discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Calum McAlinden <calum AT mcalinden.me.uk>
- To: discuss AT lists.opennicproject.org
- Subject: Re: [opennic-discuss] letit2 [.] bit blacklist
- Date: Tue, 18 Jul 2017 22:19:25 +0100
The .bit domains in question being used for malware to call home are only accessible on OpenNIC though, so organisations see OpenNIC as responsible. This is a problem with linking a decetralised system with a centralised one like OpenNIC: the point of centralisation becomes a target for demands of censorship.
I think most of the OpenNIC TLDs have policies against illegal/unethical use, but .bit has no enforceable policy of anything. This leaves OpenNIC servers hypothetically acting as an authoritative nameserver for domains controlling malware, promoting terrorism, or distributing child pornography.
While censorship is obviously bad, is democratic blocking of known abusive domains that bad? A list of blocked domains and reasons could be published, and each domain could be voted on with evidence presented.
For example take another situation such as the recent ransomware affecting organisations such as the NHS, where the ransomware might (in the future) resolve .bit domains to command and control servers. I'm not sure how I'd feel about having the single handed ability to alter a line of code and halt the spread, yet not doing so.
Of course, I would never do this without the decision of OpenNIC members.
Given the increasing prevalence of .bit use in malware, I envisage a situation where maintainers of OpenNIC's servers or the providers may be put under pressure by governments to stop resolving domains. Also, as OpenNIC (as far as I'm aware) is not a legal entity, does that mean that individual members are liable for any damages that such incident might cause?
On 18/07/17 21:51, Daniel Quintiliani wrote:
Does Google DNS, OpenDNS, or any ISP with their own DNS ever receive and
follow random demands from private companies with no legal threats? I know
there was that incident years ago when the FBI shut down malicious DNS
servers that were used by ransomware, but other than that?
--
-Dan Q
On Tue, 18 Jul 2017 15:01:22 -0500, Daniel Shirley <aditaa05 AT gmail.com> wrote:
Agreed its kind if what we do is to stand up to censorship
On Jul 18, 2017 14:26, "Daniel Quintiliani" <danq AT runbox.com> wrote:
Continue to resolve .bit domains. It's not anyone's job to police the
Internet at the demands of strangers you've never met.
--
-Dan Q
On Tue, 18 Jul 2017 17:11:25 +0100, Calum McAlinden <calum AT mcalinden.me.uk>
wrote:
(sorry, I wrote this email earlier but accidentally sent it to Arthurblacklist
Garnier instead of the mailing list)
Hi,
I am the operator of the OpenNIC server which generates OpenNIC's .bit
zone from the blockchain.
This is something that has been concerning me for awhile. I recently
became aware of malware developers are using OpenNIC T2 servers in their
malware to resolve .bit domains which contain the IP address of command
and control servers.
I had also been answering a several inquiries about zone updates over a
few months. Eventually I looked into the domains in question and what
they appear to be used for, which was C&C servers for malware.
OpenNIC really has 3 options:
- Continue resolving .bit domains known to be used for malware purposes,
in effect facilitating the distribution of malware
- Blacklist these domains democratically, thus not being a true
representation of the names registered in the blockchain and raising
censorship issues
- Drop the entire .bit zone
What are people's thoughts on this?
Regards,
Calum
On 18/07/17 15:49, Jonah Aragon wrote:
You can probably blacklist that single domain for the time being as
attack mitigation, but blacklisting any domain or TLD would make your
Tier 2 no longer compatible with OpenNIC.
But this is the reason we keep bringing up removing .bit entirely, from
what I can tell it seems to bring much more trouble than it's worth, but
maybe that's the cost of a successful alt-TLD. Perhaps we should revisit
the .bit removal discussion.
Look into rate limiting or ask for help on IRC if your server is under
attack.
Jonah
On Tue, Jul 18, 2017, 4:22 AM Arthur Garnier <arthur AT arthurgarnier.fr
<mailto:arthur AT arthurgarnier.fr>> wrote:
Hello,
My dedicated server provider (OVH.com) asked me, yesterday, to
delivering-pony-downloads-chthonic/the domain "letit2.bit" because it's a domain used by a malware
(https://malwarebreakdown.com/2017/06/06/relst-campaign-
Tier2.)
After checking my logs from yesterday, this domain name has been
resolved more than 125,000 times in 24 hours.
Maybe we should blacklist this domain from an higher level than
opennicproject.orgOr it's against the policy ?
Regards,
Arthur
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing
discuss-unsubscribe AT lists.opennicproject.org
<mailto:discuss-unsubscribe AT lists.opennicproject.org>
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe@lists.
opennicproject.org
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe@lists.
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org
- [opennic-discuss] letit2 [.] bit blacklist, Arthur Garnier, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Fusl Dash, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Jonah Aragon, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Calum McAlinden, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Daniel Quintiliani, 07/18/2017
- Message not available
- Re: [opennic-discuss] letit2 [.] bit blacklist, Daniel Shirley, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Daniel Quintiliani, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Calum McAlinden, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Jonah Aragon, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Simon Castano, 07/21/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Daniel Quintiliani, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Daniel Shirley, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, kevin, 07/19/2017
- Message not available
- Re: [opennic-discuss] letit2 [.] bit blacklist, Daniel Quintiliani, 07/18/2017
- Re: [opennic-discuss] letit2 [.] bit blacklist, Calum McAlinden, 07/18/2017
- Re: [opennic-discuss] ***SPAM*** Re: letit2 [.] bit blacklist, Administrador, 07/18/2017
Archive powered by MHonArc 2.6.19.