Re: (Score:2)
I did not say that I disagree with this, only that people should finally accept that this is the case. Of course a corporation must have its shareholders' interests as its primary objective. That is what it exists for. Anything else would be, funny as it may sound, immoral.
But we must detach ourselves from the idea that corporations have any interest in anyone BUT their shareholders.
Re: (Score:2)
We also need to lose the idea that shareholders aren't interested in anything but the money. My investments are in companies I believe in and want to support, for the most part. It may not be the best investment strategy, but it got through the last recession without losing much.
Re: (Score:1)
It's quite possible to invest ethically. This is usually where I trot out my large number of shares in Tesla so, I'll do it again. I can even show that it works. Well, sort of... I bought 2000 shares in Tesla when they were $24 each. Yup. You can do the math. I still own those shares. I spent less than $50,000 USD on them. I dare say, it's more lucrative than working ever was.
That said, I still own some of the original stock in the company that bought mine. A lot of people don't seem to put two and two toge
Re: (Score:2)
No corporation will, ever, have your interests as a goal.
Yes they do, at least with a self regulating system that has competition. That may not be the case in a monopoly or oligopoly but corporations need to put at least some effort into keeping customers happy or there won't be any customers and thus no more corporation.
Re: (Score:2)
Corporations have long learned that there is a finite pool of competitors you can choose from. More often than not, with consolidation reaching a critical point (if not arriving there already some time ago), your choice is limited to say the least. For every customer they lose, they win another one from another corporation. It's pretty much a zero sum game.
You have to buy.
If you don't buy from me, you buy from someone else, who is just as shitty as me.
You will be back.
Re: (Score:2)
Or they'll just get Juniper to do it.
Re: (Score:3)
Another possibility is that NSA uses spammers to obfuscate their actions so that the illicit transfer of IP addresses is actually sanctioned by NSA.
Well I'm shocked, Shocked.... (Score:5, Insightful)
That an ISP is being duped into routing stolen IP's so easily!
Come on, this is Verizon we are talking about here. They don't hire the sharpest knives in the drawer and so they managed to collect a little bit of cash believing the paperwork provided by their customer? Collect the fees, route the IP and should the real owner of the address finally show up and complain, keep the fees, say your are sorry, remove the route and move on to the next prospective customer throwing money at you. Seriously, what's Verizon's incentive to go out of it's way here?
So, these folks want to try and play the "Shame on Verizon" card now? Yea, good luck with making anything change. Verizon doesn't shame that easily or they'd be changing their consumer business practices too..
Re: (Score:3)
And anyone who knows anything about SPAM will have those addresses flagged as very likely spammers.
Yes, it would be nice if Verizon would take responsibility for their network. But in the meantime (because that is never going to happen) just flag those addresses yourself.
And not just for SPAM. Also look at restricting them at your firewall so they cannot spread malware to your machines.
Re: (Score:1)
Verizon knows exactly what they're doing.
They're already in bed with the gov, so not much else they do surprises me.
This is not surprising (Score:5, Insightful)
IMHO Verizon is right up there with Comcast in being one of the most despicable companies in the US. They bought spectrum from the FCC promising to keep it "open" but don't approve non-Verizon devices until tons of "testing" that can take a year. They are the ones who started fighting any net neutrality. And then they (according to this post) enable spammers. Because as a huge ISP, paying attention to real technical details might be too....time consuming and profit-leaching...
Verizon/UUnet used to be the best (Score:5, Interesting)
A few years ago, Verizon employed some to the best people in the best people in the world to handle network and routing security. They were very responsive to reports of address hijacking and related issues. Those folks have all left Verizon since they bought UUnet, though the rush for the door didn't start until about 4 years ago.
This all happened about the time I left the operational world and started moving into retirement, so I don't know the people who replaced them, but I am sure that, if they were replaced at all, that the new people were not of the caliber of those who left.
As is often the case, network security seems to have been declared a low priority at Verizon. after all, it does not make them any money. Of course, if they become known for bad security, it could have an impact on the bottom line at some point.
Re: (Score:2, Interesting)
Sadly I remember when you could directly contact UUnet engineers when there were routing problems and get tickets opened instantly, and repairs took next to no time. The positions though? Probably H1B replacements.
