Discuss mailing list

["Daniel Quintiliani" <danq AT runbox.com>]

You also have to remember that since OpenNIC and Namecoin are niche things 
run by people concerned about privacy and democracy, it's easy for an 
outsider to confuse them with shady darknet stuff. (Not that we should care 
what other people think.)

--

-Dan Q

On Tue, 4 Dec 2018 13:38:12 -0600, Jonah Aragon <jonah AT opennic.org> wrote:

> Good points. While I do currently operate the .bit peering bridge (ns9), 
> I’m not really a huge fan of their operation and would be fine with 
> unpeering their services if the community agreed.
> 
> Regarding law enforcement, I am not a lawyer, but I believe that from a 
> legal perspective we couldn’t be held responsible for the content you 
> mention for the same reason the Tor Project and ICANN aren’t responsible 
> for illegal content on their networks. It would be a different situation if 
> we were hosting said content. It however, seems very possible to me that 
> law enforcement could coerce us or individual Tier 2 operators to begin 
> logging user queries, which would be a troubling development. Of course, 
> they could require us to do so anyways for content related to anything on 
> OpenNIC domains, not just bit, but that’s the scenario that might worry me 
> more.
> 
> One thing to consider potentially in favor of keeping .bit, is that I know 
> of at least one cybersecurity firm using OpenNIC to find and sinkhole C2 
> (botnet) related domains on the .bit network. I received an email from a 
> security researcher at MWR Labs (https://www.mwrinfosecurity.com/), which 
> appears to be a part of F-Secure, regarding our .bit peering. I didn’t 
> really do that much verification, but they do look like a legitimate entity 
> and SPF/DMARC tests passed on the email I received, so I have no reason to 
> believe he wasn’t a legitimate security researcher. It’s possible that if 
> we remove .bit, we could hinder some operations in that space.
> 
> Jonah
> 
> > On Dec 4, 2018, at 12:34 PM, Jeff Taylor <shdwdrgn AT sourpuss.net> wrote:
> > 
> > Over the past year .bit domains have started being used as malware hubs 
> > due to their anonymous nature.  Since there is no way to contact the 
> > owner of those domains, it creates a backscatter effect and a number of 
> > people running public T2 servers have seen domains blacklisted, emails 
> > blocked, and shutdown notices from their providers.
> > 
> > As an example I've recently been trying to track today why one of my 
> > domains was being blacklisted by malwarebytes, and was provided this link:
> > https://www.hybrid-analysis.com/sample/9226d08158c1536dfa7c4f15bbed9fd6b0d6e59880eeaae2143e9025436123a0?environmentId=100
> > 
> > If you scroll down near the bottom to the memory forensics, you'll see a 
> > list of what I believe are DNS servers that this virus was using.  I also 
> > recognize several other entries in there, including some from .fur.
> > 
> > We know that spamhaus is also blocking IP addresses based on resolving 
> > certain .bit domains, and there is no telling how many others may also be 
> > blocking based on this sort of information.  The one common thing about 
> > all of these malware scanners is that none of them have the courtesy to 
> > so much as send an email to abuse@domain to let you know that a problem 
> > was detected (one of my own pet peeves, that they claim to be trying to 
> > protect the internet but don't give the victims a chance to fix the 
> > problems).
> > 
> > We've already seen plenty of malware spread across .bit domains, but 
> > there is one other possible scenario to consider... What if law 
> > enforcement were to take up the same stance as the malware scanners?  
> > There is the possibility of child pornography also being spread across 
> > .bit domains, and since the owners of that content cannot be found it 
> > could come back to us (opennic) as the responsible party for making that 
> > content more easily available on the internet.  I'm not saying this HAS 
> > happened, just that it is worth considering as a worst-case scenario.
> > 
> > So I want to ask if anyone else feels a need to call a vote on dropping 
> > .bit specifically, and/or consider a resolution to not peer with groups 
> > which have no ability to hold a specific party responsible for the 
> > content of their domains.  Yes Opennic is supposed to be an open 
> > platform, but keep in mind that by providing .bit domains we are directly 
> > responsible for the creation of a whole new class of malware.
> > 
> > 
> > --------
> > You are a member of the OpenNIC Discuss list. 
> > You may unsubscribe by emailing 
> > discuss-unsubscribe AT lists.opennicproject.org
> 
> 
> --------
> You are a member of the OpenNIC Discuss list. 
> You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org