Re:Verizon/UUnet used to be the best (Score:4, Interesting)
What makes you think that they in the USA? India-based engineers are cheaper than H1-Bs.
Re: (Score:3)
UUNet was an unresponsive spam sewer long before outsourcing and H1Bs became a thing. Of course, that wouldn't stop you from railing that dey took er jerbs, now would it?
Re: (Score:3)
Re: (Score:1)
employed some to the best people in the best people
Sounds like Verizon
IPv6 (Score:1)
Re: (Score:3, Informative)
Re: (Score:2)
Err thats not quite how things work.....
Eliminate the Corporation Shield (Score:4, Interesting)
Hold the principles of corporations criminally liable for things that happen on their networks. Imprison a few of these motherfuckers and watch corporate behavior get better overnight.
Re: (Score:1)
Hold the principles of corporations criminally liable for things that happen on their networks. Imprison a few of these motherfuckers and watch corporate behavior get better overnight.
Great idea, this has proved somewhat useful in Europe. But just how are you going to pull off this miracle? Big corporations control the government through lobbyists and bribery. An honest, unowned politician just doesn't stand a change in the US.
Re:Eliminate the Corporation Shield (Score:5, Interesting)
That's not the corporate shield. The corporate shield protects minority stockholders (I think less than 10% of the stock) from liability. The executives, board, and majority stockholders are protected by the much simpler approach of nobody caring to prosecute them.
Re: (Score:2)
Hold the principles of corporations criminally liable for things that happen on their networks. Imprison a few of these motherfuckers and watch corporate behavior get better overnight.
First you'd have to have a government that doesn't allow itself to be paid off via fines in the billions of dollars/euros/pounds/whatever which just isn't going to happen anytime soon, if ever (dreams of post scarcity societies aside).
Re: (Score:2)
In Japan corporations can be sent to prison. Recently a pharmaceutical company that had been found to be misleading the regulator was "jailed" for 106 days, the longest ever. In practice that means that the company can't do any business for that period. Staff still get paid, but can't do any work. It's a near complete shut down for 106 days.
Since Verizon provides an essential service perhaps they could be forced to suspend all non-essential work, e.g. sales, billing, customer support etc.
money changed hands (Score:4, Interesting)
> Such blocks are not something that can go unnoticed in the noise of everyday activity.
Although it can probably never be proven, occam's razor indicates that money changed hands. It's a more logical conclusion than this level of incompetence amongst the necessary number of employees.
Re: (Score:3)
Although it can probably never be proven, occam's razor indicates that money changed hands. It's a more logical conclusion than this level of incompetence amongst the necessary number of employees.
If past experience [smh.com.au] is any indication, then yes, telcos are perfectly content to engage in the dodgiest of dodgy practices if it means making a buck or two.
Re: (Score:3)
wtf Spam? (Score:3, Funny)
Re: (Score:2, Interesting)
I run the mail cluster at work and have a personal server for my own domains. Even after Barracuda, SpamAssassin, clamav, and a host of custom rules for SA and procmail... Yes, spam still exists. If you haven't received a spam email in years, you (or whoever operates your email) are filtering way too heavily and I guarantee you're losing legitimate messages in the process. That might be fine for your personal box but it's not really acceptable in business.
If you mean you receive spam, but gets filtered to a
Re: (Score:2, Funny)
Does spamhaus still exists? Does spam still exist? (Its been years since I've seen any spam in _my_ inbox.)
Your penis must already be big enough then.
2 poles, no middle (Score:2)
Don't assume malice. When it comes to routing customer-provided IP blocks (eBGP), there are two types of companies:
The first will demand, inspect and understand your documentation. Their routers will accept announcements from your end only for the ranges have been registered to the ASN that you've proved belongs to your organization.
The other doesn't really know what BGP does, but when you asked for it, they read the manual for their router and figured out how to activate it on your port.
You'll find rough
For those blaming China and Russia for spam (Score:1)
I quote for you an important consideration from the summary: "Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork."
So next time you accuse China or Russia of hacking or being full of criminals because you saw it was a Chinese IP, remember Verizon is quite willing to pretend that an IP comes from there when from a location nowhere near that region.
Sorry (Score:2)
They're too busy denying bandwidth of those who've paid for it to be bothered by those who have not.